CLIA Certification: A Guide to Requirements and Ongoing Compliance For Labs

For the most part, labs understand that compliance with CLIA is critical. What many of those same labs don’t realize until after an inspector visit is how much they rely on informal processes to manage compliance,

Getting certified is the straightforward part. Maintaining certification year after year across a growing test menu and changing staff is where the real work is.

In this guide, we’ll walk through what CLIA requires, how to choose the right certificate type, what the application process looks like, and what ongoing CLIA compliance demands from your lab week to week.

What Is CLIA and Which Labs Need It?

CLIA (the Clinical Laboratory Improvement Amendments of 1988) establishes quality standards for laboratories that test human specimens. 

That means blood, urine, tissue, and nasal swabs; if your lab analyzes human body material for diagnosis, treatment, prevention, or health assessment, CLIA applies.

The following agencies share responsibility for the program:

1. CMS (Centers for Medicare & Medicaid Services) administers CLIA certifications, oversees inspections, and enforces compliance. 
2. The FDA (Food and Drug Administration) categorizes each test method by complexity, which determines the requirements your lab must meet. 
3. The CDC (Centers for Disease Control and Prevention) provides technical support, guidelines, and educational resources.

Most labs that test human specimens need a CLIA certificate, including clinical labs, hospital-based labs, physician office labs, reference labs, and urgent care facilities. Research labs that report findings to patients or treat results as diagnostic information also fall under CLIA in most circumstances. Washington and New York operate CMS-approved exempt state laboratory programs. Labs remain subject to CLIA requirements, but state licensure and oversight satisfy the federal inspection requirements.

The CLIA regulations are administered by CMS, and operating without a valid certificate is a federal violation. Consequences range from civil monetary penalties to exclusion from Medicare and Medicaid billing, which, for most labs, means losing the ability to operate commercially.

The Four Types of CLIA Certificates

CLIA doesn’t issue a single certification to all labs. There are four operational certificate types, and the right one depends on what tests your lab runs and how you want your inspections structured.

These are:

1. Certificate of Waiver (COW): This is available only to labs that run FDA-designated waived tests, meaning tests so simple that following the manufacturer’s instructions is sufficient to ensure accurate results. COW labs are not subject to routine CMS inspection, but they are subject to complaint-based investigation and must use approved test kits correctly.
2. Provider-Performed Microscopy Procedures (PPMP): This is a narrow certificate type for physicians, dentists, and midlevel practitioners (nurse practitioners, nurse-midwives, physician assistants) performing specific microscopy procedures during a patient visit. Not relevant for most commercial or reference labs.
3. Certificate of Compliance (COC): For labs running non-waived tests that want CMS to conduct their inspections directly. CMS surveys COC labs on a 2-year cycle. 
4. Certificate of Accreditation (COA): For labs running non-waived tests that choose an accrediting organization – CAP, COLA, the Joint Commission, AABB, or others – to conduct inspections in place of CMS. COA labs must also hold a current CLIA certificate from CMS, but the accrediting organization’s inspection satisfies the CLIA survey requirement.

The decision between COC and COA usually comes down to scope and market positioning. CAP accreditation signals a higher standard of compliance with referral networks and healthcare contracting organizations. Labs planning to expand their test menu or client base often choose COA for that reason.

Test Complexity and What Each Level Requires

The FDA assigns each cleared test method a complexity category, and that category determines the personnel requirements, quality control standards, and inspection scope your lab operates under. 

We’ve broken out the three types of tests below.

Waived Tests

Waived tests are simple, low-risk tests that the FDA has specifically cleared for this category. This is typically because the methodology is straightforward and the risk of an erroneous result causing harm is low. 

Common examples include glucose meters, most point-of-care rapid strep and flu tests, urine dipsticks, and many COVID-19 antigen tests.

