Compliance in Physician Offices
Compliance guidance for physician practices was issued by the Office of Inspector General in 2000. Since that time, many physician practices, especially more complex specialty practices, have developed some sort of compliance plan. Compliance covers many areas of a healthcare practice.
Although compliance plans have not previously been mandatory, they have become “industry standard” as a way to minimize risks associated with health care regulations such as the Health Insurance Portability and Accountability Act of 1996, the Medicare and Medicaid Fraud and Abuse Laws, Anti- kickback Statute, Civil Monetary Laws, False Claims Act, the Clinical Laboratory Improvement Act and all other state and federal statutes, regulations and directives that apply to the operation of a complex physician’s practice.
The Patient Protection and Affordable Care Act of 2010, in section 6401, requires Health and Human Services and the Office of Inspector General to promulgate regulations that require most healthcare providers and suppliers to establish compliance programs. The compliance programs are intended to be “effective in preventing and detecting criminal, civil, and administrative violations” under the Medicare and Medicaid laws and other laws that govern operations.
Under the Affordable Care Act, physicians and group practices, will be required to establish compliance programs as a condition of enrollment in the Medicare program.HHS is required to issue regulations creating a timetable and basic core compliance program requirement.
Physician groups should begin the process of establishing compliance programs as soon as possible and not wait for final regulations. Compliance programs are a good way for physician practices to reduce risk associated with fraud and abuse and other legal matters that present risk to their operations. It makes sense for physicians to begin development now to provide ample time for creation of appropriately scaled policies and input from various personnel in the group.
It will not be sufficient to adopt pre-written compliance policies. Rather, physician offices must establish a continuing system of review for their office. Practices may need to be modified based upon their specialization. The seven core elements of effective compliance programs have been released by the Office of Inspector General, including the Physician Practice Guidelines.
A compliance program requires the physician to perform a risk assessment in their organization and document the outcomes of that assessment. The risk assessment could take many forms. Compliance professionals talk about a “gap analysis” which is an approach to help determine the vulnerabilities of your organization. Areas of risk provide emphasis to appropriate areas of risk that are identified through your risk assessment.
The seven areas of emphasis include:
1. Adoption of written guidelines and policies to promote the organization’s commitment to compliance;
2. Identification and appointment of a high ranking individual within the organization to serve as compliance officer;
3. Establishment of anonymous reporting systems, preferably through multiple pathways, to encourage individuals to make complaints regarding compliance items without fear of retaliation;
4. Effective education and training programs for all levels of employees and others with close relationships to the organization;
5. Ongoing auditing systems to assess the effectiveness of the compliance program and to provide input into areas that require additional emphasis;
6. Mechanisms to enforce the requirements of the compliance program and to discipline employees for violations of the organization’s commitment to compliance; and
7. An ongoing system of program modification based upon audit, feedback and experience that can further adapt the compliance policies to the specific issues faced by the organization.