Corrective Action Plan (CAP)
Corrective Action Plan
A documented plan describing steps to address identified compliance deficiencies, the owners, timelines, and monitoring.
1 min read · Last reviewed May 23, 2026
At a glance
- Category
- Compliance Program
- Acronym for
- Corrective Action Plan
- Primary sources
- 2
- Workspace handoff
- compliance binder →
Where this comes up
Compliance committees and practice managers operate at this level — written policy, workforce training, sanction policy, monitoring and auditing cadence, response and corrective action. The seven elements of an effective compliance program (OIG) are the scaffolding; this term lives somewhere on that scaffold.
Full definition
What it is in practice
OCR Resolution Agreements typically include a Corrective Action Plan with multi-year monitoring. Internal CAPs follow the same structure: gap identified, action, owner, deadline, follow-up audit.
How it shows up in your practice
Keep CAPs documented in the compliance program file. Track to completion and verify with follow-up audit.
Sources
- HHS-OIG — Compliance Program Guidance for Physician Practiceshttps://oig.hhs.gov/documents/compliance-guidance/812/physician.pdf
- HHS OCR — Audit Programhttps://www.hhs.gov/hipaa/for-professionals/compliance-enforcement/audit/index.html
Track CAPs in the Compliance Binder
Open compliance binder →Related terms
- Compliance ProgramInternal Audit (Compliance)Periodic internal reviews of billing, coding, documentation, and operations to identify and correct compliance issues.
- Compliance ProgramOIG Compliance ProgramVoluntary compliance program structure recommended by HHS-OIG for physician practices.
- Denials & AppealsAudit DefenseThe organized process of preparing for and responding to a payer or government audit.
D3rx is a healthcare-billing and compliance research aid maintained by D3rx Inc. Articles are drafted by an LLM (Anthropic Claude) against primary HHS, OCR, CMS, eCFR, NIST, and state-regulator publications, and reviewed for restraint and source fidelity by the D3rx team.
Reviewer status: a named credentialed reviewer (CHC, CHPC, or healthcare attorney) is being engaged. Until that engagement is finalized, this page does not claim credentialed review.
Related across the archive
- GlossaryInternal Audit (Compliance)Periodic internal reviews of billing, coding, documentation, and operations to identify and correct compliance issues.
- GlossaryOIG Compliance ProgramVoluntary compliance program structure recommended by HHS-OIG for physician practices.
- GlossaryAudit DefenseThe organized process of preparing for and responding to a payer or government audit.
- GlossaryCivil Monetary PenaltiesAdministrative penalties HHS-OIG may impose on healthcare providers for various violations including HIPAA breaches, kickbacks, and billing for excluded individuals.
- RegulationOCR HIPAA Audit Program (45 CFR 160.310)OCR's authority to conduct compliance audits of covered entities and business associates, and the recurring posture under the Audit Program established by HITECH.
- SRAWhat to Do If You Get an OCR Audit LetterA step-by-step response framework for a small practice that receives an OCR HIPAA audit or investigation letter, drawn from OCR's audit protocol and published Resolution Agreements.
- BillingWhat to Do When a Payer Says You're UnderbillingGot a letter saying you're underbilling? Here's what it actually means, whether you should worry, and what action to take.
- ComplianceAmbulatory Surgery Center Compliance: CMS + State + Infection Control42 CFR Part 416 Conditions for Coverage, CMS State Operations Manual Appendix L, the ASC Infection Control Surveyor Worksheet, and where state ASC licensure tightens the standard.
This glossary entry is a research aid for billing and compliance staff. It does not provide legal, medical, or financial advice and does not replace counsel. References cited link to primary sources at HHS, OCR, CMS, eCFR, NIST, and the relevant payer or industry body.