MedTrainer
Get in touch with us: Sales: (888) 337-0288
Support CenterMedTrainer LogIn
Get Started Today
Webinar | Connecting Credentialing, Compliance, and Enrollment in 2026

January 15, 2026 at 11 a.m. PT

Register Now
Close
  • Home
  • I Reviewed 100 Healthcare Policies — Here Are the Most Common Mistakes

I Reviewed 100 Healthcare Policies — Here Are the Most Common Mistakes

Brian Williams, MHA, MBA
Brian Williams, MHA, MBA

Every healthcare organization depends on its policies. Writing them is only half the work. Keeping them accurate, aligned, and effective is where the biggest challenge lies.

Throughout my career as a compliance professional, I have been responsible for creating and reviewing policies. The “litmus” test of these abilities occurred during accreditation surveys. The process always started with the surveyor reviewing the policies to ensure that applicable regulations and accreditation standards were addressed, followed by the “tour” of the facility.

As VP of Compliance at MedTrainer, part of my role in supporting customers includes reviewing their policies. When I helped to develop our policy template library and AI Policy Guardian, I wrote and reviewed hundreds of policies for hospitals, clinics, and practices — and saw the same core issues appear over and over. I realized that the most common healthcare policy mistakes are rarely dramatic. They’re small, routine oversights stemming from a fundamental disconnect between policy documentation and real-world execution. These add up over time and make policies harder to maintain or less effective in practice. 

To save you from hours and hours of policy inspection, I’ve consolidated my findings into six key insights designed to streamline your processes and ensure continuous compliance and audit readiness. Or, if you want the easiest path forward, get started with MedTrainer’s policy management system

Take Control of Healthcare Document & Policy Management

Take Control of Healthcare Document & Policy Management

Watch Now

Building a Strong Foundation Takes Time

Maintaining effective and enforceable policies is one of the most time-consuming parts of healthcare compliance. It’s a painstaking process to make sure every federal requirement is reflected in one of your organization’s policies. There is rarely a one-to-one match between a standard and a policy. One regulation can apply to several policies, and one policy can tie to many regulations. If you’re an accredited organization, you have to layer on those standards as well. 

In my work with MedTrainer’s policy templates, our compliance team has developed policy manuals that meet all regulatory standards by care setting and about 95% of accreditation standards for the most common accrediting bodies (the remaining 5% are specific to accreditation organization standards, such as being prepared for unannounced surveys). Building these policies and making sure they fit how your organization operates takes focus and consistency that can be hard to maintain when compliance teams are already managing training, credentialing, and audits. I’ve sat with those teams, spending hours on comparisons, tracking updates, and trying to be sure nothing slips through. 

The Most Common Mistakes I Found in Healthcare Policies

Even the best healthcare compliance teams have small cracks in their policies that reduce clarity, slow progress, and make compliance harder to manage. Here are the six most common mistakes I saw in my extensive review.

#1 Misalignment Between Policy and Practice

Policies often describe how things should work, instead of how things actually work within an organization. For example, the policy says, “medications must be checked by two licensed professionals before administration,” but in practice there are rarely two professionals scheduled during the overnight shift, so it’s not possible. When a document describes a process no one actually follows, it sends a clear message: “These policies don’t really matter.”

Correct the Mistake: Complete environmental rounds to see the processes employees are following in their day-to-day work. If there’s mis-alignment with the policy, then you either need to update the policy or correct staff action. It’s also best practice to review policies with the teams who follow them and confirm that each description reflects what happens in practice. 

#2 Over or Under Inclusion

Some policies go beyond what’s required, while others aren’t comprehensive enough. I’ve seen weekly checks listed where an annual review would meet the standard, and I’ve seen policies that vaguely require checks to be completed. Both create problems. If you’re requiring more than the standard, that level of effort might not be possible or it might take so much time and resources that it is never done. Similarly, when you’re under-including information, staff don’t know what to do. Don’t overthink the requirements — match your policy to them.  

