OIG wants to see two (new) high priority areas in compliance programs

Healthcare providers may routinely focus on quality of care and patient safety, but under new compliance guidance, they could be doing the right things the wrong way.

The Office of Inspector General (OIG) wants to see quality and patient safety oversight rolled into provider compliance programs, with specific reporting mechanisms in place.

In late 2023, the OIG issued comprehensive new compliance guidance underscoring the importance of quality of care and patient safety. The General Compliance Program Guidance (GCPG) updates descriptions of all elements of an effective compliance program.

New guidance directs healthcare providers to establish quality audits and reviews in these areas. It also requires senior leadership to make regular reports to the organization’s Compliance Committee on patient care quality and safety.

Specifically, the OIG recommends that organizations:

  • Audit and review quality and patient safety incidents
  • Conduct root-cause analyses
  • Design or approve corrective action plans
  • Track the implementation and effectiveness of corrective plans

OIG compliance guidance requires some changes.

Providers may already be tracking and reporting on patient safety incidents, but traditionally, quality and safety programs have been treated as separate from compliance.

This means the new guidance requires some restructuring at many organizations.

SimiTree’s compliance experts work with providers to make certain their overall compliance programs adequately reflect the new priority focus on these two areas. We assess risk, identify vulnerabilities, and help providers put into place all the self-auditing and reporting measures required under the new guidance.

As part of these changes, we can also help providers implement new processes and optimize their EHRs to create dashboards that mitigate the risk of patient harm by alerting the organization about quality and patient safety concerns.

It's important to structure all reporting processes for full compliance, ensuring fully compliant involvement and leadership from the governing board. Organizations must ensure their governing boards receive regular reports on the system of internal quality controls, quality assurance monitoring, patient safety, and patient care.

Including quality and safety in compliance programs.

Here are a few tips for making certain your organization adequately addresses quality of care and patient safety as part of its ongoing compliance program.  

  1. COMMITTEE REPRESENTATION. Make certain your organization’s Compliance Committee includes members who are responsible for quality and patient safety.

  2. REQUIRED REPORTING. Focus on regular organizational communication in the areas of care quality and patient safety. Minimum reporting requirements should include:
  • Clinical and quality leadership routinely share information – including internal audit findings and incident reports – with the Compliance Officer.
  • Senior leaders regularly report to the organization’s Compliance Committee on matters of quality and patient safety.
  • The governing board regularly receives reports on internal quality controls, quality monitoring, patient safety, and patient care.

3.  AUDITS & REVIEWS. Establish a program for regularly performing quality audits and reviews. Ideally, an audit and review program will consist of routine internal audits and comprehensive risk assessment.

4. EHR OPTIMIZATION. Optimize your organization’s EHR to use flags, alerts, and tracking systems to enhance compliance efforts.    

Start with a full compliance assessment.

A full compliance assessment is an excellent first step for an organization looking to restructure quality and safety within its overall compliance framework. 

SimiTree will identify all patient safety, quality of care, privacy and security vulnerabilities that need to be considered – as well as discovering any areas of risk that could lead to government audits, claims of overpayments, or liability under statutes such as the False Claims Act. Key areas evaluated under our compliance assessments include regulatory and business requirements, professional oversight, quality and patient safety, and clinical workflows.

Reach out to us today, and let’s work together to shore up your organization’s compliance.

Make sure you’re subscribed.

It's more important than ever to stay abreast of compliance issues in 2024 -- and I don’t want you to miss any of my new Weekly Compliance Reports. Be sure to add your name to the subscription list.

Why not invite the compliance officers you know to sign up as well?

Have a compliance question?
SimiTree’s certified healthcare experts can help! Our team consists of former auditors and surveyors from various healthcare settings. We have the know-how and experience to help your organization mitigate risk. Reach out to us today with all your compliance needs.


J’non Griffin serves as Senior Vice President for the Compliance as well as Coding divisions at SimiTree. With a healthcare career that spans three decades, she has a track record of helping many provider types implement effective compliance programs. She has worked with organizations nationwide  to develop compliant emergency preparedness and operation plans, implement fully compliant plans of care, and meet regulatory demands. As an AHIMA ambassador, Griffin was instrumental in preparing the coding community for the launch of ICD-10.