Board members are in the hot seat, or to put it another way – they are in a hot kitchen. The question is whether they can stand the heat of the hot kitchen. Plaintiff’s lawyers are out in full force these days, ready to sue any company board when a major catastrophe hits. In the aftermath of the massive data breach suffered by Target, plaintiff’s...

Every organization depends on persons who are in a unique position to identify potential problems before they occur. Companies depend on gatekeepers to disrupt and prevent potential misconduct. Internal and external auditors, compliance officers, in-house and outside legal counsel, senior executives and even board members can play this role. In almost every case resulting in an enforcement action a gatekeeper fails to act to disrupt...

We all know someone who is a pest, a professional colleague, a friend or even a family member. I use the term affectionately and especially when I write postings that are restatements of obvious points. In the healthcare compliance field, it is striking how compliance is often defined by only the term “compliance.” Where in the world is the term “ethics”? If there is an...

If CCOs are really ready to take the reins and assume a real role in the C-Suite, they need to develop more mature measurements and reports for senior management and the board of directors. We have all seen the color-coded reports with bar charts on numbers and types of complaints and number of managers and employees who have been trained and/or certified a blood oath...

If CEOs and senior managers are being asked to increase their commitment to ethics and compliance, and if mid-level managers and employees are being asked to increase their commitment to ethics and compliance, then it is time for corporate boards to step up and commit to improving corporate governance, and supervision and monitoring of ethics and compliance functions. We all hear about how corporate boards...

HIPAA has been on the books since 1996. With the advent of electronic health records, HHS adopted security regulations to require covered entities to protect the integrity, confidentiality, and availability of electronic personal health information (PHI). The Security Rule was adopted in 2003 and includes data breach notification requirements. The Office of Civil Rights at HHS is responsible for enforcing the Security Rule and other...

Chief Compliance Officers are moving up  the corporate ladder. They are being separated out of the legal function and empowered to exercise greater authority in the company. Research already has shown that this structure makes a company’s ethics and compliance program more effective. The next challenge facing CCOs is to ensure that they have a seat at the Business Table – not just a chair...

The Affordable Care Act included a mandate that medical service providers and suppliers enact compliance programs as a condition of participating in federal health care programs. (The ACA also set a deadline of March 23, 2013, for skilled nursing facilities and nursing facilities to implement a compliance program). The ACA requires HHS and the Office of the Inspector General (OIG) to establish core elements for...

BNP Paribas’ recent settlement of nearly $9 billion for violating US Sanctions against Sudan, Iran and other countries is another important achievement for the US Attorney’s Office in the Southern District of New York and the Department of Justice. For other global financial institutions, the BNP settlement has to cause some anxiety. A number of other financial institutions engaged in similar conduct with regard to...