(423) 693-0160

Group Purchasing Organizations and Safe Harbor Regulations

Home | GPO Safe Harbor

GPO Safe Harbor

How Can We Help?

GPO Safe Harbor – Group Purchasing Organizations and Safe Harbor Regulations

Operating within healthcare GPO Safe Harbor regulations is essential for Healthcare GPOs to conduct business ethically and legally

GPO Safe Harbor, or alternatively group purchasing organization safe harbor regulations must be adhered to in order to run and manage a healthcare or medical group GPO legally and ethically. Hospitals and other healthcare providers enjoy the benefits provided by group purchasing organizations (“GPOs”) perhaps more than any other industry. The Haslam College of Business of the University of Tennessee Knoxville, stated in an article published in 2020 that ninety-seven percent (97%) percent of hospitals are affiliated with at least one GPO and most use two or more. See: https://haslam.utk.edu/news/breaking-chain-gpo-changes-and-hospital-supply-cost-efficiency/. This statistic alone points out how critical GPOs are to the economic survival of hospitals.

GPO Safe Harbor – Understanding Group Purchasing Organizations or GPO’s

So, what is a GPO and how does it function?  A GPO is an entity formed by businesses who purchase similar goods and services in order to provide their services to others.  In the context of hospitals, their commonality would range from the mundane items of floor cleaning disinfectant, hospital beds and bed linens, toilet paper, to various items more specifically related to healthcare such as pharmaceuticals and highly sophisticated medical equipment, such as a PET/CT scanner or an MRI machine which costs millions of dollars, and all of the thousands of items in between.  Individual hospitals typically do not have the resources to find the most cost effective and beneficial purchasing arrangements for this plethora of items required to operate their facilities, nor do they have the purchasing volume to command the most favorable pricing and terms. 

This is where GPO’s come in.  They serve a group of healthcare providers and assist them with a substantial portion of their purchasing needs.  They select reliable, quality products that enable their members to provide their healthcare services.  With the purchasing power of the group backing them, they can obtain the best prices and payment terms.  Such benefits may be delivered in the form of reduced prices, that a hospital could not enjoy on their own, and also rebates distributed to the member hospitals.  The costs of operating the GPO are typically funded by the vendors who agree to pay an administrative fee to the GPO.  Usually, such fee is a percentage of the goods the GPO members purchase from the vendor.  Such fees generally range from 1.5% to 2.25% of the purchasing volume.  The GPO does not actually purchase goods from the suppliers.  It negotiates the purchasing contracts on behalf of its members and then the members purchase directly from the vendors. 

One might wonder what is in it for the vendor?  Why would they want to fund the GPO, when it would be so much more profitable to deal directly with the hospital and to be able to charge generally higher prices.  No administrative fee would be due.  However, as noted above, 97% of hospitals belong to one or more of some form of GPOs.  To be in the game, they have to be an approved vendor of the GPOs.  Besides that economic fact of life, the GPO does bring many efficiencies to the vendor.  It can save a great deal of time and effort for the vendor by providing the opportunity to negotiate with just one agent instead of multiple hospitals.

GPO Safe Harbor – Group Purchasing Safe Harbor Applies to the Entire Healthcare Industry

GPOs in the healthcare industry are not limited to just hospitals.  Their members might consist of medical practice groups of various sizes and in various medical fields.  In addition, the GPO’s might specialize in dentistry, ophthalmology, or optometry, to give a few examples.  GPO Safe Harbor regulations and requirements still exist even beyond traditional hospitals and medical centers

The GPO is not a new concept in the healthcare industry.  They have been around for over 100 years.  Just as is the case with healthcare providers, GPO’s vary greatly in size and in products covered.  Some may measure their purchasing power in the millions, while other boast of their collective power in the billions of dollars.

GPO Safe Harbor Regulations – GPO Safe Harbor Origins

In 1972, Congress enacted the Anti-Kickback Statute (“AKS”) as part of the social security amendments.  The AKS made it a criminal offense to for a vendor to pay, or for a healthcare provider to receive any moneys for referrals of medical products or services paid by a federal healthcare program.  It originally covered Medicare and Medicaid but was later expanded to cover all federally paid healthcare programs.  Some of the harmful practices that prompted the enactment of the AKS included and are now intended to be protected against with GPO Safe Harbor Regulations are below;

  • A referral arrangement that had the potential of putting the economic benefit to the provider ahead of the medical decision as to what was in the best interest of the patient.
  • A referral arrangement that had the potential to increase costs to the patients and the federal agencies that provided the medical benefits.
  • A referral arrangement that had the potential to increase risk of overutilization or inappropriate use of medical supplies or services.
  • A referral arrangement that created risks to patient safety or quality of care.

