Compliance and Ethics programs have expanded rapidly in all types of healthcare organizations since the late 1990s. This expansion owes much to the activities of the Office of the Inspector General (OIG) for the Department of Health and Human Services. This OIG has responsibility, along with state agencies, the Department of Justice and the Office of the United States Attorneys General, for combating fraud, waste and abuse in the Medicare and Medicaid programs.


  • In 1995 the OIG led a coordinated effort focused on program spending in five states (California, New York, Florida, Texas and Illinois) related to home health, skilled nursing services and medical equipment / supplies. This "Operation Restore Trust" resulted in a string of criminal convictions, civil settlements, overpayment recoupments and exclusions from the programs. A "pilot" voluntary disclosure program, modeled on one developed in the Defense Department a decade earlier, was initiated to encourage providers in the five states (and elsewhere) to bring forward instances of non-compliance with an eye to receiving lower penalties and avoiding exclusion from the program.

  • The 1995-1997 Physicians At Teaching Hospitals (PATH) audit project, which challenged the documentation supporting the billing by supervisory physicians at a number of major teaching hospitals, also brought attention to a need for formal healthcare compliance efforts.

  • Compliance and Ethics efforts have also featured in the highly public settlements of prosecutions and civil monetary penalty actions against healthcare entities over the past decade. From the Hospital Corporation of America ($1.7B in 2000), to Hill-Rom, Inc. in 2011 - many entities have been required to commit to "significant and comprehensive compliance efforts" as a condition of settlement, even when the organization had such a program in place prior to its settlement with the government.

  • The government has also collected sizable settlements in virtually every case, with the OIG reporting to Congress that its 2012 Fiscal Year was expected to bring $6.9 Billion in recoveries. The pace slowed a bit in the 2013 Fiscal Year with only $4.3 Billion recovered.

Corporate Integrity Agreements

Many OIG actions end with the organization or physician practice agreeing to a "Corporate Integrity Agreement" for 3-5 years. Although the specific features of these agreements may vary, the settling party is typically required to:

  • " hire a compliance officer / appoint a compliance committee;

  • develop written standards and policies;

  • implement a comprehensive employee training program;

  • retain an independent review organization to conduct annual reviews;

  • establish a confidential disclosure program;

  • restrict employment of ineligible persons;

  • report overpayments, reportable events, and ongoing investigations / legal proceedings [to the OIG]; and

  • provide an implementation report and annual reports to OIG on the status of the entity's compliance activities."

CIAs are public documents, available on the OIG website for all to read. This blog has also captured information on CIA's with pharmaceutical and device companies.


  • In 1998 a second version of the Self Disclosure Program was published along with four "Compliance Guidance" describing the OIG's view of how compliance programs in various industry segments (Hospitals, Home Health Agencies, labs, etc. ) should be structured and the risks they faced. A series of these Guidance - 14 in all - have been published since and become "basic reading" for those in healthcare compliance.

  • In 2010 the Patient Protection and Affordable Care Act contained two provisions relating to Compliance and Ethics programs - a requirement that all skilled nursing facilities have an “effective compliance and ethics program” by March 23, 2013 and that with regard to other provider types such a program be made a condition of enrollment in the Medicare program, by a date to be set by the Secretary of HHS. The Secretary was charged with developing requirements for such programs, with a March 23, 2012 deadline for the skilled nursing facility requirements. A request for information was published in February 2011 and publication of proposed regulations was scheduled for November 2011. Still waiting for these .....

  • 2011 - the DHHS OIG began publication of a series of training materials that explain the office's view of Compliance Programs and risk areas in Healthcare.

  • 2012 - in May the DHHS IG, Dan Levinson, answered questions from members of HCCA at the organization's Annual Compliance Institute. He made a repeat appearance at HCCA's 2013 conference, giving the keynote address.

  • It's not all about billing. In July 2012 the OIG released the latest in a series of reports on adverse events that occur during the care of hospitalized patients - One in Four Medicare Beneficiaries Experience Some Degree of Harm While Hospitalized.

  • But a lot of the OIG's attention is on spotting Medicare and Medicaid billing vulnerabilities, such as personal care services programs and nursing home payments.

  • In 2013 the OIG's Self-Disclosure program began offering an on-line submission option through a secure portal. No extra-credit for submitting online apparently, alas.

Healthcare Compliance Resources on the Web:

Shared by Toolbox Members:

  • < Click "edit" above and start typing here>