On April 20, 2015, the Office of Inspector General (the “OIG”) of the U.S. Department of Health and Human Services, the Association of Healthcare Internal Auditors, the American Health Lawyers Association, and the Health Care Compliance Association published a first-of-its-kind guide entitled “Practical Guidance for Health Care Governing Boards on Compliance Oversight.”

The guide is intended to assist governing boards of health care organizations (“Boards”) to create and carry out compliance programs. The guide addresses issues relating to a Board’s oversight and review of compliance program functions, including: (1) the roles of, and relationships between, the organization’s audit, compliance, and legal functions; (2) the mechanism and process for issue-reporting within an organization; (3) the approach to identifying regulatory risks; and (4) methods of encouraging organization-wide accountability for achievement of compliance goals and objectives.

The guide encourages Boards to create benchmarks using publicly available resources, such as the Federal Sentencing Guidelines, the OIG’s voluntarycompliance program guidance, and OIG Corporate Integrity Agreements.  Although there is no such thing as a “one size fits all” compliance program, these resources can be helpful in creating a program tailored to each organization’s needs.

While recognizing that not all organizations will possess the resources to support the structure in its entirety, the guide recommends creating corporate charters that address the following functions: (1) compliance; (2) legal; (3) internal audit; (4) human resources; and (5) quality improvement. Boards should continuously evaluate the effectiveness of these charters.

The guide also encourages Boards to ensure proper reporting mechanisms are in place within the organization. If managers or other individuals within the organization are not held responsible for reporting compliance concerns to the Board, the Board will not have a complete picture of the adequacy and effectiveness of the organization’s compliance atmosphere. Therefore, Boards should consider scheduling regular sessions to hear from the organization’s management about the organization’s utilization of compliance, legal, internal audit, and quality functions.

Identifying risk areas is an integral part of any organization’s compliance program. Boards can identify high risk areas from internal and external sources. The guide recommends tracking industry trends to identify risk areas, as new payment models can lead to new incentives and new compliance concerns.

Finally, the guide recommends encouraging accountability within an organization along with compliance. Many organizations have tied an employee’s performance assessment and other incentives to adherence to the organization’s compliance program to emphasize and encourage individual accountability.

The entire guide is available on the OIG’s website.