Most healthcare providers understand the importance of having a designated Compliance Officer. Someone needs to lead the organization’s compliance initiatives and be responsible for advising the CEO and governing body of compliance risks. What’s often less understood is the role and makeup of a compliance committee, especially in smaller organizations.
Unless a provider is very small, with only a few managerial employees, it should have a compliance committee to help the Compliance Officer implement and monitor its compliance program. Compliance programming must be tailored to your organization, and your compliance committee is no exception. There’s not a “one size fits all” approach to building an effective compliance committee. This can mean some providers struggle to identify who should be on their committee.
To build an effective compliance committee, it is crucial to understand what the committee’s purpose is. According to the Office of Inspector General’s (OIG) General Compliance Program Guidance, the Committee serves to “aid and support the Compliance Officer in implementing, monitoring and operating the Compliance Program.”
Its primary duties include:
- Analyzing applicable legal and regulatory requirements;
- Assessing, developing, and regularly reviewing policies and procedures;
- Monitoring and recommending internal systems and controls;
- Assessing education and training needs and effectiveness;
- Regularly reviewing required training;
- Developing a disclosure program and promoting compliance programming;
- Assessing the effectiveness of the disclosure program and other reporting mechanisms;
- Conducting annual risk assessments;
- Developing the compliance work plan and any action plans for risk remediation;
- Evaluating the effectiveness of the compliance program.
An effective compliance committee is made up of leaders within the organization who are in a unique position to help plan and advance the organization’s compliance programming because of the nature of their roles. The OIG recommends committee members be leaders from operational and supportive departments, including billing/coding, clinical/medical, finance, internal audit, IT, HIM, human resources, legal, quality, risk management, sales/marketing, and operational managers.
A helpful exercise for providers struggling with building a compliance committee is to list the organization’s departments, and then next to each department identify the person who leads the department and the person the department leader reports to, but do not list the CEO. These department heads and the leaders they report to (other than the CEO) make up the initial list of potential committee members.
According to the OIG, committee members should “have the authority and ability to speak for the department they represent.” Whether a provider includes the department heads or the leader(s) they report to as a committee, members will likely depend on its size and the authority of the department heads. For example, an organization with IT and HIM reporting to a CTO who makes decisions for these departments should probably choose the CTO. If, however, the organization has an IT/HIM leader who ultimately reports to the CFO but the IT/HIM leader oversees their department and makes most decisions impacting the IT/HIM department, it would make more sense to include the IT/HIM leader. At the end of this exercise, the provider will have identified the leaders whose participation on the committee is the most valuable to helping the Compliance Officer advance and monitor compliance within the organization.
Who else needs to be on your compliance team? Check out this week’s podcast for the five people every Compliance Officer should have on speed dial!