Health care providers such as hospitals and doctors face a variety of legal risks: malpractice, tax, and fraud, waste and abuse.

Recent cases have shown that fraud, waste and abuse exposure can dwarf the risk of malpractice and tax liability. Providers participating in federal health care programs (Medicare, Medicaid, TRICARE) are obligated to assess their fraud, waste and abuse risks and take steps to minimize those risks. Failure to do so exposes them to severe criminal, civil and administrative penalties, and reputational harm.

When the government or a whistleblower makes allegations of health care fraud, the immediate thought that comes to the public’s mind is the provider billed the government for dead patients or for services never provided. This is rarely the case. Allegations of fraud almost always center on arcane billing rules buried deep in government manuals. Frequently, the dispute concerns the adequacy of a provider’s documentation or the level of supervision over a service.

Providers participating in federal health care programs are presumed to know the statutes, regulations, CPT codes, manuals, national coverage determinations, local coverage determinations, bulletins and fee schedules applicable to their claims. Justice Oliver Wendell Holmes’s observation that “[m]en must turn square corners when they deal with the government,” has greatest force when government money is at stake. In other words, ignorance of the law – or applicable program guidance – is no defense.

So here are six steps providers can take to minimize their fraud, waste and abuse risk in the New Year:

1. Instill a culture of compliance. The only viable way to minimize fraud, waste and abuse risk is a strong commitment to compliance, which starts at the top and trickles down to all employees, independent contractors, consultants and others who participate in the provider’s business. A current compliance plan with adequate training, auditing, follow-up, and documentation is essential. The provider must always strive to and announce that it is committed to doing the right thing, not only in its dealings with federal health care programs, but with other payers and throughout its business relationships. Violators must be held accountable and reporters protected from retaliation. Getting compliance right is a competitive advantage and can enhance a provider’s value.

2. Follow the Office of Inspector General’s compliance guidance. The U.S. Department of Health & Human Services, Office of Inspector General, publishes voluntary compliance program guidance documents directed at hospitals, nursing homes, physician group practices, home health agencies, clinical labs, durable medical equipment suppliers, third-party billers, etc., [See http://oig.hhs.gov/compliance/compliance-guidance/index.asp].

3. Encourage delivery of bad news early. A culture of compliance is illustrated by a pharmaceutical executive who preaches, “Bad news delivered early is good news, but bad news delivered late is very bad news.” This is because a company’s resources can be deployed to fix problems before they metastasize, demonstrating the company’s commitment to compliance. Compliance problems not detected for a lengthy period of time will more readily draw government intervention and lead to exorbitant damages.

4. Resource compliance adequately. Providers should ensure that adequate resources are devoted to compliance activities. Each provider’s risk assessment and needs analysis will vary. As a general rule of thumb, the budget for compliance activities should be commensurate with the budgets for other areas of legal risk, e.g., tax compliance or malpractice.

5. Use benchmarking. The government and private payers are mining billing data to detect outliers. Providers should be proactive in evaluating their billing data and comparing it to similar providers locally, regionally and nationally. Compliance aspirations should be set annually and based on expectations of customers or industry benchmarks. If there are discrepancies, find out why.

6. Engage an experienced team of consultants. Depending on the provider’s capabilities, legal or consulting advice may be beneficial in developing the compliance plan, investigating certain compliance issues and responding to government inquiries.