Enhancing Healthcare Compliance: Strategies for Program Improvement in a Changing Landscape

Posted by Mary Shirley on May 12, 2023 in Ethics & Compliance, Industry News,

Conferences always provide food for thought and tips for how to think more deeply about my Compliance program and especially how to improve it. The Healthcare Compliance Association Compliance Institute held in April 2023 was no exception.

A notable session at the conference was the keynote speech given by Christi Grimm, Inspector General of the US Department of Health & Human Services of the OIG. Christi talked about two major areas of focus her Department is concentrating on, those of managed care and nursing homes.  She also gave a head’s up about upcoming guidance on Compliance programs from her Department, which will be worth keeping an eye out for, as well as encouraging the compliance community to continue our important work.  If you missed the session, you can review the transcript here

Some of the other items I’ve been pondering recently include the value of attestations and references in our Compliance programs. I think they are still useful to some extent but should not be used in isolation. 

For example if you’re relying on healthcare practitioners to represent and warrant in the onboarding process that they are not on any OIG exclusion lists or would not have positive hits in sanctions screening and other relevant databases, that’s not best practice these days. Outsourcing exclusion check assurances to the HCP and relying on their understanding and word is not sufficient; it is necessary to be conducting exclusion checks with a solutions provider.  I think it does make sense to include wording in your contracts that anyone who becomes aware of appearing on an undesirable sanction list, must inform you within [X] days but again, this should be done in conjunction with running regular exclusion checks.  Trust is not an internal control.

Speaking of trust, if you have another department running the exclusion checks, do you have reassurance they’re checking the full list of sources (such as state medicaid exclusion lists) you have asked them to look at? Do they know what do when a red flag or adverse hit is identified?  Do they know how to adequately document resolution of a false positive hit? If you haven’t mystery shopped this area of your Compliance program, now is as good a time as any to do so.

Pro tip: You can mystery shop most areas of your Compliance program to supplement existing audit, monitoring and review activities.

Have you considered whether the frequency of your exclusion checks is appropriate?  There are still some healthcare (and non healthcare companies that do work for healthcare companies) companies performing checks less than once a month and a small number only performing the check upon hire.  The HHS-OIG’s LEIE is updated monthly and so it really is best practice to be running these checks monthly.  Individuals can be moonlighting and end up on exclusion lists due to improprieties working for another employer or worse case scenario, even while working for you.  Steven Grossman at Streamline Verify, a sanctions and exclusion checks solution provider, notes that he has seen trending towards companies interested in doing checks more frequently than monthly. Ultimately that’s a decision you’ll need to make for yourself, documenting the rationale for your chosen frequency and weighing up risk with resources available.  State exclusion lists are sometimes updated more frequently than monthly so there may be some utility in checking those more frequently if this is of high priority to your healthcare compliance program.

I’ve also been thinking about how we can better serve our internal clients with regard to our healthcare compliance training – and relevant external stakeholders such as Medical Directors. Patient care must always be at the forefront of our mind and therefore we must use time in healthcare Compliance training wisely to ensure that our staff and HCP third parties we engage get back to direct patient care responsibilities as soon as possible.  The next time you offer HIPAA training for example, think about replacing your tone from the top video of the CEO stating how important it is that staff take this training and complete it as soon as possible with having them teach on a learning objective in the training instead. That will most efficiently enable you to provide the relevant education and incorporate tone from the top at the same time.

In addition to conferences, I also find benchmarking surveys to be incredibly informative resources to prompt whether improvements can be made to Compliance programs.  

Pro tip: Benchmarking surveys are useful to keep an eye on in regards to your compensation package as a healthcare compliance practitioner.  Here’s is one of my favorite surveys.

About Mary Shirley

About Mary Shirley

Mary Shirley is a New Zealand-qualified lawyer with 18 years of ethics and compliance experience that includes working for data privacy and antitrust regulators, in-house and private practice/consultancy across five countries and four regions of the world. Most recently she was global Head of Culture of Integrity and Compliance Education at Fresenius Medical Care, assisting the company with an FCPA monitorship, serving both the legal and compliance departments.

Related Articles

Provider Directory Accuracy – Health Plans’ Continuing ...

May 16, 2023

In 2018, CMS released a report that set forth the results of their review of Medicare Advantage online provider directories. The review examined the accuracy of 108 providers and their listed location...

Arkansas Medicaid Exclusion

July 20, 2016

  All you need to know about Arkansas Medicaid Exclusions The Arkansas Medicaid Inspector General (OMIG) was established on April 23, 2013, in pursuant to the Arkansas Act 1499, whose purpose inc...

OIG’s Top Challenge Remains Medicaid ...

December 3, 2017

OIG Transparency In November, OIG released its 2017 report updating its top management challenges and strategic priorities. The first and second priorities continue to be Medicare and Medicaid program...

Understanding OIG Exclusions

OIG Exclusions Screening Process

Exclusion FAQS

Quick OIG Exclusion Basics

Employing Excluded Individuals

Consequences to Employing an Excluded Individual

OIG Compliance Law

Laws and Publications on OIG Compliance

More Compliance Resources

Our Culture

We build the best, so you can perform at your best.

Trusted for Good Reason

  • ✓ Guaranteed accurate
  • ✓ Certified Secure
  • ✓ Audit Proof
  • ✓ Feature-rich reporting
  • ✓ Round the clock real-time-data
  • ✓ Processing fully automated

Security First

  • ✓ Cloud hosted
  • ✓ Encrypted data
  • ✓ Real-time backups

Trusted for Accuracy

  • ✓ Physical security
  • ✓ Restricted access
  • ✓ Single sign-on
  • ✓ Password security
  • ✓ Certified secure
  • ✓ Cross checking




Average workload reduction by implementing the Streamline Verify program



Establishments trust Streamline Verify nationwide



Serving the healthcare industry’s unique compliance needs since 2011



Setting standards with hourly synchronization to primary source data