The Office of the Inspector General's Compliance Program Guidance for Hospitals

By Ronald L. Scott

The Office of Inspector General (OIG) of the Department of Health and Human Services (HHS) has continued in its efforts to promote voluntary compliance programs for the health care industry by issuing its February 1998 compliance program guidance for hospitals. The OIG first issued a compliance model for clinical laboratories in 1997, and has promised to release other model programs over time.

Compliance programs provide affirmative steps toward promoting ethical and lawful corporate conduct. Specifically, compliance programs promote prevention, detection and resolution of instances of conduct that do not conform to federal and state law, health care program requirements, and the hospitalís ethical and business policies. Under federal sentencing guidelines, the Department of Justice and OIG look to see if an entity guilty of misconduct has exerted reasonable efforts to avoid and detect any misbehavior that occurs within their operations. The existence of an effective compliance program may determine the level of sanctions, penalties and exclusions that will be imposed on the health care provider.

Many health care providers already have compliance programs in place, either developed internally or with the assistance of outside consultants. However, even if a hospital already has a compliance program, this OIG model program should be reviewed against the existing program to provide the hospital with knowledge of the elements the government relies upon in making judgments as to the effectiveness of hospital compliance programs.

The OIG provides that at a minimum, comprehensive compliance programs should include the following seven elements:

(1) the development and distribution of written standards of conduct, as well as written policies and procedures that promote the hospitalís commitment to compliance (e.g., by including adherence to compliance as an element in evaluating managers and employees) and that address specific areas of potential fraud, such as claims development and submission processes, code gaming, and financial relationships with physicians and other health care professionals;

(2) the designation of a chief compliance officer and other appropriate bodies, e.g., a corporate compliance committee, charged with the responsibility of operating and monitoring the compliance program, and who report directly to the CEO and the governing body;

(3) the development and implementation of regular, effective education and training programs for all affected employees;

(4) the maintenance of a process, such as a hotline, to receive complaints, and the adoption of procedures to protect the anonymity of complainants and to protect whistleblowers from retaliation;

(5) the development of a system to respond to allegations of improper/illegal activities and the enforcement of appropriate disciplinary action against employees who have violated internal compliance policies, applicable statutes, regulations or federal health care program requirements;

(6) the use of audits and/or other evaluation techniques to monitor compliance and assist in the reduction of identified problem areas; and

(7) the investigation and remediation of identified systemic problems and the development of policies addressing the non-employment or retention of sanctioned individuals.

The OIG believes that any effective hospital compliance program should address risk areas such as billing for items or services not actually rendered, providing medically unnecessary services, upcoding, "DRG creep," teaching physician and resident requirements for teaching hospitals, duplicate billing, and false cost reports. The OIG also recommends compliance efforts with respect to the Stark physician self-referral law, knowing failure to provide covered services or necessary care to members of an HMO, and patient dumping. The text of the OIGís hospital compliance program guidance may be found on the OIG website at