As we reported last week, on January 17, 2017, staff from the Department of Health and Human Services Office of Inspector General (HHS-OIG) met with Health Care Compliance Association (HCCA) professionals for a roundtable meeting to develop a resource guide aimed at helping health care organizations develop ways to benchmark and measure the effectiveness of compliance programs.
The results of the roundtable meeting were released by HHS-OIG on March 27, 2017, with the release of the Resource Guide on Compliance Program Effectiveness (“Resource Guide”). The Resource Guide provides a large number of measurement options designed to work across “a wide range of organizations with diverse size, operational complexity, industry sectors, resources, and compliance programs.” It covers the well-established seven elements of an effective compliance program, articulated in the U.S. Sentencing Guidelines:
- Standards, policies and procedures
- Compliance program administration
- Screening and evaluation of employees, physicians, vendors and other agents
- Communication, education and training on compliance issues
- Monitoring, auditing and internal reporting systems
- Discipline for noncompliance and
- Investigations and remedial measures
The Resource Guide provides tools on both “what to measure” and “how to measure” the effectiveness of these seven elements of a compliance program. It lists more than 400 metrics that organizations can use to determine how to measure each element of their compliance programs. The Resource Guide notes that “one size truly does not fit all” and that using all or even most of the metrics is not necessary or recommended.
An important consideration for all healthcare organizations is determining if, and how, they should integrate the Resource Guide with recent corporate compliance guidance from the Fraud Section of the Department of Justice (highlighted here). The DOJ guidance is structured as a series of compliance questions that, over time, the Criminal Division has considered when evaluating a corporate compliance program. The Resource Guide itself does not reference DOJ’s new compliance program guidance, but its value should not be underestimated.
Our view is that every healthcare organization should integrate both documents into their process for evaluating their compliance program. This way, healthcare organizations can benchmark their programs against two important regulators, both of which have provided very detailed insight into what they believe is important for an effective compliance program. Therefore, we recommend that healthcare organizations use the measurement options listed in the Resource Guide, along with the “compliance test questions” listed in the “Evaluation of Corporate Compliance Programs” in order to best evaluate and measure their current compliance program, and understand the issues the Department of Justice considers critical in its determination of criminal accountability.
The takeaway for health care organizations is that both DOJ and HHS-OIG expect organization to do more than just develop and implement a compliance program. This is presumed. The mere existence of a robust compliance program does not get an organization “credit” or “lower risk” consideration. Both DOJ and HHS-OIG expect that organizations are going beyond this, with, for example, effective remediation plans and having a process for making voluntary disclosures. In order to do this, DOJ and HHS-OIG expect organizations to actively monitor and evaluate the effectiveness of those programs. To that end, these two guidance documents provide specific, concrete ideas for ensuring the ongoing effectiveness of your compliance program.
Although both resource guides note that they are not designed to be a checklist nor provide a single standard, health care organizations should not underestimate the significance of these two documents in benchmarking compliance and being better prepared in the event of a compliance crisis.
The bottom line: integrating these two important sources of compliance guidance needn’t nor shouldn’t be an either/or proposition.