A COW lab can run only waived tests. The requirement sounds minimal; just follow the manufacturer's instructions and use approved kits, right? The caveat is that COW labs will get investigated when complaints are filed, and investigators look at whether labs are actually following those instructions.

Moderate Complexity

Most routine clinical laboratory testing falls in this category. This includes complete blood counts, basic metabolic panels, most immunoassays, urinalysis by microscopy, and routine bacterial cultures. 

If your lab runs a standard outpatient test menu, you’re almost certainly running moderate complexity tests.

Moderate-complexity labs require, at a minimum, a laboratory director, a clinical consultant, a technical consultant, and testing personnel who meet defined education and experience standards. 

Testing personnel must have at least a high school diploma plus documented training or experience with the specific tests they perform. The clinical consultant (who doesn’t have to be a separate person from the director) must be qualified to advise the ordering physician on test selection, interpretation of results, and appropriate follow-up.

High Complexity

High complexity tests require greater technical proficiency, more judgment, or more specialized methodology. This includes histopathology, cytology, certain flow cytometry, and molecular testing applications. 

High-complexity labs require two additional personnel roles beyond the moderate-complexity structure:

•  A technical supervisor (responsible for technical and scientific oversight within each specialty)
• A general supervisor (responsible for day-to-day supervision of testing personnel). Each carries specific credential requirements.

The laboratory director for a high-complexity lab must hold an MD, DO, or doctoral degree and be board-certified or have documented training specific to the specialty in question. As of December 28, 2024, laboratory directors at both moderate- and high-complexity labs must also complete at least 20 hours of continuing education on laboratory director responsibilities. 

The same 2024 rule change added an onsite presence requirement: laboratory directors at moderate- and high-complexity labs must be physically present at least twice a year, with no fewer than four months between visits, and the lab must retain documentation of those visits and the director's involvement in lab activities.

What to Expect From The CLIA Application Process

While the stakes may seem high, applying for CLIA certification is more straightforward than most lab directors expect. 

The application is CMS Form 116, available at cms.gov. The form asks for the lab’s name and address, the director’s information and qualifications, the test menu and complexity level, and, for COA applicants, the chosen accrediting organization.

Fees are assessed on a two-year cycle and set by CMS. COC and COA fees scale with annual test volume: a high-volume reference lab pays significantly more than a small physician office lab. Budget for both the CMS fee and, if applicable, the accrediting organization’s fees, which are assessed separately.

CMS typically processes applications within 4 to 8 weeks. Labs receive a provisional certificate once processing is complete –  that’s when you can legally begin testing, not when the application is mailed. The provisional becomes a full certificate after the first inspection cycle.

Most states require a separate state laboratory license in addition to CLIA certification. Requirements vary considerably: some states are straightforward; others have their own personnel requirements, PT programs, and inspection schedules that run in parallel with the federal program. 

CLIA certificates must be renewed every two years. CMS sends renewal notices, but it’s worth setting your own reminder. A lapsed certificate requires you to stop testing and reapply, including the waiting period for a provisional certificate, before you can resume operations. To verify your certificate status or look up another lab’s certification, CMS maintains the QCOR laboratory lookup tool at qcor.cms.gov.

What Ongoing CLIA Compliance Actually Requires

Passing the initial inspection is one milestone. The ongoing work is laboratory quality management, which includes the daily, monthly, and annual practices that keep the lab compliant between surveys, not just during them.

Quality Control

All moderate- and high-complexity labs must run quality control samples at two concentration levels per day of patient testing, at a minimum, or per the manufacturer’s instructions if those are more stringent. The purpose is to verify that the analytical process is working correctly before releasing patient results.

CLIA requires that QC results be reviewed by a qualified individual and that corrective action be taken when QC fails before patient results are released. A lab that runs QC every morning but where no supervisor reviews the trend data is technically non-compliant, even if every run was in range. Inspectors look for evidence of the review, not just the records of the results.

