Want a Good Compliance Program? DOJ Offers Updated Guidance
June 2, 2020
by Sean Weiss, Partner & VP of Compliance
We have all read or heard stories from a colleague/friend at a health system or physician group practice going through the nightmare that is a Department of Justice (DOJ) investigation; some of us have personally experienced it. For more than 25 years I have worked with health systems, community hospitals, physician groups of all sizes, and other vendors (DME, PHARMA, third-party billing agencies) participating with counsel who were representing their clients’ interests in discovery meetings with the HHS OIG, DOJ, and various attorneys general, regarding accusations/allegations of impropriety and/or malfeasance.
Over the years, the meetings have become more tightly wound with young prosecutors and investigators trying to make a name for themselves, resulting in very aggressive pursuit of individuals and corporations for settlement agreements or further litigation. The demands for repayment and fines have skyrocketed over the years based on sampling and post-audit extrapolation methodologies and fueled by the rise in qui tam filings. The outcomes range from settlement agreements to further litigation, which can result in stiff financial penalties multiplied for damages (ranging from 1.5 times the claim amount, the minimum demanded by the OIG under the Self-Disclosure Protocol, to 3 times the amount or treble damages.
DOJ revises key ‘standards’ document
In 2017, the DOJ’s Criminal Division released a 20-page document entitled “Evaluation of Corporate Compliance Programs” which gave businesses clarification on the government’s expectation of what it meant to have an effective compliance program by developing a “culture of compliance” within the organization. In April 2019, this document was updated with some significant changes; on June 1, 2020 without much fanfare, the DOJ again updated this document with even more significant changes. In this latest revision, some language has been added while other passages have been rephrased; for example, prosecutors are now told to ask companies whether they are “adequately resourced and empowered to function effectively” (in the old version, they were told to ask if compliance programs have been “implemented effectively”). The majority of the changes are to make sure compliance programs aren’t “snapshots” but rather dynamic in their function and updated to fit emerging circumstances. Additionally, language has been added to ensure the compliance function is adequately resourced as it sets the stage for prosecutors deciding whether to bring an enforcement action against businesses for FCAs and other violations.
This is why I preach the need for your compliance program to be a living, breathing document that is constantly under review and scaled to fit the organization. Assistant Attorney General Brian Benczkowski of the DOJ’s Criminal Division said in a statement, “Today’s revised guidance on the Evaluation of Corporate Compliance Programs reflects additions based on our own experience and important feedback from the business and compliance communities.”
The most interesting aspect of the guidance is that it serves as an informal set of standards that companies can use when designing compliance programs. Remember that the strength of your compliance program is one of the main factors weighed by prosecutors when deciding how to resolve a criminal case brought against your organization. The updated guidance is written as a series of questions prosecutors can and will ask an organization regarding their compliance programs during a criminal investigation.
While the guidance document is intended to help prosecutors conducting criminal investigations ask companies the right questions about their compliance programs, it serves as a road map to organizations working to build and maintain an effective compliance program.
Another very interesting fact about the updated guidance is that it includes more focus on third-party risk and how the compliance program identifies and handles it (i.e. by implementing Corrective Action Plans). One of the biggest areas addressed with new questions is the involvement of third parties. For example, one question asks, “Does the company engage in risk management of third parties throughout the lifespan of the relationship, or primarily during the onboarding process?” Priorities and leadership change within businesses all the time and as such we have a responsibility to ensure third parties we contract with remain compliant with all laws, regulations, statutes, acts, rules, etc. that they are required to follow.
If you have been struggling with building or updating your compliance program, there is no need to engage in guesswork given the availability of resources out there. Don’t wait until it is too late to take the necessary steps to ensure you have done your diligence to protect your organization; get started today!
What to do next…
- If you need help with an audit appeal or regulatory compliance concern, contact us at (800) 635-4040 or via email at firstname.lastname@example.org.
- Read more about our: Total Compliance Solution
Why do thousands of providers trust DoctorsManagement to help improve their compliance programs and the health of their business?
Experienced compliance professionals. Our compliance services are structured by a chief compliance officer and supported by a team that includes physicians, attorneys and a team of experienced auditors. The team has many decades of combined experience helping protect the interests of physicians and the organizations they serve.
Quality of coders and auditors. Our US-based auditors receive ongoing training and support from our education division, NAMAS (National Alliance of Medical Auditing Specialists). All team members possess over 15 years of experience and hold both the Certified Professional Coder (CPC®) as well as the Certified Professional Medical Auditor (CPMA®) credentials.
Proprietary risk-assessment technology – our auditing team uses ComplianceRiskAnalyzer(CRA)®, a sophisticated analytics solution that assesses critical risk areas. It enables our auditors to precisely select encounters that pose the greatest risk of triggering an audit so that they can be reviewed and the risk can be mitigated.
Synergy – DoctorsManagement is a full-service healthcare consultancy firm. The many departments within our firm work together to help clients rise above the complexities faced by today’s healthcare professionals. As a result, you receive quality solutions from a team of individuals who are current on every aspect of the business of medicine.