Education and training are the first and possibly the most important lines of defense for a compliance program. In a time in which the pages of regulations governing industry and business practices number in the hundreds of thousands, education is the best strategy for prevention. Training should be separated into two sessions: (1) an annual general session on compliance for all employees and (2) a session covering more specific information for appropriate personnel.
General training sessions are meant to heighten awareness among all employees and communicate and emphasize (and then update and reiterate) the organization’s commitment to ethical business behavior, which affects all employees. As noted earlier, all employees should receive a copy of the standards of conduct and the key compliance and ethics policies and procedures. These, plus basic information about the organization’s compliance and ethics program and how it operates, are the core of general training.
OIG Compliance Resource Portal
The Office of Inspector General (OIG) offers free resources that are available through the U.S. Department of Health & Human Services (HHS) website. The portal contains documents, videos, podcasts, and presentation materials to help guide professionals through different types of compliance-related topics. A few of the items that can be found on the OIG site include the Department of Justice (DOJ) compliance program effectiveness guide, compliance training videos like tips for the OIG’s self-disclosure protocol, recorded speeches and presentations by staff within the OIG, and resources for healthcare governing bodies.
The OIG portal should not be considered a single resource for compliance topics. There are many other resources, such as the Centers for Medicare & Medicaid Services (CMS), which also provides valuable information and training opportunities. There will be topics that a compliance department should address within its own organization that are not mentioned on the OIG website. Therefore, it is recommended that the OIG website only be used as a supplemental resource or tool.
Government Agency Compliance Training Modules
CMS offers online, on-demand compliance training modules on various regulatory topics through its Medicare Learning Network (MLN). Also, for example, the OIG has a library of training videos available to the public. While many of the topics are applicable to most healthcare providers, especially hospitals, the training modules will not cover everything needed to ensure effective compliance training.
Therefore, it is recommended that the MLN modules be used to supplement or accompany in-house training materials. There will undoubtedly be compliance topics that an organization needs to address with its workforce. For example, training on compliance within an accountable care organization (ACO) may not be applicable to an entire organization. Likewise, education and training on durable medical equipment would be focused only on certain areas of the organization such as home health services.
Government agency training modules can be used to help construct in-house training yet should not be used as the only source of education and training that a healthcare provider disseminates. In some cases, the agency modules are trainings targeted on certain topics.
Basic Compliance Course: Ten Things to Include
Information on the organization’s code of conduct
The organization’s specific compliance and ethics philosophy
Employees’ obligation to report suspected noncompliance
Policies regarding confidentiality
Expectation that business partners will meet the same compliance and ethics standards as staff
Levels of discipline for employees involved in compliance and ethics violations
Expectation that all identified issues will be investigated by the compliance officer in a timely manner
Key industry risk areas, such as coding and billing, Anti-Kickback, Stark, and False Claims Act
Separate Training Tracks
Compliance professionals should also develop specialized compliance training for different areas within an organization. The following is a sample list of recommended areas that should receive additional, specialized training as it relates to compliance in their respective areas.
Patient Financial Services or Patient Accounting
Handles pre-billing claim reviews such as billing edits, may modify information on claims to ensure compliance with payer requirements, communicates with third-party payers such as Medicare, manages payment remittances from third-party payers, and communicates with patients about billing matters.
Patient Access or Registration
Handles pre-service registration of patients including obtaining demographics, insurance information, and necessary signatures on key documents such as general consent for treatment. This area may also handle patient notifications such as the initial Important Message from Medicare.
Health Information Management (HIM) (Including Coding)
Handles operations such as release of medical record information and processing of incomplete records including unsigned orders or missing documentation like history and physical. Patients’ access to their medical information is a heavily scrutinized area by the Office for Civil Rights. Another important function of HIM is diagnosis and procedural coding. This is a vitally important aspect of compliance that requires specialized, ongoing training regarding medical-record documentation and assignment of accurate patient diagnosis codes.
These employees should be given general compliance and ethics training with an emphasis on compliance and ethics risk areas specific to their job functions. This specific training, above and beyond the general training, may be more appropriate to provide in the form of one-on-one or on-the-job training to ensure that compliance and ethics is integrated into the employee’s daily activities and doesn’t remain a theoretical concept.
The appropriate corporate officers, managers, and other staff also should be trained on such topics as:
General prohibitions on paying or receiving remuneration to induce business referrals
Proper preparation of financial statements
Proper documentation of services rendered or items provided
Identification of misconduct
Encouragement of employees to report and the nonretaliation policy
A written annual education plan should outline individual department content needs, timing, methods, duration of training, and a strategy for securing managerial buy-in. An uncooperative manager can directly or indirectly, consciously or unconsciously, deter staff from attending. The manager must emphasize the importance of training by encouraging employee attendance. That may mean juggling schedules or requiring others to “pick up the slack” during education sessions when a unit may be left shorthanded. Consulting with managers in advance about content needs, and especially timing issues, can prevent conflicting priorities later.
