Even though the role of Chief Compliance Officer is more than a decade old, the role continues to evolve as new challenges reshape the role CCOs play.
The day-to-day responsibilities of a CCO not only require a keen external awareness of what is developing on the larger regulatory and legislative healthcare landscape, but also a deeper understanding of the organization's current and future business model. By forging closer ties with other c-level leaders and members of senior management, a CCO can play a much more pivotal and strategic role, ultimately leading to more fundamental contributions to the larger organization and a culture of compliance.
Below are some recommended practical tips for balancing the ever-increasing duties and pressures incumbent on CCOs:
1. Develop relationships and trust with the larger leadership team at your organization. It is critically important to be visible and approachable to drive open communication and transparency throughout the organization.
2. Compliance is not the job of just the CCO or compliance team. Compliance starts and stops with everyone. Enterprise-wide accountability is the key to success.
3. Find ways to add value to the organization. Yes, you are tasked with risk assessments and risk mitigation, but focus on proposing viable solutions to the organization to move things forward in an innovative, cost-efficient and compliant way. Break the misconception that you are merely the cop in the shop.
4. Be creative. Engage company employees in compliance campaigns. Find ways to have employees at all levels, especially company leaders, serve as the face of compliance. Stories, anecdotes and videos can show a personal and real side to compliance while driving home the meaningful regulatory message or change.
5. Find compliance champions. Once you have identified respected leaders in assorted areas of the company, task them with reinforcing compliance messages in smaller settings and with clients/vendors they directly connect with outside the organization. When employees are able to personally champion the message, it reflects a deeper understanding and commitment to compliance.
6. Compliance is a competitive advantage. Clients want to partner with organizations committed to ethical conduct and doing the right thing. Compliance messaging should drive this home throughout your organization. The operational, clinical and other key leaders are working hard to grow and develop the organization's products and services. Remind them that doing so compliantly saves money and resources on the back end and preserves the organization's reputation. Rebuilding your brand after a costly and high-profile settlement is time-consuming and expensive.
7. Be creative and have "poster child" moments recognizing commitment to compliance. Employees respond well to recognition and positive accolades. Find ways to VISIBLY reward and recognize employees who are living up to the organization's core values.
8. Avoid saying no all the time. Key leaders and senior management will stop coming to you and involving you and your compliance team in discussions. (Of course, there are times when you must say no to an illegal or high risk arrangement.) When a proposed new business arrangement or idea is presented, consider the possible path forward. Think out loud and be part of strategic discussions with the leadership and senior management. If you can highlight and identify potential regulatory pitfalls or where there are needed guardrails, you can potentially structure a successful solution. This is a win-win for the organization.
9. Continually reinforce tone at the top and mood in the middle. Leaders need to walk the walk. Nothing is worse than hearing a compliance message and watching leaders follow a different path forward.
10. Culture. Culture. Culture. Even amidst countless compliance policies, procedures and internal controls, the right culture is critical to the success of an effective compliance program. There should be zero tolerance by management for anything or anyone who seriously undermines the desired culture. Maintain open dialogue among members of the leadership team and management about potential undercurrents running counter to the desired cultural norms.
11. Data and objective measurements are a CCO's best friend. Compare accessible data against organizational peers and incorporate national benchmarks when assessing organizational risks. Outliers require dedicated resources and due diligence.
12. Don't get so focused on the internal risks that you fail to stay abreast of changing external industry risks and/or new regulatory trends. Keeping a close eye on the larger regulatory and policy landscape allows you to be proactive within your organization and provide time to brainstorm with the key operational, clinical, strategy and technology leaders on potential mitigation plans.
13. If discipline is warranted, be sure that it is implemented equitably, regardless of title and position.
14. Create an environment of "See Something. Say Something." If issues are not being identified and remediated, then you should start to wonder. Silence is not golden. The key to an effective compliance program is whether issues are being identified, addressed and remediated. Mistakes and errors happen. Identifying problems or potential problems is the first step and a sign that your compliance program is working.
15. Be proactive. Dashboards and scorecards evidence areas of potential concern and risk. Don't wait for the government's knock on your door or a whistleblower. Request to be brought in with legal counsel on the front end of a proposed deal or potential new arrangement. This will drive greater alignment of policies, training and other internal compliance controls.
16. Explain the "why" when the situation allows you. For example, if and when discipline is warranted internally, take the time to educate the larger organization to avoid repetition of the misconduct. Education based on real mistakes or oversights can often times present the best training material.
17. Make training relevant and customized for your organization's employees and contractors. The more you can use real examples to make the training pertinent and understandable, the more effective your training can be. Some fraud and abuse principles can be complex and seem theoretical to employees. Application learning with real scenarios and examples drives real understanding.
18. Data, through the World's Most Ethical Companies and other sources, indicate that ethical organizations have experienced higher overall returns. Eliminate any assumptions that compliance is a revenue drain with no return on investment. An ethical company also helps organizations retain and attract top candidates. When surveys and data are available, share this information within your organization.
19. A common misperception is that you can establish a compliance program and then let it run itself. Compliance requires constant monitoring and evaluation. Risk areas change annually. The regulatory environment is not static, so your compliance program should not be either.
20. Don't focus on just punitive measures. A carrot can be just as meaningful as a stick. Employee engagement and finding ways to invigorate a commitment to integrity are critical to compliance success.
Jackie Baratian is a partner in Alston & Bird's Washington, D.C. office and served as Vice President & Chief Compliance Officer for a national healthcare insurer. Prior to that role, Jackie served as Vice President & Chief Compliance Officer for a national healthcare provider.
The views, opinions and positions expressed within these guest posts are those of the author alone and do not represent those of Becker's Hospital Review/Becker's Healthcare. The accuracy, completeness and validity of any statements made within this article are not guaranteed. We accept no liability for any errors, omissions or representations. The copyright of this content belongs to the author and any liability with regards to infringement of intellectual property rights remains with them.