340B Program Compliance Policy

340B PROGRAM COMPLIANCE POLICY

I. PURPOSE

This policy establishes institutional compliance standards for participation in the 340B Drug Pricing Program ("Program"), administered by the Health Resources and Services Administration (HRSA) under 42 U.S.C. § 256b. The policy ensures this entity maintains eligible covered entity status, prevents drug diversion, eliminates duplicate discounts, and adheres to all regulatory requirements governing the purchase and distribution of 340B-discounted drugs.

II. SCOPE AND ELIGIBILITY

A. Covered Entity Status

This policy applies to all personnel involved in the 340B Program, including procurement, pharmacy, contract pharmacy arrangements, patient services, compliance, and executive leadership.

Eligibility categories include:

• ☐ Disproportionate Share Hospital (DSH)
• ☐ Freestanding Cancer Hospital
• ☐ Children's Hospital
• ☐ Rural Referral Center
• ☐ Critical Access Hospital
• ☐ Federally Qualified Health Center (FQHC)
• ☐ Medicaid-dependent hospital (reduced Medicaid patient revenue)
• ☐ Sole community hospital
• ☐ Other federally eligible facility (specify): ________________

Enrolled Entity: [ENTITY NAME], HRSA 340B Program ID: [__________________]

B. Program Participation Verification

The entity shall maintain current enrollment status and immediately notify HRSA and internal compliance if eligibility changes due to:

• Loss of DSH status or DRA reduction threshold
• Change in organizational structure or ownership
• Involuntary disenrollment
• Termination of hospital accreditation

III. DEFINITIONS

Covered Entity: An entity eligible under 42 U.S.C. § 256b to purchase 340B-discounted drugs.

Diversion: Unauthorized distribution, resale, or use of 340B drugs outside the program's intended patient population or approved channels.

Duplicate Discount: Receipt of both the 340B discount and Medicaid rebate on the same drug, prohibited under the Medicaid Carve-Out Provision.

Patient: An individual for whom the covered entity provides care (inpatient or outpatient) and whose care is documented in the entity's records.

Contract Pharmacy: An independent pharmacy or chain pharmacy authorized to dispense 340B drugs on behalf of the covered entity.

Drug Manufacturer Ceiling Price: The maximum price at which a 340B drug may be purchased under the program.

GPO (Group Purchasing Organization): Membership in a GPO typically prohibits DSH, freestanding cancer, and children's hospitals from 340B participation.

IV. PATIENT ELIGIBILITY AND DOCUMENTATION

A. Patient Definition

Only drugs dispensed to patients of the covered entity qualify for 340B pricing:

• Inpatient: Patient admitted for overnight hospital care
• Outpatient: Patient receiving ambulatory or emergency services at the facility
• Prescriptions for discharged patients must reflect continuation of care relationship

B. Documentation Standards

For each 340B drug purchase and dispensing:

☐ Patient name and unique identifier (MRN/account number)
☐ Date of service (admission date or visit date)
☐ Prescriber name and license number
☐ Specific drug, dose, quantity, and route of administration
☐ Diagnosis code documenting medical necessity
☐ Pharmacy records cross-referenced with patient medical records
☐ For contract pharmacy: written authorization from patient and covered entity

C. Medicaid and State Program Identification

☐ Verify patient Medicaid eligibility status at point of purchase or dispensing
☐ If patient is Medicaid-eligible, drug must be excluded from 340B purchase (apply duplicate discount prohibition)
☐ Maintain CCLF (Covered Outpatient Drug) file reconciliation
☐ Document exclusions and rationale in compliance records

V. DIVERSION PREVENTION PROGRAM

A. Prohibited Activities

The entity strictly prohibits:

☐ Resale of 340B drugs to wholesalers, retailers, or other third parties outside authorized channels
☐ Sale of 340B drugs to unaffiliated entities or individuals
☐ Distribution of 340B drugs to individuals not receiving care from the covered entity
☐ Excessive stockpiling beyond patient care needs
☐ Use of 340B drugs for purposes unrelated to patient treatment
☐ Diversion through unauthorized contract pharmacy arrangements

