This site uses cookies to provide you with a more responsive and personalized service. By using this site you agree to our use of cookies. Please read our cookie notice for more information on the cookies we use and how to delete or block them.

Bookmark Email Print this page

Four Actions You Can Still Take to Begin Sunshine Act Compliance

Reg Pulse

Center for Regulatory Strategies blog

August 1st has come and gone and the Physician Payment Sunshine Act (“Sunshine Act”) has now gone live. Have you started tracking payments and other “transfers of value” to physicians and teaching hospitals? If not, I have two words for you: Don’t panic.

As you know, the Sunshine Act was designed to provide the public with more information about the financial dealings that drug companies, medical device makers and medical supply companies have with physicians and teaching hospitals. The law has a lot of moving parts and compliance is without doubt, a complex undertaking. In fact, it will likely require at least several months of planning, coordination and investment across a wide range of areas, including data, governance, processes and policies and technology.

If you don’t have the appropriate infrastructure in place, you may need to implement a manual collection system to ensure you capture all the required elements. The data you collect for 2013 must be submitted to the Centers for Medicare and Medicaid Services (CMS) by March 31, 2014 – any deficiencies in reporting may lead to hefty fines and penalties as well as adverse impacts to your company’s brand and reputation. That’s why it’s crucial to get started as soon as possible.

Deloitte recently published a whitepaper that outlines four actions you can take right now to help with compliance:

  • Create a dedicated team: Establishing a team of stakeholders dedicated to Sunshine Act compliance is probably the most important step you can take. This group should be empowered to make decisions on key issues from data management to quality to technology investments. In addition, they will need to design a plan and structure for data collection, determine the tools and applications required for compliance and oversee progress.
  • Adjust policies: You might need to be modify existing policies to comply with the Sunshine Act. For example, your sales team might be engaging in promotional activities that complicate data collection and reporting. Reviewing your policies and making simple adjustments can help clear a path to smoother compliance.
  • Clean up your data: Bad data can make compliance a real headache. Review your vendor and customer data for duplicate, incomplete, or inaccurate information – and then clean it up. Different departments within your organization might maintain their own data, so consolidation is key. You can outsource this task, or build and maintain your own master data list.
  • Don’t forget the human element: Although new automated systems can help you track, analyze and report the required data, they sometimes fall short in matching payments to recipients. You still need people to monitor and maintain quality control and verify that the information is both complete and accurate.

Although complying with the Sunshine Act might seem like a nuisance, in the long run it can give you greater insight into your business practices – helping your organization improve its operations, internal controls and overall effectiveness.

I’d like to hear from you about any challenges you have faced in complying with the Sunshine Act. What opportunities do you foresee? Please take a moment to share your thoughts regarding this issue.

Seth Whitelaw
Deloitte & Touche LLP


As used in this document, "Deloitte" means Deloitte LLP and its subsidiaries. Please see for a detailed description of the legal structure of Deloitte LLP and its subsidiaries. Certain services may not be available to attest clients under the rules and regulations of public accounting.

Share this page

Email this Send to LinkedIn Send to Facebook Tweet this More sharing options

Stay connected