Compliance with attestation requirements: Tips for FDRs

Bethany A. Corbin (bcorbin@wileyrein.com) is an attorney at Wiley Rein, LLP in Washington, DC and focuses her practice on healthcare, privacy, and cybersecurity.

Establishing a robust and comprehensive compliance program is crucial to the prevention, detection, and mitigation of risk. To assist Medicare Advantage Organizations (MAOs) and Medicare Prescription Drug Plans (Part D) with the creation of an effective compliance structure, the Centers for Medicare & Medicaid Services (CMS) has published extensive guidance on this topic.[1] Although CMS controls the compliance requirements for MAOs and Prescription Drug Plans, it does not have direct authority over a first tier, downstream, or related entity’s (FDR) compliance program.[2]

Instead, CMS establishes requirements and guidance for sponsors of Part D Plans and MAOs to use regarding oversight of their FDRs. This guidance necessarily vests sponsors with discretion regarding how to effectuate and conduct FDR oversight for compliance purposes. Indeed, because sponsors that engage FDRs maintain ultimate responsibility for satisfying all Medicare program requirements, it is common for them to flow down certain compliance requirements and mandate confirmation or proof of compliance. This proof typically takes the form of an annual attestation document or certification. This article discusses the most common sponsor attestation requirements, and offers tips for how FDRs can build successful compliance frameworks.

This document is only available to members. Please log in or become a member.
 


Would you like to read this entire article?

If you already subscribe to this publication, just log in. If not, let us send you an email with a link that will allow you to read the entire article for free. Just complete the following form.

* required field