Close-up of a contract signing with hands over documents. Professional business interaction.
How to identify and manage regulatory risks when acquiring or merging healthcare entities

Regulatory Risk in Healthcare M&A

Serj Mooradian and Seyed Mirabedini, Mooradian Law PLLC  /  March 25, 2025

Part of our Healthcare Transactions Series

A well-structured deal can fall apart—or create serious financial exposure—if regulatory issues are overlooked. From hidden Medicare liabilities to illegal ownership structures, healthcare transactions carry unique regulatory risks that don’t exist in most other industries.

In this installment of our healthcare transactions series, we walk through seven critical regulatory issues buyers and sellers need to manage in any healthcare M&A deal. We’ll also share actionable tips for keeping your transaction compliant, efficient, and on track to close.

Fraud & Abuse Laws: Stark and Anti-Kickback Risks

The Stark Law and Anti-Kickback Statute (AKS) are two of the biggest landmines in healthcare transactions—particularly if the target entity employs physicians or receives federal reimbursement.

  • The Stark Law prohibits physician referrals for certain Medicare-covered services to entities they have a financial relationship with—unless a specific exception applies.
  • The AKS makes it illegal to pay or receive anything of value in exchange for referrals covered by federal programs.

Why this matters in M&A:

  • Deals involving compensation models, joint ventures, or post-closing management services agreements (MSAs) must comply with Stark and AKS rules.
  • Buyers may inherit liability for prior violations—intentional or not—and even minor compliance failures can result in civil penalties or False Claims Act exposure.

Tip: Ensure all physician arrangements are documented, fair market value, and commercially reasonable—and use deal counsel to confirm applicable exceptions or safe harbors.

Medicare/Medicaid Enrollment (CHOW Filings)

If your deal involves a provider enrolled in Medicare or Medicaid, it may trigger a Change of Ownership (CHOW) event under CMS rules—requiring regulatory filings that ensure reimbursement continues uninterrupted.

What you need to know:

  • Submit or update CMS-855 filings (and state equivalents) either pre-closing or shortly after.
  • CHOW status transfers billing privileges, provider numbers, and liabilities—including any open audits or overpayment issues.

What can go wrong: 

  • Missed filings can lead to reimbursement freezes or termination of the provider agreement.
  • Buyers can unknowingly assume successor liability for past billing misconduct—even if it happened years ago.

Tip: Include CHOW analysis in early diligence and confirm Medicare debts, open investigations, or prior payment holds.

Corporate Practice of Medicine (CPOM) & Fee-Splitting Laws

Many states—including California, Texas, New York, Illinois and Michigan—prohibit non-physicians from directly owning or controlling a medical practice.

This is where CPOM laws and fee-splitting prohibitions come into play. They can invalidate a deal if the ownership or revenue structure isn’t compliant.

Key issues:

  • Buyers (especially non-physician investors or MSOs) cannot own professional entities outright in CPOM states.
  • Profit-sharing or percentage-based MSAs may violate fee-splitting rules.

Common solution: Use a “friendly PC” structure, where a licensed provider owns the clinical entity and the MSO provides administrative support under a compliant management agreement.

HIPAA and Patient Data Privacy

Even during due diligence, HIPAA compliance is a live issue. Exchanging protected health information (PHI) without safeguards—or failing to plan for post-close privacy compliance—can lead to regulatory penalties.

How to stay compliant:

  • Share only “minimum necessary” PHI—preferably de-identified—during diligence.
  • After closing, update privacy policies, patient authorizations, EHR access controls, and business associate agreements.

Tip: Coordinate with your IT and compliance teams early so HIPAA doesn’t slow down integration—or leave you exposed post-close.

Federal Licensing & Certification Issues

Don’t assume licenses transfer automatically. Several critical certifications must be reviewed and addressed in a transaction:

  • DEA registration (for controlled substances): Often needs re-registration.
  • CLIA certification (for labs): Requires notice to CMS.
  • Medicare Conditions of Participation: Must be maintained or recertified to ensure continued accreditation and reimbursement.

Common mistakes: 

  • Letting CLIA or DEA registrations lapse can force service shutdowns.
  • Overlooking Conditions of Participation risks loss of Medicare eligibility.

Tip: Build a regulatory license checklist and assign specific responsibility for each item pre-close.

Antitrust Concerns in Healthcare Transactions

Even small or mid-sized deals can trigger federal or state antitrust review if they affect provider concentration in a local market.

What matters:

  • The FTC and DOJ are increasingly focused on healthcare consolidation—especially physician practice roll-ups, ASC affiliations, and vertical integration deals.
  • You don’t need to hit Hart-Scott-Rodino (HSR) thresholds to draw scrutiny.

Tip: If your deal reduces competition in a specialty or region, work with counsel to evaluate and document your pro-competitive justifications (e.g., improved access, enhanced quality, technology integration).

State Transaction Review Laws

In some states, the government wants a say in your deal—even before you close.

Currently in effect or expanding:

  • States including California, Illinois and New York require pre-closing notification or approval for certain healthcare transactions.
  • Michigan has not adopted a formal review law yet—but given regional trends, buyers should stay alert to evolving state legislation.

Tip: Even if your deal is small or “routine,” check for state-specific notice or approval obligations, particularly if the transaction affects ownership or control of licensed entities.

Closing Thoughts: Compliance Is a Strategic Advantage

In healthcare deals, compliance isn’t just legal hygiene—it’s a value driver. Buyers who identify regulatory risks early, structure around them smartly, and build in compliance from the start are more likely to close on time, avoid post-deal surprises, and scale successfully.

Coming Up Next:

In our next blog, we’ll shift focus to Michigan-specific regulatory issues

Need Support Structuring a Compliant Healthcare Deal?

At Mooradian Law, we help healthcare entrepreneurs navigate every stage of the transaction process—from early deal structuring through post-close compliance. Whether you’re buying, selling, or just exploring options, we’re here to help you move forward with confidence.

Email: info@mooradian.law 

Phone: (734) 219-4890