insights header image

Who Are the Players in Healthcare Compliance?

Who Are the Players in Healthcare Compliance?

05/14/2019  |  Jorge Martinez, APS Corporate Compliance Officer/CSM

For all of us who work in healthcare, we know that there are endless rules and regulations that govern our industry.  With so many rules, it can often seem and feel overwhelming, because we are so focused on what needs to get done today.  We know it is important to stay abreast of the rules that pertain to our jobs, but it can be difficult to keep up with information seemingly coming from many directions.  

Due to this confusion and in order to make sense of it all, let’s take a step back and review our understanding of compliance.  We can do this by understanding the basic structure of healthcare in the U.S. and see how it all fits into the puzzle.

U.S. Department of Health & Human Services: 

HHS is the main agency through which all healthcare regulation and services are provided in the United States.  Within HHS, there are 8 U.S. public health services agencies that operate.  We will touch on three of these agencies that are mostly relative to this discussion:

  • Centers for Medicare & Medicaid Services (CMS)
  • Office for Civil Rights (OCR)
  • Office of Inspector General (OIG)

Centers for Medicare and Medicaid Services (CMS):

There are approximately 90 million Americans who are covered through Medicare, Medicaid, and the State Children’s Health Insurance Program.1  CMS is the single largest payer for healthcare in the United States, according to its website.

This is a good place to start for us to know from where most of our billing guidelines stem.  From a billing and compliance perspective, CMS provides:

  1. Guidelines on covered services for medical necessity (NCD & LCD);
  2. Pricing on covered services;
  3. Rules for insurance companies that participate in Medicare Advantage plans; and
  4. Billing and documentation guidelines for payment.

Office for Civil Rights (OCR):

The OCR enforces, as it pertains to healthcare compliance:

  1. Health Insurance Portability and Accountability Act (HIPAA) Privacy;
  2. Security and Breach Notification Rules; and
  3. Patient Safety Act and Rule.2

These rules are governed and enforced under the OCR, because your personal information and your right to privacy does not only pertain to healthcare, but also to all organizations that are entrusted with your personal and private information.

Office of Inspector General (OIG):

The OIG's mission is to "protect the integrity of Department of Health & Human Services programs as well as the health and welfare of program beneficiaries."3  Since its establishment, this agency has been at the forefront of the nation's efforts to fight fraud, abuse, and waste in Medicare, Medicaid, and more than 100 other HHS programs.

They accomplish this through:

  • Enrollment – scrutinize individuals and entities that want to participate as providers and suppliers prior to their enrollment in healthcare programs
  • Payment – establish payment methodologies that are reasonable and responsive to changes in the marketplace
  • Compliance – assist healthcare providers and suppliers in adopting practices that promote compliance with program requirements, including quality and safety standards
  • Oversight – vigilantly monitor programs for evidence of fraud, waste, and abuse
  • Response – respond swiftly to detected fraud, impose punishment to deter others, and promptly remedy program vulnerabilities.

Your compliance officer and/or person responsible for compliance in your practice rely on the OIG as a guide to provide your board of directors or CEO with the tools to implement an effective compliance program in your organization.

We’ve learned about HHS and the agencies that work under HHS such as CMS, OCR, and OIG.  This is a good start from which you can base many of your compliance guidelines and rules.  To learn more, visit their websites:

  • U.s. Dept of Health and Human Services (HHS) - HHS
  • Centers for Medicare and Medicaid Services (CMS)- CMS
  • Office of Civil Rights (OCR) - OCR
  • Office of the Inspector General (OIG)- OIG


  1. CMS Road Maps Overview , page 1
  2. About OCR
  3. About OIG
Back To Insights