Compliance Perspectives show

Compliance Perspectives

Summary: Podcast featuring the top Compliance and Ethics thought leaders from around the globe. The Society of Corporate Compliance and Ethics and the Health Care Compliance Association will keep you up to date on enforcement trends, current events, and best practices in the compliance and ethics arena. To submit ideas and questions, please email: service@corporatecompliance.org

Join Now to Subscribe to this Podcast
  • Visit Website
  • RSS
  • Artist: SCCE
  • Copyright: Society of Corporate Compliance & Ethics

Podcasts:

 Brian Stimson on the No Surprises Act [Podcast] | File Type: audio/mpeg | Duration: 10:07

By Adam Turteltaub The No Surprises Act is a significant change to how healthcare coverage is handled and billed. In general, it eliminates balance billing in three typical areas: * A patient is brought to an emergency room in an out of network hospital * A patient is transported by air ambulance * A patient is being cared for at an in-network hospital but, unbeknownst to him or her, a physician or service that is out of network provides care. To understand the Act more fully, we spoke with Brian Stimson, Partner, Arnall Golden Gregory, who will be leading the session The All Surprises Act:  Avoiding Compliance Pitfalls and Responding to Administrative Enforcement Actions under the Surprise Billing Laws at the 2024 HCCA Compliance Institute. As he explains, there is a two-tiered enforcement structure to the law, with both individual states and the federal government involved. Compliance teams looking to ensure their organizations are complying need to pay close attention to patient complaints. These can be a tip off to improper balance billing and a red flag of systemic issues. Be extra alert if a patient comes to them, and it can even be good to check social media for reports of wrongful billing. Listen in to learn more, and then join us in Nashville, April 14-17, for the HCCA Compliance Institute.

 Kelly Alwin on the Frequency of Risk Assessments [Podcast] | File Type: audio/mpeg | Duration: 15:40

By Adam Turteltaub When it comes to risk assessments, the word “annual” comes up a lot. But, Kelly Alwin, Regional Compliance Officer North America for SAP America, believes that once a year may be more than a bit too long. To her, a risk assessment is more than a periodic assessment and an annual chore. It is critical to the program’s success and lends credibility and substance to the compliance program. She points out that from the Delaware Chancery Court to the US Department of Justice, the importance of a strong risk assessment is underscored. In this podcast she argues that, for the risk assessment to play the role it should, it can’t afford to sit on the shelf. It needs to be a dynamic document that both informs all the other elements of the program and evolves as risks evolve, whether due to a new go to market strategy, a merger or an entry into a new market. Bottom line: look at your risk assessment, she advises, not as a discrete activity but as a continuous analysis. Incorporate micro assessments, embrace continuous improvement, and, hopefully, enjoy a more effective compliance and ethics program as a result.

 Kimberly Lindsay and Tim Timmons on Behavioral Health Compliance [Podcast] | File Type: audio/mpeg | Duration: 14:54

By Adam Turteltaub Behavioral health shares many of the same compliance challenges as the rest of healthcare, but it also has several of its own. To understand the risks, we sat down with Community Counseling Solutions’ Executive Director Kimberly Lindsay and Compliance & Privacy Officer Tim Timmons. They will be leading the session “Developing an Ethics and Compliance Program in Behavioral Health” at the HCCA 28th Annual Compliance Institute, which will be in Nashville, April 14-17 and also offered in a virtual format. In this podcast they identify several typical compliance challenges in the behavioral health setting: * Managers and supervisors who are well intentioned but busy, not holding staff accountable and not reporting in a timely manner. * Incidents after hours when a patient is in crisis. This is a very difficult situation.  The team is eager to help the patient get better, but with lots of adrenaline flowing in a difficult situation, they may find themselves sharing more information about the patient than they should. * Sharing PHI improperly when working with community partners. * Mishandling of subpoenas and court ordered requests for records which may not comport with 42 CFR. * Coding and dual diagnosis treatment * Treatment plans that are not updated before providing services * Overly verbose documentation Listen in as they outline these issues and ways to address them. Then, plan on joining us in Nashville for the 28th Annual Compliance Institute.