When designing your training, remember that adult learning styles vary. Some learn through listening, others through seeing, and many by doing.
Focusing on the design of your training will lead you to more effective education. The cornerstones of your design are:
Audience: Who is your audience?
Objective: What is it that the audience needs to know or do better as a result of training?
Activities: What activities will allow the audience to demonstrate understanding?
Structure: How will your training be structured?
Content: What is the critical content needed to support the objective?
Delivery: How will you provide the training?
Although your basic objective will be the same for each group you train, how you get there is likely to vary. This may be easier to understand with an example in mind. Here is a hypothetical scenario:
One of your employees unintentionally disclosed proprietary information regarding a new product. The disclosure was investigated, and you learned that the employee did not know that the information was proprietary nor that telling a vendor was inappropriate. You reviewed the policies and determined that there was nothing addressing the disclosure of new products or related information.
The legal team drafts a new policy to reduce the risk of disclosure of similar proprietary information. It is your job to train the entire company, including the board, C-suite, sales, procurement, manufacturing, and administrative staff on this new policy. You have been given six months to have the entire company trained on this new policy.
How do you start? Would your first step be developing a PowerPoint presentation focusing on the words of the policy? Of course, you would first translate it from legalese. But if you start there, you are getting ahead of yourself. Content does not form until later in the design phase. When designing training, it is important to first know who your audiences are, what your objectives are for each audience, and how you can demonstrate and augment their understanding of the policy.
First look at who your audience is, what your objectives are, and what activities will help you meet your objectives. If the hypothetical company breaks down into six different audiences, you may have as many as six different training designs.
How do you communicate this policy to six different groups? Do you communicate the message the same way to each group? Do you know how this information will affect each group? How do you develop training for people when you have little information as to how the new policy touches their jobs?
Reach out to each group and invite a representative to join your design team. (The design team doesn’t have to meet all together.) The team members will be individuals you have identified as go-to people for their group. Talk to each of them about how the new policy might apply to the people in their groups.
Once you have identified your audience and learned about how the new policy will affect them, you can then move on to setting your objectives.
Your objectives may differ somewhat for each group depending on how the policy affects them. What do they need to know? Clearly, they need to know that they should not disclose proprietary information. However, what does that mean for each of your groups? You may need to explain the policy in slightly different ways for each group. How do you determine what your audience needs to know? Use what you learned from your design team to draft objectives. Once you have a draft, meet with each member of your team again to ensure that your objectives focus on what each team needs to know about the policy.
Using the hypothetical scenario as an example, the following question may inform your training objectives:
What is proprietary information? (Board and C-suite members may not need much information on this objective.)
How will individuals know something is proprietary? (Your policy explains how proprietary information will be identified within your company. Example: All memoranda regarding proprietary information will be marked “Proprietary” and distributed on pink paper.)
With whom can an individual discuss proprietary information? (For some groups, it may be more effective to identify with whom they cannot discuss the information.)
What happens if they violate the policy? What should they do if they believe someone else violated the policy? What protection do they have if they report someone?
If some groups, (e.g., manufacturing) may never see the proprietary information in written form, how will they know what is proprietary? This is something that you should talk about with your manufacturing design team member.
Recognizing early on that you have a significantly different group allows you to consider a different angle before preparing your presentation.
During your presentation, how will you know if your information is getting through to your audience? As part of your presentation, you should create activities that allow audiences to demonstrate that they understand the objectives. Activities also serve to reinforce the information provided.
Some examples of activities are:
Group question: Ask a question for anyone in your audience to answer (e.g., Who knows what proprietary information is?).
Multiple-choice question: Present a question to the group and provide a short list of possible answers. Ask people to raise their hands for each of the answers before revealing the correct answer. Ask a few members of your audience to talk about why they chose one answer over another. If the person chose the wrong answer, be kind. Pay attention to their reasoning. It may help you understand how to explain your point more clearly (e.g., Is the existence of an unreleased new product proprietary?).
Ask your neighbor: Pose a question or situation and ask the audience to discuss it in groups of two or three people. Give them a specified amount of time to discuss. After that time expires, seek volunteers to tell you what they learned or decided (e.g., What would you do if you believed someone improperly disclosed proprietary information?).
Working group: Pose a question or problem that requires thought and discussion. Ask your audience to break up into groups of four or five and discuss the problem. Once the time period is over, have each (or a sample) of the working groups share what they learned or decided (e.g., What are some of the ways proprietary information can be shared inadvertently?).
