Certified ProfessionalCompliance Officer (CPCO)certification

1. Healthcare Compliance Program History

This section evaluates your understanding of the foundational events and agencies that shaped modern compliance.

Historical context: Origins of healthcare laws in the United States.

Industry Investigations: Lessons learned from past federal healthcare investigations.

Federal Sentencing Guidelines (FSG): The role of FSGs in providing the framework for effective compliance programs.

Implementation of Guidance: How the OIG (Office of Inspector General) began issuing specific program guidance.

Regulatory Agencies: Roles of the OIG, CMS, DOJ, and the OCR.

Current Statistics: Knowledge of CERT (Comprehensive Error Rate Testing) reports and national healthcare expenditure trends.

2. OIG Compliance Program Guidance

This is a critical area focusing on the OIG’s "Seven Core Elements" and specific guidance for various entities.

The Seven Core Elements:

Standards of conduct and written policies/procedures.

Designation of a compliance officer and committee.

Effective training and education.

Effective lines of communication (e.g., hotlines).

Enforcement of standards through well-publicized disciplinary guidelines.

Internal monitoring and auditing.

Prompt response to detected offenses and corrective action.

Specific Entity Guidance:

Individual and small group physician practices.

Third-party billing companies.

Clinical laboratories.

Hospitals (Supplemental Hospital Guidance).

3. Key and Other Risk Areas

This domain tests your ability to identify common pitfalls and "red flags" in physician practices and facilities.

Clinical Documentation: Accuracy and completeness of the medical record.

Conflicts of Interest: Identifying and managing personal/financial interests.

Gifts and Gratuities: Policies regarding pharmaceutical reps and patient gifts.

Medical Necessity: Understanding the criteria for "reasonable and necessary" services.

Billing Risks: Incident-to services, overpayments, credit balances, and teaching physician guidelines.

Advanced Beneficiary Notices (ABN): Proper use of ABNs for non-covered services.

Specialized Services: Certifications for home health, therapy, and medical necessity for durable medical equipment (DME).

4. Fraud and Abuse Laws

You must demonstrate a high-level understanding of the legal statutes used to prosecute healthcare non-compliance.

False Claims Act (FCA): Civil and criminal penalties for submitting false claims.

Anti-Kickback Statute (AKS): Prohibitions on remuneration for referrals; understanding "Safe Harbors."

Stark Law (Physician Self-Referral): Limitations on referrals for "Designated Health Services" to entities where the physician has a financial interest.

Civil Monetary Penalties (CMP): Knowing the dollar amounts and triggers for fines.

Legislation: Fraud Enforcement and Recovery Act (FERA) and the Patient Protection and Affordable Care Act (PPACA) impact on compliance.

5. Other Laws and Regulations

Compliance covers more than just billing; it includes patient safety, privacy, and employee welfare.

HIPAA: Privacy, Security, and Breach Notification Rules; the role of the Office for Civil Rights (OCR).

EMTALA: Anti-dumping laws for emergency departments.

CLIA: Laboratory certification and quality standards.

OSHA: Workplace safety, bloodborne pathogens, and hazardous communication.

RICO & Wire Fraud: Knowledge of how organized crime and mail/wire fraud statutes apply to healthcare.

6. Investigation Process and Auditing

This section covers what happens when compliance fails and an investigation begins.

Legal Processes: Handling subpoenas and search warrants.

Legal Counsel: When to engage attorney-client privilege.

Self-Disclosure: The OIG and CMS Self-Disclosure Protocols.

Whistleblowers: Qui tam actions and protection for employees reporting fraud.

Integrity Agreements: Differences between Corporate Integrity Agreements (CIAs) and Certification of Compliance Agreements (CCAs).

Audit Contractors: Roles of RACs (Recovery Audit Contractors), UPICs (Unified Program Integrity Contractors), and MFCUs (Medicaid Fraud Control Units