Scott Robinson (srobinson2@superiorvision.com) is the Director of Compliance at Superior Vision in Linthicum, MD.
If you are part of a compliance team in a Medicare Managed Care Plan or a Prescription Drug Plan (also known as a Sponsor), you are undoubtedly familiar with the Compliance Program Guidelines[1] (Guidelines) and Chapters 21 and 9 (the chapters) in the Medicare Managed Care Manual (MMCM)[2] . Section 50 of the MMCM neatly communicates the elements of an effective compliance program, including Section 50.1 — Element I: Written Policies, Procedures and Standards of Conduct. However, the remainder of Section 50.1 provides little detail about what written policies and procedures a compliance program should implement.
The Centers for Medicare & Medicaid Services (CMS) has always maintained that the guidance in the chapters is intentionally vague to allow Sponsors the freedom to draft a compliance program that can be tailored to fit their individual organizations. Having the good fortune of knowing the authors of the chapters, I believe their rationale is both fair and reasonable. However, the vague nature of the guidance provides some anxiety for many Sponsors, especially the smaller ones.
I have often asked myself the question, “If I was hired by a Sponsor to be its compliance officer, what policies and procedures would I create to ensure my compliance program was effective?” After spending the last six years in a consulting capacity, I was recently hired as a Director of Compliance. I no longer need to ask that question. Instead of wondering, I am now updating policies and procedures for the organization’s compliance program. This has given me the opportunity to answer my own question.
The Seven Elements
The Guidelines consist of seven elements of an effective compliance program, which are based upon Chapter 8 of the Federal Sentencing Commission’s November 1, 2007 Guidelines Manual.[3] It would be easy to create one, all-encompassing compliance program policy and procedure or seven separate policies and procedures (i.e., one for each element). However, to do so would be to create an unnecessarily long and unwieldly document. A better method might be to break down each element of an effective compliance program and create policies and procedures that better reflect the different requirements within each element.
It is important to ensure that the compliance policies and procedures you create cover the guidance outlined in Chapters 21 and 9. You do not have to create a different policy for every requirement in the guidance. However, you should cover the primary guidance and supplement the policies and procedures as your compliance program matures.
Before I share my ideas, I think it is important for Sponsors to understand that although some of the information in Chapters 21 and 9 is more vital than other information, nothing in the chapters is optional. Sponsors often misinterpret the regulations by misunderstanding the concepts of “must” and “should.” In fact, one need look no further than the very first page of the chapters following the table of contents to see that the word “should” does not make a requirement optional: “In this chapter, the word “must” is used to reflect requirements created by statute or regulation. The word “should” is used to indicate expectations created by this guidance.” Simply stated, if the guidance indicates a Sponsor should do something, it is not optional. It is an expectation created by the guidance.
That very information probably puts the guidelines in a different context for some Sponsors. There is no need to worry, because if you start with basic policies and procedures for each compliance program element and supplement moving forward, you will wind up creating policies for every must, might, should, and could in the guidance.
