Highlights from the "General Counsel and Compliance Officer - Enforcement and Compliance Matters" session
By Bernard Ford and Jennifer McCallister
In May 2018, Bernard Ford, a managing director in Navigant’s healthcare disputes and forensics practice, was a member of a plenary session panel discussion moderated by Gabriel Imperato, managing partner of Broad and Cassel’s Ft. Lauderdale office, at the 28th Annual National Institute on Health Care Fraud. Ford’s co-panelists included Michelle Johnson Tidjani, general counsel of Henry Ford Health System, and Rachel Nosowsky, deputy general counsel, Health Affairs & Technology Law, at the University of California. Their session was titled, “General Counsel and Compliance Officer — Enforcement and Compliance Matters.” Following are some key takeaways from this collaborative discussion:
It has become common for general counsel to be asked to shoulder not only the legal portfolio of a healthcare entity, but the broader risk portfolio as well. The reasons for this shift range from limited resources to the general counsel’s natural appreciation for and understanding of risk analysis and mitigation. Regardless of the reporting structure within an organization, the ability to integrate with and leverage the work of the various oversight groups is critical for gaining operational efficiency and effectiveness. The degree to which your organization’s compliance and legal teams work with specialists from the entirety of a hospital’s clinical and administrative operations, in identifying, mitigating, and managing risk, enhances efficiency and optimizes use of staff resources. It also allows for diversity in perspective, positioning leaders to gain a comprehensive view of the compliance risks facing the organization and develop a multifaceted approach for closing gaps in compliance.
A healthcare entity’s compliance program is composed of business functions, the purpose of which are to provide a framework for, as well as the means to continuously evaluate, compliant behavior by company personnel. The people, processes, and technologies that make up the compliance program should be tailored to meet the expectations set forth in the U.S. Federal Sentencing Guidelines, as embodied by the Guidelines’ seven elements. While the legal analyses and opinions required to establish company policies and procedures are most appropriately performed by the general counsel’s office with support from outside counsel, compliance is an important business partner and catalyst for policy adoption and enforcement. Effective compliance programs have permeable boundaries between legal and compliance, but they respect and leverage each other’s expertise.
The best compliance programs are staffed by professionals with diverse backgrounds and skill sets, including legal, regulatory, audit, process, and operations. When compliance teams and legal teams include staff with diverse expertise, the ability to not only interpret healthcare law, but also operationalize policies and procedures to address and measure it, is augmented. General counsel and compliance officers should seek to diversify the skills of their staff or complement their teams’ capabilities with external expertise to ensure best practices in process management are followed in implementing key compliance processes effectively.
While the evaluation of compliance program effectiveness has long been an expectation of both the Department of Justice (DOJ) and the Office of Inspector General (OIG), recently there has been an uptick in compliance officers recognizing the need to assess their programs. They recognize that such an assessment helps compliance leaders understand their strengths and limitations around compliance and establish a road map for achieving their vision for the future. An assessment can be performed internally — ideally, with the support of team members with business process management expertise — or in partnership with external experts. An objective review of compliance program effectiveness should be firmly based on legal and regulatory guidance and should examine the strength of processes critical to compliance. Typically, internal self-assessments of hospital compliance programs are subjective, and this can limit their value. Recent DOJ and OIG guidance promotes third-party assessments of compliance effectiveness.