Skip to main content

By: Donna M. Gale, V.P. Compliance, Integrated Home Care Services, Inc. (IHCS) 

As one of the more technical and complicated aspects of healthcare, Compliance management is a continuous challenge for an organization. In the face of ever-evolving reimbursement guidelines, changing laws and policies, and frequently updated data security standards, it is a struggle for even the most diligent of organizations to keep abreast with the latest updates.

Too often, leaders find that they’ve fallen behind on the latest regulations and standards when finding their organization suddenly hit with a Medicare Cert audit or possibly a civil/criminal lawsuit. With your organization’s reputation and operating license on the line, non-compliance has always represented an outsized risk.

But in the year ahead, this is set to grow: state and federal government oversight and investigations are expected to increase significantly. These bodies are looking to ensure that funds from pandemic-era government relief programs were allocated appropriately and utilized responsibly.

Regulators will expect that your health plan’s monitoring and oversight processes are robust, well documented, and comprehensive.

For most health plans, this may be a voluminous undertaking for their overtaxed, existing internal resources. That’s why partnering with a First-tier, Downstream and Related (FDR) entity that specializes in compliance research, practices, and execution can be essential for a plan’s long-term viability and growth.

In the sections that follow, follow me on a journey of what the top compliance issues of today look like. We will explore the essential elements of a strongly crafted compliance program, as well as the proactive benefits of an end-to-end FDR compliance partner like IHCS.

The Biggest Compliance Challenges Facing Health Plans Today

To understand the most effective ways to ensure compliance, it is important first to understand the major compliance challenges facing the industry today. Some represent issues as old as the health care system itself; some are the “new players come to town”!

  1. Fraud, Waste & Abuse

    Whenever you read an article about FWA, notice the words used in the headline…

    Fighting Fraud…
    Combating Waste…
    Battling Abuse…

    Why? Because we are at war with those individuals and entities that hurt the health and well-being of individuals and society. Medicare and Medicaid fraud is rampant: taxpayers lose more than $100 billion each year because of it, according to an estimate from the National Health Care Anti-Fraud Association. Since the pandemic’s Covid-19 relief funds became available, these crimes have been on the rise. They can take shape in a myriad of ways, including billing for unapproved Covid tests or pills, sending fake medical devices and durable medical equipment (DME) to imaginary patients, billing for imaginary home health-care services, and even more!
    Oversight for home health has been on the rise; in 2021 alone, the federal government oversaw a return of nearly $2 billion in fraud settlements. Provider-related abuse is also rampant, with surveillance focusing on kickbacks, phantom billing, upcoding, pharmacy fraud, and more. These cases are important because overt fraud, waste and claims abuse deplete a system meant to serve everyone, and result in employment taxes increasing nationwide.

  2. Ensuring Accurate & Fully Approved Provider Credentialing

    Comprehensive provider credentialing is highly important for any healthcare organization, not only to ensure high quality care and patient safety, but also to avoid malpractice suits or government investigations that impact an organization’s reputation. In addition, rigorous credentialing also expedites an organization’s enrollment within payer networks.
    Credentialing-related denials can impact practice and system revenue on many levels – and is on the rise. In 2021, more than half of all medical practices (54%) reported that denials related to credentialing have increased. As there are handfuls of databases, education, criminal, and other databases to reference, credentialing is a complicated, rigorous, and time-intensive process. Unlike hiring, credentialing is not a one-and-done checklist; routine monitoring and re-credentialing is required by most government agencies every three years.

  3. Pursuing Quality & Performance Improvement

    Patient safety compliance is top of mind for CMS, which released an updated set of clinical, quality, and safety standards for 2023. Quality Assessment & Performance Improvement Programs (QAPI) are required for every Medicare-certified provider organization. Designed to promote patient safety and reduce harm, they allow an organization to examine its own quality of care and then design informed improvement activities and protocols.
    Surveyors evaluate organizations’ abilities to improve performance and quality based on their own benchmarks – to determine whether every organization is working toward proactively identifying troubling care episodes, policies, or practices – and whether these efforts are sustained over time. If a facility does not meet QAPI requirements, they risk noncompliance.

  4. Protecting Against PHI Leaks & Data Security Breaches

    Cyber-attacks levied against hospitals and health systems are on the rise:
    In 2023 so far, 36 million people have been impacted. Not only do these attacks threaten personal and private information, but they also impact the ability of organizations to deliver timely care when it is crucially needed.
    To help protect individuals, HIPAA compliance standards exist that ensure organizations proactively protect personal health information (PHI). Organizations must evaluate how they are safeguarding PHI through a trifecta of safeguards (administrative, technical, and physical), and work to implement additional layers of security through firewalls, antivirus software, data encryption, and more.

