Health Care

Health Care Regulatory & Compliance

Navigating the many intricacies of regulation and compliance in the health care industry.

Meet the team

We assist clients with a wide range of health care and health insurance regulatory and compliance matters. We advise on licensure and scope of practice requirements, laws prohibiting the corporate practice of medicine (CPOM), Medicare and Medicaid participation for providers and health plans, change of ownership, HIPAA and privacy, security and breach notification laws as well as fraud and abuse laws. Our efforts are directed at identifying issues before they become the basis of a government investigation or sanction. If the need arises, we have extensive experience dealing with government investigations, audits and claims disputes.

Our regulatory experience includes:

  • Medicare/Medicaid provider and supplier certification
  • Provider Reimbursement Review Board representation
  • Provider licensure, disciplinary proceedings, registration, certification and survey requirements
  • Health insurer and MCO licensure, regulation and compliance; and benefit plan development
  • Medicare Advantage and managed Medicaid program participation requirements
  • Reimbursement, coverage, benefit and billing issues
  • Application of Medicare and Medicaid reimbursement guidelines to new and rapidly evolving areas of medical practice and technology
  • Utilization review/Professional Review Organization (PRO) matters and utilization risk management
  • State licensure and/or Medicare/Medicaid change of ownership
  • Joint Commission (formerly known as JCAHO) and other accreditation organizations’ survey, appeal and review requirements
  • State and federal emergency care services and Emergency Medical Treatment and Active Labor Act (EMTALA) requirements
  • National Practitioners Data Bank reporting requirements
  • 340b program
  • Registration, termination and enforcement actions involving controlled substance registrations with the Drug Enforcement Agency and Texas Department of Public Safety
  • Advice regarding potential diversion of controlled substances and required reporting


We assist health care providers, MCOs, insurers, health care providers, vendors and employers in complying with their obligations under the Health Insurance Portability and Accountability Act (HIPAA) as amended by the HITECT Act, and its implementing regulations as well as state laws that protect the privacy, confidentiality, security and transmission of sensitive medical and consumer information. We have extensive knowledge of the systems, software and security that dictate how electronic health and benefit information is coded, stored, retained and communicated. This knowledge is crucial in helping clients lawfully handle PHI and ePHI other sensitive information and avoid costly legal sanctions.

We assist clients with the following:

  • Privacy and security policies and procedures to ensure PHI and ePHI are kept private and secure
  • Business Associate agreements and confidentiality protections
  • Analysis of state privacy, security and breach notification laws
  • Internal training and educational programs for handling PHI and assistance in implementing compliance plans
  • Assisting sponsors of ERISA self-insured plans in amending plan documents for HIPAA compliance
  • Advising on potential compliance violations and responses, including potential identity theft and security breaches
  • Updating company documents to ensure compliance
  • Identifying and complying with evolving state laws governing privacy, confidentiality, security and breach notification requirements

Fraud & Abuse/Stark Law & Illegal Remuneration

We help health care clients structure contracts, joint ventures and other transactions to comply with Stark Law, state and federal fraud and abuse laws, and other related state and federal laws. We advise clients on sanctions, civil monetary penalties, false claims and qui tam matters.

Managed Care, Health Insurance and Intermediaries

Locke Lord has extensive experience advising health insurers and MCOs in various aspects of state insurance licensure and regulation, administration of self-funded group health plans, compliance with the Affordable Care Act, participation in the Medicare Advantage program and state managed Medicaid programs and the offering of medical and ancillary health benefits. We also are experienced in addressing the regulation of PPOs and other provider networks, TPAs, UR agents, discount programs, PBMs, risk-bearing intermediaries and other managed care entities and activities regulated by state departments of insurance or departments of health. We work with our clients from the planning for initial licensure through regulatory proceedings to approve a change of control or other material initiative during the life of the client. Further, we advise our health plan clients in structuring their provider, producer and vendor relationships and strategic “partnerships” in compliance with state and federal laws, including laws regulating the assumption of downside financial risk, marketing and fraud and abuse.


Locke Lord provides advice and assistance in structuring corporate compliance and ethics programs as well as ongoing monitoring and oversight to proactively assist health care clients in the prevention and detection of improper conduct. We also provide audit guidance, assistance in the development of policies and procedures, and conduct internal investigations and other measures to assist in the reduction of exposure to risk and enforcement challenges. Our attorneys also provide guidance and counsel on director and officer responsibilities and good governance practices for health care organizations and assist audit and compliance committees and independent directors in compliance reviews and internal and external investigations.

We provide counsel on the following types of matters:

  • Corporate compliance and ethics programs
  • Voluntary disclosures
  • Internal investigations and remedial actions
  • Response to enforcement inquiries and investigations
  • Compliance audits and checks
  • Development of policies and procedures
  • Assisting sponsors of ERISA self-insured health plans
  • Corporate structure and governance practices
  • U.S. sentencing guidelines