Published on:

PPACA Grants Authority to the Secretary of the Department of Health & Human Services to Require Health Care Providers to Adopt Compliance Programs

Section 6401 of the Patient Protection and Affordable Care Act (PPACA) grants the Secretary of the Department of Health and Human Services (the “Secretary”) the authority to require health care providers to adopt compliance programs as a condition of participation in the Medicare, Medicaid and CHIP programs. Before the PPACA, a corporate compliance program was only mandatory for a healthcare provider or supplier that was operating under a Corporate Integrity Agreement or had a contract with the federal government that exceeded $5 million and lasted longer than 120 days.

Although section 6401 lacks specific direction to the Secretary with regard to the health care providers that will be subject to the mandatory compliance programs and the core elements of the programs, the section gives the Secretary the authority to make these decisions. One exception to the lack of specific direction is found in section 6102 of PPACA. That section requires skilled nursing facilities (SNFs) and other nursing facilities to establish compliance programs. According to the language in section 6102, the SNF program must be “reasonably designed, implemented, and enforced so that it will be generally effective in preventing and detecting criminal, civil and administrative violations under this Act and in promoting quality of care.” The section lists eight required components of the compliance program, and requires that the programs be in place by March 2013. The eight required components include:

  • Compliance standards and procedures must be adopted and followed by employees and other agents in a position to reduce criminal, civil and administrative violations under the PPACA.
  • Specific individuals with authority and sufficient resources must be assigned the responsibility to oversee compliance with the standards and procedures.
  • The organization must exercise due care to ensure that the above authority is not delegated to an individual with a propensity to engage in criminal, civil and administrative violations of the PPACA.
  • The organization must take steps to educate its employees and agents of the compliance program.
  • The organization must take reasonable steps to achieve compliance with its standards.
  • The standards and procedures must be consistently enforced.
  • In the event that an offense is detected, the organization must take all reasonable steps to respond appropriately and to prevent similar offenses.
  • The organization must periodically reassess the compliance programs and make changes necessary to reflect changes within the organization.
  • Although the requirements for compliance programs are still works in progress for health care industry sections other than SNFs, all Medicare and Medicaid providers should begin to prepare for the upcoming mandates from the Secretary. One avenue of preparation is for health care providers to review guidance given by the Office of Inspector General (OIG) to those in the industry that voluntarily adopt compliance programs. The OIG has provided guidance to a number of health care providers including: hospitals, home health agencies, clinical laboratories, manufacturers and suppliers of durable medical equipment, prosthetics, orthotics, and medical supplies (DMEPOS), hospices, physicians/medical practice, and ambulance suppliers. The OIG suggested seven core elements to a compliance program. It should be noted that these core elements serve as a foundation for a compliance program, but the Secretary may required additional elements once the mandate is created pursuant to section 6401. The seven core elements recommended by the OIG include:

  • The development and distribution of written standards of conduct, as well as written policies and procedures that promote a commitment to compliance.
  • The designation of a chief compliance officer and other appropriate bodies given the responsibility to operate and monitor the compliance program and who report directly to the CEO or other governing officer.
  • The development and implementation of regular, effective education and training programs for all affected employees.
  • The creation and maintenance of a process to receive complaints and the adoption of procedures to protect the anonymity of complainants and to protect whistleblowers from retaliation.
  • The development of a system to respond to allegations of improper/illegal activities and the enforcement of appropriate disciplinary action against employees who have violated internal compliance policies, applicable statutes, regulations or Federal health care program requirements.
  • The investigation and remediation of identified systematic problems and the development of policies addressing the non-employment or retention of sanctioned individuals.
  • For more information on health care reform or compliance programs, please visit or contact a Wachler & Associates attorney at 248-544-0888.

    Contact Information