On November 6, 2023, the U.S. Department of Health and Human Services (HHS) Office of Inspector General (OIG), in connection with the November 2023 Health Care Compliance Association’s (HCCA) Healthcare Enforcement Compliance Conference, published the General Compliance Program Guidance (GCPG) as a revised reference guide for the healthcare compliance community and other healthcare stakeholders.
During the conference, the OIG announced its commitment to advance the industry’s compliance efforts by providing useful and informative resources. As part of that commitment, the GCPG was created. The GCPG applies to all individuals and entities involved in healthcare and is a 90-page document meant to serve as a comprehensive reference guide for the community about federal laws, compliance programs and other available OIG resources. The OIG specifies, “The GCPG is voluntary guidance that discusses general compliance risks and compliance programs. The GCPG is not binding on any individual or entity. Of note, OIG uses the word “should” in the GCPG to present voluntary, non-binding guidance.”
Federal laws addressed in the guidance include the Anti-Kickback Statute, Physician Self-Referral Law and the False Claims Act. HIPAA Privacy and Security Rules are also mentioned. Although state-specific laws are not cited, it’s important to keep these in mind when addressing a company’s policies and procedures surrounding its compliance programs. Among other areas of interest, the GCPG provides guidance surrounding the seven elements of an effective compliance program, including effective lines of communication with the Compliance Officer and disclosure program as well as standards for enforcing compliance that includes consequences and incentives.
Details regarding the Chief Compliance Officer role in an organization and common risk areas for compliance are addressed extensively. The OIG specifies that the Chief Compliance Officer should monitor incentives around both compliance and compensation ensuring that compensation incentives are not promoting noncompliant behavior, such as inappropriate healthcare professional interactions or patient incentives. The Compliance Officer must be responsible for advising the CEO, the Board of Directors and other senior leaders on relevant compliance risks. The guidance emphasizes that the Compliance Officer and department should be separate from any other department or business roles in the company.
In addition, advisory opinions, corporate integrity agreements, FAQs and special fraud alert links are made available in the new documentation. The publication of this guidance by the OIG signifies an increase in expectation by the OIG for life science companies to reevaluate their handling of compliance throughout their organizations and make necessary updates to ensure that recommendations are followed.
The complete handbook can be found here. MediSpend will continue to monitor compliance guidance from the OIG as well as its implications on life science companies.
To stay up to date on industry knowledge, subscribe to MediSpend Perspectives to receive updates from our MediSpend Advisory Services team. MediSpend Advisory Services is led by a team of experienced attorneys and compliance professionals to assist life science companies with the development and implementation of policies and procedures that facilitate compliance with global healthcare laws, regulations and codes of conduct.
Lauren Howe
Director of Compliance Solutions
November 27, 2023