10 medical laws all doctors should know

By Naveed Saleh, MD, MS, for MDLinx
Published July 24, 2019

Key Takeaways

Most physicians aren’t lawyers. But, that doesn’t mean they need know nothing about the law. Here are 10 important healthcare laws every physician should review.


The Health Care Quality and Improvement Act of 1986 (HCQIA) arose from a decline in the quality of healthcare due to increasing medical malpractice. At the time, inept physicians were moving from state to state without disclosure of prior incompetent performances. The threat of monetary damages unreasonably discouraged physicians from effectively participating in professional peer review. HCQIA protects against monetary damages for physicians who take part in the peer review of potentially incompetent physicians. HCQIA also created a national practitioner data bank to track inept, incompetent, or unprofessional physicians, and enacted procedural rules for due process, privilege restrictions, and reporting and disbursement of information. 


The Children's Health Insurance Program (CHIP) is a partnership between federal and state governments that offers affordable health coverage for children in families that earn too much money to qualify for Medicaid. In some states, CHIP provides coverage to pregnant women, too. Every state offers CHIP coverage in close coordination with its state Medicaid program.

CHIP benefits vary by state; however, all states provide comprehensive coverage to children, including routine check-ups, immunizations, office visits, and prescriptions. Importantly, each state program has its own rules about who qualifies for CHIP.

Anti-Kickback Act

The Anti-Kickback Act of 1986 prohibits getting paid for referrals when federal healthcare programs like Medicare and Medicaid are involved. Referrals can be for drugs, supplies, or healthcare services, and payments can include cash, free rent, vacation, dining, or excessive pay for consultancy or medical directorships. Some exceptions, called “voluntary safe harbors,” have been legislated.

“As a physician, you are an attractive target for kickback schemes because you can be a source of referrals for fellow physicians or other healthcare providers and suppliers. You decide what drugs your patients use, which specialists they see, and what healthcare services and supplies they receive,” according to the HHS.

“Many people and companies want your patients’ business and would pay you to send that business their way. Just as it is illegal for you to take money from providers and suppliers in return for the referral of your Medicare and Medicaid patients, it is illegal for you to pay others to refer their Medicare and Medicaid patients to you.”


An element of the Affordable Care Act, the Hospital Readmissions Reduction Program (HRRP) is a Medicare value-based purchasing program that decreases payments to hospitals that readmit patients excessively. The goal of the program is to link payment with quality of hospital care.

CMS tracks readmissions statistics for six conditions/procedures:

  • Acute myocardial infarction
  • Coronary artery bypass graft surgery
  • Chronic obstructive pulmonary disease
  • Elective primary total hip arthroplasty and/or total knee arthroplasty
  • Heart failure
  • Pneumonia

CMS gives hospitals 30 days to review their HRRP data, submit questions about the results, and request corrections. After this, CMS will publicly report the hospital’s data on Hospital Compare.


The Patient Safety and Quality Improvement Act (PSQIA) of 2005 creates a voluntary reporting system designed to improve the data available to assess and resolve patient safety and health-care quality issues. To this end, PSQIA proffers federal privilege and confidentiality protections for patient safety information.

Under PSQIA, HHS can impose civil money penalties for violations of patient safety and confidentiality. PSQIA also authorizes the Agency for Healthcare Research and Quality to keep tabs on patient safety organizations, which are groups of external experts who collect and review patient safety data.


Hard to imagine a world without the Emergency Medical Treatment and Active Labor Act (EMTALA), which went into effect in 1986. This law guarantees emergency health care by requiring healthcare providers to deliver medical services regardless of the patient’s ability to pay. The law requires caregivers to stabilize the patient and provide treatment until a point that the patient remains stable, such as with injury or during child birth. If the care provider is unable or unwilling to provide such service, the provider must transfer the patient to a capable facility.

Stark Law

The Physician Self-Referral Law, or Stark Law, bars a physician from referring patients to receive Medicare or Medicaid services in which that physician has a financial interest. For instance, a physician referring a patient to a home health business that the physician owns is likely a violation of the Stark law. However, the law does allow a few exceptions. For instance, a group practice may be able to make referrals for in-office ancillary services, such as lab testing or radiology imaging, as long as the arrangement doesn’t pose a risk of financial abuse.


The federal government created the Genetic Information Nondiscrimination Act (GINA) to keep employers and insurance companies from discriminating against people based on their genetic testing—for example, a genetic test for sickle cell anemia, a disease that afflicts African-Americans. Employers are prohibited from using genetic information for making employment decisions such as hiring, firing, promotions, pay, and job assignments. Likewise, health insurers may not use genetic information to make eligibility, coverage, underwriting, or premium-setting decisions. Neither employers nor insurers can require applicants to undergo genetic testing before signing on.


The Health Information Technology for Economic and Clinical Health (HITECH) Act became law in 2009 to promote health information technology among healthcare providers. Part of the HITECH Act addresses the privacy and security of electronic transmission of health information. It also strengthens the civil and criminal enforcement of HIPAA rules. This law delineates four liability levels, with those violators at the lowest level allowed an opportunity to correct the offense.

False Claims Act

The False Claims Act was passed during the Civil War in response to fraud perpetrated by crooked contractors who were bilking the US military. Today, this statute is known for imposing liability on individuals and companies that defraud government programs such as Medicare and Medicaid. Typical violations of the law include upcoding for medical procedures and performing or ordering unnecessary procedures. A provision in the law facilitates whistleblowing (formally called a qui tam provision), which allows individuals to file actions on behalf of the government.

Share with emailShare to FacebookShare to LinkedInShare to Twitter