Independent physicians have latitude to follow the respective Corporate Compliance Program or to develop their own. See the requirements below for independent physicians.

Independent physicians have latitude in the following areas:

1. Record Retention – May follow the Record Retention Policy or may adopt their own record retention policy as long as the policy stipulates retaining documentation and records associated with managed care contracts in compliance with the contract terms (e.g., records associated with Humana must be retained for 10 years).

2. Compliance Contact and Reporting – Should designate a local compliance contact but ultimately compliance issues should be reported to the IHP Compliance Officer and to the appropriate Plan Sponsor in accordance with IHP Policy Potential Compliance Issues – Reporting, Investigation and Corrective Action. The IHP Compliance Officer can be reached at 630-527-3869.

3. Corporate Compliance Hotline – Reporting options must be widely publicized throughout the facilities. May use the EEH Corporate Compliance Hotline (800-901-7422) or its own as long as it:

a. Maintains confidentiality
b. Allows for anonymity if desired
c. Is available 24 hours a day

4. Standards of Conduct and Compliance Policies – Must adopt a standards of conduct document but may develop its own or opt to use the EEH Standards of conduct or an example from a Plan Sponsor such as Humana or Blue Cross Blue Shield. The standards of conduct must be provided to employees within 90 days of hire or contract and annually thereafter.

• Links to starter policies (Word)
  • Compliance with the Law Starter
  • Conflict of Interest Starter
  • Corrective Action Starter
  • Hotline Starter
  • Investigations Starter
  • Monitoring & Auditing Starter
  • Non-Retaliation Starter
  • Privacy & Security Starter

5. No Retaliation Policy – May adopt its own policy or follow EEH’s No Retaliation Policy which must be reinforced regularly with employees.

6. Compliance Training – Must be provided within 90 days of hire and annually thereafter. May use the training materials provided by a Plan Sponsor as long as they cover all of the annual requirements as defined by the Plan Sponsors.

7. Disciplinary guidelines – May select its own disciplinary standards but they must be enforced for compliance violations in a timely, consistent, and effective manner.

8. Querying Federal Exclusion Lists – May select its own method for querying exclusion lists as long as the querying is performed prior to hire or contract and monthly thereafter and includes the Office of Inspector General List of Excluded Individuals and Entities and the General Services Administration Excluded Parties Lists System (GSA). Finally individuals or entities appearing on these lists must be promptly removed from any work related to IHP in accordance with the Check of Provider Exclusionary Status and reported to IHP and the related Plan Sponsor(s).

9. Conduct internal monitoring and auditing – May select its own system for the identification and routine monitoring of compliance risks including accurate coding, billing and documentation as long as these risks are monitored and audited on a routine basis.

10. Conflict of Interest – May use its own conflict of interest policy as long as any disclosures are reviewed and conflicts addressed.

11. Respond promptly to detected offenses & undertake corrective action – May determine its own investigation techniques and corrective action in response to a potential compliance violation as long as a record is maintained of all employees involved and documentation related to the investigation as well as a log of complaints received and a record of all allegations which may constitute a violation of applicable Federal or State laws or regulations. Additionally, the corrective action plans must be detailed in writing and include ramifications for failure to resolve the deficiency satisfactorily. Finally, corrective actions must be monitored after their implementation to ensure that they are effective.

12. Privacy and Information Security – May select its own training format as long as employees are provided regular privacy and information security training to promote compliance with HIPAA.

Link to the Compliance Program Attestation

Independent providers must be able to provide documentation of compliance with these requirements.