Kusserow on Compliance: 4 out of 5 organizations under 1,000 employees overpay for their hotline

It is estimated that over 80 percent of health care organizations with fewer than 1,000 employees overpay their hotline vendor. The reasons for this vary.  For large scale vendors, higher overhead may cause difficulty scaling down their prices; smaller vendors may just be trying to wring out every dollar they can. Another problem among vendors is that some provide both answer-operated and web-based reporting systems, while others do not.   This variance in level of service is a complicating factor.  At any rate, only vendors that provide full-range coverage that offers live-operator answering, 24 hours a day, seven days a week, along with web-based reporting, should be used. For both services, anonymous reporting must be an option.

Fair pricing rates. Today, all health care organizations are cost-sensitive and seek reductions anywhere they can, without loss of quality of service. The general rule of thumb for the price of hotline vendor services for organizations under 1,000 employees that provide both operator-answered and web-based reporting system is that the rates for services should range from around a low of $500 per year to $1,000, depending on employee population. Keep in mind set-up costs for a new service, as well as the continuing service fees. For organization with greater employee populations, the service rate should not exceed $1 per employee per year. Those paying higher rates may want to investigate alternative providers to save expenses.

Recent trends in hotline reporting. Carrie Kusserow, a hotline expert with experience gained from running hotline vendor services and managing hotlines as a compliance officer, reports a significant increase in reporting rates on hotlines. She attributes this to a variety of factors. There has been increased promotion of reporting suspected violations by government agencies and compliance officers, coupled with whistleblower protection laws and regulations. Most organizations now have developed compliance programs that mirror the compliance guidance provided by the HHS Office of Inspector General (OIG).  Over time, this has taken hold and become standard operating practice.  This guidance emphasizes the need for organizational commitment to ensuring confidentiality and to those reporting problems, in addition to offering anonymity for those desiring it.  Kusserow quoted Compliance Resource Center reports of a significant trend in the health care sector of an increase in the percentage of anonymous hotline reports, with about three out of four now being submitted that way. In addition, Kusserow explained that compliance officers have become more professional in responding to and investigating complaints and allegations they receive.  This, in turn, has encouraged employees that their reporting will be taken seriously.  Furthermore, compliance training has reinforced the employee’s duty to report problems.

Jillian Bower, of the Compliance Resource Center, has identified another factor contributing to the increase in reporting: the addition of new avenues of communication. As a new generation of technically savvy employees entered the workforce, more employees feel more comfortable using web-based reporting tools; that is becoming the preferred method in increasing numbers.  She notes there has been an increasing percentage of employees who prefer submitting their hotline report through web-based systems, when given that option.   Today, the percentages reported through a live operator and via the web have reach near parity.  As such, it is important the vendor offer the web-based option, and those that do not should not be used.  The end result of all these changes is that the OIG’s advocacy of organizations developing alternative compliance communication channels is a reality.

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on Google+ or LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2017 Strategic Management Services, LLC. Published with permission.

Kusserow on Compliance: Senior executive exposure to liability for failing to embrace compliance

As the headlines continue to point to major misconduct and scandals involving senior corporate executives, compliance officers need to refocus their efforts and address a critical need. All too often, compliance officers have difficulty in requiring board members and senior executives to be briefed on the compliance program activities, undergo annual compliance training, and generally provide serious oversight and support for the compliance program. Many Board members and senior executives dismiss this as a waste of time that can be better used to carry out the mission of the organization.  The reality is just the opposite.  Over the last couple of years, the rumblings have increased significantly from regulatory and enforcement authorities concerning executives and Board members failing in their fiduciary compliance responsibilities.  Just listing the names of some of the initiatives and policy statements on the subject should be sobering, such as the following:

  • Responsible Corporate Officer Doctrine, in which the HHS Office of Inspector General (OIG) used enhanced  program exclusion authority against owners, officers, and managing employees of companies that are subject to criminal or administrative sanctions;
  • Yates Memorandum, which seeks greater accountability from executives of organizations found to engage in wrongdoing by placing higher prospective priority on executives over organizations;
  • Evaluation of Corporate Compliance Programs,” guidance issued by the Department of Justice (DOJ) Fraud Section, which is being used to assess “top-down” compliance programs, beginning at the Board and executive levels and cascading down through all levels of management; and
  • corporate integrity agreements negotiated by the OIG with entities found engaging in wrongdoing that create many stringent requirements on corporate officers and Board members, including personal certifications under penalty of law and requirements for compliance for leadership.