When in doubt, ensure the Seven Elements of an Effective Compliance Program are deeply rooted in your business.

When navigating the complicated landscape of compliance, always begin with the Office of the Inspector General’s (OIG’s) recommended seven elements of an effective compliance program. These steps can help ensure that your organization can meet the gamut of government and regulatory body requirements for a high quality, safe, and fully compliant Medicare Advantage or other home care plan.

  1. Document everything. It is important to create a standardized set of written policies, procedures, and standards of conduct both to socialize internally and train staff, and to demonstrate your organization’s strict compliance protocols during audits and government oversight investigations.
  2. Appoint oversight. If possible, create a leadership position for a Compliance Audit, who will be responsible for upholding policies and ensuring your organization is proactively staying abreast of the latest regulations and changes. Ideally, this officer will partner with a broader committee and governing body to help set policies and oversee their practice.
  3. Invest in training. Policies only come to life through effective training and education programs that help ensure individuals at every level and from every department are cognizant of the best practices.
  4. Routinely monitor. As mentioned above, compliance is not a “set it and forget it” mindset. With regularly changing protocols, standards, regulations, and policies, every organization must establish an effective system for monitoring changes and conducting internal tests and audits.
  5. Develop a feedback loop. Inevitably, some area of your organization will require updating to stay ahead of the latest rule change. Ensure that your teams can promptly respond to any compliance issues that arise and that they are supported from all levels in addressing the claim and updating routine procedures and protocols.
  6. Hold everyone accountable. Organizations remain compliant when everyone feels a shared sense of ownership over policy adherence, monitoring procedures, and oversight committees. Build this mindset into your organization, so that every team member at all levels understands the shared responsibility of being a compliance steward – also, ensure that the disciplinary actions of noncompliance are well publicized.
  7. Quickly react. Any detected offenses should be swiftly handled – and corrective actions should be clearly outlined and followed.


How will IHCS Support Optimal Health Plan Compliance?

Facing increased scrutiny and stricter government oversight, health plans need a trusted partner organization to help them navigate the complex, ever-changing landscape of compliance, policy, and regulation. At IHCS, we help our partner organizations remain compliant with a well-documented, robust, and comprehensive monitoring and oversight plan to ensure adherence to the highest reporting and quality standards.

Our compliance rewards program is a fully comprehensive, end-to-end program that evaluates both upstream and downstream risk to mitigate any potential issues. We collaborate closely with our health plan compliance officers and departments – when any potential regulatory gaps are identified.

We enforce risk mitigation tactics to ensure that the essential early prevention, detection, and correction actions are all quickly identified. Here are a few of the tactics IHCS employs:

  • Maintaining regulatory exhibits: We know how plans will be evaluated, so we work to ensure that metrics, service level agreements, and policies are all clearly outlined to ensure everything is documented clearly and to code.
  • Developing tracking dashboards: We set up a recurring report and log to ensure regular data transfer and proactively monitor all information.
  • Trending and remediation practices: We regularly review data for accuracy, timeliness, and completion to ensure that your organization is on track with the latest requirements.


At IHCS, we set your plan up with a rigorous “three step defense program” to ensure it can proactively defend against any risk event.

As your first line of defense, we partner with you to ensure there are internal controls set in place to identify and mitigate risk through regular risk monitoring, identification, and management.

On a secondary level, we build a risk and issue management framework that helps ensure growth while also providing continual monitoring and oversight.

Lastly, we cooperate with and actively participate in global health plan audits of our compliance program. These audits verify that an independent evaluation of our Compliance, Credentialing Claims, and UM effectiveness has been performed and scored.  Through rigor, transparency, and collaboration, we work to ensure our program is fully compliant with a Health Plan’s Compliance initiatives.


Speak to one of our team members about our Compliance Program by clicking here.

Donna M. Gale is V.P. of Compliance at IHCS, where she oversees the organization’s quality management and compliance programs, as well as its risk management activities. She chairs IHCS’ Quality/Performance Improvement and Compliance Committees and also partners with legal counsel in order to minimize liability and risk organization-wide. She has established 14 active corporations and holds 11 TPA licenses in various states nationwide.