How to Use the New OIG-HCCA Compliance Resource Guide in Your Compliance Program
Released on March 27, 2017, the Compliance Program Resource Guide (Resource Guide), jointly prepared by the US Department of Health and Human Services Office of Inspector General (OIG) and the Health Care Compliance Association (HCCA) reflects the result of a “roundtable” meeting on January 17, 2017, of OIG staff and compliance professionals “to discuss ways to measure the effectiveness of compliance programs.” The resulting Resource Guide document catalogues the roundtable’s brainstorming discussions to “…provide a large number of ideas for measuring the various elements of a compliance program…to give health care organizations as many ideas as possible, to be broad enough to help any type of organization, and let the organization choose which ones best suit its needs.”
Here are a few main takeaways from the Resource Guide:
Ideas for Auditing: The Resource Guide contributes to the critical conversation about how to evaluate compliance program effectiveness by listing additional ideas on what to audit and how to audit those areas. The items listed in the Resource Guide generally center on ideas on auditing and monitoring compliance program elements, such as periodically reviewing training and policies and procedures to ensure that they are up-to-date, understandable to staff and accurately reflect the business process as performed in practice. Legal and compliance can use this document to identify those particular elements that may be most applicable to their individual organization.
Organizations would also benefit from considering the questions listed in the new compliance program guidance issued in February by the US Department of Justice (DOJ) Criminal Division’s Fraud Section, “Evaluation of Corporate Compliance Programs” (DOJ Guidance), as part of examining compliance program effectiveness. (We covered the DOJ Guidance previously.) Health care organizations may also use the various provider-specific compliance program guidance documents created by OIG over the years as another source for ideas on what to measure.
Not a Mandate: The Resource Guide is very clear that it is not intended to be a “best practice”, a template, or a “‘checklist’ to be applied wholesale to assess a compliance program.” This clarification is an important one since there is the potential for the Resource Guide to be (incorrectly) viewed by qui tam relators or others as creating de facto compliance program requirements or OIG recommendations.
How to Measure: The Resource Guide does not delve into how or who should undertake or contribute to the effectiveness review. Who conducts the review is a question that may have legal significance given the nature of a particular issue. General counsel and the chief compliance officer should consider this issue as part of the organization’s ongoing compliance program review. It may be valuable to include the organization’s regular outside white collar counsel to comment on such critical, relevant legal considerations as the proper conduct of an internal investigation; preserving the attorney-client privilege in appropriate situations; coordinating communications between legal, compliance and internal audit personnel; and applying “lessons learned” from the practices of qui tam relators and their counsel. Outside consultants may also have useful expertise and insight to contribute. In some situations, the organization may want to undertake a compliance program assessment conducted under attorney-client privilege as part of advising the executive team and the board audit and compliance committee.
Perhaps the greatest benefit of the Resource Guide is the extent to which it serves as a catalyst for closer, coordinated consideration of the metrics by which compliance program effectiveness may be measured by legal and compliance personnel and the audit and compliance committee. The Resource Guide is one of several resources that can be referenced by the general counsel and the chief compliance officer as they work together to support the organization’s audit and compliance committee in reviewing compliance program effectiveness.