 Jan Sprafke on Supplier Compliance [Podcast] | File Type: audio/mpeg | Duration: 12:01

By Adam Turteltaub While Ericsson is best known for its mobile phones, the company’s reach in wireless is far greater. It is the creator of Bluetooth technology, owns patents on much of the critical IP that wireless systems depend on, and is active in more than 180 countries providing much of the hardware, and even cellphone towers, that enables all of us to talk, text, and surf the web wherever we are in the world. Jan Sprafke, Chief Compliance Officer at Ericsson, explains in this podcast that with that global reach – including operations in approximately 100 high risk countries – also comes a large network of suppliers. To manage the potential compliance challenges that go along with it, the company uses a risk-based approach to supplier management They assess the country risk, go to market approach and whether the supplier will be using subcontractors. Then they work closely with sourcing and other assurance functions on an ongoing basis. The company’s supplier code of conduct is shared with their vendors. But, it is just the start. There is also training provided, supplier days, meetings with them to discuss FCPA, AML, health and safety and other topics. All of these efforts and more help suppliers understand what Ericsson’s expectations are, not just in principle but also in practice. They even work with many of their contractors as they select their subcontractors. The goal is to create an end-to-end framework for managing third party compliance risk. Download the podcast (maybe even on your mobile device) to learn more.

 Julie Janeway on Compliance Investigations [Podcast] | File Type: audio/mpeg | Duration: 12:42

By Adam Turteltaub Julie Janeway (LinkedIn), General Counsel and principal owner, Principled  Healthcare Consulting will be speaking about internal and parallel investigations at the 2024 HCCA Compliance Institute. In this podcast she slices off a bit of that expertise. A thorough investigation is needed, she advises whenever there is an issue that could require arbitration, a court case, administrative hearing, contractual dispute or reputational issues, whether by an employee, contractor or the organization itself. The same is true if there is a policy breach or alleged violation of the code of conduct. So how best to do it? Have both an investigation plan and a preplan which designates who will be responsible for the investigation depending on what the issue is. For example, a privacy officer would likely play the lead role in a HIPAA breach allegation. As for the plan itself, it should be thorough. The team executing it should include individuals with a wide range of skills and, she highly recommends it include an experienced investigations attorney. What should you avoid? Several things, she cites, including retaliation, making the plan as you go along, letting supervisors or managers interview subordinates and not having insurance for when investigations happen. The rules are largely the same with parallel investigations, which are required pursuant to statues that call for entities notified of an investigation by a governmental agency to conduct their own investigation. These absolutely must be done, or the organization may face sanctions. She highly recommends doing these investigation under attorney-client privilege. Listen in to learn more about what to do and what not to do in an investigation. Then, don’t miss her session at the 2024 Compliance Institute, March 18-20 in Nashville.

 Drew Neisser on Connecting in a Working Remote World [Podcast] | File Type: audio/mpeg | Duration: 12:26

By Adam Turteltaub In 1984 I went to my friend Chris’s wedding, and one of the other groomsmen, Drew Neisser (LinkedIn), his then boss, talked me into pursuing a career in advertising. Just a few months shy of 40 years later, I caught a video on LinkedIn of him with chief marketing officers discussing the struggles of managing remote workers. It didn’t matter that these were marketing people, the problems sounded just like we in compliance face. So, I asked Drew, who is the founder of CMO Huddles and the author of the book Renegade Marketing:  12 Steps to Building Unbeatable B2B Brands, to sit down and do a podcast on the topic. Drew points out that, despite workers being required to come into the office more often, there is still a cost to remote work. Churn is higher than before. Partners at law firms complain that their associates are years behind in their development, likely due to the inability to learn by osmosis. So what do we do? He recommends that we recognize the present reality and look to hire self-starters. People who need a great deal of hand holding will not work out in a world where their managers are miles, if not hundreds of miles, away. Second, make sure the team understands what the organization’s business is. Then, help them connect, intellectually and emotionally, with it. If they don’t, then it’s just another job to them. Incorporate virtual bonding activities, but also try to get the team together in person. That effort creates culture and connection. Looking outside your team, he recommends four tactics: Meet, ideally in person. Get to know your colleagues, and understand their business priorities. Focus on helping them solve their problems. Track all the people you want to meet and influence. Then, take active steps to connect with them and get to know them. Share something about yourself and encourage them to do the same. Get to know the person and stay in touch. For example, send them over articles you think they would find of interest based on what you learned about them. Join formal and informal work groups. If there is a team forming to tackle a problem, be a part of it. But also look to book groups and other less structured ways to connect. Throughout, he advises thinking of yourself as an impact player and a business leader. Finally, he advises understanding how people want to communicate these days, and meet them there. The era of relying solely on email are done, especially for the younger generation. Listen in for some very good insights for compliance officers from a career marketer.

