21-07-2025
Why Healthcare CEOs Should Rethink Their Compliance Strategies
Jesse Corn, CPO Zivian Health, is a digital health executive and health tech founder with over 14 years of experience in digital solutions.
For some healthcare companies, compliance is regarded as a box to check. It's an essential but uninspiring function typically relegated to legal teams and manuals. But as care delivery becomes more decentralized, digitally enabled and geographically expansive, that perception can become increasingly risky.
In today's healthcare environment, I believe compliance shouldn't be treated as a passive shield against liability. Instead, it can act as a dynamic driver of operational excellence, strategic growth and workforce sustainability.
Our company's journey started with a dedicated effort to address healthcare compliance, and my core focus as CEO has evolved to center on not only strengthening and automating compliance strategy but also contributing to a more holistic healthcare environment. In my experience, an effective approach to compliance can allow healthcare companies to streamline operations, create the foundation for safe growth and activate high-quality healthcare delivery for more patients.
The Importance Of Operational Compliance
In the news, major compliance issues are often viewed through the lens of isolated incidents: privacy breaches, fraud investigations or malpractice claims. But in the modern care environment, compliance is deeply entwined with day-to-day operations.
A great example is the healthcare system's growing reliance (subscription required) on advanced practice providers (APPs), such as nurse practitioners and physician assistants. APPs often practice across multiple states under the supervision of collaborating physicians. Ensuring that each relationship adheres to state-specific regulations—on everything from the number of allowable supervisees to the meeting and chart review requirements—can be a full-time operational challenge.
Likewise, many of today's healthcare organizations operate across multiple jurisdictions. Whether you're a telehealth company, a hybrid care platform or an expanding digital clinic, you're likely practicing across multiple, and often highly restrictive, states—each with its own quirks, documentation requirements and enforcement posture. A new rule in Texas, a revised filing requirement in New York, a collaboration limit in Georgia—any of these can derail a clinical program or trigger audit exposure if overlooked.
In this environment, compliance is not a static legal construct. It is a living operational necessity that touches clinical workflows, staffing, credentialing and quality assurance. Recognizing this is important to protecting our healthcare organizations from both regulatory action and operational disorder.
The Hidden Cost Of Inattention
Noncompliance doesn't always announce itself with a lawsuit or public enforcement action. In my experience, it more often erodes performance in subtle ways. It may look like missed payer opportunities because your clinical structure doesn't meet credentialing requirements, or delays with onboarding clinicians due to opaque filing requirements, or mounting administrative burdens on care teams who spend hours documenting tasks instead of seeing patients.
It can also show up in burnout. I've found that when clinicians don't feel supported in understanding and meeting their compliance obligations, more tend to disengage. When operations teams are forced to rely on spreadsheets and email chains to track regulatory tasks, it can lead to more errors and less trust, efficiency and growth.
Solutions Designed For Reality
In my experience, taking control of compliance in today's healthcare environment starts with recognizing the need to move beyond spreadsheets, static PDFs and one-off legal memos. Instead, I recommend embracing a systems-level approach that integrates regulatory awareness, real-time workflows and accountability.
In my experience working with healthcare organizations on their compliance, the best solutions are multi-pronged. Here are a series of strategies to consider:
Take a full inventory of where your organization may be exposed. This includes clinical collaboration requirements, provider licensing status, credentialing and payer enrollment, HIPAA and data privacy, continuing medical education (CME) tracking, clinical documentation and quality assurance protocols. Identify who 'owns' each function and how current your tracking processes are.
Fragmented compliance data can lead to blind spots, so create a single source of truth. That might be a compliance platform, a credentialing system or an internal dashboard. But equally important is decentralizing awareness by making sure teammates have real-time visibility into their areas of responsibility.
Many of today's compliance platforms go beyond basic document storage. Look for ones that offer features like automated licensing alerts, structured workflows for clinical supervision, dashboards for compliance requirements, electronic health record (EHR) integration and audit log generation.
Clinicians are often the first to feel overwhelmed by poorly designed processes. Seek their feedback to ensure your solutions are intuitive for end-users. A system that makes compliance burdensome is much more likely to be ignored.
State laws change frequently. To keep pace, I recommend subscribing to policy trackers; partnering with legal advisors who specialize in Corporate Practice of Medicine (CPOM) and collaboration rules; and building change monitoring into your review processes. Ideally, your systems should surface legal changes early and translate them into action.
Compliance can be a measurable function. Track your on-time compliance requirements, license verification turnarounds, training participation and documentation quality. In my experience, this can help with creating clarity and concrete goals.
Compliance As Culture
Ultimately, I believe the most important move CEOs can make is to establish compliance as a culture within their organization. This essentially means creating systems that make it easy for your employees to do things the right way. This can look like replacing manual processes with systems that surface risk early, automating complexity and creating shared accountability across clinical, legal and operational teams.
The stakes are too high to treat compliance as an afterthought, so consider how you can reevaluate and improve your compliance strategy today. I believe those who make this move earlier will be the ones best positioned to thrive in healthcare's next chapter.
Forbes Business Council is the foremost growth and networking organization for business owners and leaders. Do I qualify?
