The Office of Inspector General of the U.S. Department of the Health and Human Services (OIG) recently changed the language describing a compliance officer’s role in relation to other responsibilities he or she may have within their company when under a Corporate Integrity Agreement (CIA).
A CIA can be used in False Claims Act settlements between the U.S. Department of Justice (DOJ), the OIG, and a health care provider or entity to resolve the OIG’s discretionary authority to exclude the individual or entity based on the “covered conduct” addressed in the settlement agreement. Each CIA usually includes the same general language to describe substantive requirements of a compliance program, with additional requirements specific to the individual or entity. Failure to meet the requirements of the CIA may result in stipulated penalties or exclusion imposed by OIG.
Most historical CIAs stated that a compliance officer’s noncompliance responsibilities “shall be limited and must not interfere with the compliance officer’s ability to perform the duties outlined” in the CIA. Some more recent CIAs have stated that a “compliance officer shall not have any noncompliance job responsibilities that, in OIG’s discretion, may interfere or conflict” with their ability to perform the duties outlined in the CIA. (Emphasis added). The OIG clarified this language in an effort to combat a compliance officer’s role from expanding into areas that the OIG views as conflicting with their duties as the organization’s compliance officer. This shifted standard is a larger burden on smaller companies where employees are performing a number of roles – which has been an acknowledged reality since, at least, the OIG’s publication of the Compliance Program Guidance for Individual and Small Group Physician Practices.
This change is also notable for voluntary compliance programs because it illustrates how the OIG believes an effective compliance program should operate. If the organization does need to negotiate a settlement with the OIG in the future, the strength of the compliance program is a key element that the OIG will evaluate.
Indeed, recent statements by leaders within DOJ, and an important September 15, 2022 memorandum approved by Deputy Attorney General Lisa Monaco underscore the value of independent and robust compliance functions. Among other measures, the DOJ memo emphasizes the agency’s focus on “fostering a strong culture of compliance at all levels of the corporation – not just within the compliance department.” This specifically includes a company’s sanctions and incentives – including through compensation – in furtherance of that effort. DOJ also said it will issue further guidance about the preservation and use of devices and apps by company employees and executives.
Taken together, these publications from the OIG and DOJ merit thoughtful attention from entities contributing to the health care industry (whether providers, plans or manufacturers) as they continue to modernize and enhance the effectiveness of their compliance programs.