Structuring Compliance Policy & Procedures with a Compliance Document Template

Richard P. Kusserow | March 2024

Every HHS Office of Inspector General (OIG) compliance document stresses the importance of the development and distribution of written policies and procedures to ensure compliance with all applicable laws and regulations.[1]  Healthcare organizations may encounter a lot of challenges in carrying the OIG’s recommended guidance.  A good starting point is to establish a formalized process for policy development. This includes implementing form, format and process for development and implementation of new and revised policy documents.

When beginning the process it is important to understand that a policy statement conveys officially approved guiding principles or courses of action. And, furthermore, is a general description of a course of action serving as a guide toward accepted strategies and objectives.  Whereas, procedures convey a means by which a policy can be accomplished by defining and outlining officially approved processes and standard practice instructions.  In short, procedures provide a description of how a policy is to be carried out and define courses of action to meet planned objectives.

Learn about our Policy Resource Center.

Get a Free Quote & Demo

Compliance Policies and Procedures Template

Developing a policy template is very important, particularly because it will prevent missing any key element when drafting a policy document.   It has the added benefit of making the policy documents immediately recognizable to everyone. The following general policy document template and format is suggested for developing all compliance related policy and procedure documents:

  1. Header Block. The header block should include a number of things, including but not necessarily limited to (a) the title of the policy document; (b) identity of the department responsible for drafting, reviewing and enforcement of the policy; (c) effective date of the policy; (d) policy number; (e) date of approval; (f) identity of approval authority; (g) whether it replaces or modifies and existing policy; and (h) number of pages inclusive in the document.  The title should clearly identify the general topic of the policy and assist those who may be searching for guidance on the policy’s topic area. It should also indicate whether the policy is replacing an existing policy and the last revision date.  All of this information is critical to proper policy management. The effective dates of implementation and revisions must be maintained.  If an issue arises, the dates of implementation and applicable revisions are absolutely essential.
  2. Background. The background section explains the context by which the policy has been created, such as changes in law, regulations, standards, compliance guidance, etc. This can be used to introduce the context of the policy document.  If the policy relates to a specific law, regulation or compliance standard, this section can explain how the policy document is designed to address that issue.  It can also be used to relate and/or differentiate the particular policy document to other written guidance.   This section should assist covered persons’  understanding and application of the policy.  It is best to have this section precede the statement of purpose.
  3. Purpose. The purpose statement outlines what the policy document is designed to achieve. When developing a policy document, begin with a statement of purpose that defines the intent and objectives of the policy.  It should be relatively short and direct.  It is suggested that it begin with an active verb such as, “To promote…., To comply…., To ensure…., etc.
  4. Scope. The scope explains the range of application of the document in terms of covered persons, facilities, sites, etc.
  5. Definitions. In many cases there will be terminology used that requires understanding and clarification in order to meet the intention of the policy document.  These may be of a legal nature or specific to the organization or the type of work.  Therefore, inclusion of definitions provides a clear understanding of key terms used in the policy document. It is advisable to cite the authority for the definitions being used.
  6. Policy Statements. Each policy statement should reflect the basic objectives of the organization and a description of the general guiding principles or rules.
  7. Procedures. Procedures provides detailed procedural requirements, methods and guidance on how covered persons are expected to act in accordance with the policy.
  8. Related Policies. It is important that policies addressing similar or related issues be linked to ensure that they are consistent.  There is nothing worse than having issues or incidents arise only to find the written guidance on the subject is in conflict. Furthermore, including related documents provides additional documents that may be helpful to covered persons in complying with the policy.
  9. References/Citations. The references or citation section is used for legal and regulatory citations and government guidance documents, as well as citing internal organization documents.  If the policy document was in response to legal or regulatory authority, that authority should be noted along with a list of supporting and source documentation used to validate the policies and procedures. This can also be used to reference other internal documents, such as Code of Conduct or Standard Operating Procedures.

This article only touches on the subject of policy development.  More information and details concerning types of compliance policies, as well as development and management can be found at the Policy Resource Center [2]

[1].Department of Health and Human Services Office of Inspector General. Publication of the OIG Compliance Program Guidance for Hospitals. 63 Fed. Reg. 35, 8987 (Feb. 23, 1998).


About the Author

Richard P. Kusserow established Strategic Management Services, LLC, after retiring from being the DHHS Inspector General, and has assisted over 3,000 health care organizations and entities in developing, implementing and assessing compliance programs.