 Richard Bistrong on Conference Networking [Podcast] | File Type: audio/mpeg | Duration: 13:12

By Adam Turteltaub Some people have a gift for invisibly attending a conference, and no one knows that they were even there. That’s great for a conference of spies, but most people at compliance conferences like to meet at least some of the other attendees. For many, though, connecting with strangers is difficult, whether they know no one or they are shy about going beyond their usual circle of contacts. So what do you do if you are one of them? To find out we spoke with Richard Bistrong (LinkedIn), newsletter author and CEO Of Frontline Antibribery, who will be moderating a general session at the 2024 SCCE European Compliance & Ethics Institute in Amsterdam. If you spot someone standing alone and looking a bit lost, he recommends you think like a host and invite them to join you. Even if you’re already talking with friends, he advises being a croissant and not a bagel: be sure there is an opening for others. Make the effort to catch them up with the conversation – “we were just discussing helplines”—and ask them to share their thoughts. If you hesitate to join conversations because you don’t feel you are good at small talk, think of a few questions in advance to use as ice breakers. They don’t have to be traditional compliance-related questions. You could ask people about what excited them the most in the last year. Richard often uses Vertellis cards to start or help conversations. For those at the conference with a friend or colleague, use the other person as your wingman or wingwoman. Tell them who you are interested in meeting and have them serve as a second set of eyes and ears. Also, don’t forget about the SCCE & HCCA staff as a source of connection. See if they know someone it would be good for you to talk with. Listen in to learn more, including how to follow up properly after the conference is over. Then, be sure to say hello to Richard (and offer him a croissant) in Amsterdam at the 2024 SCCE European Compliance & Ethics Institute, March 18-20.

 Alison Taylor on a Higher Ground for Compliance [Podcast] | File Type: audio/mpeg | Duration: 12:16

By Adam Turteltaub Compliance programs have come far over the last few decades, but there is still more that they could do to elevate their performance. In this podcast, Alison Taylor, Clinical Associate Professor at NYU Stern School of Business and author of the book Higher Ground shares some intriguing and provocative ideas for improvement. She is a strong believer in what she calls “firm foundations”. These foundations avoid having too many rules which can, inadvertently, have a negative impact, causing employees to abdicate responsibility for their action and grow overly reliant on following rules. Instead, she argues for simplifying and being attuned to human behavior and the role of incentives. Be wary too, she advises, of mixed messages and potentially pernicious effects when it appears, whether true or not, that the rules for the rank and file do not apply to leadership. It degrades trust and the culture. To get more employees to speak up when they see wrongdoing, she advises investing the time in understanding why they don’t raise their hands more. When it comes to measuring the impact of the compliance program, she is a strong proponent of measuring the ethical culture. Do employees feel safe speaking up?  Whom do they speak to when there is a problem? Do they believe the whistleblower line is truly anonymous? Is leadership looking out for them? The answers to these questions, and how they change over time, can illuminate how well the program is working. Listen in to gain more insights, including how to build a common ethical foundation and the importance of adequate authority for the compliance and ethics program.

 Tobias Kruis and Clara Becerra Campos on the EU Whistleblower Requirements [Podcast] | File Type: audio/mpeg | Duration: 15:05

By Adam Turteltaub Clara Becerra Campos, Senior Compliance Analyst-Europe for TD SYNNEX, and Dr. Tobias Kruis, Head of Corporate Compliance, Giesecke+Devrient, will be addressing the new EU whistleblowing requirements at the 2024 SCCE European Compliance & Ethics Institute, which takes place in Amsterdam March 18-20. In this podcast, they delve into the challenges posed by the directive, which significantly expands the number of EU-based and non-EU-based companies that must comply. The directive not only provides protections for whistleblowers, they explain. It also establishes procedures and deadlines for handling reports. As significantly, it leaves the door open to variations among EU member states, which complicates the picture considerably. So what should you do? If your organization does not have a whistleblower line already in place they recommend you: * Implement an internal reporting channel * Be sure it’s aligned with legal and data privacy * Consider who will manage the system and conduct the investigations * Ensure confidentiality * Communicate with your workforce For those with a helpline already they recommend starting with a gap analysis to determine if your existing efforts are meeting the new requirements. Listen in to learn more, then join them in Amsterdam at the 2024 SCCE European Compliance & Ethics Institute.