All of this movement by the DOJ and OIG make it clear that regulators and enforcement agencies consider failure of executives and Board members in supporting, empowering and overseeing compliance as the most significant compliance risks for any organization. This places a great deal of pressure on compliance officers, who must find ways to engage senior executives and the Board to understand their personal exposure to liability for failing to meet their fiduciary obligations towards the compliance program.  This in turn needs to move toward comprehensive training and education on compliance and executives’ and Board members’ roles in ensuring its effectiveness.   Compliance officers should consider reviewing all the material, including that in the hyperlinks provided in this blog to gain a fuller understanding about executive and Board member liability for not paying sufficient attention to and support for the compliance program.

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on Google+ or LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2017 Strategic Management Services, LLC. Published with permission.

Kusserow on Compliance: OIG and DOJ raising stakes on board compliance obligations

From the days of the first compliance guidance documents from the HHS Office of Inspector General (OIG), it has called for a “top-down” compliance program, beginning at the Board level. For example, it issued a joint White Paper, titled Practical Guidance for Health Care Governing Boards on Compliance Oversight,” which emphasized holding boards more accountable for proper oversight of compliance within their organizations. Language from these pronouncements about Board obligations and use of compliance experts is now included in corporate integrity agreements (CIAs). During the 2017 Health Care Compliance Association (HCCA) Compliance Institute, speakers from the OIG discussed a number of changes in CIAs, including new mandates for Board members. The OIG believes a key factor in determining effectiveness of the compliance program is how well the Board has been meeting its fiduciary duties and responsibilities for overseeing compliance. If it finds the organization has an effective program with proper oversight by the Board, the OIG may decide that a CIA is unnecessary or mitigate terms and conditions.   However, if it finds the program is inadequate, there will be a CIA and it will include stringent requirements for the Board. Among the best practices for Boards is to include one or more members who are “compliance literate” to ask the right questions and assess program effectiveness.  A compliance-literate person is someone with experience and expertise from having been a compliance officer or a consultant to compliance programs.  Alternatively, Boards should engage compliance experts to provide advice on asking compliance officers the right questions, evaluating the answers, and determining what metrics to rely upon in determining compliance program effectiveness.  By following one or both of these steps, Boards can go a long way to ensure they are meeting their fiduciary duties and responsibilities.

The Department of Justice (DOJ) has also been ramping up to better focus on Boards meeting their fiduciary obligations in guarding against corporate wrongdoing. Its Fraud Section published “Evaluation of Corporate Compliance Programs” as guidance for compliance officers on how the adequacy of their companies’ compliance programs is evaluated by prosecutors.   They laid out a series of questions prosecutors are likely to ask in evaluating the effectiveness of compliance programs. The following highlights questions that relate to Board involvement in compliance oversight.

  • What compliance expertise does the Board have or not have to meet its fiduciary obligations?
  • How frequently does the Board meet with the compliance officer and outside experts (auditors and consultants) outside the presence of management?
  • What information does the Board receive to assist it in its compliance oversight?
  • How does the Board evaluate the compliance program effectiveness?
  • How does the Board determine resources necessary for the operation and management of the compliance program?
  • How have management and the Board followed up on identified potential problems?

Tips and suggestions for compliance officers

Compliance officers should:

  • educate the Board on its fiduciary obligations and personal consequences for not meeting them;
  • meet with the Board regularly, including in executive session without management presence;
  • ensure that the Board receives all types of relevant audit findings and remediation progress reports on a regular basis;
  • urge the Board to include one or more members who are “compliance literate” to assist in evaluating compliance program effectiveness and be able to ask the right questions; and
  • engage compliance experts to assess the program before encountering the DOJ and OIG and use results to brief the Board evidencing they are providing active compliance oversight.

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on Google+ or LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2017 Strategic Management Services, LLC. Published with permission.

