--- name: cpom-compliance title: Corporate Practice of Medicine Compliance description: Drafts Corporate Practice of Medicine (CPOM) compliance structure documents for healthcare entities. Covers compliant organizational models (PC/PA, MSO, friendly PC), MSA architecture, operational compliance checklists, and state-specific regulatory analysis. Use when structuring healthcare operations, reviewing CPOM compliance, drafting MSO/MSA arrangements, or advising on physician practice ownership in CPOM-restricted jurisdictions. author: CaseMark author_url: https://github.com/CaseMark/skills/tree/main/skills/legal/cpom-compliance license: Apache-2.0 version: 0.1.0 execution_mode: open jurisdiction: us practice: healthcare language: en --- # Corporate Practice of Medicine Compliance Drafts a regulatory compliance framework ensuring lawful separation of corporate ownership from medical practice under CPOM doctrine. ## Prerequisites Gather before drafting: 1. **Entity details** — structure, state(s) of operation, healthcare sectors (medical, dental, optometry, telemedicine, PT) 2. **Existing agreements** — MSA/MSO arrangements, physician employment contracts, governance documents 3. **Jurisdictional scope** — all states where entity operates or plans to expand 4. **Business model** — revenue structure, physician compensation methodology, admin service arrangements ## Document Structure ### 1. Introduction & Scope - Define CPOM doctrine and application to the entity - State jurisdictions covered - Identify violation consequences: license revocation, contract voidability, criminal prosecution, civil fines ### 2. State-Specific CPOM Analysis Produce a jurisdictional matrix covering: state, prohibition level (strict/moderate/permissive), key statute, exemptions, enforcement pattern. - Limit to entity's actual operational footprint — no generic 50-state surveys unless requested - Note sector-specific variations (telemedicine, dental, optometry, PT face different scrutiny) - Flag recent legislative changes - Mark uncertain citations with [VERIFY] ### 3. Compliant Organizational Structures Compare models: | Structure | Physician Control | Risk | Best For | |-----------|------------------|------|----------| | **PC/PA** | Full ownership + governance | Low | Single-state practices | | **MSO + PC** | PC controls all clinical decisions | Low-Med | Multi-state platforms | | **Friendly PC** | Nominal — high regulatory scrutiny | High | Avoid unless carefully structured | | **PPM** | Shared governance | Medium | Large physician groups | For each: governance requirements, operational boundaries, de facto control scrutiny factors, selection criteria. **Friendly PC warning**: Never present as low-risk. Always flag for heightened scrutiny. ### 4. Management Services Agreement (MSA) Architecture **MSO-permissible**: billing, collections, revenue cycle, non-physician HR, facility management, IT, marketing, financial reporting. **Reserved to physician entity (non-delegable)**: - Clinical decision-making and patient care protocols - Physician hiring, credentialing, supervision, termination - Fee-setting for medical services - Patient acceptance, treatment, referral, discharge - Quality standards and peer review **Required MSA provisions**: FMV compensation (no clinical-outcome incentives), physician exit rights, physician final authority on clinical matters, mutual CPOM compliance obligations, FMV documentation defensible under AKS/Stark, independent audit rights. ### 5. Operational Compliance Checklist Cover these control points with responsible party and frequency: - Physician hiring/credentialing — PC makes all final decisions - Clinical protocols — developed by physicians without MSO interference - Fee setting — PC independently determines charges - Patient care decisions — no MSO influence on acceptance, treatment, referral, discharge - Marketing — accurately represents physician-owned nature of practice - Board minutes — separate PC and MSO minutes documenting independent decision-making - Approval workflows — clear audit trail showing physician authority ### 6. Training, Monitoring & Enforcement - **Training**: physicians, admin staff, executives — governance responsibilities, authority boundaries, legal risks (onboarding + annual) - **Monitoring**: quarterly MSA audits, annual decision-making review, annual FMV assessment, anonymous reporting channel (whistleblower-protected) - **Enforcement escalation**: corrective action plan → structural modification → relationship termination ### 7. Risk Assessment & Mitigation Address: regulatory penalties, contract voidability, qui tam/FCA exposure, reputational harm, discovery of violations. Include self-disclosure decision framework: weigh severity, duration, patient harm, cooperation credit, jurisdiction-specific voluntary disclosure programs. ### 8. Conclusion & Authorization - Reaffirm ongoing compliance obligation with annual review - Review triggers: operational changes, new jurisdictions, legislative updates, enforcement actions - Signature blocks: business entity rep, physician entity leadership, legal counsel, effective date + next review ## Critical Checks - All citations must be verified for current validity; mark uncertain with [VERIFY] - Address federal overlay (AKS, Stark Law, OIG guidance) alongside state CPOM — never analyze CPOM in isolation - Friendly PC arrangements always flagged for heightened scrutiny - Structure document for dual audience: legal/regulatory reviewers and operational implementers - Reference OIG compliance program guidance and MGMA best practices where applicable