NOTE: All in-article links open in a new tab.

The OIGs GCPG and ICPGs, Oh My!

Published on 

Wednesday, November 15, 2023

 | OIG 

Did You Know?

On November 6, 2023, the Office of Inspector General (OIG) released General Compliance Program Guidance (GCPG).

Per the OIG’s announcement, “the GCPG is a reference guide for the health care compliance community and other health care stakeholders. The GCPG provides information about relevant Federal laws, compliance program infrastructure, OIG resources, and other items useful for understanding health care compliance. The GCPG is voluntary guidance that discusses general compliance risks and compliance programs. The GCPG is not binding on any individual or entity.”

You can download the complete guidance or  individual sections.

Why it Matters?

The OIG first published compliance program guidance documents (CPGs) in 1998. Historically, guidance has been published in the Federal Register. However, moving forward, updates or new guidance will no longer be published in the Federal Register.


The GCPG guidance applies to all individuals and entities involved in the health care industry and addresses:

  • Key Federal authorities for entities engaged in health care business.
  • The seven elements of a compliance program,
  • Adaptations for small and large entities, other compliance,
  • Other compliance considerations, and
  • OIG processes and resources.


Moving forward, the OIG anticipates updating the GCPG as changes in compliance practices or legal requirements may warrant.



Starting in 2024, the OIG will begin publishing industry specific CPGs (ICPGs) that “will be tailored to fraud and abuse risk areas for each industry subsector and will address compliance measures that the industry subsector participants can take to reduce these risks. ICPGs are intended to be updated periodically to address newly identified risk areas and compliance measures and to ensure timely and meaningful guidance from the OIG.”

Moving Forward

Ultimately, the goal of both guidance documents (GCPG and ICPGs) “has been, and will continue to be, to set forth voluntary compliance guidelines and tips and to identify some risk areas that OIG believes individuals and entities engaged in the health care industry should consider when developing and implementing a new compliance program or evaluating and updating an existing one.”

I encourage you to take the time to read this latest guidance, pay close attention to the information in the blue boxes and tips throughout this document. For example, in the “Auditing and Monitoring” section of this document an OIG tip reminds providers that “Medicare requires, as a condition of payment, that items and services be medically reasonable and necessary. Therefore, entities should ensure that any claims reviews and audits include a review of the medical necessity of the item or service by an appropriately credentialed clinician. Entities that do not include clinical review of medical necessity in their claims audits may fail to identify important compliance concerns relating to medical necessity.”

Finally, if you are not already signed up for the OIG newsletter, I encourage you to do so. You can sign up on the website by scrolling to the bottom of page and clicking “Subscribe to Our Newsletter.”  

Article Author: Beth Cobb, RN, BSN, ACM, CCDS
Beth Cobb, RN, BSN, ACM, CCDS, is the Manager of Clinical Analytics at Medical Management Plus, Inc. Beth has over twenty-five years of experience in healthcare including eleven years in Case Management at a large multi-facility health system. In her current position, Beth is a principle writer for MMP’s Wednesday@One weekly e-newsletter, an active member of our HIPAA Compliance Committee, MMP’s Education Department Program Director and co-developer of MMP’s proprietary Compliance Protection Assessment Tool.

This material was compiled to share information.  MMP, Inc. is not offering legal advice. Every reasonable effort has been taken to ensure the information is accurate and useful.