Based on its own specific needs, a medical practice’s Compliance Plan should identify and address risk areas where it may be vulnerable to erroneous. A practice may already have some awareness of these due to its own business operations or consultant recommendations, but areas of legal risk are different because “you don’t know what you don’t know.” Further, due to the truly vast field of healthcare regulation, identifying out legal and compliance risks can be a never ending process. However, in its Compliance Guidance, the HHS OIG suggested that a physician compliance plan at least address these four areas of potential risk:
1. Coding and billing;
2. Reasonable and necessary services;
3. Documentation; and
4. Improper inducements, kickbacks, and self-referrals.
So make sure your compliance plan is addressing these risk areas. The list above is not exhaustive or all-encompassing, but they should be your starting point.