No Result
View All Result
SUBSCRIBE | NO FEES, NO PAYWALLS
MANAGE MY SUBSCRIPTION
NEWSLETTER
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home Compliance

What Healthcare Organizations Need to Know About Educating and Training Their Boards of Directors

by Nicholas Merkin
April 6, 2015
in Compliance, Governance
What Healthcare Organizations Need to Know About Educating and Training Their Boards of Directors

Board members of healthcare organizations are under more scrutiny than ever before.  As a result of the unique compliance requirements in the healthcare industry, as well as increased regulatory enforcement and third-party lawsuits, healthcare corporate directors arguably have greater responsibility – as well as liability – than many of their peers in non-healthcare sectors for the oversight of their organizations’ corporate compliance programs.

In this environment, it is crucial for healthcare entities – typically through an organization’s chief compliance officer (CCO) – to educate and train effectively members of the board of directors with respect to their fiduciary duties, as well as the structure and operations of the entity’s compliance program.  This process should commence well before the CCO’s first formal board presentation or the CCO’s preparation of compliance oversight metrics.  Rather, an in-depth training program for corporate directors should be an ongoing process for new and veteran corporate directors alike, and should be fully integrated with the overall obligations of the corporate board.

The following is an outline for a model educational program for directors that may be implemented by healthcare organization CCO’s and compliance personnel.

  • Fiduciary Duties and Relevant Regulations

At the most basic level, director training should inform and educate directors as to their various fiduciary duties in connection with the compliance function, as well as the primary regulations that relate to organizational compliance.[1]  While a full summary with respect to the fiduciary obligations of corporate directors and relevant healthcare regulations is well beyond the scope of this article, at a minimum, directors should be advised as to their duties of care and good faith dealings, including the duty of reasonable inquiry, the Caremark decision standards, and the business judgment rule.  Additionally, directors should have an awareness of relevant regulations, such as the False Claims Act, Stark/and Anti-Kickback laws, exclusion screening requirements, HIPAA and other privacy laws, as well as applicable state laws.

  • Policies and Procedures and Code of Conduct

Written policies and procedures are a roadmap for healthcare organizations that help then mitigate day-to-day compliance risks.  The policies and procedures should address all details of the compliance function from reimbursement to quality issues.  Like all guidebooks, an organization’s policies and procedures should be in a constant process of revision in response to changing laws and regulations, as well as compliance concerns.  Members of the board should be familiar with both the substance of their organization’s policies and procedures, as well as the mechanism by which the policies and procedures are revised and kept current.

Additionally, an organizational code of conduct articulates to staff, patients, and management the healthcare entity’s commitment to the ethics and values underlying corporate compliance.  Similar to an organization’s policies and procedures, the code of conduct should be periodically updated for relevance and applicability.  Moreover, all decisions of management and the corporate board should be consistent with the organization’s code of conduct.  The code of conduct, as well as its process of revision, therefore, should be meaningfully communicated to the board of directors and throughout the organization.

  • The Structure of the Corporate Compliance Program

Directors should be made aware of the structure of their organization’s compliance program.  All directors should be familiar with the key employees responsible for the program’s operation, the functioning of the program, how the board is to receive information and monitor their organization’s compliance program and compliance issues that may arise, and what metrics are available to assess the efficacy of the current compliance infrastructure.  Board members should know what, when, and how relevant compliance-related information will be received and understand what tools they will have to assist in the board’s decision making.

Importantly, board members should have access to benchmarks and other information regarding how the healthcare organization has handled compliance issues in the past, how current performance compares to prior performance, current and past enforcement actions and lawsuits, and the procedures for self-reporting when wrongful conduct is uncovered.

Members of the board should also be knowledgeable as to their organization’s risk profile, how it was determined, and what resources – both financial and human – are available to the organization to address compliance needs.

Last, directors should understand what their organization – and specifically the CCO – is doing in connection with prospective compliance planning.  Compliance is never a static function and organizations’ future compliance programming should be responsive to both governmental enforcement priorities and entities’ fluid risk profiles.

  • The Function of the Compliance Program

The overall function of an organization’s compliance program is perhaps the most challenging aspect of board education and training.  It is unrealistic to assume that directors will become expert in all areas and in all details of compliance infrastructure.  That said, it is important that members of the board be sufficiently familiar with the following areas of the operation of their organization’s compliance programming:

  • Delegation of authority and areas of accountability with respect to the compliance program and its implementation, as well as the separation of powers and responsibilities among the CCO, general counsel, human resources, senior management, the board of directors, and any compliance subcommittees of the board or management.
  • The level and mechanism for compliance training across the organization and the enforcement of entity training and knowledge standards, including the documentation of such training and audits of personnel knowledge.[2]
  • The mechanisms and systems in place for compliance program flexibility in light of regulatory or industry change.
  • The day-to-day operations and details of areas within the organization where significant compliance risk has been identified and the timeline for remediation of those risks.
  • The mechanisms in place for detection of possible compliance violations, including the compliance hotline, internal compliance surveys, compliance incident reports, and staff self-reporting. Most crucially, directors should be aware of possible violations pending resolution and related timelines, and the going forward planning designed to avoid future violations.
  • Whistleblower and employee protection controls and the appropriate use of inside and outside legal counsel, as well as the functioning of attorney-client confidentiality and attorney work product protections.[3]
  • The operation of the organization’s quality improvement program, including relevant entity metrics and areas of accountability for key personnel.[4]
  • Conclusion

As demonstrated above, effective education of healthcare entity boards is a formidable challenge, but an important one.  An effective corporate director training program requires a significant investment in time and resources, but is crucial to overall compliance oversight and organizational health.  Although there is no such thing as a “one-size-fits-all” board training program, the foregoing is a useful topical model for use by CCO’s and their staffs.  There are also many written products available on the market addressing issues of director responsibilities and education, as well as independent consulting firms providing useful programming in this area. At bottom, a robust training program for corporate directors of healthcare organizations will empower directors to discharge their oversight obligations regarding corporate compliance and minimize overall legal and governmental enforcement risk.

