Health care industry boards should give close attention to the governance implications of recent privacy settlements entered into by Equifax and Facebook.

Their unique facts and circumstances notwithstanding, the settlements send an important message on regulatory expectations for board oversight of consumer privacy concerns. They also provide useful suggestions on how to structure meaningful governance interaction with existing information security programs. For example:

  • Enterprise Risk: The settlements send a clear message of increased government enforcement response to privacy failures by corporations with special access to consumer information (e.g., retail, credit, finance, higher education and health).
  • Board Engagement: Both settlements are suggestive of increased government expectations in all commercial sectors for board oversight of information security and privacy matters.
  • Privacy Committee: Health care boards may wish to evaluate whether the creation of a Facebook-styled board-level privacy committee would materially contribute to information security oversight.
  • Compliance Oversight: Board oversight of compliance may require a special privacy focus. Coordination between traditional compliance officers and information security officers may necessitate enhanced board supervision.
  • Individual Accountability: Settlement provisions requiring certifications by the board and the CEO are consistent with a broader regulatory focus on individual accountability and attributing greater responsibility to boards for corporate wrongdoing.


The scope and quality of management-to-board risk reporting should be a key audit and compliance committee agenda item following a recent Delaware Supreme Court decision (Marchand v. Barnhill) of unusual relevance to health care providers and their governing boards.

The essence of Marchand is that corporate directors may be exposed to breach of duty of loyalty claims under the well-established Caremark doctrine when they take no action, with management or otherwise, to implement a reporting system by which they may exercise oversight of a key risk area (in this case, food safety). The controversy arose from a listeria outbreak in ice cream made by Blue Bell Creameries USA Inc. that led to significant customer and corporate harm.

The underlying litigation was filed as a shareholder derivative action alleging Caremark violations, i.e., that the board breached its duties of care and loyalty by knowingly disregarding contamination risks and failing to oversee the safety of Blue Bell’s food-making operations. The Delaware Supreme Court concluded that the plaintiff had pled allegations of bad faith by the directors sufficient to overcome a motion to dismiss under Caremark.

Key to the court’s analysis was the Blue Bell board’s apparent lack of awareness of a mounting series of compliance and food safety “yellow flags” and “red flags,” of which management was well aware, that arose during a roughly two-year time period before the listeria outbreak.


Executive compensation committees may wish to increase their focus on the completeness with which executive compensation is disclosed, given a recent increase in media coverage of industry CEO compensation arrangements.

Such coverage, which typically contrasts executive compensation with health industry emphasis on cost control and accountability, can prompt unfavorable regulatory, community and physician reactions.

The recent coverage underscores the difficulties with compensation disclosures, and the overall comparability of one disclosed pay arrangement to another. Disclosures on Form 990 may include “bunched” income, such as multi-year supplemental retirement amounts that vest in a single year, or multi-year incentive compensation awards that are earned and reported in a single year when the incentive performance period ends. Reporters often misinterpret bunched income as representing a “raise” for the executive, when in fact year-over-year total compensation may be rising much more slowly, if at all.

Media scrutiny can also be expected on the impact of the “High Five Tax,” i.e., the new excise tax on remuneration exceeding one million dollars paid to “covered employees” (generally the five highest paid employees of each tax-exempt organization). Compensation committees should anticipate questions on the application of this tax, the amount of tax paid, and whether they are taking the tax into account in considering the levels of compensation provided.

Prepared with contributions by McDermott partner Ralph DeJong


A new Federal Trade Commission (FTC) staff blog post reminds boards and corporate strategy executives about the potential antitrust issues that may arise from interlocking director arrangements with competitors.

These arrangements have long been a popular means by which health care systems seek to foster collaborative arrangements. Perhaps their most frequent use is as a “get to know each other” step—i.e., a limited governance connection intended as a prelude to other, more integrated arrangements. They are also used in certain types of corporate restructurings, spin-off transactions and acquisitions.