Written response: Ask a question and then ask the audience to provide a written response. After the allotted time, select a few people to share their answers (e.g., Write down three people you can speak to about proprietary information).
Something to keep in mind when you pose questions to the audience: Give them time to think about the question and develop an answer. During that time, do not continue to talk to them. Be patient.
Some activities may be limited by your method of delivery, but some can be adapted to any delivery method. The activity should also be specific to your audience. The activities will likely vary based on the group you are presenting to. Seek guidance from your design team on what activities may work best with their groups.
Now that you have identified who you are training, what they need to know, and how you will know if they are learning, let’s move on to the substance of your presentation. We will look at how you are going to formulate your information, what specific information you will provide, and how you will convey the information.
When determining your structure, start with your objectives. Try to organize your objectives into groups of three. Organizing your content into related groups of three will allow your audience to learn and retain the information more easily. Make sure that the information flows logically, which is not necessarily the same order that appears in the policy.
Our example can be broken down into two sets of three. The first section relates to the terms of the policy, and the second section relates to consequences of violating the policy.
When developing your structure, take into account time constraints and your audience’s ability to pay attention. If the training exceeds an hour, each segment should be no more than 45 minutes. You can split a longer segment into multiple parts. Your structure must also take into account time for your activities within each segment. Even if you have a one-hour presentation, you should structure in time for an activity. Keep the audience engaged, and make sure those being trained are achieving your objectives. If you can, you should also vary the activities.
What does each audience need to know in order to keep proprietary information safe? As discussed earlier, the training will likely differ for some of your six groups. The training for the board and C-suite will likely be similar, with only minor adjustments. The board and C-Suite training will differ from what you design for the sales, procurement, administration, and manufacturing groups. If you have to prepare the content for a different language, be sure to have a native speaker review your entire presentation for that group.
Put together the substance of what you want your audience to know. The content should closely follow your objectives (e.g., the first slide or first few slides should define “proprietary information”). In designing your content, you should keep in mind that simply repeating everything in the policy is likely to overwhelm some of your audiences with information they do not need to process. Your content need not follow the policy verbatim as long as you convey all the relevant parts in whatever order best suits your group.
For each segment, design an activity that allows your audience to show that they understand what you are trying to convey. What are some different ways to structure the content you need to deliver? Here are some ideas that vary how content is taught:
Moments of truth: Single challenges associated with policy and/or procedure where the employee is given a practical scenario and asked to comment on it
Sound “bytes,” training shots, and memory joggers: Short reminders about a policy principle, an educational quote, or some other aspect of education
“If I do, I remember” training: Face-to-face training during which employees perform a task rather than just read about it from an online deployment platform
Make it personal: Wherever possible, the use of real-life examples that employees can relate to will enhance any form of training. In the compliance world, people love to hear about the bad news of other companies, and this can be a valuable teaching tool.
It is sometimes difficult to explain to employees the relationship between compliance and ethics. For this purpose, assume compliance means “adhering to established rules and regulations” and ethics is defined as “doing the right thing.” What examples can you draw on from everyday living to explain these?
One helpful illustration uses driving and breaking the speed limit as metaphors. This example provides employees with a real-life situation that they can relate to and introduces the same philosophy that applies to many different compliance situations in business:
Driving over the speed limit is a traffic offense that receives a financial penalty. It is safe to assume that everyone knows the road rules, including the speed limit requirement, as it is part of the qualification for a driver’s license.
There are three types of drivers. The first type speeds on a regular basis and is clearly noncompliant. The second type never speeds. These drivers do not want to break the law and are clearly compliant. The third type of driver sits in the middle. They may occasionally speed over the limit due to a momentary lapse of concentration or because they get side-tracked, but as a general rule, they do not deliberately set out to break the law.
In a compliance sense, only the second type is compliant; those people who never exceed the speed limit—but what about from an ethical perspective?
In this case the second type (those who never speed) is once again clearly ethical. The first type (those who intentionally speed with disregard for the laws and an indifference to the penalties) is clearly unethical, because they knowingly choose to break the law with full knowledge that it is wrong. The third type (those who occasionally and unintentionally break the speed limits) may not necessarily be unethical even though they have broken the law. They have good intentions of keeping within the law (i.e., being compliant) but occasionally make mistakes.
Challenge people: Another technique for recharging training is to tap into our inherent competitive nature. It is safe to say that many of us grew up in environments where competition was encouraged. At school, children compete for grades or in sports. Later, we compete for jobs and still compete in sporting events.
There are several ways in which this quality can be harnessed for training in the form of games or competition. Here are two valuable examples: board games and puzzles.
