October 21, 2020

Volume X, Number 295

October 21, 2020

Subscribe to Latest Legal News and Analysis

October 20, 2020

Subscribe to Latest Legal News and Analysis

October 19, 2020

Subscribe to Latest Legal News and Analysis

Healthcare Law Update: July 1, 2015

Governing boards of health care organizations can greatly benefit from reading a recently released educational document that presents practical tips for board members responsible for overseeing their organizations’ compliance with state and federal laws. 

The resource, “Practical Guidance for Health Care Governing Boards on Compliance Oversight” (the “Guidance”) is the result of teamwork between the U.S. Department of Health and Human Services Office of Inspector General (OIG), the American Health Lawyers Association (AHLA), the Association of Healthcare Internal Auditors (AHIA) and the Health Care Compliance Association (HCCA). It supplements previous guidance documents issued by the OIG and AHLA in 2003, 2004, and 2007 related to oversight by healthcare company boards of directors. 

The Guidance is useful to governing boards of all companies that are subject to health care fraud and abuse laws such as the federal anti-kickback statute, Stark Law, and federal False Claims Act. While the OIG does not define a “health care organization” and much of the guidance appears targeted at health care providers (e.g., health systems, community hospitals, and nursing homes), drug and device manufacturers also may find the document helpful in understanding the active steps OIG expects boards to take in promoting compliance. 

The OIG addresses issues relating to a board’s oversight and review of compliance program functions, including: the roles of, and relationships between, the organization’s audit, compliance and legal functions; the mechanisms and processes for issue-reporting within an organization; the approach to identifying regulatory risks; and methods of encouraging organization-wide accountability for achievement of compliance goals and objectives. 

Identifying roles 

The board plays a key role in defining the responsibilities of and relationships between the internal audit, compliance, legal, human resources, and quality improvement functions within the organization, which should operate independently of healthcare providers and operations management. When developing an effective compliance program the board and senior leadership should describe each department’s role within the compliance program and how they are expected to cooperate and collaborate with one another, creating accountability and responsibility among the different compliance team members. Doing so will enable the board to be engaged in its oversight responsibility and informed on the stats of compliance efforts. 


The Guidance recommends that board members set out and enforce expectations for regular reporting of risk mitigation and compliance efforts, reporting separately and independently of one another. The organization should identify individuals who are in the best position to provide relevant information about operational risks. The board and management should work together to identify relevant content and a reporting format, such as a dashboard or scorecard, sufficient and workable for the board’s use. 

Identifying compliance risks 

The Guidance also stresses that a board needs to understand how management defines and identifies compliance risks, particularly in the areas of referral relationships and arrangements, billing and coding, privacy breaches, and quality of care events. The organization should look beyond internal data to external sources of information such as peer information, national benchmarks, and industry developments in reimbursement and quality reporting. 

Encouraging organization-wide accountability 

The board should ensure that compliance is a standard for the entire organization, by assuring that the organization has adopted methods of encouraging consistent, enterprise-wide accountability for measuring and achieving compliance goals and objectives. While recognizing that not all organizations will possess the resources to support the structure in its entirety, the Guidance recommends creating corporate charters to create responsibility among and between the different organizational departments. These charters should address the following functions: compliance, legal, internal audit, human resources, and quality improvement. 

A robust and effective compliance program is crucial to a governing board’s exercise of its fiduciary duty of care. The release of periodic guidance by the OIG and its industry collaborators provides a perfect opportunity for a board to review and improve its processes and ensure that the organization is aligned with the latest recommendations. 

© Copyright 2020 Armstrong Teasdale LLP. All rights reserved National Law Review, Volume V, Number 187


About this Author

Jonathan F. Dalton, Partner, Corporate, Health Care, Armstrong Teasdale Law Firm

Jon Dalton counsels many of Missouri’s most successful organizations and individuals in business transactions and government/regulatory affairs.

Jon concentrates his business law practice on health care transactional, regulatory and litigation matters. He has extensive experience across the entire spectrum of legal issues facing health care providers today. Jon’s work includes the representation of major health systems, multi- and single-specialty medical practices, specialty hospitals, ambulatory surgery centers, pharmacies and pharmaceutical...

Diane E. Felix, health care attorney, Armstrong Teasdale, law firm

Diane Felix has focused her practice on representation of health care providers, with a significant portion of that practice involving long-term care facilities. Her representation of providers has included Medicaid and Medicare reimbursement matters, licensure and certification issues, Certificate of Need matters, preparation and negotiation of contracts, (including admission agreements, professional services agreements, leases and purchase agreements) and operational questions (involving issues such as consent to treatment, confidentiality of records and ADA compliance).

Steve E. Pozaric, Partner, Corporate, Health Care, Armstrong Teasdale Law Firm

Steve Pozaric serves businesses of all sizes in the areas of corporate, mergers and acquisitions, health care, technology, and securities law. Prior experience in corporate finance for companies ranging in size from Fortune 500 to venture capital backed start-ups gives him added perspective in business operations, practices, dynamics, and behaviors.