Hands typing 'compliance' on laptop keyboard
Risk Management

7 Fundamental Elements of an Effective Compliance Plan

Healthcare providers are required by federal law to have a compliance plan. What are the implications for your practice, and how can you ensure your plan is complete?

Who needs a compliance plan and why?

Federal law requires healthcare providers to have a formal compliance plan. The Patient Protection and Affordable Care Act (ACA) stipulates that providers must establish a compliance program if you are enrolled in Medicare, Medicaid or Children’s Health Insurance Program (CHIP).

Providers should have an effective compliance plan for each of the following:

  • Billings and payments;
  • Medical necessity and quality of care;
  • Governance, mandatory reporting and credentialing; and
  • Risk areas that are or should with due diligence be identified by the provider.

An effective compliance plan helps prevent fraudulent claims, erroneous billing and prepares you and your practice for federal audits. It can also show your commitment to ethical business operations, promotion of good employee conduct and dedication to providing quality care for patients.

On the other hand, not having a compliance plan in place can expose you to hefty federal penalties.

The Office of Inspector General for the United States Department of Health and Human Services (HHS-OIG) identifies seven fundamental elements of an effective compliance plan and they are as follows:

  1. Create and implement written policies and procedures
  2. Designate a compliance officer and compliance committee
  3. Develop reporting systems that can be used without fear of retaliation
  4. Employee education and effective lines of communication
  5. Conduct internal monitoring and auditing
  6. Enforce policies using disciplinary guidelines
  7. Respond promptly to offenses and undertake corrective action

Compliance plans can be complex, involve many regulations and require layers of oversight on your part. Consider using a compliance expert to help get your program started, ensuring you meet the elements required.

If you’d like more information, there are a number of resources available, including:

A Roadmap for New Physicians by the U.S. Department of Health & Human Services

CMS.gov: Compliance Program Policy and Guidance

HIPAA Compliance

Mandatory Reporting


The information in the NCMIC Learning Center is offered solely for general information and educational purposes. It is not offered as, nor does it represent, legal or professional advice. Neither does this information constitute a guideline, practice parameter or standard of care. You should not act or rely upon this information without seeking the advice of an attorney familiar with the specific legal requirements of the state(s) in which you practice. If there is a discrepancy between the site and an insurance policy you have with NCMIC, the policy will prevail.