OIG Publishes New Compliance Guidance for Health Care Entities, Along with Plan for Targeted “Industry Specific” Guidance Starting in 2024


On October 6, 2023, the Office of Inspector General at the U.S. Department of Health and Human Services (OIG) released brand new “General Compliance Program Guidance” to assist health care providers, entities, and other stakeholders implement effective compliance programs. The newly released guidance begins to fulfill a commitment of OIG from earlier this year when it announced new guidance for specific segments of the health care industry. 

The guidance issued in October includes individual sections including:

  • An overview of the key U.S. federal fraud and abuse laws including the Anti-Kickback Statute (AKS), Physician Self-Referral Law (Stark Law), and the Health Insurance Portability and Accountability Act (HIPAA). Other laws that have received less attention from OIG in the past, such as the relatively new restrictions against “information blocking” enacted pursuant to the 21st Century Cures Act, are also included.
  • A detailed discussion of the OIG’s traditional “Seven Elements” of an effective compliance program, updated to reflect “more than 25 years” of agency experience in monitoring and enforcing various health care fraud provisions. One example of the kinds of updates OIG has made in this context include a new focus on quality of care as a critical part of the compliance program.
  • A guide to modifying compliance programs depending on the size of the entity (“Adaptations for Small and Large Entities”), and
  • A compilation of previously published “OIG Resources and Processes” such as Advisory Opinions, Fraud Alerts, and Frequently Asked Questions

In addition to the materials released in October, OIG is expected to roll out additional guidance in the form of industry-specific Compliance Program Guidance (or ICPG) in 2024. The ICPGs are intended to drill down on specific fraud and abuse areas particularly relevant to unique actors within the health care industry. The goal of ICPGs is to offer targeted guidance for these actors and to outline measures that industry participants can take to reduce risks. Initial reports indicate that the first ICPG will focus on Medicare Advantage and nursing facilities.

The new guidance provides a refresh on how OIG views an “effective” compliance program and the format of the new materials enhances the ease of use and provides a convenient compilation of resources. Boards of directors and other members of senior leadership teams at regulated parties will note the repeated emphasis by the OIG on board / leadership responsibility for an effective compliance program. 

The new General Compliance Program Guidance is an update on the longstanding compliance guidance documents that OIG began publishing in the Federal Register in 1998. Prior guidance documents, including a number of items targeted at specific industries, are still available on the OIG website. The new General Compliance Program Guidance can be found in its entirety here.

If you have questions about compliance in the health care industry or the OIG’s new General Compliance Program Guidance, please contact any member of the Lathrop GPM Health Law practice group.