[1] Office of Inspector General, U.S. Dept. of Health & Human Services and the American Health Lawyers Association, Corporate Responsibility and Corporate Compliance: A Resource For Health Care Boards of Directors (2003), available at: http://oig.hhs.gov/fraud/docs/complianceguidance/040203corpresprsceguide.pdf.

[2] Hooper, Lundy & Bookman, PC and California Hospital Association, 2014 California Hospital Compliance Manual, 5th Ed., Sacramento, California , 2014.

[3] Office of Inspector General, U.S. Dept. of Health & Human Services and the American Health Lawyers Association, An Integrated Approach to Corporate Compliance: A Resource For Health Care Boards of Directors (2004), available at: http://oig.hhs.gov/fraud/docs/complianceguidance/Tab%204E%20Appendx-Final.pdf.

[4] Office of Inspector General, U.S. Dept. of Health & Human Services and the American Health Lawyers Association, Corporate Responsibility and Healthcare Quality: A Resource For Health Care Boards of Directors (2007), available at: https://oig.hhs.gov/fraud/docs/complianceguidance/CorporateResponsibilityFinal%209-4-07.pdf.


Tags: Code of Conduct
Previous Post

Antitrust and Competition Law: Where Is It Going in 2015?

Next Post

Upcoming HIPAA Audits and Four Key Areas for Compliance

Nicholas Merkin

Nicholas Merkin

Nick MerkinNicholas Merkin is the Chief Executive Officer of Compliagent, a regulatory consulting firm that designs, manages and maintains compliance programs for healthcare providers. Nicholas combines his experience as a healthcare regulatory attorney with his business background to lead Compliagent’s development. His clients benefit from his deep understanding of changing state and federal laws and policies as they relate to organizational governance issues, compliance auditing and training, the Stark Law, the Anti-kickback Statute, HIPAA privacy and security, and the False Claims Act. Nicholas earned his M.B.A. from Tel Aviv University’s Recanati School of Business and his J.D. from Columbia Law School, where he was named a Harlan Fiske Stone Scholar and served as managing editor of the Columbia Journal of Law and Social Problems.  He is certified in Healthcare Compliance (CHC) by the Compliance Certification Board (CCB) and is a HITRUST Certified CSF Practitioner.  Nicholas is also a certified Residential Care Facilities for the Elderly (RCFE) administrator.

Related Posts

mcds

What Charges Against Former McDonald’s CEO Can Teach Us About Investigations of Senior Officers

by Lloydette Bai-Marrow
January 18, 2023

The case of Steve Easterbrook, the former CEO of McDonald’s, is a salutary lesson in the dire consequences of failing...

nfl main art_j

Touchdown or Fumble? What Compliance Can Learn From the NFL’s Disciplinary System

by David Bligh
September 7, 2022

Cheering for your favorite team (or against the one you hate), makes it easy to forget that NFL players are...

Study: 1 in 3 Major Corporations Have Ineffective Codes of Conduct

Study: 1 in 3 Major Corporations Have Ineffective Codes of Conduct

by Staff and Wire Reports
June 15, 2022

A review by LRN, an ethics and compliance training provider, indicates that many of the top public companies around the...

3d illustration of scooter carrying packages last mile.

Ensure Last Mile Delivery of Your Code of Conduct, Or Your Message Won’t Be Received

by Harper Wells
September 23, 2021

Simply "having" a code of conduct will not mitigate risk on its own. It requires constant upkeep, fresh training and...

Next Post
hippa regulations

Upcoming HIPAA Audits and Four Key Areas for Compliance

Compliance Job Interview Q&A

Jump to a Topic

AML Anti-Bribery Anti-Corruption Artificial Intelligence (AI) Automation Banking Board of Directors Board Risk Oversight Business Continuity Planning California Consumer Privacy Act (CCPA) Code of Conduct Communications Management Corporate Culture COVID-19 Cryptocurrency Culture of Ethics Cybercrime Cyber Risk Data Analytics Data Breach Data Governance DOJ Download Due Diligence Enterprise Risk Management (ERM) ESG FCPA Enforcement Actions Financial Crime Financial Crimes Enforcement Network (FinCEN) GDPR HIPAA Know Your Customer (KYC) Machine Learning Monitoring RegTech Reputation Risk Risk Assessment SEC Social Media Risk Supply Chain Technology Third Party Risk Management Tone at the Top Training Whistleblowing
No Result
View All Result

Privacy Policy

Founded in 2010, CCI is the web’s premier global independent news source for compliance, ethics, risk and information security. 

Got a news tip? Get in touch. Want a weekly round-up in your inbox? Sign up for free. No subscription fees, no paywalls. 

Follow Us

Browse Topics:

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks Published by CCI
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • On Demand Webinars
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Well-Being
  • Whitepapers

© 2022 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe

© 2022 Corporate Compliance Insights

Welcome to CCI. This site uses cookies. Please click OK to accept. Privacy Policy
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT