Domestic rules, regulations, policies, standards, and guidelines that may provide oversight of your business may influence the compliance program structure and also vary depending on a healthcare organization’s industry segment. A variety of government oversight agencies, regulatory rules, and guidelines exist. The following is a list of some that could be involved in the oversight of a healthcare organization. This is not an all-inclusive list, and other departments, agencies, or systems may provide oversight as well. Some examples include:
-
U.S. Department of Health & Human Services (HHS):
-
Centers for Medicare & Medicaid Services (CMS) administers Medicare and Medicaid, the Children’s Health Insurance Program, and the Health Insurance Marketplace.[1]
-
Office of Inspector General (OIG) provides oversight of Medicare and Medicaid and related healthcare fraud and abuse monitoring and enforcement.[2]
-
Office of the National Coordinator for Health Information Technology (ONC) provides support for interoperable, private, and secure nationwide health information technology (health IT) systems.[3]
-
Office for Civil Rights (OCR) enforces civil rights laws that protect individuals and entities from unlawful discrimination in health and human services. Common areas where a healthcare organization would work with this agency include privacy breaches and discrimination related to patient demographics (such as age or gender).[4]
-
-
Federal Trade Commission (FTC) is an agency focused on promoting fair competition and educating consumers about and protecting them from unfair business practices. In the healthcare arena, the FTC monitors such areas as pharmaceutical drug pricing and competition.[5]
-
New York Stock Exchange (NYSE) is where companies raise capital used to shape their future. Publicly traded healthcare organizations may be listed on the NYSE. All companies publicly traded, including healthcare organizations, must comply with the requirements of this exchange agency.[6]
-
U.S. Food and Drug Administration (FDA) is responsible for protecting public health by ensuring the safety, efficacy, and security of human and veterinary drugs and biological products. FDA rules and regulations may apply in various aspects of the clinical setting, such as clinical trials and pharmaceuticals.[7]
-
State-level agencies may also provide oversight for agencies and programs, such as Medi-Cal, Medicaid, and state departments of insurance, etc.
More information on these agencies can be found in the glossary.
US Federal Guidelines
For a new compliance professional, it is important to recognize core resources that can be used to establish your compliance program. The following resources are referenced by the DOJ when investigating alleged corporate wrongdoing.
Federal Sentencing Guidelines, “Chapter Eight: Sentencing of Organizations”[8]
See Chapter 1 of this book for more information.
Justice Manual, “Principles of Federal Prosecution of Business Organizations,” section 9-28.000
The focus in section 9-28.010 is on “wrongdoing by individuals from the very beginning of any investigation of corporate misconduct.”[9] The overall thought is that this will incentivize reporting individuals with knowledge and identifying individuals culpable in wrongdoing, regardless of their level in the organization.[10]
From an organizational perspective, when the DOJ reviews corporate wrongdoing, it generally considers public benefit, public harm, and how a corporate indictment would affect the organization’s culture. Each of these aspects may result in a different enforcement action after the DOJ considers all aspects of the investigation.[11]
In certain instances, corporate criminal cases may be resolved by means other than indictment. For instance, nonprosecution and deferred prosecution agreements may be “an important middle ground between declining prosecution and obtaining the conviction of a corporation.”[12][13] Additionally, civil and regulatory alternatives may be appropriate in certain cases.[14] A compliance professional would want to be aware of the directional possibilities of prosecution should the organization come under DOJ scrutiny. The DOJ also has developed the Evaluation of Corporate Compliance Programs, a resource document for all organizations about compliance program evaluation.[15] HHS OIG may also impose a settlement agreement from a civil liability perspective to correct noncompliant activities of an organization.