Skip to Content

Legal: Tailor your compliance program

Legal: Tailor your compliance program

Michael SilvermanQ. As we dive into 2023, what steps can my Medicare-enrolled HME business take to aid in regulatory compliance?

A. While most HME businesses are aware of the “low hanging fruit” of ongoing regulatory compliance obligations – such as timely updating Medicare enrollment applications (855S), checking employees/contractors against federal exclusion lists, and staying updated on licensure requirements – many do not have written policies and procedures in place detailing how they comply with applicable health care laws.

All HME businesses have a legal duty to ensure they are not submitting false or inaccurate claims to payors, be it to federally funded health care programs or commercial insurers. Medicare’s DMEPOS Quality Standards further require enrolled providers to have designated compliance personnel and to implement business practices to prevent and control fraud, waste and abuse – a compliance program.

How does an HME business begin to create one? Thankfully, the Office of Inspector General has published industry specific guidance on developing a comprehensive compliance program, along with seven fundamental elements of an effective compliance program, consisting of:

  • “Implementing written policies, procedures and standards of conduct”– Identify the laws that apply to your specific operations in these P&Ps;
  • “Designating a compliance officer and compliance committee” – Ensure one or more individuals are appointed for regulatory oversight and accountability;
  • “Conducting effective training and education” – Upon hire and annually thereafter, train workers to ensure they are aware of regulations implicated by their duties;
  • “Developing effective lines of communication” – Encourage and foster an environment where workers are comfortable voicing concerns to compliance personnel;
  • “Conducting internal monitoring and auditing” – Ensure paid claims comply with guidelines;
  • “Enforcing standards through well-publicized disciplinary guidelines” – Make workers aware of consequences of non-compliance; 
  • “Responding promptly to detected offenses and undertaking corrective action” – Identify and correct issues and mitigate damages, both civil and criminal.

There is no such thing as an effective “off-the-shelf” compliance program, as one size fits none. It should be specifically tailored to a provider’s operations and become a living document that grows with the company.

Michael Silverman, Esq., is with Silverman Bain, LLP. Reach him at


To comment on this post, please log in to your account or set up an account now.