Walk into any hospital boardroom or healthcare startup meeting in 2025, and you will hear the same question: Are we compliant?
The conversation used to be about growth and partnerships. Now, it is about survival. Regulators are watching more closely than ever, and two old laws, the Stark Law and the Anti-Kickback Statute, have returned to the spotlight.
Both were written to protect patients and prevent profits from influencing medical decisions. Decades later, they are still doing that job, but in a very different healthcare world.
A Law Written for a Different Time
The Stark Law was designed to stop physicians from referring patients to facilities in which they had a financial interest. It was meant to eliminate conflicts of interest and preserve patient trust. But healthcare has evolved into a system where collaboration is essential. Hospitals share data with startups. Physicians join ownership groups. Entire care networks are built on value-based contracts instead of simple billing codes.
That is where things get complicated, says Steven Okoye, a healthcare and corporate attorney based in New York. His work focuses on regulatory compliance, contracts, and risk management for hospitals and healthcare technology firms.
“The healthcare system today depends on collaboration,” Okoye says. “But collaboration can easily look like compensation if it is not structured the right way.”
Recent policy updates have made it clear that regulators are trying to modernize Stark without weakening it. Safe harbors have been adjusted to better align with new care models, but enforcement has grown tougher. In Okoye’s view, one of the biggest mistakes organizations make is assuming good intentions are enough.
“You can have the best motives in the world,” he says, “but if the paperwork is sloppy or the payment structure is unclear, it can still raise red flags.”
The Anti-Kickback Statute’s Broader Reach
If the Stark Law governs self-referrals, the Anti-Kickback Statute focuses on payments and incentives that might influence referrals. The law prohibits anyone from offering or accepting something of value in exchange for steering patients to a particular service or provider.
It is broad, and deliberately so. Okoye explains that it reaches far beyond physicians and hospitals. “It applies to anyone in the chain of influence,” he says. “Consultants, marketers, software vendors, anyone whose compensation could appear to be tied to referrals.”
That wide net has changed how healthcare businesses approach partnerships. Companies that once relied on bonuses, marketing support, or data-sharing deals now think twice about how those agreements are documented. Okoye’s advice is simple: assume every contract will be read by a regulator one day.
Safe Harbors and Exceptions
Both laws include safe harbors and legal exceptions that protect certain arrangements, but the requirements are strict. Payments must reflect fair market value. Contracts must be in writing. Terms must serve a legitimate business purpose.
“Safe harbors are not suggestions,” Okoye says. “They are blueprints. You either meet every condition, or you do not qualify.”
For his clients, documentation is the heart of compliance. Every dollar exchanged must have a clear explanation that ties back to patient care, not referral volume. It sounds simple, but in practice, it takes discipline.
Compliance as Culture
Okoye believes the biggest shift in healthcare law is cultural, not technical. Compliance is no longer a binder full of policies. It is a living process that must be embedded into how people work.
He states that the biggest mistake he observes is when leadership views compliance as a mere checklist. “It has to be part of the company’s identity.”
That means training every department, from finance to marketing, to understand how their actions connect to regulatory risk. When compliance becomes part of daily decision-making, it stops being a burden and starts being a competitive advantage.
What Comes Next
As regulators continue to tighten oversight, healthcare organizations are rethinking how they design contracts and incentive plans. Many are simplifying payment models and adopting software that monitors referral and compensation data in real time.
For Steven Okoye, this evolution represents an opportunity. “The laws are old, but the purpose still fits,” he says. “They were written to protect patients, not punish innovation. The challenge is to make sure innovation happens within boundaries that people can trust.”
Steven believes the future of compliance will be defined by transparency, technology, and ethics. Artificial intelligence, data analytics, and telehealth will all expand the reach of healthcare, but they also increase exposure. That is why Okoye works with clients to build systems that can adapt not just to today’s rules, but to those that will come next.
The Takeaway
The Stark Law and Anti-Kickback Statute remain two of the most powerful tools in healthcare regulation. They continue to shape how care is delivered, how partnerships are built, and how patients are protected.
As Steven Okoye puts it, “Compliance is not about avoiding penalties. It is about earning trust. That trust is what makes the entire system work.”
In a world where medicine and business are increasingly connected, that kind of trust is more valuable than any contract could ever promise.
