The Compliance Committee: Steering Integrity in Healthcare

Members of a healthcare compliance committee discussing issues at a meeting.

In Part 1 of this two-part series, we discussed the role of the new Compliance Officer. We described the activities in terms of the first day, the first week, and the first month. In Part 2, we will cover the roles and responsibilities of a Compliance Committee. Again, the context will be a healthcare organization subject to regulatory guidance from the Office of Inspector General (OIG) of the U.S. Health and Human Services Department (HHS).

In this Article …


Regulatory Guidance from the OIG on Compliance Committees

In its guidance to some healthcare organizations such as hospitals and laboratories, the OIG recommends the establishment of a Compliance Committee as part of the corporate compliance program of the organization. The OIG describes two roles for a Compliance Committee:

  • The Compliance Committee advises the Compliance Officer, and
  • The Compliance Committee assists in the implementation of the compliance program.

Of course, in practice, this leaves a lot of room for specific activities for the Compliance Committee.


Roles and Responsibilities of a Healthcare Compliance Committee

The roles and responsibilities of the Compliance Committee should be spelled out in the policies and procedures of the compliance program. This list is consistent with the list of duties recommended in the OIG guidance, plus our own recommendations.

  1. Analyzing the organization’s regulatory and legal requirements and specific compliance risk areas.
  2. Working with the Compliance Officer to implement the elements of the Compliance Program.
  3. Developing accessible lines of communication, such as discussions at staff meetings regarding fraudulent or erroneous conduct issues and community bulletin boards, to keep Covered Individuals updated regarding compliance activities.
  4. Developing a system to solicit, evaluate, and respond to complaints and problems, whereby covered individuals have confidential access to the Compliance Officer to report concerns.
  5. Analyzing the organization’s business operations and business relationships for the purposes of identifying potential compliance risks and ensuring compliance with all applicable government Laws.
  6. Developing written compliance policies, procedures, and standards of conduct that:
    • Encourage all Covered Individuals to report mistakes, suspected fraud, and other improprieties without fear of retaliation,
    • Promote allegiance to the organization’s Compliance Program; and
    • Address risk areas for possible incorporation into the Compliance Program.
  7. Working with business unit managers to develop standards of conduct, and policies and procedures where indicated.
  8. Working with the Compliance Officer and with senior leadership to monitor the development of internal controls and other monitoring systems.
  9. Working with the Compliance Officer to create, oversee, and coordinate all relevant education and employee training, pursuant to the Compliance Program.
  10. Developing explicit procedures for reporting suspected violations of the Compliance Program or Applicable Law.
  11. Providing assistance to the Chief Compliance Officer, and any of his or her agents, with internal audits, evaluations, or investigations; monitoring internal and external audits and investigations.
  12. Assessing the Compliance Program and Code of Ethical Conduct a minimum of every two years in order to determine whether all of the Program’s elements have been satisfied.
  13. Presenting an annual report of the Compliance Commitee’s accomplishments to senior management and the Board of Directors.
  14. Keeping current with changes to industry standards, business trends, applicable law, and associated risk areas identified by OIG’s fraud alerts, regulatory requirements, advisory opinions, work plans, audits, and inspection reports; and
  15. Performing such other duties and such other functions, as necessary.


Membership of the Compliance Committee

The OIG does not offer any specific guidance on the committee members or on a Compliance Committee charter. However, it does mention a Compliance Committee would benefit from having the perspectives of individuals with varying responsibilities in the organization. These include staff members from operations, finance, audit, human resources, utilization review, social work, discharge planning, medicine, coding, and legal. The guidance also mentions managers of key operating units.

In a larger organization, such as an acute care hospital, Compliance Committee members might include:

  • The Chief Executive Officer and/or Chief Operating Officer,
  • The Chief Financial Officer,
  • The Chief Nursing Officer, or other senior manager responsible for clinical activities,
  • The Chief Human Resources Officer,
  • The Chief Technology or Information Systems Officer,
  • The Revenue Cycle Director,
  • The Health Information Management Director,
  • The Medical Director of the organization, and
  • The Chief Compliance Officer and any Assistant Compliance Officers.

In many organizations, the Privacy Officer is also a Compliance Committee member.

There are sometimes suggestions that a member of the Board of Directors should serve on the Compliance Committee. This can be especially true in healthcare organizations that have a Board audit committee that is responsible for corporate responsibility programs. We generally advise against that approach. Many of the issues addressed in the Committee involve operational issues that have become compliance issues. Those are more properly the province of management to address. Of course, there should be reports to the Board on a periodic basis, to keep the Board informed of things like investigations and instances of significant non-compliance.


Other Compliance Committee Functions

Besides the formal duties in the Compliance Committee charter, the Committee often carries out other functions in the organization.

  • The Committee can help foster a culture of compliance in the organization. Committee members can lead by example in setting the expectation that everyone will “do the right thing” every time, every day, setting the tone for corporate responsibility and ethical culture in the organization.
  • Having senior leaders on the Committee helps with compliance issues that require management intervention to address. Committee members have accountability for day-to-day operations, both as a result of their management roles and also as members of the Committee.


Charting a Course of Integrity with the Healthcare Compliance Committee

An effective Healthcare Compliance Committee is more than a regulatory safeguard; it is a vital component in a team effort to achieve corporate responsibility and uphold ethical conduct throughout the organization. It can also serve as a reassuring presence for staff members, providing a secure platform to report concerns and affirming the importance that it is OK to “do the right thing.

The Committee, through its varied and skilled membership, does more than shield the organization from legal and financial risks. It plays a crucial role in strengthening the organization’s reputation among stakeholders and patients by ensuring that compliance and ethical conduct are not just statutory obligations but are intrinsically woven into the very DNA of the organization’s operations and culture. It can also help the Compliance Officer deal with pressures from within the organization to approve questionable business arrangements that may run afoul of laws and regulations affecting the organization, as noted in Part 1 of this series.

In summary, the Compliance Committee acts as a steadfast guide, leading the organization through the intricate maze of regulatory compliance while ensuring a firm commitment to ethical conduct and corporate responsibility. It proactively shapes a future where the organization doesn’t merely respond to compliance issues but anticipates them, ensuring that ethical and operational excellence are always in tandem, paving the way for a thriving future.

When you need proven expertise and performance

Jim Hook, MPH

Mr. James D. Hook has over 30 years of healthcare executive management and consulting experience in medical groups, hospitals, IPA’s, MSO’s, and other healthcare organizations.