This is where software like a LIMS can be helpful. For example, labs using QBench LIMS can configure the system to require supervisor sign-off before patient testing proceeds, making the review a required step in the workflow rather than something that can be skipped under pressure.

Proficiency Testing (PT)

Moderate- and high-complexity labs must enroll in a CMS-approved proficiency testing program for each regulated analyte. 

PT programs send blind samples that labs must test under normal operating conditions: the same instruments, the same procedures, and the same personnel who handle routine patient testing. Results are graded, and labs must meet minimum acceptable performance criteria to remain in good standing.

There are two rules that labs consistently underestimate

1. PT samples must be treated exactly like patient samples. Routing PT samples to the most experienced technologist or subjecting them to additional scrutiny before submission is a CLIA violation.
2. Failing the same analyte in two consecutive PT events (or two of three) requires a formal investigation, documented root cause, and corrective action.  A pattern of PT failures is one of the most serious CLIA compliance signals.

Personnel Competency and Documentation

Every testing personnel must be assessed for competency at regular intervals. 

CLIA specifies six required evaluation methods: 

• Direct observation of routine test performance
• Monitoring and review of QC results
• Testing of previously analyzed specimens
• Assessment of problem-solving skills
• Observation of instrument maintenance and function checks
• Evaluation of test result reporting

All of this must be documented, signed by a qualified supervisor, and retained on file for at least 2 years. Personnel qualification records – director credentials, education, and experience documentation – must also be current and accessible. Staff transitions are one of the most common triggers for documentation gaps. When a director or key personnel member leaves, updating the files is easy to defer until it suddenly matters.

What Inspectors Look For During a CLIA Survey

A CLIA survey, whether CMS for a COC lab or an accrediting organization for a COA lab, follows a structured review based on the requirements in 42 CFR Part 493.

Inspectors will review director credential documentation, testing personnel qualifications, QC records (including evidence of supervisor review), PT participation and results, procedure manuals for every offered test, instrument calibration and maintenance logs, and corrective action records for any prior deficiencies.

When a survey results in findings, the lab receives a Statement of Deficiencies. The lab has 10 days to submit a Plan of Correction describing what happened, what has been or will be done to fix it, and how the lab will monitor to prevent recurrence. Unresolved deficiencies can escalate, up to and including certificate revocation for serious or repeat violations.

How a LIMS Helps Labs Meet CLIA Requirements

CLIA’s documentation requirements assume that labs have systems in place to consistently capture, store, and retrieve records. 

For labs operating with paper binders, spreadsheets, and shared drives, the compliance burden falls on individual staff members to remember to do the right thing at the right time. That works until it doesn’t, and it tends to break down precisely when the lab is busiest or understaffed.

A modern LIMS, such as QBench, addresses this at the operational level.

• QC documentation is logged at entry, time-stamped, and locked. QBench flags out-of-range results in real time and requires supervisor acknowledgment before patient testing proceeds.
• Proficiency testing records, competency assessments, and personnel qualifications are tracked in one place with expiration alerts.
• Procedure manuals and SOPs move through version-control and scheduled-review workflows. Staff automatically access the current version, and QBench prevents the use of an outdated procedure once a new one is approved.

The hard work of managing and maintaining compliance doesn’t go away with a LIMS, but unlike pen-and-paper systems, a LIMS can enforce compliance practices when set up well.

Get the Right Tools Before Your Next Inspection With the LIMS Buyer’s Guide

The ongoing work of quality control, proficiency testing, personnel competency assessments, and documentation is what determines whether a lab stays CLIA-certified when it matters.

The requirements are specific and well-documented. The harder part is building the operational systems that ensure their consistent meeting, especially as your test menu expands and staff turnover occurs. A LIMS built for compliance-heavy environments changes that equation significantly.

To help you choose the right LIMS, we wrote a LIMS Buyer’s Guide. In this guide, you’ll learn about the different types of LIMS, the key features to look for, and how to select the right vendor for your lab.

Fill out the form below to get your copy.