Outsourcing the Compliance Program

Some organizations decide that hiring an outsourced compliance Program(e.g. Cheif Compliance Officer, Director of Compliance, HIPAA Security Officer, HIPAA Privacy Officer, etc.) to assist directly in the operation and management of their compliance program is the best approach. The Large Groups or Covered Entities are mandated to designate an internal Compliance Officer and precluded to outsource the entire Compliance Effectiveness program to an outside Firm. Small Group or Individual Practice, however, have more wiggle room and are allowed to designate Compliance Officers and Program from an outside firm. If your organization is precluded from outsourcing, another option is to work with Mecd-Prov using Co-Sourcing Compliance Program.

There are three variations on this; (a) employing a consultant as an Interim Compliance Officer (ICO) for a temporary period, (b) engaging a consultant to be the External or Designated Compliance Officer (DCO) to manage the compliance program, and (c) Outsourcing all facets of the Compliance Program to a consulting firm.
It is increasingly common for healthcare organizations to outsource their compliance program to Interim Compliance Officers to temporarily fill gaps when an incumbent leaves, or smaller organizations outsourcing the compliance function to an individual or firm to assume responsibility by providing a Designated Compliance Officer. In an Outsourcing scenario, ownership of the Compliance Office is transferred to an expert firm that provides needed expertise.

Choosing to hire an outsourced compliance officer is often driven by the challenge of finding the right resources to support compliance programs. This has driven demand for compliance experts, and in turn, is driving available supply of quality candidates down, causing costs of qualified, experienced talent to go up. This is especially challenging for organizations that have tight budgets, while at the same time face high regulatory scrutiny and risk. However, many small organizations find that with a highly experienced expert, it may not be necessary to have someone on site full time. In fact, the OIG recognized this, when they suggested using outside experts as an option, however: “if this role is outsourced, it is beneficial for the (contracted) compliance officer to have sufficient interactions… to be able to effectively understand the inner workings” of the organization. They also recognized that an outsourced chief compliance officer may serve multiple organizations.

Co-sourcing the Compliance Program

Co-sourcing is a good option and “middle ground” between In-sourcing and Out-sourcing. It is the practice of collaborating with Compliance Team to assist in meeting Compliance Program responsibilities. This approach is also recognized by the OIG as a useful solution to where an organization is limited in its compliance expertise and resources. It is rare to find any Compliance Office able to have all of the technical and expert resources it requires on hand, at all times. Therefore, attempting to have full-time staff available to meet every internal audit need is not a practical approach. For those Compliance Officer lacking the capacity to carry out all the needed tasks and maintaining the full range of specialists on payroll to meet every compliance need at all times; Co-sourcing may be the practical solution to meeting all the requirements of the office, especially given the complexities of the health care regulatory environment. Co-sourcing has been used to achieve the compliance program objectives by filling gaps in internal expertise and save time, money, and effort in recruiting additional staff. Through this method, knowledge is both retained and leveraged within the organization. In short, it can help bridge the gap in a manner that does not compromise the flexibility to easily return to a position where the Compliance Office can reassume full operation and end Co-sourcing at anytime, when staffing issues are resolved.

Med-Prov’s industry expertise, technology and operational risk resources provide a highly qualified solution on an ongoing basis to supplement an organization’s limited staff resources and carry out part of their workload, under direction of the Healthcare Compliance Officer. The Firm can address compliance shortfalls or provide specialized expertise, resources, leverage Policy and Standard Processes.

Our Compliance Officers, Clinicians, and Policy Experts can work with your Designated Compliance and Privacy Officers to integrate a strong and Effective Compliance Program so your Entity Reduces Risk, Minimize Audit Pitfalls, and Manage Risks.

  • We will Train the Trainers or Designated Officers
  • Provide Guidance and Review SOPs and Policies.
  • Collaborate with organization to roll-out an awareness training program.
  • Assist with team to conduct annul or bi-annual audits.
  • Track and Monitor any new or amended Regulations that ma impact Compliance program.
  • Assist with Clinical Coding Program Development including working with billing company Clinical Coders to rollout a strong Quality Management Program and prevent costly mistakes.

Med-Prov has the talent and expertise to provide you with a wide variety of co-sourcing options that permits the Compliance team to maintain control of the compliance program, while utilizing our experts to augment staff or to perform specific projects. The Firm has the depth and breadth of experience to assist with specific issues, risk assessments or special projects. By co-sourcing with Med-Prov, it enables the Company to effectively manage costs while addressing staffing and technical needs, ultimately increasing the effectiveness of the compliance program.

Interim Compliance Program

Another Option Med-Prov provides to it’s clients is the option for our team to design a Compliance program at inception and ensure the Documents, Processes, Training, and ongoing audits and reviews can be sustainable upon transitioning the tools and practice internally within your organization.  This option is generally favored by practices groups or individual practice whom have recognized vulnerabilities and gaps in adhering to Medicare and Medicaid Compliance program including HIPAA Privacy and Security Laws.  We generally work initially with the practice to better understand the current state of affairs and design a program specific to each organizational need.

  • Conduct Initial Risk Assessments and Vulnerability Studies
  • Develop Outcome measures and identify deficiencies that may place company at risk.
  • Develop Standard operating Procedures and Policies customized for your organization.
  • Identify all Regulatory Provisions relevant to the Company’s Services
  • Implement all provisions mandated by HHS reduce risks and vulnerabilities.

What can we do for you?


Contact Med-Prov, LLC today to learn more about our services and how we can improve your bottom line.

Contact MedProv Today!

Med-Prov News & Updates

View All News