Compliance officer and compliance committee: Your first 100 days

By Jan Elezian, MS, RHIA, CHC, CHPS, and Gerry Roy, CHC, CRHC

Jan Elezian (jan.elezian@sunhawkconsulting.com) is a Director at SunHawk Consulting in Denver, CO. Gerry Roy (groy@phoenixchildrens.com) is Vice-President, Chief Compliance and Privacy Officer at Phoenix Children’s Hospital in Phoenix, AZ.

In today’s highly regulated healthcare market, a chief compliance officer (CCO) seldom has time to rest. This is clearly the case with a seasoned CCO who has been in place for some time, but even more so for one who is new to an organization. The first few months can be overwhelming—as if someone dumped a puzzle with missing pieces on your desk. This is true whether you are joining an existing compliance program or creating a new one. This article will provide a framework to help you prioritize the first 100 days in your new role.

Step 1: Sorting your pieces with an onboarding road map

Within the construction industry, there is well-known principle: Measure twice and cut once. The same principle can be applied here as it relates to your onboarding as the CCO. Regardless of the state of the compliance program, your very first step should be one of assessment and planning, not action. Take time to create a road map for methodically analyzing the organization and developing and executing a new program. To help capture fleeting thoughts as they pour in, consider focusing on another five primary areas:

  • Orienting to the organization

  • Orienting to the compliance program

  • Conducting an initial risk assessment

  • Developing resources and tools

  • Introducing yourself to the organization

Consider these areas the five sides to your puzzle. Focusing on these main categories will streamline your thought process, allowing you to be more efficient with your time. Additionally, these main topics still allow you to bucket specific subcategories so everything is in one place. When creating your onboarding road map, break up the work into multiple sessions. This will allow you to come back with a clear mind and capture thoughts you could miss if trying to accomplish everything in one sitting. The remaining discussion will further explore each of the five sides of your puzzle. Keep in mind that completing the work will not occur sequentially, as presented, but rather with simultaneous attention.

Step 2: Finding the corner pieces by orienting to the organization

After you have taken the time to develop your road map, the next step will be orienting to the organization. Although regulatory requirements may apply equally from one organization to the next, how the organization complies will vary based on organizational structure and available resources. Orienting to the organization will give you a starting point for identifying potential risk and position you to better understand where and how the compliance program will intersect with operations. To address this step, focus on two key areas: (1) research and (2) operations and key personnel.

Research

As you went through the hiring process, you likely engaged in some form of research about the organization. Now that you are on board, you have access to documents not publicly available. Although research appears straightforward, identifying what to review can be puzzling.

Overcoming this challenge will be case-specific, depending upon the organization’s size and scope of services provided. To ensure you have captured all the documents to review, it may be helpful to develop a research review list and continually refer to it. Consider reviewing as part of onboarding to the organization:

  • The organization’s website and internal portal

  • Marketing materials

  • Organizational charts

  • Legal entity documentation (e.g., articles of incorporation, operating agreements)

  • Board meeting minutes

  • Senior leadership meeting minutes

  • List of professional services agreements

  • List of contracted services agreements

  • List of payer contracts

  • Operational policies and procedures

Engaging in document review has multiple benefits, such as expanding your institutional knowledge and further developing your risk assessment. Additionally, it will position you to have a more fruitful discussion when you begin to meet with key personnel to discuss operations.

Operations and key personnel

Because each organization varies in how it complies with regulatory requirements, learning more about the operations and personnel will help further orient you and help you assess risk. Start with identifying key personnel who can provide institutional knowledge to get you up to speed. Schedule individual meetings with members of the board and the C-suite. Aside from understanding roles, these meetings are also an opportunity to gain insight into background, experience, and personality styles and will help you gauge compliance awareness. This insight is critical, because it will assist in your assessment of program understanding and support, and guide your development of training specific to these groups per Department of Justice and Office of Inspector General (OIG) guidance.

You will also need to meet with key stakeholders at the senior manager level (e.g., VPs, directors, managers). As you meet with leadership, take time to specifically walk through the operations under their direction, or set up a time to observe the work. It is also advisable to meet with selected frontline staff to identify operational vulnerabilities, of which leadership may not be aware. Taking time to focus on operational logistics can be invaluable for figuring out how the puzzle pieces fit together.

You must also meet individually with all members of the executive compliance committee and the various other committees engaged in compliance oversight activities. During these meetings, review charters and minutes of past meetings. You should assess attendance, examine prior issues and outcomes addressed by the committee, and identify the need for both member departure and addition of new members with subject matter expertise in areas of high risk. Remember, these group will guide you in the oversight of compliance. They are your compliance partners. Ensure the charters are sufficient in terms of scope and authority. Revise them as needed.

This document is only available to members. Please log in or become a member.
Become a Member Login
 


Would you like to read this entire article?

If you already subscribe to this publication, just log in. If not, let us send you an email with a link that will allow you to read the entire article for free. Just complete the following form.

* required field

First name field cannot be blank!
Last name field cannot be blank!
We will send you an email that will give you access to this entire article.
Email field cannot be blank!
Enter a valid email!
Company field cannot be blank!
Enter a valid company!
Title field cannot be blank!

We're committed to your privacy. The Society of Corporate Compliance and Ethics (SCCE) & Health Care Compliance Association (HCCA) uses the information you provide us to contact you about our relevant content, products, and services. For more information, check out our Privacy Policy.


About SCCE

The Society of Corporate Compliance and Ethics (SCCE) is a non-profit, member-based professional association. SCCE supports our members' work with education, news, and discussion forums. We are a community of leaders, defining and shaping the corporate compliance environment across a wide range of industries and geographic regions. In developing and maintaining effective ethics and compliance programs, our members strengthen and protect their companies.

952.933.4977

About HCCA

The Health Care Compliance Association (HCCA), is a 501(c)6 non-profit, member-based professional association. HCCA was established in 1996 and is headquartered in Minneapolis, MN. We provide training, certification, and other resources to over 10,000 members. Our members include compliance officers and staff from a wide range of organizations, including hospitals, research facilities, clinics and technology service providers.

952.988.0141

Facebook X LinkedIn
Copyright © 2024 by Society of Corporate Compliance and Ethics (SCCE) & Health Care Compliance Association (HCCA). No claim to original US Government works. All rights reserved. All information provided through this site, including without limitation all information such as the “look and feel” of the site, data files, graphics, text, photographs, drawings, logos, images, sounds, music, video or audio files on this site, is owned and/or licensed by SCCE & HCCA or its suppliers and is subject to United States and international copyright, trademark and other intellectual property laws. Any third party logos and/or content provided herein is owned by such third parties and is used by permission herein. Your use of this site to is subject to our Terms Of Use and Privacy Statement.
Cookie settings