Compliance Program

What is a Compliance Program and why is it needed? The Medicare Compliance Program was adopted to implement the Health Insurance Portability and Accountability Act of 1996 (or HIPAA). Congress passed the Administrative Simplification Provisions of HIPAA to protect the privacy and security of certain health information and to promote efficiency in the healthcare industry using standardized electronic transaction.

On this page, view the below information.

Administrative Simplification Provisions

The Department of Health and Human Services has published rules and has implemented a number of provisions. All covered health care providers, health plans and clearinghouses must comply with the provisions listed below to be compliant:

  • Privacy rules
  • Electronic transaction and code sets rule
  • National identifier requirements
  • Security rules

Compliance Program for Physicians

Physicians treating Medicare beneficiaries should establish a compliance program. Establishing and following a compliance program helps physicians avoid fraudulent activities and helps them submit accurate claims. This program helps providers be proactive. The following components provide a solid basis for a physician practice compliance program.

  • Written Policies and Procedures - Implement compliance and practice standards
  • Compliance Professionals - Designate a compliance officer or contact
  • Effective Training - Conduct appropriate training and education
  • Effective Communication - Develop open lines of communication with employees
  • Internal Monitoring - Conduct internal monitoring and auditing
  • Enforcement of Standards - Enforce disciplinary standards through well-publicized guidelines
  • Prompt Response - Respond appropriately to detected offenses and develop corrective action

Compliance Policies

List of suggested policies.

  • Code of conduct
  • Compliance attestation
  • Duties of compliance personnel
  • Infrastructure of compliance plan
  • Auditing and monitoring process
  • Procedures for handling search warrants, subpoenas and investigations
  • Reporting of wrongdoings
  • Response and prevention
  • Waiver of co-pay and deductions
  • Patient termination
  • Self-disclosure protocol
  • Job descriptions, background and employment checks
  • Employee training
  • Non-retaliation

Why is a Compliance Program Needed?

Development of a Compliance Program provides a greater efficiency and improved outcome when having a better trained workforce in Compliance regulations. Providing better quality operation, identification and addressing of problems early will likely help minimize government audits and investigation. Compliance will help minimize and improve the following:

  • Risk minimization
  • Better image, improved Relationships, greater trust
  • External pressures
  • Reduced fines and penalties
  • Greater efficiency and improved outcome

Compliance Program Statues and Laws

Medicare works with medical review contractors such as the Office of Inspector General (OIG), Comprehensive Error Rate Testing (CERT), Noridian Medical Review (MR), Recovery Auditor (RAC), Supplemental Medical Review Contractor (SMRC) and Zone Program Integrity Contractor (ZPIC) to review the statutes and laws that fall under the compliance guidelines. Listed below are the Statutes and Laws under the Compliance Program.

  • Anti-Kickback Statute (AKS) - It is a crime to knowingly and willfully offer, pay, solicit, or receive any remuneration directly or indirectly to induce or reward referrals of items or services reimbursable by a Federal health care program
  • Physician Self-Referral Law (Stark Law) - Often called the Stark Law, it prohibits a physician from referring for certain designated health services payable by Medicare to an entity where the physician (or an immediate family member) has an ownership/investment interest or a compensation arrangement, unless an exception applies
    • Listed here designated health services that a physician cannot self-refer if there is ownership interest by him/her self or a family member
      • Clinical lab services
      • Physical/occupational/speech language therapy
      • Radiology and certain imaging services
      • Durable medical equipment and supplies
      • Parenteral and enteral nutrients, equipment/supplies
      • Prosthetics, orthotics and prosthesis devices and supplies
      • Prescription drugs
      • Inpatient and outpatient hospital services
  • Civil Monetary Penalties Law (CMPL) - The CMPL authorizes CMPs for a variety of health care fraud violations. The CMPL provides for different amounts of penalties and assessments based on the type of violation. CMPs may be assessed up to three times the amount claimed for each item or service or up to three times the amount of remuneration offered, paid, solicited, or received. Violations supporting CMPL actions include:
    • Presenting a claim, a person knows, or should know, is for an item/service not provided as claimed or is false and fraudulent
    • Presenting a claim, a person knows, or should know, is for an item/service for which Medicare will not pay
    • Violating the AKS
  • False Claims Act (FCA) - Often referred to as Lincoln Act, Informer's Act, Qui Tam Statue or Whistleblower
    • The civil FCA protects the Federal Government from being overcharged or sold substandard goods or services. The FCA imposes civil liability on any person who knowingly submits, or causes the submission of, a false or fraudulent claim to the Federal Government
    • The terms "knowing" and "knowingly" mean a person has actual knowledge of the information or acts in deliberate ignorance or reckless disregard of the truth or falsity of the information related to the claim. No proof of specific intent to defraud is required to violate the civil FCA
    • Note: An example may be a physician who knowingly submits claims to Medicare for medical services not provided
  • Exclusion Authorities - Under the Exclusion Statute, the OIG must exclude from participation in all Federal health care programs individuals and entities convicted of any of the following:
    • Medicare or Medicaid fraud, as well as any other offenses related to the delivery of items or services under Medicare or Medicaid
    • Patient abuse or neglect
    • Felony convictions for other health care-related fraud, theft, or other financial misconduct
    • Felony convictions for unlawful manufacture, distribution, prescription, or dispensing of controlled substances

Compliance and Documentation

Documentation is the most crucial factor. Documentation provides program integrity, patient safety and provider protection. Fraudulent billings because of assumptions results in stiff penalties. Remember "If it is not documented, it did not happen" and providers can't assume anything when coding a claim or billing. Good documentation practices protect a facility.

Function of the medical record includes:

  • Medical documentation
  • Legal document
  • Compliance
  • Provides medical research and statistics

Standards of medical documentation includes:

  • Separate record for each patient
  • Patient's name on each page
  • Date and time
  • Chronological order
  • Avoiding blank spaces
  • Chief complaint
  • Standard abbreviations and acronyms
  • Standards for changing records
  • Reviewing transcript and correcting errors
  • Signature



Last Updated Jul 07 , 2023