For healthcare providers in the US, compliance can be one of the most difficult aspects of business. The laws to deter healthcare fraud are plentiful and complicated and it’s easy to breach them unconsciously. And the sanctions for healthcare fraud can be significant, with the potential to put a company out of business.

Providers who violate certain laws can be subject to huge fines and violations can result in overpayments, which Medicare can reclaim from the provider. This could potentially result in repayments of hundreds of thousands of dollars, even millions, depending on the type of provider and services for which they billed. And even more significant, violations could result in a provider being eliminated from participation in the Medicare and Medicaid programs, which could put them out of business.

What’s in a Compliance Program?

To ensure they don’t step over the lines, most major healthcare providers already have in place a fairly robust compliance program, says S. Craig Holden, President and Chief Operating Officer of law firm Ober| Kaler.  This typically comprises a training component, a reporting mechanism, such as a hotline, where people who are aware of wrongdoing can report without fear of retaliation, and an accompanying policy that encourages reporting, says Holden.

FREE Investigation Report Template

Prepare thorough, consistent investigation reports with our free report template.

Download Template

“There will be general corporate statements endorsing compliance with the law,” he says. “And then you’re going to get into the more specific areas that relate to the type of entity you are and the compliance risks for you.”

For example, a hospital system will have a compliance program that focus on ensuring claims to government and private insurers are accurate and comply with applicable rules. The program would also include a component that ensures all relationships with referral sources, such as physicians, don’t violate the Stark law.

Compliance Officer

“A key aspect of all of these is appointing a key corporate compliance officer. In a perfect world, a compliance officer will have a direct reporting relationship to the compliance committee of the board of directors,” says Holden. These relationships are typically structured so that on the organizational chart compliance officers report administratively to the CEO but also have the option to communicate directly with the board special committee, but this would vary depending on the size of the organization, he adds.

“We’ve reached a point where most providers of any size have a relatively mature program that’s up and running,” says Holden, but the smaller health care providers, such as physician practices, are lagging in their compliance programs, he says.

While this may be, in a large part, due to the nature of their size, smaller physician practices are still at risk for violations, and with the significant sanctions that could apply, could find themselves out of business in short order. Getting a compliance program up and running, even for a small company, takes time and resources, but the risks of not doing it far outweigh the expense.