OIG Releases Compliance Guidance for Health Care Governing Boards

30 April 2015 Health Care Law Today Blog
Authors: Claire Marblestone

The Office of Inspector General (“OIG”) of the U.S. Department of Health and Human Services (“DHHS”) released new compliance guidance for health care governing boards, attorneys, compliance officers and internal auditors on April 20, 2015. The guidance was developed in collaboration with the Association of Healthcare Internal Auditors, the American Health Lawyers Association, the Health Care Compliance Association, and OIG.

Previous compliance guidance from OIG emphasized the need for health care governing boards to be fully engaged in their oversight responsibility, ask questions of management regarding the adequacy and effectiveness of the organization’s compliance program, and make compliance a responsibility for all levels of management. The new guidance reiterates these principles, and provides practical suggestions for governing boards regarding oversight and review of compliance program functions.  Among other things, the compliance guidance addresses the following areas:

  • Information and Reporting Systems. Governing boards must make inquiries to ensure a corporate information and reporting system exists within the health care organization. The reporting system must adequately assure the governing board that appropriate information regarding compliance with applicable laws will come to its attention in a timely manner and as a matter of course.
  • Compliance Program Size and Structure. Governing boards are encouraged to use publicly available compliance resources, such as the federal sentencing guidelines, OIG compliance documents, and corporate integrity agreements to determine the functions the organization can implement to meet its compliance obligations. However, OIG notes that compliance programs are not “one size fits all.” Each health care entity’s compliance program must be tailored to the specific needs, size, and complexity of the organization. The compliance program also needs to contain a formal plan for updating governing board members on the changing regulatory landscape. This can be accomplished through regularly scheduled educational programs or through periodic consultations with experienced regulatory, compliance, or legal professionals.
  • Audit, Compliance and Legal Functions. Health care organizations should clearly define the roles, structure, and reporting relationships of the audit, compliance, and legal functions within the organization. Additionally, the interactions between the compliance teams and the quality, risk management, and human resources teams should be clearly defined and communicated to all employees. Governing boards should also evaluate how management works to address risk within the organization, and resolves conflicts and disagreements regarding resolution of compliance issues.
  • Board Reports. Governing boards should also receive regular reports regarding the organization’s risk mitigation and compliance efforts from a variety of key individuals, including those responsible for audit, compliance, human resources, legal, quality, and information technology. Information regarding compliance and risk should be presented to the board in a manner sufficient to satisfy the interest or concerns of board members.
  • Auditing Process. The governing board and management need to work together to ensure the adequacy of the organization’s auditing process. The governing board and management should establish a process for identifying potential risk areas, based on information from external and internal sources. When identifying risk areas, OIG encourages organizations to take into account industry trends, such as the increasing emphasis on quality, industry consolidation, and changes in insurance coverage and reimbursement. The governing board should also ensure that management is consistently reviewing and auditing risk areas, and is developing, implementing, and monitoring corrective action plans.
  • Compliance Culture. OIG encourages governing boards to exercise creativity in implementing programs to ensure that compliance is a “way of life” for the health care organization. Widespread implementation of compliance programs, and communication of the organization’s expectations can lead to a culture of compliance within the organization. The governing board should evaluate whether the organization’s systems and processes encourage effective communication across the organization, and whether employees within the organization are comfortable raising compliance concerns without fear of retaliation or retribution.

Health care governing board members are subject to unique expectations regarding their level of engagement and involvement in the compliance obligations of their organizations. This most recent guidance suggests that OIG expects governing boards to understand the organization’s compliance obligations, work closely with management to monitor and enhance the organization’s compliance program, and to encourage compliance accountability across the organization.

This blog is made available by Foley & Lardner LLP (“Foley” or “the Firm”) for informational purposes only. It is not meant to convey the Firm’s legal position on behalf of any client, nor is it intended to convey specific legal advice. Any opinions expressed in this article do not necessarily reflect the views of Foley & Lardner LLP, its partners, or its clients. Accordingly, do not act upon this information without seeking counsel from a licensed attorney. This blog is not intended to create, and receipt of it does not constitute, an attorney-client relationship. Communicating with Foley through this website by email, blog post, or otherwise, does not create an attorney-client relationship for any legal matter. Therefore, any communication or material you transmit to Foley through this blog, whether by email, blog post or any other manner, will not be treated as confidential or proprietary. The information on this blog is published “AS IS” and is not guaranteed to be complete, accurate, and or up-to-date. Foley makes no representations or warranties of any kind, express or implied, as to the operation or content of the site. Foley expressly disclaims all other guarantees, warranties, conditions and representations of any kind, either express or implied, whether arising under any statute, law, commercial use or otherwise, including implied warranties of merchantability, fitness for a particular purpose, title and non-infringement. In no event shall Foley or any of its partners, officers, employees, agents or affiliates be liable, directly or indirectly, under any theory of law (contract, tort, negligence or otherwise), to you or anyone else, for any claims, losses or damages, direct, indirect special, incidental, punitive or consequential, resulting from or occasioned by the creation, use of or reliance on this site (including information and other content) or any third party websites or the information, resources or material accessed through any such websites. In some jurisdictions, the contents of this blog may be considered Attorney Advertising. If applicable, please note that prior results do not guarantee a similar outcome. Photographs are for dramatization purposes only and may include models. Likenesses do not necessarily imply current client, partnership or employee status.

Related Services

Insights

MedTech Impact Expo & Conference
13-15 December 2019
Las Vegas, NV
Review of 2020 Medicare Changes for Telehealth
11 December 2019
Member Call
BRG Healthcare Leadership Conference
06 December 2019
Washington, D.C.
CTeL Telehealth Fall Summit 2019
04-06 December 2019
Washington, D.C.