Kusserow’s Corner: Sarbanes-Oxley’s Continuing Impact on Health Care Organizations

Health care providers continued to be influenced by the impact of the Sarbanes-Oxley Act of 2002 (SOX) (P.L. 107-204).  The law was enacted in response to the circumstances surrounding many corporate scandals, misrepresentations, and subsequent bankruptcies that had great negative impact on investors. While SOX applies only to publicly traded companies, many health care executives and board members have concluded that SOX created a new benchmark for best practices, as well as provided extra protection from liability by evidencing direct board attention and oversight of organization compliance.  They recognize that the fiduciary duties of care and diligence for officers and directors of private companies are the same as those of public companies. In addition, many believe the adoption of SOX principles may serve as evidence of an organization’s good-faith efforts to reduce illegal or unethical conduct.

For years, the DHHS Office of Inspector General (OIG) has stressed the importance of many of the principles that are also found in SOX, especially those that refer to the duty of care standards for Board members for top-down commitment to corporate compliance.  Guidance issued by the OIG and the American Health Lawyers Association stresses the need for Boards of Directors of health care organizations to address new SOX standards in the context of corporate compliance requirements unique to the health care industry, as well as referencing securities laws, and discusses the role of General Counsel and Corporate Compliance Officers.

To the extent that SOX and related requirements have established higher standards of conduct in matters such as auditor independence, financial statement review, insider transactions, and disclosure, those higher standards will likely affect the potential liabilities of directors and officers of private companies and nonprofit organizations. For example, the lack of an independent Audit Committee, or the absence of an Audit Committee financial expert, could be raised by a plaintiff in the event of a claim of financial mismanagement or fraud in a privately held company.

Most often, compliance officers encounter the influence of SOX through their outside auditors, who focus on what is referred to as “Section 404 Reviews” that mandate testing and documenting internal controls.  Compliance officers may find it worthwhile to review the SOX standards and, where feasible, integrate those principles into their compliance program.

Richard P. Kusserow was the DHHS Inspector General for over eleven years and is the founder and CEO of Strategic Management, a firm that has been providing specialized compliance advisory services since 1992.  He also is the author of 49 Steps to Implement Sarbanes-Oxley Best Practices a manual for private and nonprofit health care entities.  For more information, contact him at rkusserow@strategicm.com.

Connect with Richard Kusserow on Google+ or LinkedIn.

Copyright © 2013 Strategic Management Services, LLC.  Published with permission.