Joshua A. Boxer (firstname.lastname@example.org) is Chief Compliance and Privacy Officer at Integra Connect in West Palm Beach, FL.
Being a chief compliance officer (CCO) can sometimes be a thankless job. CCOs can be perceived as “police,” “internal affairs,” and “deal killers” by colleagues. “Here comes compliance.” CCOs know that this is generally untrue. Personally, I take offense to such stereotypes, although I understand the root of such thoughts. I pride myself on being a practical, business-minded CCO. While I am not afraid to take an unpopular opinion, my go-to problem-solving method is resolving compliance inquiries in a collaborative and amicable fashion. Obviously, it is not always possible. Compliance with healthcare regulations and business strategy are not mutually exclusive, but it can be a challenge to find a middle ground. If your business partners view you as a collaborative team member, you are more apt to identify potential compliance issues earlier simply because you are brought in earlier. While the CCO’s role has its own set of expected challenges—even on the best days—such as organizational culture and business pressures, adding the potentially catastrophic realities of a global public health pandemic thrusts CCOs into uncharted and potentially uncomfortable territory. The reality of compliance is that we are necessary, but we do not directly generate revenue. Our focus must remain steady: providing the most value that we can while protecting our institution from regulatory pitfalls.
The 1998 Department Health & Human Services Office of Inspector General (OIG) guidelines for an effective hospital compliance program provide some of the earliest guidelines on the expected elements of a compliance program. Twenty-two years ago, OIG acknowledged the need for institutional flexibility in how you structure the program.