We have a few established laws, rules, and regulations that govern medical billing. Disregard or breach of these laws and regulations, in the course of our billing operations, can result in one or more of the following:

  • Rejection of claims
  • Delay in reimbursement
  • Reduction in reimbursement
  • Fraud and abuse eventually leading to penalties.

Such laws, rules, and regulations may be set down by the Federal and State governments or their agencies, such as the various Workers Compensation Boards, Department of Veterans’ Affairs, Department of Health and Human Services, Social Security Administration, etc.

The Health Care Financing Administration (that controls the Medicare and Medicaid Programs). Office of the Inspector General (OIG), the Department of Justice (DOJ), the FBI.

The individual insurance companies managed care organizations. In the initial phase, Federal and State government laws, including HCFA regulations, were formulated to prevent fraud and abuse in the health insurance industry, especially in Federal programs such as Medicare and Medicaid. In other words, compliance amounts to following (or complying with) these laws and regulations and ensuring billing offices maintain high ethical standards in the conduct of their business, including the entire range of billing operations, beginning with the entering of patient demographics to the refund of overpayments.

When we adhere to these rules, we are said to be in compliance, i.e., our business operations comply with federal and state laws concerning such corporate activities.


The Office of the Inspector General (OIG) has published guidelines to help health care organizations implement a compliance program to prevent fraud and abuse in their respective practices.

In view of the increasing efforts on the part of government agencies to detect and eliminate malpractice in the health care industry and help prevent losses to government health insurance programs due to fraud and abuse by health care agencies, the OIG has brought out these guidelines. Towards this end, the OIG has been given additional resources to fight health care fraud and abuse.

Billing practices will be seriously affected if there are any audit findings of fraud and abuse. This may result in the seizure of license and expulsion from the Medicare and Medicaid programs. Also, there may be fines amounting to several thousand dollars for every claim involved.

Given below are the essential elements that every compliance program should contain:

  • The development and implementation of written policies, procedures, and standards of conduct, with a special focus on areas where fraud or abuse is likely to occur.
  • The designation of a Chief Compliance Officer, who will preside over a compliance committee. This committee will operate and monitor the compliance program. The compliance officer will report directly to the CEO and the governing board.
  • The development and implementation of regular education and training programs for employees highlighting the importance of compliance.
  • Developments of effective communication lines, which can help uncover fraud and abuse cases and expedite corrective measures.
  • Enforcing established standards of conduct through disciplinary action against employees who disregard compliance rules.
  • Regular internal monitoring, auditing and evaluation procedures to help identify any breach of compliance rules, with particular focus on risk areas such as coding and claim generation.
  • The investigation of identified cases of the breakdown in compliance systems and procedures and responding adequately to any breach in compliance with expeditious corrective action.

According to the Office of the Inspector General, these are the seven fundamental elements that all compliance programs must contain.

SPECIFIC COMPLIANCE RISK AREAS for all third-party billing companies identified by the office of the inspector general.


  • Billing items or services are not actually documented.
  • Unbunding.
  • Upcoding, such as “DRG creep.” – “DRG creep” is billing with a DRG that provides a higher reimbursement rate than that which should be used.
  • Not following CCI guidelines
  • Unprofessional balance billing – billing Medicare beneficiaries for the difference between the total provider charges and the Medicare Part B allowable amount.
  • Inadequate resolution of overpayments.
  • Lack of integrity in computer systems – all billing companies should have a back-up plan system.
  • Software applications that encourage billing personnel to enter data in fields indicating services were rendered though not performed or documented.
  • Neglect to maintain the confidentiality of information or records.
  • Knowing the misuse of provider identification numbers.
  • Outpatient services rendered in connection with inpatient stays.
  • Duplicate billing.
  • Billing for discharge in lieu of transfer.
  • Failure to properly use modifiers.

Billing company incentives that violate the anti-kickback statute or other similar federal or state laws or regulations.

Joint ventures – OIG is concerned that these may violate the anti-kickback statute by providing incentives to induce improper referrals.

Routine waivers of co-payments and billing third party insurance only.

Discounts and professional courtesy

The 7 additional risk areas for billing companies that provide coding services:

  • Internal coding practices – these, including software edits, should be reviewed periodically to make sure they meet all government requirements.
  • “Assumption” coding – coding without supporting clinical documentation.
  • Alteration of the documentation.
  • Coding without proper documentation.
  • Billing for services provided by unqualified or unlicensed personnel.
  • Availability to maintain all necessary documentation at the time of coding.
  • Employment of sanctioned individuals

Compliance program policies and procedures should cover areas such as:

  • Evaluation of compliance risk areas
  • Hiring practices
  • Healthcare insurance and billing compliance
  • Medical records releases and informed consents
  • Professional courtesy discounts for services
  • Diagnosis and procedure coding for medical services
  • Medical necessity and documentation
  • Business and medical records retention
  • Confidentiality
  • Patient rights
  • Employee safety, rights and obligations, and
  • Environmental concerns