As many general counsel know, Section 8 of the Clayton Act not only prohibits a person from acting as an officer or director of two competitors, but also prohibits any one firm from appointing two different people to sit as its agents as officers or directors of competing companies. Unlike the merger rules—with which boards and executives are somewhat familiar—Section 8 is a strict liability provision, meaning violations are per se and do not depend on actual harm to competition.

There is a clear message from the antitrust enforcement agencies that companies should monitor market developments to ensure that changes do not create unexpected interlocks. Health system executives and directors involved in strategic transaction development will want to coordinate with the general counsel on possible Section 8 issues when considering arrangements involving governance terms.

Prepared with contributions by McDermott partner Ashley Fischer


The July 1, 2019, release of the outside counsel investigative report analyzing significant and widely publicized patient safety allegations at a Florida-based children’s hospital illustrates the critical connection between quality of care and corporate governance.

The report’s recommendations include (but are not limited to) a series of governance recommendations intended to enhance the oversight exercised by the hospital’s board and its system partners on quality of care and patient safety matters, including:

  • Increasing reporting and access to board patient safety and quality committees by clinical and quality staff
  • Empowering the quality and patient safety director to collaborate with the board chair on review of patient safety and quality matters
  • Better orienting board members to their role in hospital quality and safety
  • Increasing the number of board and committee members with health care expertise

Emphasis on board oversight of patient safety aligns with the focus placed on enforcement by the Centers for Medicare and Medicaid Services, state health departments and accrediting organizations. Considering these recommendations and recent patient safety developments at other health systems, counseling the board quality of care committee on its responsibility to engage on the governance implications of its oversight duties is key.

Prepared with contributions by McDermott partner Sandy DiVarco


Despite recent interest in such an arrangement, boards should give careful consideration before appointing the same individual to serve as both board chair and chair of the executive compensation committee.

There are many positive reasons that would support such a dual position, including coordination/consistency of strategies and governance perspectives, and streamlined decision-making. Use of the dual chair position can also achieve efficiencies when the organization lacks a deep pool of qualified chair candidates.

However, there are many significant governance/legal issues to be considered as part of the evaluation of a dual chair position. First is the capacity of the board chair to fill both roles. In a governance environment increasingly focused on director engagement, and the important role attributed to the board chair, a crucial concern relates to the capacity of one person to serve both roles effectively.

A similar issue is whether the candidate has the expertise required to satisfy each role. The skill set necessary to fill the role of board chair is not automatically consistent with the unique expertise required of the chair of the executive compensation committee.

Another related issue is whether a director serving both roles would result in an undesirable concentration of authority in one person. Would it mitigate the influence and authority of the full board? Would the CEO be more inclined to focus his or her attention on the person who filled both roles than on other board leaders? Would there be any conflicts of interest or lack of transparency that could arise from the dual chair service?

Then there are the technical questions of independence for purposes of the chair position, and of conflict of interest for purposes of determining satisfaction of the rebuttable presumption of reasonableness for committee decisions.


A recent conflicts controversy involving a small district hospital’s consideration of affiliation opportunities offers an important reminder of broader governance issues that can threaten the logistics of the approval process.

The issue at hand was the relationship of board size to the approval process—i.e., a five-member board with two members unable to vote because of conflict of interest. The expressed concern related to the exceptional burden on the remaining directors and the related impact on the affiliation process.

Similar issues can arise in the context of much larger boards. Conflicts of interest can disable board members otherwise key to the decision-making process. Members of the executive leadership team who have a financial or job security/advancement relationship to the transaction or the potential partner may be compromised from significant participation in the process. Large boards with spotty director attendance patterns may face significant challenges in achieving necessary quorum for key transaction meetings. The ability of the full board to rely on negotiating committees will depend in part on the expertise, degree of engagement and lack of conflict of committee members.

