top of page

Case Studies

In an era where healthcare regulations are increasingly complex, maintaining compliance is critical for safeguarding patient trust and avoiding substantial penalties. This collection of case studies delves into real-world scenarios where healthcare organizations faced compliance challenges, offering insights into the strategies and solutions that led to successful outcomes.

Enhancing Anti-Kickback and Stark Law Compliance in a Nursing Home

A mid-sized nursing home facing potential compliance issues related to the Anti-Kickback Statute (AKS) and Stark Law. The facility had a history of informal relationships with referral sources and lacked comprehensive compliance measures. The nursing home needed to ensure compliance with AKS and Stark Law to avoid severe penalties and maintain operational integrity.


Key issues included:


  • Inadequate conflict of interest documentation.

  • Informal and potentially non-compliant referral practices.

  • Lack of structured compliance policies and procedures.

  • Insufficient staff training on AKS and Stark Law.

Enhancing Billing and Coding Compliance in a Physician Practice

A physician practice with concerns about the accuracy of their billing and coding practices. Leadership suspected that some doctors were not coding correctly, potentially leading to compliance risks. The practice faced several significant compliance issues:


  • Upcoding and Inappropriate Modifiers: Some physicians were billing higher-level services than provided and using incorrect coding modifiers.

  • Chronic Care Documentation: There were problems documenting chronic care, including distinguishing between complex and non-complex cases.

  • Medicare Requirements: Physicians struggled to differentiate between physical exams and annual wellness visits under Medicare guidelines.

  • Unsupported Diagnosis Codes: Diagnosis codes submitted were not always supported by patient  records, resulting in inflated risk adjustment scores.

  • Medical Necessity Documentation: Although physicians could verbally justify medical necessity, the documentation was often lacking, making it appear as though unnecessary treatments were provided.

Building a Robust Privacy Program

A managed care organization serving Medicaid populations across multiple states, required stringent adherence to privacy and security regulations. The organization needed to establish an effective privacy team to manage compliance with privacy regulations, develop new policies and procedures, and enhance training programs to ensure all staff were adequately trained in privacy matters. Additionally, the organization required a robust breach reporting process and effective handling of privacy-related complaints from members.

Streamlining Compliance for Managed Care Organizations

A managed care organization serving Medicaid and Medicare populations, frequently faced rigorous and regular audits from state and federal agencies due to the nature of their service population. These audits required comprehensive evidence of compliance across various departments, including corporate compliance and privacy. The organization's compliance and privacy teams were under constant pressure to provide clear and easily understandable evidence of compliance to auditors.

Transforming a Hospital's Maternity Ward in Crisis

A hospital faced numerous complaints from patients about its maternity ward, resulting in a severe crisis affecting patient safety and care quality. The maternity ward faced a multitude of issues:


  • Equipment Failures: Non-functional equipment and lack of proper maintenance.

  • Staff Shortages: Insufficient numbers of nurses, doctors, and midwives.

  • Unsanitary Conditions: Dirty facilities, including blood on walls and dead flies.

  • Poor Patient Care: Patients were not treated with dignity or respect, lacked information about labor, and experienced inadequate handovers between shifts.

  • Lack of Support: Staff felt unsupported by senior leadership and considered the unit unsafe.

  • Training Deficiencies: New staff, in particular, missed mandatory training, including resuscitation drills and emergency response.

Addressing a C. difficile Outbreak in a Hospital

The hospital experienced a devastating outbreak of Clostridioides difficile (C. difficile), resulting in numerous patient fatalities and a subsequent national inquiry. This occurred due to multiple failures in its infection control processes. Key issues included:


  • Delayed Identification: The outbreak was not identified early enough, leading to widespread infection.

  • Inadequate Infection Control: Ineffective infection control measures contributed to the rapid spread of the disease.

  • Insufficient Training: Staff were not adequately trained in infection prevention and control protocols.

  • Poor Use of PPE: Personal protective equipment (PPE) usage was inconsistent and improper.

  • Leadership Gaps: There was a lack of strong leadership to manage the crisis effectively.

Revitalizing a Hospice's Medicare Compliance and Revenue

A hospice organization struggling with documentation and coding practices, leading to significant financial losses due to non-compliance with Medicare requirements. The hospice was not using an electronic health record (EHR) system to manage patient records, leading to several compliance issues:


  • Inadequate documentation of care planning.

  • Lack of evidence showing patients' terminal conditions, justifying hospice care.

  • Insufficient review by the medical director.

  • Failure to provide necessary certifications to Medicare, affecting patient eligibility for Medicare funding.


Due to these issues, Medicare auditors reclaimed over $2 million, putting the hospice at financial risk.

Navigating Compliance for a Home Care Agency

A small home care agency faced significant challenges in managing compliance with the varied and complex requirements set forth by multiple managed care organizations. Contracted to provide personal care services, the agency was struggling to keep up with the differing rules each managed care organization imposed. These included various staff training requirements, differing compliance and privacy training mandates, quality standards, background checks, insurance requirements, and staff certification criteria.


The agency's limited resources and lack of in-depth knowledge made it difficult to parse through the different contracts and understand the specific obligations. Consequently, when audited by individual managed care organizations, the agency was often found non-compliant. This non-compliance risked clawbacks of funds from health plans, loss of contracts, and/or being placed on corrective action plans with additional scrutiny.

bottom of page