Board games: Try modifying common board games, such as Who Wants to Be a Millionaire or Trivial Pursuit, to include questions related to compliance. These may require a bit of setup but can be tailored to suit the launch of a code of conduct or a policy handbook or to support country-specific regulations.
Here’s an example: Try making question sets based on general compliance, company policies, the False Claims Act, Health Insurance Portability and Accountability Act (HIPAA), Anti-Kickback Statute, Stark Law, and “grab bag.” The grab bag selection can include questions from the history of the company to more general areas associated with compliance. This board game training provides an opportunity for compliance functions to be innovative and think out of the box and for employees to gain exposure to elements of compliance in an enjoyable and fun way.
Puzzles and other games: Try creating puzzles and games with small prizes, such as a water bottle, box of chocolates, or coffee mug—something small to recognize the effort and encourage participation.
Word finds or crossword puzzles are always popular. Templates can be readily downloaded from the internet and provide several options in terms of complexity. Make a simplified version where employees find nominated words. Or create a more advanced form where the remaining letters make up a statement that you want employees to remember.
For a more complex challenge, you can provide sentences that need to be completed and employees provide the missing words in the sentence or acronym and then find them in the word-find puzzle. For example, FCA stands for False _ _ _ _ _ _ Act. The missing word “Claims” would be found in the puzzle.
Selecting the best method to provide training is just as important as the content itself. Adults learn in different ways. Delivery methods should be adapted based on the topic and the intended audience. Delivery methods can be grouped into three categories: computer-based, paper-based, and live training.
Computer-based training: Computer- or online-based module learning is a great way to deliver a consistent message to a large amount of people quickly. For many organizations, annual required trainings cover topics such as code of conduct, privacy, fire safety, infection prevention, and emergency preparedness. These are topics that lend themselves to computer-based training. Computer-based training also allows for testing or knowledge assessment of trainees.
Paper-based training: Paper-based training or education can be effective as well. A good example of paper-based education is the development and dissemination of newsletters. In today’s electronic age, paper-based communications are not necessarily hard-copy documents. Items like newsletters are constructed and distributed electronically. This delivery method also lends itself to quick distribution to large portions of an organization’s workforce. Paper-based training is a great way for educators to be creative and use graphics to highlight key points.
Live training: Live, in-person training can be very effective in delivering important messages about topics. This delivery method does have stronger downsides than other methods, though. Typically, live trainings have limited in capacity and time frames. Live trainings should be used for smaller groups of people to focus on very specific topics, which allows the audience to engage or ask questions.
Decide what method of delivery you will use. To keep education vital and engaging to a diversified staff, the key is to develop a variety of educational formats. They can include:
Brown bag lunches
Brown bag lunches and roundtable discussions can be especially effective for targeting a specific training need. They can provide feedback to trainers and, ultimately, to the compliance and ethics personnel as to what is going on in the departments. Your organization may already have various forums you can tap into, such as department meetings or all-staff meetings for targeted education. Look for ways compliance and ethics education can fit into the existing ways employees are being educated on other issues. Integrate compliance and ethics into existing training so that it blends with the fabric of the organization.
Depending on the dynamics of your organization, you may be limited. If you have the option, live is the best delivery form. The presenters have the ability to take cues from the audience, determine what activities work best with the particular audience, and modify the presentation to fit the audience.
Who will present? If you have a one-hour presentation, one or two presenters will keep the audience interested. If you have more time, feel free to use more presenters. To the degree possible, you should choose presenters from the same group as the audience. A local presenter serves two purposes. First, you have a familiar person talking to the audience. Second, you create a local contact for any questions regarding the subject of the training. There are instances that you might consider having someone from headquarters or the C-suite present, or at least introduce, the presenters. Doing so shows the importance of the topic to the company.
When you deliver the training is another element of your delivery design. Do you attempt to have everyone trained at the same time? Which group should you train first? What does your risk analysis suggest about who needs the training most?
Training Methods and Ideas to Try
Make it relevant.
Use real-life scenarios.
Begin with the end in mind.
Teach to all types of adult learning styles:
For those who learn through listening, use active repetition, songs, skits, and more.
For those who learn through seeing, use handouts, videos, or PowerPoint presentations.
For those who learn by doing, use hands-on projects or role playing.
Use resources wisely.
Live training may be most effective but also unrealistic for very large organizations.
Utilize live training for orientation of new employees, new complex regulations, and remedial education.
Online training courses may not be perfectly tailored to an organization, but may still convey the general compliance concepts appropriately, track who has and has not been trained, and use resources more efficiently.
Provide longer, more intensive training sessions to employees in certain areas of responsibility and more general compliance and ethics training to all other employees.