Skip to Main Content
Services Talent Knowledge
Site Search


Our attorneys stay on top of changes in legislation, agency regulations, case law, and industry trends—then craft timely legal alerts to keep clients up to date on legal developments important to their business.

December 3, 2018

OMIG Releases 2018 SSL Certification Process Webinar

'Tis the season for compliance! Each December, Medicaid providers meeting certain requirements must certify their compliance program has been adopted, been implemented, and meets the requirements of NYS Social Services Law § 363-d and 18 NYCRR Part 521. Providers required to certify compliance must electronically complete the SSL certification form on the NYS Office of the Medicaid Inspector General's (OMIG) website. The certification form was uploaded on December 3, 2018, and must be completed by December 31, 2018. Providers that fail to do so face steep penalties, such as sanctions and exclusion from the Medicaid program, among others.

In preparation for the upcoming annual certification period, the OMIG released a webinar entitled "OMIG's Certification Process." The webinar provides information on updates to the compliance program certification form, a step-by-step navigation guide, and helpful tips and considerations for completion.

After a brief discussion of the annual compliance-certification process, the webinar presents a detailed overview of the certification form. First, providers are reminded that all provider IDs subject to the compliance program obligation must be used when completing the form. The OMIG provides a few tips prior to filling out the form and suggests conducting a self-assessment of your agency's compliance program to determine whether statutory requirements are met as well as identifying the certifying official.

When completing the certification form, the certifying official must choose one category from the five available categories:

  1. Annual certification
  2. Enrolling provider certification
  3. Revalidating provider certification
  4. Certification after corrective insufficiencies identified in a compliance program review
  5. Certification after receiving notice of regulatory action for failing to complete your annual certification

The webinar points out that certification form instructions are the same for all categories except for the enrolling provider certification option. When completing the form for this option, the federal employer identification number (FEIN) and national provider identifier (NPI) fields are required as the provider will not yet have a provider ID. For all other options, the provider ID must be included in the application, and each provider ID must have a provider name associated with it.

The certification form allows multiple provider IDs to be certified using one form so long as the five listed conditions are met:

  1. The same compliance program applies to all provider IDs listed.
  2. The certification category chosen is the same for all provider IDs listed.
  3. The compliance officer is the same for all provider IDs listed.
  4. The certifying official is the same for all provider IDs listed.
  5. All provider IDs reported on the certification form have the same FEIN.

The webinar points out the fifth condition's importance, noting that multiple FEINs cannot be used on a single form to certify multiple providers.

The webinar also provides tips for the certifying official completing the compliance form and indicates that the certifying official and compliance officer may not be the same person and that the form requires both individuals to be identified. Certifying officials are encouraged to carefully read the certification statements as false statements may subject both the certifying official and the provider to prosecution for a misdemeanor or felony. Finally, providers are reminded that the certification remains in effect until the next certification period in December 2019.

A confirmation page is available upon the form's submission, and certifying officials are encouraged to print and save the form for their records. However, if the certifying official fails to print or save the confirmation page, and it is needed in the future, a copy of the page can be requested by contacting the OMIG at Upon request, a copy will be issued to the compliance officer or certifying official listed on the record. The compliance officer and certifying official will both receive confirmation emails after submission, and it is recommended to save the email for your records.

Providers are reminded that a separate certification form is required for those Medicaid providers subject to the federal Deficit Reduction Act of 2005 (DRA). They are also encouraged to ensure all firewalls and filters will allow access to all portions of the form before attempting to complete it.

Along with the certification form, a frequently asked questions (FAQs) section for both SSL and DRA form requirements was uploaded on December 3. These forms, along with additional compliance information, are available here. Additionally, any questions on either form can be directed to the OMIG at 518.408.0401 or The certification process webinar can be viewed here.

As a reminder, NYS providers answering "yes" to any of the following questions are required to have a compliance program:

  1. Is your organization subject to Article 28 or Article 36 of the NYS Public Health Law?
  2. Is your organization subject to Article 16 or Article 31 of the NYS Mental Hygiene Law?
  3. Does your organization claim or order or it can reasonably be expected to claim or order at least $500,000 in Medicaid services or supplies in any consecutive 12-month period?
  4. Does your organization directly or indirectly (e.g., payments from managed care organizations for beneficiaries enrolled in Medicaid managed care plans) receive Medicaid payments or it can be reasonably expected to receive payments of at least $500,000 in any consecutive 12-month period?
  5. Does your organization submit at least $500,000 in Medicaid claims on behalf of another person(s) in any consecutive 12-month period?

If you have any questions regarding the content of this alert, please contact Dena DeFazio, law clerk, at or another member of the firm's Health Care & Human Services Practice Area.


Click here to sign up for alerts, blog posts, and firm news.

Featured Media


NYS Department of Health Publishes Amended Proposed Cybersecurity Regulations for Hospitals


FTC Noncompete Rule Survives—For Now


New York Trial Court Finds Uber Is Not Vicariously Liable for Driver's Negligence


ERISA Forfeiture Lawsuits: Navigating the Emerging Legal Landscape


EU Leads the Way on Artificial Intelligence Regulation


End of An Era: SCOTUS Overturns Chevron After 40 Years of Deference to Administrative Agencies

This site uses cookies to give you the best experience possible on our site and in some cases direct advertisements to you based upon your use of our site.

By clicking [I agree], you are agreeing to our use of cookies. For information on what cookies we use and how to manage our use of cookies, please visit our Privacy Statement.

I AgreeOpt-Out