Kusserow on Compliance: Focus group meetings provide valuable information about compliance program effectiveness

In the HHS Office of Inspector General (OIG) Compliance Program Guidance for Hospitals and Supplemental Compliance Program Guidance for Hospitals, the agency urges using techniques to solicit impressions of a broad cross-section of the hospital’s employees and staff regarding all elements of a compliance program. One method for doing this is conducting focus group meetings.  An employee compliance focus group involves employees who are assembled to participate in a guided discussion about compliance issues. The focus group facilitator is a critical role, and those taking it on should be well-trained on how to run the group and handle difficult situations.

Carrie Kusserow has 15 years’ experience as a compliance officer and consultant. She has employed employee focus groups frequently and found them an easy and efficient way to uncover ideas for improving the employee compliance environment.   She warns, however, that it may be easy to gather a group of employees in a room to ask a few questions and have a “discussion,” but it is quite something else to ensure that the discussion yields reliable information that can serve as a basis for decision-making. A productive focus group is much more than a chat session.  It is important that a clear purpose statement is explained to the focus group to provide a concise and clear stated purpose for the meeting and how the information collected will be used.  There are other benefits that can be derived from individuals being included in these focus group conversations. They feel honored to be able to contribute to addressing organizational problems and that management values employee input.

It is doubtful there is anyone else in the country that has more experience in facilitating compliance focus groups than Al Bassett, J.D. He is a nationally recognized compliance expert, employing this technique in evaluating compliance programs for over 15 years. It has been his standard practice to include in compliance reviews one or more focus group meetings.  He has found using this technique is best after issues have been identified and documented during the review and evaluation.   The findings may identify the “what” but not the “why” or how best to address the issues.  From his experience, Bassett says that this approach ensures that employees will be many times more engaged, because they are not being asked to identify problems but to address those already identified. As a rule, employees trust an outside facilitator more than someone from management or the compliance office, as employees feel like they can speak more freely about their workplace. He even discourages participation by anyone from management or compliance in the group for the same reason.  It is also important that the facilitator make it clear that comments made will not be identified to any individual.  Also, the meeting should be scheduled during work hours in a private room, where employees will not be overheard, and last no more than 60 to 90 minutes.  Bassett has found that the optimum size of the focus group is eight.

Steve Forman, CPA, has been facilitating focus group meetings on compliance-related issues for over 20 years. He has found that it is critical that the facilitator remain neutral and have the skills to keep the discussion on track, steer the conversation away from a general gripe session, and avoid an uninspired, silent meeting.  He has found that one of the best ways to encourage an open and useful focus group meeting is to use results of a compliance survey as the basis of discussion. The facilitator can then open the meeting by asking participants if they could shed additional light on the reason why there may be a problem, as suggested in survey response to certain questions. This can assist if certain issues require deeper probing and more nuanced evaluation. This approach relieves participants from having to identify problems. In this way, the identification is already done, and their feedback as to why opens the discussion nicely.  Potential weaknesses may have been identified, but they don’t always point to action steps for improvements.  Therefore, the group discussion can begin with the issues having been established from general employee feedback. The focus group can then be focused on providing insights as to why employees answered questions the way they did and what can be done to address those concerns.

9 tips for compliance officers

Compliance officers should heed the following advice:

  1. Consider including focus group meetings in the scope of work of any engagement to evaluate the effectiveness of the compliance program to assist in finding solutions to identified issues.
  2. Whenever there is a compliance survey administered, consider using focus groups to help explain why employees responded the way they did.
  3. Use an experienced outside facilitator to conduct compliance focus group meetings, as he or she will be considered more trustworthy and neutral.
  4. Members of management or compliance staff should not present in the group, as it has a chilling effect.
  5. Limit participants in a focus group to eight and duration of the session to 60-90 minutes
  6. Do not attach any comments made in the focus group meeting to the individual who made them.
  7. The facilitator should ask probing questions (e.g., what, why) and paraphrase or repeat back certain phrases so that ideas can be clarified.
  8. Questions presented need to be designed to solicit specific views of participants on issues.
  9. Key focus group success comes from acting on the ideas generated during the discussion.

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on Google+ or LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2017 Strategic Management Services, LLC. Published with permission.