• Contact
  • 888-54-FIRST
  • Client Login
    • Client Portal
    • Online Store
Search
First Healthcare Compliance
  • Solutions
    • Compliance Management Software
    • Online Compliance Courses
    • Compliance Management Suite
  • Plans
  • Resources
    • Blog
    • Virtual Education Hub
    • 1st Talk Compliance Podcast
    • Connect Magazine
    • Compliance Posters
    • Healthcare Compliance Books
    • Newsletter Signup
  • News & Events
    • Press Releases
  • Our Team
  • Request Demo
  • Menu Menu
  • Shopping Cart Shopping Cart
    0Shopping Cart

Blog

CMS Updates: Compliance Program Training Requirements for FDRs

CMS Updates Compliance Program Training Requirements for FDRs

October 11, 2018/in Blog, CMS

Healthcare Compliance - Medicare

Establishing and maintaining a well-designed compliance program is key to preventing, detecting, and mitigating noncompliance. The seven elements of an effective compliance program outlined in the Federal Sentencing Guidelines, adopted by the Office of Inspector General (OIG),  sets the framework but there are additional requirements that need to be integrated into the compliance program in order to be effective. CMS requires Medicare Advantage Plan (Part C) sponsors and Medicare Prescription Drug Plan (Part D) sponsors to follow certain compliance program requirements as part of their contract. Moreover, plan sponsors are responsible for ensuring First Tier, Downstream and Related Entities (FDR) also comply with these program requirements. As a result of the FDR relationship, many healthcare providers must submit attestations and/or certifications of compliance to their third-party payors as evidence of their compliance efforts. Understanding where these requirements originate will enable healthcare providers to customize an efficient in-house compliance program that meets all needs.

FDR Defined

First Tier Entity – A party that enters into a written arrangement with a Medicare Advantage Organization or Part D plan sponsor or applicant to provide administrative services or health care services to a Medicare-eligible individual.

Downstream Entity – A party that enters into a written arrangement with a First Tier entity for the provision of administrative services or health care services to a Medicare eligible individual.

Related Entity – An entity that is related to a Medicare Advantage Organization or Part D sponsor by common ownership or control and 1) performs management functions under contract or delegation, 2) furnishes services to Medicare enrollees under an oral or written agreement, or 3) leases real property or sells materials to the Medicare Advantage Organization or Part D plan sponsor at a cost of more than $2,500 during a contract period.

See 42 CFR §§ 422.500 and 423.501.

FDR Compliance Requirements

CMS outlines the Medicare program requirements in Chapter 21 of the Medicare Managed Care Manual and Chapter 9 of the Prescription Drug Benefit Manual. The main requirements third party payors pass on to healthcare providers include the following:

  • Distribute written compliance policies and procedures to workforce
  • Distribute code of conduct to workforce
  • Provide workforce with CMS General Compliance Training and Fraud, Waste, and Abuse Training within 90 days of initial hire and annually thereafter
  • Maintain system to receive, respond to and track questions or reports of suspected or detected noncompliance or potential fraud, waste and/or abuse.
  • Conduct exclusion screening on employees and vendors at hire and on a monthly basis
  • Identify offshore functions
  • Retain documentation of all compliance/training efforts

Upcoming Changes

CMS recently issued a Final Rule  that reduces compliance training requirements for FDRs. Beginning January 1, 2019, Part C and D plan sponsors will no longer need to ensure FDRs are completing CMS General Compliance Training and Fraud, Waste, and Abuse Training.

This change arises from providers being subjected to multiple plan sponsors training program requirements, creating administrative burden and inefficiencies in the compliance program training and education element. According to CMS “[plan sponsor] compliance programs are very well established and have grown more sophisticated since their inception,” allowing them to remove this requirement.

With this change, plan sponsors will still be required to develop an effective oversight structure for their FDRs and must still continue to monitor and audit FDRs. CMS will confirm compliance efforts by conducting audits of plan sponsors. Therefore, whether FDRs will be completely relieved of these training requirements or whether providers will be subject to modified training requirements as part of the plan sponsor contract will be determined by each plan sponsor.