B. Physical Security and Inventory Controls

☐ 340B drugs segregated from non-340B inventory and clearly labeled
☐ Restricted access to 340B storage areas; access logs maintained
☐ Inventory counts performed quarterly minimum; discrepancies investigated
☐ Expiration date monitoring; expired drugs returned to manufacturer per protocol
☐ Chain-of-custody documentation for all transfers between departments/locations
☐ Pharmacy dispensing system audits for unusual ordering or dispensing patterns

C. Pricing Integrity

☐ Verify manufacturer ceiling prices monthly via HRSA pricing files
☐ Prohibit purchase of 340B drugs at prices exceeding ceiling price
☐ Document ceiling price verification date and source
☐ Challenge pricing discrepancies with manufacturers immediately

VI. DUPLICATE DISCOUNT PREVENTION

A. Medicaid Carve-Out Compliance

Effective with claims on or after [IMPLEMENTATION DATE]:

☐ No 340B discount may be combined with Medicaid rebate on the same claim
☐ Identify all Medicaid-covered patients and Medicaid-eligible drugs
☐ At dispensing: exclude Medicaid-eligible beneficiaries from 340B dispensing or reimburse Medicaid rebate amount to state

B. CCLF File Reconciliation

☐ Monthly review of Medicaid CCLF report identifying 340B drugs claimed to Medicaid
☐ Cross-reference with entity's 340B purchase records
☐ Identify duplicate discount events (same patient, drug, date)
☐ Document remediation: refund Medicaid rebate or offset against next invoice
☐ Maintain evidence of corrective action

C. Other Discount Prevention

☐ Verify no patient received 340B drug through both covered entity and contract pharmacy on same date
☐ Prohibit 340B drugs from Federal Supply Schedule (FSS), VA networks, or other federal pricing
☐ Document separate accounting for covered entity patients vs. federal beneficiaries

VII. GPO PROHIBITION (DSH, FREESTANDING CANCER, CHILDREN'S HOSPITALS)

A. Applicability Determination

For covered entities that are:

• ☐ DSH hospital
• ☐ Freestanding cancer hospital
• ☐ Children's hospital

Confirmation of Non-GPO Status:

☐ Entity does not hold membership or participation agreement with any GPO
☐ Entity does not invoice any drugs through GPO contracts
☐ Pharmacy director attests annually to non-GPO status
☐ If accidental GPO invoice occurs, entity immediately repurchases at ceiling price and reimburses discount difference

B. Contract Terms

All drug supply contracts and purchase orders shall state:

"Supplier warrants that [ENTITY NAME] is not utilizing any GPO contracts or pricing for 340B drugs. Seller shall not include any GPO markup, administration fee, or rebate in pricing."

VIII. CONTRACT PHARMACY ARRANGEMENTS

A. Authorization and Agreements

☐ Written contract pharmacy agreement executed with each contract pharmacy
☐ Agreement includes:

• Entity's and pharmacy's 340B Program IDs
• Scope of dispensing authority (outpatient, discharge, emergency)
• Patient population authorized (e.g., discharged patients only)
• Record-keeping and audit rights
• Diversion prevention measures
• Termination clause (30-day notice)

B. Data Sharing and Reconciliation

☐ Contract pharmacy reports monthly: patient name, drug, quantity, date dispensed
☐ Entity verifies reported patients receive care at covered entity
☐ Random audits of contract pharmacy records (minimum quarterly)
☐ Comparison of contract pharmacy 340B purchase reports with entity's records
☐ Investigation of discrepancies >5% variance

C. Prohibited Contract Pharmacy Use

☐ No contract pharmacy arrangements for DSH/freestanding cancer/children's hospitals unless written HRSA guidance permits
☐ No discounted resale of drugs to contract pharmacy for retail customers
☐ Contract pharmacy shall not dispense to patients seeking over-the-counter or unrelated services

IX. RECORDS RETENTION AND AUDIT PREPARATION

A. Record Categories

Maintain minimum 5-year retention for:

☐ 340B Program enrollment and eligibility documentation
☐ Covered entity patient list and eligibility criteria applied
☐ Drug purchase orders and invoices from manufacturers/authorized distributors
☐ Proof of manufacturer ceiling price verification
☐ Patient medical records (admission/visit documentation)
☐ Pharmacy dispensing records (patient, drug, quantity, date)
☐ Contract pharmacy agreements and monthly reconciliation reports
☐ Medicaid CCLF reconciliation and duplicate discount remediation
☐ Inventory records, physical counts, and variance investigations
☐ Staff training documentation
☐ Self-audit reports and corrective action logs

