Back to Basics

Author: By Michael Manere, CHC, CHSP, Principal

Dec 15, 2022 | Compliance, COVID-19

The last two and a half years have been anything but business as usual for physician practices and healthcare organizations. From scrambling for PPE in the initial stages of the pandemic, to refitting offices and implementing processes to keep patients and staff safe, to adopting new digital and telephonic appointments, and all the adjustments and regulations around COVID diagnosis and treatment, everything seemed to be in flux. Even now, as we head into the beginning of the traditional flu season, there are still a lot of compliance and regulatory issues that need to be addressed on the fly.

But many of our clients are finding that now is also a good time to take a step back and evaluate their basic compliance procedures to make sure they are covering all the baseline activities to create a culture of compliance and safety that will be resistant to fines and penalties.

It is understandable that some simple regulatory housekeeping items have been neglected. We are finding it helpful to run clients through a checklist of the basic compliance blocking and tackling that needs to be up to date to assure compliance with HIPAA, CMS-OIG, OSHA, coding and billing regulations, and staff training requirements. We are also finding some practices want to add programs and training in areas that help to keep staff safe and productive at work like Management of Angry People, (MAP™), billing for new modalities of care, and other safety programs.

Time for a Checkup

As the year comes to a close, now is a good time to take a snapshot of what might need to be updated to assure you are following the latest government rules and regulations.


  • Exposure Control Plan in place
  • Hazard Communication Plan in place
  • Safety Data Sheet (SDS) book available to employees and maintained
  • Weekly/Monthly inspections and testing
  • Safety Device Evaluations being completed annually
  • Safety Training completed at least annually


  • Policies and Procedures in place
  • Business Associate and Vendor agreements completed and tracked annually
  • Security Risk Assessment (SRA) done annually
  • Exclusion list screenings being completed monthly
  • Notice of Privacy Practices posted in waiting rooms
  • Complete annual training

Compliance & Ethics

  • Compliance reporting mechanism in place
  • Monthly compliance whistleblower report generated
  • Compliance Committee formed and meets annually
  • Policies and procedures in place
  • Annual training complete

This is just a quick reference checklist to ensure you’re covering the basics, but we encourage all of our client to connect with us to review their compliance plan in more detail as we approach the new year.