The Health and Human Services Office of Inspector General (OIG) and the Health Care Compliance Association (HCCA) jointly released a resource guide on measuring the effectiveness of a health care organization’s compliance program. A copy of the guide can be downloaded here.

The resource guide was the product of a roundtable meeting of OIG staff and compliance professionals on January 17, 2017. The roundtable focused on “what to measure,” and “how to measure” each of the seven required elements of a compliance program as set forth in the United States Sentencing Commission.

While the resource guide is designed for health care compliance, the resource guide contains ideas that apply to non-health care compliance programs. It is a terrific resource and should be reviewed by all compliance practitioners.

The resource guide is divided into specific topics and includes a comprehensive template listing specific issues to be assessed. OIG’s intent was to provide a number of ideas for measuring various elements of a compliance program, and letting organizations select the measurements most appropriate toe the organization’s profile. OIG specifically warned healthy care entities not to embrace the resource guide as a “standard” or a “certification” with regard to an organization’s health care compliance program.

The resource guide lists several hundred different compliance program features to measure. Many of the specific items relate to monitoring and audit functions, and are excellent ideas of items to audit and measure.   Some of the suggestions are fairly well established such as targeting training to personnel working in high-risk positions, and conducting surveys to measure and monitor a company’s culture.

The resource guide outlines a number of ideas for monitoring and auditing a compliance program, including development of annual audit plan, conduct of compliance audits, and reliance on sampling techniques. Specific types of audits are listed that rely on document review, interviews, surveys and a walk through to verify and inspect operations.

The resource guide also sets out excellent suggestions for reviewing your organization’s risk assessment process, ensuring that it operates continuously to update risk assessment findings, and is conducted in a consistent and reliable manner.

In one area, investigation and discipline of employees for misconduct, the resource guide includes measurement factors  for proportionate punishment, and consistent discipline tied to compliance policies and procedures. The resource guide takes full account of the need for an organization to embed and promote a speak up culture that encourages employees to raise concerns, ensures the organization responds to such concerns, that the company investigates the concerns when appropriate, and imposes appropriate discipline when an allegation is substantiated.

Finally, the resource guide outlines ideas to assess the involvement of the board of directors in the organization’s compliance program. The measurement of board involvement focuses on board involvement in oversight and monitoring of the program, day-to-day reporting relationships to the board and a process to escalate compliance concerns within the organization.

OIG’s resource guide should be reviewed in relation to the Justice Department’s Guidance for Compliance Program Evaluation, which was released in March, 2017, relating to prosecution of criminal fraud (including FCPA) cases. These two documents, when viewed together, are excellent resources and provide important guidance to compliance professionals and organizations.