34 Questions Boards Should Be Asking Compliance Officers
Compliance Program (CP) is an effort that begins at the Board of Directors (Board) level. Both the Department of Justice (DOJ) evaluation of compliance program guidelines and Department of Health and Human Services (HHS) Office of Inspector General (OIG) compliance guidance documents call for the Board to provide active oversight of the Program. The HHS Inspector General noted that the best Boards are those that are active, ask probing questions about the Program, and exercise constructive skepticism in their oversight. Compliance Officers should assist Boards with determining what types of questions they should be asking. In turn, Compliance Officers should be prepared to provide full and complete answers to the Board. In their jointly produced “Corporate Responsibility and Corporate Compliance: A Resource for Health Care Boards of Directors†and “Corporate Responsibility and Health Care Quality (2007): A Resource for Health Care Boards of Directors†publications, the OIG and American Health Lawyers Association developed specific suggested questions that Boards should be asking about the Compliance Program. From these advisory documents, the following list is provided to complete this question – What evidence is there that:
- The Compliance Officer has enough authority to implement the CP?
- The Compliance Officer has adequate resources to implement and operate the CP?
- The CP has been structured to meet its obligations?
- Compliance-related responsibilities have been delegated across all levels of management?
Have Compliance Concerns? We Have Solutions.
Speak with an Expert Today - Program managers are engaged in ongoing monitoring of high-risk areas in their area of responsibility?
- The ongoing compliance monitoring results are being reported and acted upon by managers?
- Ongoing compliance auditing is verifying that risk monitoring is taking place and effective?
- Compliance risks are being identified and addressed?
- Monitoring and auditing findings and recommendations are being promptly resolved?
- All employees have been held equally accountable for compliance?
- The Code has been incorporated into corporate policies across the organization?
- The Code is understood and accepted across the organization?
- Management has actively publicized the importance of the Code to employees?
- There are all the necessary policies/procedures to properly govern the CP operations?
- Compliance-related policies have been developed to address compliance risk areas?
- Compliance-related policies and the Code of Conduct are being reviewed/updated annually?
- Document management ensuring compliance-related documents are up to date?
- The scope of compliance-related education and training addresses all the necessary issues?
- The CP training is effective?
- Enforcing training mandates are taking place and remedial training is being provided, as warranted?
- Employees understand what is expected of them regarding compliance?
- The Board is being properly informed on regulatory and industry compliance risks?
- All the compliance risk areas are being assessed from a compliance perspective?
- Evaluation and response to suspected compliance violations is taking place?
- Appropriate training is provided to those who conduct compliance investigations?
- The Compliance Officer, Human Resources, and Legal Counsel coordinate in resolving compliance issues?
- CP documents and information are properly and securely maintained?
- Policies are addressing the protection of “whistleblowers†and those accused of misconduct?
- Sanction-screening is being conducted timely with resolution of potential matches?
- Results from sanction-screening are being certified by the responsible parties?
- The hotline operation is operating successfully in meeting its objectives?
- Metrics are being used to evidence CP effectiveness?
- The CP has been evaluated for effectiveness by a qualified independent reviewer?
- Results of an independent review and assessment of the CP are being promptly addressed?