The AKS and the various amendments to it over the years were designed to address these concerns.  As is often the case, when a statute is enacted, it generates a multitude of unintended consequences as it is implemented and enforced.  So it was with the AKS.  Without an exception or an allowance being made, the operation and very nature of GPOs brought them within the sights of the AKS.  A legitimate GPO raises none of the evil practices listed above.  To the contrary, it creates efficiencies and results in significant savings to the vendor, the healthcare providers and thus to the federal healthcare programs and their beneficiaries.  Accordingly, although it took several years after the enactment of the AKS, on July 29, 1991, the Office of Inspector General of the US Department of Health and Human Services developed regulations which provided conditions upon which GPOs could be exempt from the AKS.  They came to be known as the Safe Harbor regulations.  They can be found in their entirety at this link:    https://www.ecfr.gov/current/title-42/chapter-V/subchapter-B/part-1001/subpart-C/section-1001.952 and are cited as 42 C.F.R. § 1001.952(j).

GPO Safe Harbor Regulations – Difficult to Read and Understand, but Fairly Straight Forward

Although the GPO Safe Harbor regulations in the almost obligatory form of all government regulations are difficult to read and understand, the gist of them is fairly straight forward.  Generally, the following standards must be met by a GPO in order to come with the purview of the Safe Harbor Regulations:

  • The GPO must have a written agreement with each of its members that provides for either for the following:

  • That participating vendors who sell to the GPO’s members will pay a fee to the GPO not to exceed 3% of the purchase price of the goods provided to the members of the GPO.
  • If the fee paid by the vendor to the GPO is not 3% or less, then the amount to be paid by the vendor must be disclosed, or if not known, the maximum amount to be received by the vendor must be disclosed in the Agreement. Such amount can either be stated as a fixed amount or as a percentage of the purchases made from the vendor by the members of the group under the agreement between the vendor and the GPO.
  • The GPO must disclose to each healthcare provider member in writing at least once a year, and to the Department of HHS, when requested to do so, the amount received from each vendor with respect to purchases made by on behalf of such member.

The definition of a GPO, or group purchasing organization under the Safe Harbor Regulations is worth noting here as it in itself can be seen as a requirement.  The definition as per Safe Harbor Regulations is given as follows: 

“the term group purchasing organization (GPO) means an entity authorized to act as a purchasing agent for a group of individuals or entities who are furnishing services for which payment may be made in whole or in part under Medicare or a State health care program, and who are neither wholly-owned by the GPO nor subsidiaries of a parent corporation that wholly owns the GPO (either directly or through another wholly-owned entity).”

GPO Safe Harbor – Additional Requirements of the GPO Safe Harbor

Therefore, another requirement of the GPO Safe Harbor is that the GPO must serve as a negotiating agent for a collection of unrelated healthcare providers.  If they were all affiliates of each other, then they would not fit within the Safe Harbor Regulations.   Interestingly, however, on March 8, 2012 the Office of the Inspector General of HHS, issued an advisory opinion, 12-01, in which it held that a proposed GPO that would be initially serving only  a group of affiliated companies and was itself a part of the affiliated group would not come within the Safe Harbor regulations.  Nevertheless, because the safeguards the proposed GPO would have in place, the OIG saw the risks of violation of the AKS as being low and therefore had no interest in pursuing this arrangement.

GPO Safe Harbor – A High Degree of Transparency is Required

As can be seen from the above, the guardrails provided by the Safe Harbor regulations are that the GPO is not going to be permitted to make an unreasonable amount of profits on the referral of purchases it makes to the vendors.  Further, a high degree of transparency is required.  The GPO is required to disclose the amount of its earnings from each vendor off the purchase made by each member, such disclosure to be made to both the member and when requested, to the HHS.  These requirements must be complied with through a written agreement with each member.

Examples of GPO member or participation agreements can readily be found on the Internet.

Here is a link to a fairly simple one:


Here is a link to a more complex one:


Note:  These specific agreements are linked for purposes of illustration only.  They have not been reviewed or approved by our firm and should not be relied upon without consultation of counsel.  The needs and structure of each GPO vary and no one form should be relied upon to meet the circumstances of another GPO.

In addition to meeting the GPO Safe Harbor regulations, any GPO in the healthcare industry or otherwise, should have a well-established antitrust program, carefully crafted by counsel.  In that regard, it is important to note that the Department of Justice and the Federal Trade Commission have recently withdrawn  “Safety Zones” for collaborative efforts in the healthcare industry, which they found to be overly permissive.  Under the Biden administration, we have seen a substantial tightening of the enforcement of antitrust laws.  For more information, please go to Antitrust Update.]

Operating within healthcare GPO Safe Harbor regulations is essential for Healthcare GPOs to conduct business ethically and legally

Operating within the healthcare GPO Safe Harbor regulations is essential for GPOs to conduct business ethically and legally while fostering fair competition and quality healthcare services. By adhering to the stringent requirements, implementing best practices, and staying vigilant in a dynamic regulatory environment, GPOs can navigate the complexities and ensure compliance while effectively serving the needs of their members and the healthcare industry at large. Our firm has assisted a number of GPOs through this process and would be delighted to assist any existing GPO or one that is in the making, to safely traverse these legal requirements and pitfalls to ensure compliance with GPO Safe Harbor Regulations.