Screenshot of Secure Compliance System

Compliance Program Management

In order to meet federal requirements along with payor requirements, it is essential for providers to have a comprehensive compliance program. Without this the risk of breach of payor contracts and moreover government investigations and civil and criminal fines increases.

Incorporating appropriate software tools into your compliance strategy will help streamline processes and serve as your first line of defense against these significant risks areas.  First Healthcare Compliance’s cloud-based software offers solutions to fit your organization. Contact us today for a quick demonstration of our compliance management software solution.

Share this
  • Share on Facebook
  • Share on X
  • Share on LinkedIn
  • Share on Reddit
  • Share by Mail
https://1sthcc.com/wp-content/uploads/2018/10/FeaturedImage.jpg 500 800 Catherine Short https://1sthcc.com/wp-content/uploads/2022/10/1sthcc-logo-1024x378.jpg Catherine Short2018-10-11 12:00:562025-04-15 12:53:41CMS Updates Compliance Program Training Requirements for FDRs

Subscribe to Weekly eNewsletter

Get the latest healthcare compliance updates straight to your inbox.

Subscribe to Newsletter

Recent Posts

  • Navigating the HIPAA Security Landscape: A Comprehensive Guide to Security Risk Assessments
  • OSHA Recordkeeping in Healthcare: Answers to Frequently Asked Questions
  • Naughty or Nice? The Rules of Giving and Receiving in Healthcare
  • fraud waste abuse healthcare compliance
    FWA in Healthcare: How to Respond Appropriately to Detected Offenses
  • Infographic: 6 Areas of Potential Liability for Healthcare Providers
    6 Areas of Potential Liability for Healthcare Providers
  • 5 Benefits of Automating Incident Reporting in Healthcare

 

First Healthcare Compliance is a division of Panacea Healthcare Solutions. Learn more

Subscribe

Get the latest healthcare compliance updates straight to your inbox.

Subscribe to Newsletter

Connect

Get started: Request Demo

Call: 1-888-54-FIRST

E-mail: Contact us

  • Link to Instagram
  • Link to Youtube
  • Link to Facebook
  • Link to LinkedIn
  • Link to X
© Copyright 2026 Panacea Healthcare Solutions, LLC | Disclaimer | Privacy Policy and Copyright Notice
Scroll to top Scroll to top Scroll to top

We and our third-party partners use cookies to improve and personalize your experience on the site and with our services in addition to delivering and reporting on ads. Please visit our Privacy Statement for more information. By continuing to browse the site, you are agreeing to our use of cookies. Read Privacy Statement.

OKDismiss

Cookie and Privacy Settings



How we use cookies

We may request cookies to be set on your device. We use cookies to let us know when you visit our websites, how you interact with us, to enrich your user experience, and to customize your relationship with our website.

Click on the different category headings to find out more. You can also change some of your preferences. Note that blocking some types of cookies may impact your experience on our websites and the services we are able to offer.

Essential Website Cookies

These cookies are strictly necessary to provide you with services available through our website and to use some of its features.

Because these cookies are strictly necessary to deliver the website, refusing them will have impact how our site functions. You always can block or delete cookies by changing your browser settings and force blocking all cookies on this website. But this will always prompt you to accept/refuse cookies when revisiting our site.

We fully respect if you want to refuse cookies but to avoid asking you again and again kindly allow us to store a cookie for that. You are free to opt out any time or opt in for other cookies to get a better experience. If you refuse cookies we will remove all set cookies in our domain.

We provide you with a list of stored cookies on your computer in our domain so you can check what we stored. Due to security reasons we are not able to show or modify cookies from other domains. You can check these in your browser security settings.

Other external services

We also use different external services like Google Webfonts, Google Maps, and external Video providers. Since these providers may collect personal data like your IP address we allow you to block them here. Please be aware that this might heavily reduce the functionality and appearance of our site. Changes will take effect once you reload the page.

Google Webfont Settings:

Google Map Settings:

Google reCaptcha Settings:

Vimeo and Youtube video embeds:

Privacy Policy

You can read about our cookies and privacy settings in detail on our Privacy Policy Page.

Privacy Policy and Copyright Notice
Accept settingsHide notification only