In April 2015, the Office of the Inspector General (OIG) of the Department of Health and Human Services (DHSS) released a new “educational resource” to provide guidance to the governing boards of healthcare organizations to help them meet their compliance plan oversight obligations. Entitled, “Practical Guidance for Health Care Governing Boards on Compliance Oversight,” the guide marks the first time that such resources have been developed in collaboration with third party contributors. The American Health Lawyers Association, the Association of Healthcare Internal Auditors and the Health Care Compliance Association all participated in the development of a document that can also assist compliance officers, internal auditors and lawyers in their interactions with governing boards.
As an “educational resource,” the guide is not designed to establish any new standards of conduct, and the contributing organizations go to great lengths to make it clear that no legal or professional advice should be inferred from the content. However, the guide does represent a clear intent on the part of the OIG to remind every healthcare board of its’ expectation that it should “act in good faith in the exercise of its oversight responsibility for its organization.”
Citing past OIG publications, Federal Sentencing Guidelines (FSG), and OIG Corporate Integrity Agreements (CIA’s), the guide establishes a very clear expectation of proactivity on the part of governing boards to actively oversee all compliance issues rather than just accepting the submission of summary reports from relevant personnel. The reminder that the FSG, “offer incentives to organizations to reduce and ultimately eliminate criminal conduct by providing a structural foundation from which an organization may self-police its own conduct through an effective compliance and ethics program,” serves to add a little additional pressure in the form of implied fines and penalties for non-compliance.
The guide goes on to offer tips and suggestions in four key areas of board oversight:
- The roles and relationships between audit, compliance and legal functions
- The nature and source of all compliance reports submitted to the board
- Ways to identify and audit potential risk areas
- Ways to encourage accountability and compliance across the organization as a whole
In much the same way that Sarbanes-Oxley removed the defense that CEO’s were unaware of the activities of their CFO’s in creating financial reports, this guide seems to be taking the approach that governing boards should no longer settle for being short of resources to assist them in developing a close familiarity with the regulatory compliance issues for which they are accountable. As the conclusion makes clear: “A health care governing Board should make efforts to increase its knowledge of relevant and emerging regulatory risks, the role and functioning of the organization’s compliance program in the face of those risks, and the flow and elevation of reporting of potential issues and problems to senior management.”
Reinforcing these tips and suggestions is a clear expectation that governing boards will have access to a comprehensive compliance management system. As the guide points out, “One area of inquiry for board members of healthcare organizations should be the scope and adequacy of the compliance program in light of the size and complexity of their organizations.”