In May 2025, the U.S. Department of Justice (DOJ) issued a white collar crime enforcement strategy that prioritizes what it called “high-impact” fraud. One month later, on June 10, DOJ leadership reiterated that enforcement will focus on conduct that undermines public trust—particularly in healthcare and federally funded programs.
The DOJ is placing specific emphasis on the following types of misconduct:
The DOJ’s recent guidance makes clear that compliance expectations apply to healthcare providers and organizations of all sizes—not just large systems.
At its core, compliance is about how your organization identifies and mitigates legal and ethical risk. But in practice, it must be built around your actual operations, staffing, and services. A copy-paste program designed for a hospital system won’t help a five-provider internal medicine clinic—or a growing DME or hospice agency.
A functional compliance program typically includes:
Designating a Compliance Officer—whether full-time, part-time, or contracted—ensures someone is accountable for overseeing your program. Even small practices should identify a lead person for implementation and reporting.
Covered entities and business associates under HIPAA should maintain written policies addressing privacy and data security, billing and coding, employee conduct, vendor and contractor oversight, and patient communications. These policies should reflect how the organization handles protected health information (PHI) and meet applicable federal and state requirements. Agreements with vendors and service providers—especially those involving access to PHI—should be reviewed for compliance.
Staff should receive regular training on core compliance topics, such as fraud and abuse laws, HIPAA (when applicable), and Texas-specific regulations including the Patient Solicitation Act. New employees should be onboarded promptly, and all training should be documented accordingly in compliance with applicable law.
Effective compliance programs typically address how an organization manages relationships with vendors, consultants, marketers, and sales representatives. In particular, arrangements involving compensation tied to referrals, patient volume, or revenue may raise legal concerns under the federal Anti-Kickback Statute and similar state laws. Reviewing contracts and fee structures is a common feature of strong compliance oversight in healthcare settings.
A good program includes routine checks on your own billing, documentation, and referral tracking. Audit logs and records of internal remediation efforts show that your organization doesn’t just react to problems—it works to prevent them.
Effective compliance programs include procedures for reporting concerns, investigating potential misconduct, and addressing violations of policy. Consistent application of disciplinary actions and documentation of investigations are common practices used to demonstrate accountability and reinforce a culture of compliance.
Federal guidance strongly encourages healthcare providers to review and update compliance policies and training materials at least annually. This includes assessing whether changes in services, staff, or third-party relationships require revised safeguards.
Alongside federal initiatives, Texas is increasing state-level oversight of healthcare practices. The 2025 legislative session resulted in a number of new healthcare-related laws, many of which take effect on September 1, 2025. While this post focuses on compliance programs, it is important to recognize the broader regulatory context.
The Texas Medical Board has introduced updates to physician delegation protocols, impacting practices that involve nurse practitioners, physician assistants, or RNs—especially in outpatient and wellness clinic settings. Additional regulations affecting non-compete enforceability, and protections for medical judgment in reproductive healthcare are also now in play. These issues will be covered in separate blogs, but their existence reinforces a central point: the compliance landscape is evolving quickly.
Failure to implement a meaningful compliance program can have serious consequences. Investigations may begin with a whistleblower complaint, billing audit, an improper arrangement disclosure—or increasingly, a random audit. The current enforcement climate makes it clear: regulators are no longer waiting for a red flag to initiate scrutiny.
Without evidence of a working compliance system, organizations may be seen as willfully negligent—a factor the DOJ and OIG explicitly consider when assessing penalties and settlements.
But the risks extend beyond enforcement. In an increasingly competitive market, having a sound compliance program isn’t just about avoiding fines—it’s also about protecting the long-term value of your business.
For example, healthcare businesses preparing for a sale or investment often find that compliance issues surface during due diligence. Problems that could have been corrected early on may jeopardize a transaction or require costly remediation. Buyers may walk away—or insist on restrictive measures such as Corporate Integrity Agreements (CIAs), shifting leverage and lowering the sale price.
With public awareness of fraud and abuse on the rise, transparency and accountability are becoming strategic assets. A well-designed compliance program reduces legal exposure and positions your organization to build trust and grow with confidence.
Now is a critical time for healthcare providers and organizations to reexamine their compliance foundation. That doesn’t mean building out a full corporate compliance department—but it does mean having a structure that reflects your business, risk profile, and evolving regulatory expectations.
Start by asking:
You don’t need to answer all these questions at once—but you do need to start somewhere. Even small steps now can build a stronger, more credible posture if your organization is ever subject to review.
Whether you operate a post-acute care home health agency, hospice or long term care facility, DME company, medical group, or wellness clinic, should reflect how your business actually operates—not a generic checklist pulled from the internet. Effective programs are scalable, practical, and built to evolve alongside your services.
At Peters Law, we help Texas healthcare providers implement smart, sustainable compliance strategies. Our goal is not just to check the boxes—but to support long-term growth with confidence and legal clarity.
If you’re unsure whether your current compliance approach meets today’s standards—or if you’ve never formalized one at all—we’re here to help. Let’s build something that works for your reality.
May 12 DOJ White Collar Enforcement Strategy
June 10 Remarks by DOJ Criminal Division
This blog is for informational purposes only and does not constitute legal advice or create an attorney-client relationship.
This blog is for informational purposes only and does not constitute legal advice or create an attorney-client relationship.