By: Jackie Bain
When a healthcare provider cares for a patient, many times, the provider will set out directives for the patient to follow in order to live a healthier life. These changes may include changes in lifestyle, eating habits, and obedience in taking medications. A patient’s compliance with these directives instructs the provider on how to care for the patient in the future. A patient who does not follow these directives may suffer health consequences.
Similarly, the government sets out legal regulations for healthcare providers. The government expects healthcare providers to comply with its regulations, and providers who don’t can suffer consequences as a result. The regulations governing health care providers are vast and dynamic. In order to keep abreast of the changes in law, and to evidence an intent to comply with law, healthcare providers should strongly consider instituting compliance programs in their businesses.
Compliance with healthcare laws is important. Any number of consequences can result in the event that a healthcare provider is out of compliance—the most devastating being that the Department of Health and Human Services Office of the Inspector General (“OIG”) has the authority to exclude healthcare providers from participation in Medicare and other federal health care programs. Ignorance of the law does not absolve a healthcare provider of liability.
A compliance program should be designed to (1) give your business a working understanding of the law; (2) provide a framework for your business to comply with the law; and (3) guide your business through a process when a compliance issue arises in order to bring that issue to resolution.
This means that a compliance program should contain several parts in order to accomplish those objectives. The OIG has laid out seven (7) fundamental elements for an effective compliance program.
- Written Policies and Procedures. A compliance plan will set forth policies and procedures for all persons involved in the business in order to ensure compliance.
- Designated Compliance Personnel. A compliance plan will set forth the person (or persons) tasked with implementing updating the plan; training new hires and continuing personnel; conducting investigations and bringing those investigations to resolution; and reporting to leadership and/or government sources.
- Training and Education. Business personnel must be trained in compliance upon hire and regularly thereafter. Additionally, personnel must be aware of changes in law that affect how they perform their jobs.
- Effective Communication. A crucial part of any compliance plan is to ensure that business personnel are aware of compliance issues and know how to respond should an issue arise.
- Internal Controls. The compliance officer and/or designated personnel must monitor and audit the efficacy of a business’ compliance program. If a compliance program is dormant, it is not working to protect the business and it should be appropriately updated.
- Failure of any personnel to adhere to a compliance program should result in appropriate discipline as outlined in the compliance program.
- Prompt Response. If and when a compliance issue arises, it should be flagged quickly, responded to quickly, and resolved quickly. If the business is found to be out of compliance, every day that it remains that way is another day the business is open to civil liability or criminal prosecution. Compliance should be a priority concern of any healthcare business.
Of course, every business is different. A physician owned medical device distributorship, clinical laboratory and medical billing company all have different compliance needs because different laws apply. A full-service addiction treatment facility has different needs than a single-specialty physician group. It is important that a compliance plan is tailored to fit the needs of the business it is designed to suit. There is no one-size-fits-all model. Protecting your business by implementing an effective compliance plan is important, and recognizing that your business is not meeting its compliance obligations is the first step.