HCCA 2016: CIAs: Tips on Avoiding, Complying and Negotiating Them

Posted on
April 20, 2016

Living under and in compliance with a Corporate Integrity Agreement (CIA) is no easy task.

Submit your email below to receive this post directly in your inbox

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Michael Rosen, President, ProviderTrust Inc
Lisa S. Rivera, Member, Bass, Berry & Sims PLC
Susan Gillin, Deputy Branch Chief, Office of Inspector General-U.S. Department of Health and Human Services

Living under and in compliance with a Corporate Integrity Agreement (CIA) is no easy task. Not every violation results in a CIA, but when one becomes necessary there are a few things to consider. Negotiating the terms of a CIA usually addresses the following categories:

  1. Scope – addressing specific problems with demonstrable focus
  2. Degrees – compare previous protocols to those proposed or seen in other cases
  3. Prevention – indicate measures in place and successes
  4. Accountability – staff training and accountability measures
  5. Internal testing – probes, sample size, extrapolation
  6. Costs
  7. Compliance expert – independent advisor
  8. Independent Review Organizations (IRO) – paid for by provider but answers to OIG

Once a CIA is in place, your organization will need to develop a plan for compliance under it’s terms. A critical step is simple, but can be extremely difficult: get everyone on board. Depending on the compliance tone and program development, this can entail a major culture shift. It’s not realistic to expect change in a single day, but championing the effort and taking the CIA seriously from day one will start your organization in the right direction.

Implement the CIA provisions and report efforts to the OIG. Communicate details such as who will sign certifications of compliance, who will be responsible for implementation, systems and areas impacted, and any documents and electronic information impacted. You’ll want to develop a schedule or CIA compliance work plan and, importantly, test it.

The OIG publicly posts CIAs online, if you haven't, we recommend reading through one.