Correct the Mistake: Build a crosswalk to match federal and state requirements with what is included in your policies. Start with trusted reference material or templates and tailor them to your organization. Keep the focus on what’s necessary and relevant so every step is meaningful and realistic.

#3 Lack of Depth and Detail

Sometimes policies explain what should happen but not who does it, when, and how follow-up is done. For example, an incident reporting policy might say, “all patient safety incidents and near misses must be reported promptly to ensure corrective action and continuous improvement.” “Promptly” is vague — does it mean immediately or this week? Who should make the report, who reviews the report, how is analysis completed and communicated? Without this level of clarity, no incident report will be completed or reviewed in the same way, which leads to plenty of issues.

Correct the Mistake: Ask a brand new employee for their feedback on policies. Are they able to understand and follow without questions? Double check that you’ve defined responsibilities, timing, and verification. A few extra lines of clarity can prevent hours of confusion later.

#4 Structural Gaps

I’ve reviewed many well-written policies that create a dangerous gap between intent and execution, all because they don’t include instructions for follow through. Where should findings be reported, updates acknowledged, or corrective actions tracked? Those missing elements are what is needed to make improvements and prove compliance in an audit. For example, an infection control policy might require that all deficiencies identified in the monthly audit are logged, assigned to responsible parties, and re-vertified within 30 days. 

Correct the Mistake: Use a consistent format that includes sections for procedure, reporting, and follow-up to be sure all information is included. It also helps organizations meet standards like those required by NCQA.

#5 Ambiguity in Responsibilities

When responsibilities aren’t clearly defined in policies, then everyone assumes it’s someone else’s job and critical tasks fall through the cracks. This doesn’t just happen with internal teams — responsibility often blurs between internal staff and vendors as well. The policy should say something like, “the department manager reviews all reports within 48 hours.” This creates the accountability and consistency across departments that you need in an audit or survey.

Correct the Mistake: Spell out who does what and review those assignments regularly so changes in staff or partners don’t create new risks. Make sure job descriptions are up-to-date and accessible so everyone knows their responsibilities.

#6 Not Adapting Policies

Even if you’re using one of my policies from MedTrainer’s template library, you might need to make some changes. The language is aligned with all the requirements, but might not be exactly accurate for your organization. For example, it’s misleading if your organization doesn’t use contractors, but the HIPAA policy says “all team members and contractors that access data will conform to our policies and receive training.” It could cause confusion for a surveyor and prompt them to take a closer look. 

Correct the Mistake: Even though it’s time consuming, you should fully read through your policies annually to catch and correct these details. With an AI policy review tool, you can catch any issues related to federal regulations or accreditation standards. 

How Technology Helps You Unify and Strengthen Policy Management

The mistakes above appear across every type of organization, and they do not happen because people don’t care. They happen because compliance is complex and time is limited. The good news is that once you identify these issues, you can fix them — with technology.

A policy management platform makes it easy to review, update, get board approval, and track staff acknowledgment. It puts all policies in a central location for easy organization, streamlines workflows, and automates reminders when it’s time to review each policy. Plus, when policies are organized, up-to-date, and accessible, they’re easier for staff to follow, so your policies are put into practice. The best policy management software brings structure and healthcare expertise together, giving teams clarity and control without adding to their workload.  

That’s the sentiment behind MedTrainer’s Policy Template Library. I’ve already eliminated the mistakes referenced in this article, so you can be confident that each template aligns with current healthcare regulations and accreditation standards and is ready to be adapted to match any organization’s structure or workflow.

Learn more about MedTrainer’s healthcare policy management platform.

Related Resources
Physician Practices Are Changing. Is Your Compliance Keeping Up?Still Using Outdated Credentialing Tools? How PECOS 2.0 Is Exposing Costly GapsHow Can MedTrainer Improve Performance Metrics and Meet Payer Deadlines?MedTrainer Adds Chief Revenue Officer To Meet Rising Market Demand