B. Documentation Format

☐ Electronic records system with audit trails
☐ Manual records organized by patient and purchase date
☐ Cross-indexed access: patient name, MRN, drug name, 340B purchase date
☐ Backup copies secured off-site

C. Audit Readiness

Upon HRSA notification of audit:

☐ Designate compliance coordinator as HRSA liaison
☐ Compile requested records within 30 days
☐ Identify responsible personnel for depositions or interviews
☐ Preserve all electronically stored information (ESI)
☐ Notify legal counsel and insurance carrier

X. SELF-AUDIT AND CORRECTIVE ACTION

A. Annual Self-Audit Requirement

☐ Conduct internal audit minimum annually, or per HRSA notice
☐ Audit scope:

• Diversion: sample 50+ 340B transactions; verify patient status
• Duplicate discount: reconcile Medicaid CCLF; identify claims with both discount and rebate
• Pricing: verify 3+ month sample of invoices against ceiling prices
• GPO (if applicable): confirm non-use
• Contract pharmacies: verify patient eligibility and records

B. Audit Methodology

☐ Select random sample of 340B purchases from [START DATE] to [END DATE]
☐ Verify patient care documentation (admission/encounter records)
☐ Cross-reference dispensing records with patient medical records
☐ Estimate population error rate and project total liability
☐ Document audit scope, findings, and error rates
☐ Report to compliance committee and CEO

C. Corrective Action Plan

If self-audit identifies non-compliance:

☐ Quantify total unlawful benefit or diverted drugs (dollars or units)
☐ Document root cause (e.g., policy gap, training failure, system malfunction)
☐ Implement remediation: policy revision, staff training, system change
☐ Reimburse manufacturer or establish repayment schedule per HRSA guidance
☐ Notify legal counsel regarding voluntary disclosure considerations
☐ Report corrective action to Board/Executive Committee
☐ Timeline for completion: [_______] days

D. Documentation

Maintain self-audit reports, working papers, findings, and corrective action logs for 5 years.

XI. STAFF TRAINING AND COMPETENCY

A. Training Requirements

All personnel handling 340B drugs shall complete training covering:

Content:

• ☐ 340B Program eligibility and covered entity status
• ☐ Patient definition and documentation requirements
• ☐ Diversion prevention and prohibited activities
• ☐ Duplicate discount and Medicaid carve-out compliance
• ☐ Contract pharmacy authorization and oversight
• ☐ Record-keeping standards
• ☐ Self-audit and HRSA audit response
• ☐ Reporting of suspected violations

Personnel:

• ☐ Pharmacy staff (dispensing, inventory, ordering)
• ☐ Patient services and billing staff
• ☐ Case managers and discharge coordinators
• ☐ IT staff (systems, audit trails)
• ☐ Compliance officer
• ☐ Executive leadership (annual briefing)

B. Training Schedule

☐ New hire training: within 30 days of employment
☐ Annual refresher training: at least once per calendar year
☐ Targeted training: within 30 days of policy change or compliance issue
☐ Certification: staff member signs training acknowledgment and competency attestation

C. Documentation

☐ Training date, content, and attendee list
☐ Training materials and slides (date-stamped)
☐ Sign-in sheets and certificates of completion
☐ Records retained minimum 3 years

XII. HRSA AUDIT RESPONSE PROCEDURES

A. Notification Receipt

Upon receipt of HRSA audit notice:

☐ Immediately notify: Compliance Officer, Pharmacy Director, General Counsel, CFO, CEO
☐ Record audit notification date and HRSA contact information
☐ Preserve all ESI: backup databases, email, pharmacy systems
☐ Issue hold on destruction of any records related to 340B Program

B. Coordination

☐ Designate single point of contact (compliance coordinator) for HRSA communication
☐ Establish internal audit response team: pharmacy, compliance, legal, finance
☐ Communicate with legal counsel and, if advised, external auditors
☐ Prepare institutional calendar and personnel availability

C. Records Production

☐ Organize records by audit scope (diversion, duplicate discount, pricing, etc.)
☐ Provide electronic copies via secure file transfer within HRSA deadline
☐ Index all documents with bates numbering and brief description
☐ Obtain legal hold agreement from HRSA (privilege protection)