 Segev Shani on AI Risk [Podcast] | File Type: audio/mpeg | Duration: 7:18

By Adam Turteltaub At the 2024 SCCE European Compliance & Ethics Institute, Segev Shani, Chief Compliance & Regulatory Officer at Neopharm Group will be leading the session “Corporate Use of Third-Party Artificial Intelligence (AI) Tools.” In this podcast he shares that a great deal of risk comes from the headlong pursuit of AI technology. Businesses believe that if they are not using Ai that they will be left behind, but the adoption rate is not being matched with a complete understanding of what AI is. To manage this issue, he recommends creating an AI governance model that balances the risks and rewards. It can help employees and managers understand the risks, including inaccuracy, bias and both misuse and improper use of intellectual property. And, of course, there can be substantial privacy risks as well. Listen in as he discusses proper governance, the need for training and the importance of integrating AI governance into business processes. Then plan on joining us in Amsterdam, 18-20 March, at the 2024 SCCE European Compliance & Ethics Institute.

 Klaus Moosmayer on the Novartis Employee Survey [Podcast] | File Type: audio/mpeg | Duration: 12:42

By Adam Turteltaub A good employee survey on compliance and ethics can yield a wealth of data on how your program is and isn’t working, where the risks are, and how to move forward. The challenge is getting the survey right and getting employees to respond. Klaus Moosmayer, Member of the Executive Committee and Chief Ethics, Risk and Compliance Officer at Novartis, shares in this podcast that the compliance team has just completed the second round of their survey. The goal was to get first-hand data from as many employees globally as they could about any unethical behavior they perceive around them and how it is acted on. The survey was developed with substantial help from behavioral scientists, who created a questionnaire that captured where the company is now but also enabled them to dig deeper into key issues. For example, in the first round of the survey the Novartis team discovered that approximately 80% of employees go first to their leaders and managers when seeing unethical behavior. In the second survey they focused on what the leaders are doing with those reports. To encourage responses from employees, they invested the time in preparing the workforce and setting the context that the survey is a part of a broader effort to strengthen company culture. The messaging behind the survey was both local and global, with company presidents underscoring the importance of the study. After the first survey was completed, they made the effort to showcase how the data was used and what would be changing at Novartis as a result. That helped earn higher participation rates for the second survey. How does the data get used? The aggregated data helps inform leadership and enabled conversations as high as the board level. The data is also incorporated into the company’s integrated digital ethics, risk and compliance platform. Country managers are shown their data and told how it compared to other regions, which, of course, indicates how well they are or aren’t doing versus their peers. Local leaders are then encouraged to use the data to have roundtables, town halls and other meetings to understand why their scores are what they are. Listen in to learn what made the Novartis survey so successful and how to improve your own.

 Letitia Adu-Ampoma on the EU Artificial Intelligence Act [Podcast] | File Type: audio/mpeg | Duration: 12:40

By Adam Turteltaub When it comes to AI, there is little agreement. Some see great potential, while others see great nightmares. Some see opportunities, and many see nothing but risks. In the EU, though, there is agreement on one thing, a new EU AI Law. In December 2023 the EU Parliament and Council agreed to  a bill “…to ensure AI in Europe is safe, respects fundamental rights and democracy, while businesses can thrive and expand.” Longtime compliance professional Letitia Adu-Ampoma (LinkedIn) explains that while the law won’t fully come into force for two years or more, it’s time for compliance teams to start paying attention and preparing. The act is a part of the EU digital strategy, which is very focused on human-centric legislation. Its goal is to keep positive the impact of AI on people and society. The approach it takes is risk-based, categorizing AI systems based on the level of risk: unacceptable (and prohibited), high risk, minimal risk and no risk. The act is very specific in how it defines which AI systems fall into each category. The unacceptable risk category, for example, includes social credit scoring, emotional recognition and behavioral manipulation. Creators and users of high risk AI will be required to register the system in a public record. They will also need to conduct an impact assessment and be transparent. Transparency will also be critical for generative AI. Providers will need to disclose the content generated and ensure that the models are not designed to create illegal content. There will also need to be governance in place to protect against copyright violations. So what should compliance teams do now? Letitia recommends reading the guidance and to start preparing the business unit for what is to come. Listening to the podcast would be good, too. NOTE: This podcast was recorded in January 2024. The final version of the EU AI Act is yet to be released - a final EU parliament debate on the text will take place before its release. In the meantime, some 'unofficial' pre-final versions of the text have been leaked online in advance of this debate. The final EU definition of AI and key timescales for enforcement mentioned in the podcast are based on proposals made public. Listeners should look out for the final position which will be detailed in the EU AI Act when it is officially published in the next few weeks.