All of this underscores the importance of identifying governance logistics well in advance of commencing any affiliation or other major board decision-making process, especially with respect to the identification and management of potentially critical conflicts issues. The successful navigation of these governance issues will favorably affect the board’s ability to sustain its ultimate decision under state law, and to support the ability of individual directors to claim business judgment rule protection for their decisions.


A new survey from a major consulting firm provides helpful analysis on how boards across industry sectors are responding to challenges arising from disruptive technology.

The survey of 365 corporate directors resulted in the following core conclusions, which may be relevant to the exercise of fiduciary responsibilities:

  • Directors are divided as to whether their boards have the appropriate resources to move their companies forward in this era of digital disruption.
  • Most boards rely on management as their primary source for staying current on industry trends, emerging technologies and innovation.
  • Directors say the biggest challenges to adopting emerging technology are those related to integration and talent.
  • Boards can help their organizations mitigate risks brought on by disruptive technology by including the topic on the full board agenda and reviewing the organization’s enterprise risk management framework.
  • A majority of directors agree that boards can enhance their oversight of disruptive technology through tailored board training and education.

These survey findings should be considered within the broader context of fiduciary responsibilities associated with the identification and response to business disruption. Those are grounded in the board’s fundamental obligation to ensure sustainable long-term value and mission achievement for its principal constituents. As such, those responsibilities affect elements of governance ranging from information flow to the board, to director engagement, to refreshment, to board composition, to the decision-making process and, ultimately, to the nature of the board/management dynamic.


A recent article in The Wall Street Journal provides a cautionary tale to health care boards placing significant emphasis on their organization being an actual “disrupter” (as opposed to being disrupted itself).

The theme of the article is that the field of potential disruptive enterprises has become so crowded—driven by the increasing availability of technology—that they risk spending more time responding to each other than the legacy firms/industries they seek to replace.

The article identifies circumstances in the ride-sharing, food delivery and real estate sectors in which venture capital-backed (proposed) disrupters were unable to achieve sustainability because of their inability to compete successfully against other disruptive entities that had entered the same market, thus intensifying the competition. One reason for these difficulties is that many potential disruptive enterprises have lost the benefit of the so-called “first-mover advantage” that they may have had in the past.

Many legacy health care organizations are significantly expanding their investment portfolio to reposition themselves to take advantage of rapid changes in technology and the rise of consumerism. Some of these investments involve significant financial involvement and the joint venturing of valuable assets formerly controlled solely by the organization. Boards called upon to approve such investments are under increasing pressure to exercise truly informed oversight of management proposals, including a clear appreciation of the market opportunity and the risk associated with the investment.


A recently announced US Department of Justice (DOJ) policy provides significant motivation for the board to ensure that the organization’s compliance program specifically addresses antitrust law.

The new policy serves to extend cooperation credit at the charging/sentencing phase(s) for implementing effective antitrust compliance programs. In evaluating such programs, DOJ will focus on three primary principles familiar to general counsel and compliance officers:

  • Is the program well-designed?
  • Is it being applied earnestly and in good faith?
  • Does the program work well?

Additional threshold questions relate to whether the program addresses and prohibits criminal antitrust violations, whether the compliance program detected and facilitated prompt reporting of the violation, and the extent to which senior management of the company was involved in the violation. More specifically, the new policy identifies nine factors that should be considered when evaluating the effectiveness of an antitrust compliance program.

The emphasis on antitrust compliance is of particular importance in health care (from civil as well as criminal perspectives) given the Federal Trade Commission’s (FTC’s) increased focus on Clayton Act Section 8 compliance, and given the risks associated with market allocation and price fixing in an increasingly competitive, consolidating and concentrated industry sector. Health care boards should give serious consideration to positioning the organization to qualify for cooperation credit should the need arise (in the worst case). In this regard, the board should work with the general counsel, outside antitrust counsel and chief compliance officer.

Opportunities for efficiency may arise to coordinate evaluation of antitrust compliance measures with other efforts the organization may already be taking to implement prior 2019 DOJ guidance on effective compliance programs and on qualifying for cooperation credit.