D. On-Site Audit

☐ Coordinate facility access, meeting space, and IT support
☐ Assign staff liaisons for interviews and system demonstrations
☐ Limit staff interviews to those with knowledge; counsel present if requested
☐ Document all HRSA inquiries and entity responses

E. Post-Audit

☐ Upon receiving draft audit report, review for factual accuracy
☐ Submit written response addressing findings and corrections
☐ Implement corrective action plan within agreed timeline
☐ Report compliance status updates to HRSA per settlement terms

XIII. GOVERNANCE AND ROLES

A. Compliance Officer

Duties:

• ☐ Oversee 340B Program compliance policy and procedures
• ☐ Coordinate annual self-audit and corrective action implementation
• ☐ Manage staff training and competency documentation
• ☐ Serve as primary HRSA liaison during audits
• ☐ Report compliance status to Board Compliance Committee quarterly
• ☐ Investigate suspected violations and document remediation

Qualifications: [SPECIFY EXPERIENCE/CERTIFICATION]

Reports to: Chief Compliance Officer or CEO

B. Pharmacy Director

Duties:

• ☐ Oversee 340B drug procurement, pricing verification, and inventory
• ☐ Implement diversion prevention controls and physical security
• ☐ Maintain patient documentation and dispensing records
• ☐ Authorize contract pharmacy agreements and monitor performance
• ☐ Provide quarterly compliance certifications to Compliance Officer
• ☐ Ensure staff training and competency

Reports to: Chief Medical Officer or VP Operations

C. Finance/Accounting

Duties:

• ☐ Reconcile 340B invoices with ceiling prices
• ☐ Process manufacturer rebates and reconciliation
• ☐ Maintain financial records for audit
• ☐ Support Medicaid CCLF reconciliation
• ☐ Document corrective payments or reimbursements

Reports to: Chief Financial Officer

D. Board Oversight

☐ Annual Board report on 340B Program compliance status, self-audit results, and corrective actions
☐ Notification of material violations or HRSA enforcement activity
☐ Approval of 340B Program enrollment renewal and contract pharmacy arrangements

XIV. VIOLATION REPORTING AND CORRECTIVE MEASURES

A. Internal Reporting

Any employee who discovers or suspects 340B Program non-compliance shall immediately report to:

• ☐ Compliance Officer: [PHONE] [EMAIL]
• ☐ Pharmacy Director: [PHONE] [EMAIL]
• ☐ Anonymous hotline (if available): [PHONE/URL]
• ☐ General Counsel: [PHONE] [EMAIL]

B. Investigation

Upon report:
☐ Compliance Officer initiates formal investigation within 5 business days
☐ Preserve evidence and interview relevant staff
☐ Determine scope, magnitude, and impact of violation
☐ Document investigation findings and corrective action
☐ No retaliation against reporting employee

C. External Reporting Consideration

If violation involves:

• ☐ Intentional diversion exceeding [$$DOLLAR THRESHOLD]
• ☐ Systemic duplicate discounting
• ☐ Refusal to remediate after self-audit

Legal counsel shall evaluate:

• Voluntary disclosure to HRSA and/or Department of Justice
• Qui tam False Claims Act implications
• Timing and scope of external reporting

XV. POLICY REVIEW AND UPDATES

☐ This policy shall be reviewed annually by Compliance Officer
☐ Updates required upon:

• Changes to 42 U.S.C. § 256b or 42 C.F.R. Part 10
• HRSA guidance or enforcement action
• Significant self-audit findings
• Material changes to organizational structure or 340B participation

☐ Updated policy distributed to all staff; training required within 30 days

ACKNOWLEDGMENT AND CERTIFICATION

I have read and understand this 340B Program Compliance Policy. I understand that failure to comply with this policy may result in disciplinary action, program termination, and legal liability.

REFERENCES AND SOURCES

• 42 U.S.C. § 256b — Limitation on Prices of Drugs Purchased by Covered Entities
• 42 C.F.R. Part 10 — 340B Drug Pricing Program
• HRSA Office of Pharmacy Affairs (https://hrsa.gov/opa)
• HRSA 340B Program Ceiling Price Files
• Federal Register Notices (340B Program guidance and updates)
• Medicaid Carve-Out Statute (Deficit Reduction Act of 2005)