 Matt Silverman on Keeping Compliance Champions Engaged [Podcast] | File Type: audio/mpeg | Duration: 13:37

By Adam Turteltaub Having a compliance champions or ambassadors program can be a great boon for the compliance program, if you keep the champions engaged. Unfortunately, that doesn’t always happen. If not managed properly your champions may end up sleep walking through the job. In this podcast, Matt Silverman, author of the book The Champions Network and Global Trade Director and Senior Counsel at Viavi lays out several strategies for maintaining the involvement and commitment of your champions network. To ensure engagement, he recommends remembering that the people who decided to be champions did so for a reason. It may be for a wage stipend or for altruistic reasons.  Tapping into that motivation is essential. On an ongoing basis it’s important that they see the impact of their work on the organization and their own career. That means sharing outcomes, as best you can, and providing them with access to development opportunities. These could be specific to deepening compliance expertise or as broad as developing business and soft skills. Whichever you choose, it is a way for them to see what’s in it for them. Give them an opportunity, as well, to be recognized for their work, whether that’s an official recognition by the CEO or an opportunity to interact with leadership. Remember, appreciation can be a powerful reward. And, of course, make sure there is actual work that they need to do as a part of being a champion. Having the title alone is not enough. Listen in to more about how to create engaged compliance champions.

 Sergio Leal and Jan Sprafke on M&A Compliance Due Diligence [Podcast] | File Type: audio/mpeg | Duration: 14:58

By Adam Turteltaub Mergers and acquisitions create stress, opportunity and risk both for the organization and the compliance team. In this podcast, Sergio Leal, who until recently was head of M&A compliance at Ericsson along with Jan Sprafke, the company’s chief compliance officer, share their advice for compliance professionals in the midst of a transaction. They stress that the compliance team needs to be involved during the entire lifecycle, from target identification to due diligence to post-acquisition integration. This will help the organization avoid unanticipated liabilities and risks. To ensure success the compliance team needs to be embedded in the M&A team. Meet with the stakeholders regularly to ensure you are aligned with their processes. When you do, remember that compliance is just one piece of a very complex puzzle. Be prepared to move quickly. The DOJ amnesty program for issues discovered in an acquisition has a rapidly ticking clock. At the start of an acquisition or merger, they recommend focusing on three areas: * The ultimate beneficial owner * The operations of the business * The already existing compliance program, if any, and internal controls Be especially vigilant if the acquired entity had some government ownership or government contracts. And, be very diligent if there is not a compliance program already in place. Listen in to learn more about how to be an integral part of mitigating the risks of mergers and acquisitions.

 Kelly Cooper on Open Payments [Podcast] | File Type: audio/mpeg | Duration: 11:40

By Adam Turteltaub To quote CMS, “The Open Payments program is a national disclosure program that promotes a more transparent and accountable health care system. Open Payments houses a publicly accessible database of payments that reporting entities, including drug and medical device companies, make to covered recipients like physicians.” For this transparency to work, though, it’s important for the data to actually be used. Kelly Cooper (LinkedIn), Compliance Specialist at UF Health Shands Compliance Services, reports that too often it isn’t. There is a downward trend of providers reviewing the data collected, she reports, due to lack of awareness of the program and why it matters. That needs to change. Physicians and the hospitals that employ them are now required to post a notice for patients about the Open Payment system and how to access it. This will likely lead to more questions from patients and the need for providers to monitor the data more closely. So what should compliance teams do? She recommends looking at training, awareness and policies. In addition, be sure that the profiles of covered individuals are correct and up to date. And, be prepared to navigate the dispute process. It can be a long one, but there are shortcuts. Finally, she urges compliance teams to use the data to get a better handle on staffing, credentialing, what the payment trends are and any red flags. Listen in to learn more about what the Open Payments program is and how your compliance team should be working with it.  

Comments

Login or signup comment.