Signature Block Corporate Governance Charter Made Easy

Signature block corporate governance charter

I have the distinct honor and pleasure of being able to introduce our panel this morning Greg demski is the chief counsel to the inspector general US Department of Health and Human Services he leads the HH office of counsel to the inspector general which provides all legal services to the largest inspector general office in the federal government this includes legal advice on audits investigations inspections and other activities of the HH Office of Inspector General dr. David see Herman was senior staff fellow in ocular immunology and Unitas at the National Eye Institute National Institutes of Health in Bethesda Maryland he received a master of science in medical management from the university of texas dallas dr. Herman is currently president and chief executive officer of Vidant health an integrated healthcare system with nine hospitals and more than 70 clinics headquartered in greenville north carolina gate in parado our moderator is the managing partner of broad and cassel sport Lauderdale office and co-chair of the firm's white collar healthcare criminal and civil fraud and compliance practice he practiced health care law in both the public and private sectors for 36 years and it is board certified as a specialist in health law by the Florida Board he is also certified in health care compliance by the Healthcare Compliance Association Ryan Meade is an attorney in consultant in Chicago Illinois who focuses professional work on healthcare regulatory issues he is a law professor at Loyola school of law in Chicago Ryan is a partner in the law firm of mead and roche a managing director of Ages compliance and ethics center dan roche JD oversees the legal and compliance functions for optum he was formerly vice president appliance and audit for dignity health formerly known as catholic healthcare west prior to joining dignity health mr. Roche spent 40 years as an in-house counsel for a line of health system in minneapolis minnesota please join me in welcoming our panel Thank You Debbie as you know our advertise topic for this morning is corporate governance compliance and liability but at the last minute management staff has asked us to address a different topic so we're going to talk about specialty pharmacy compliance under state and federal law and the impact of health care reform so which one of you want to start that's an April Fool job more seriously some of you probably are aware that this is not a new topic corporate governance compliance and liability is something that's really at the forefront of everything that you do each day but it is a topic that has changed over time it's it's a different dynamic in each organization and it will change again and it will take on many forms and challenges as we as we move through the cycles of compliance in each organization we're fortunate though this morning to have a number of different perspectives on this topic so we're hoping to have an informative discussion from our panelists why don't we start with the general question of what what we might speak of or say when we talk about the role of a compliance officer i think i'm going to turn to dan first because dan has played many different roles has viewed this issue from outside inside with a couple of different hats and for many years why don't why don't you give us your your view on that dance the game I'm going to start with a question and many of you know what's coming because I can't speak in front of a group of compliance officers without asking this question how many of you are responsible for compliance in your organization okay no you're not Lee put your hands down if you're a compliance officer and the reality is my view is no organization can pay me enough to be responsible for compliance in the organization and many of you have heard me ask that question before and many of you hire now programmed not to raise your hand and that question comes up but if you take nothing else from what I have to say today never raise your hand when I want to asks you if you're responsible for compliance in the organization because when we're talking about the roles of the board the roles of management in the role the compliance officer it's the board and management who are responsible for compliance in an organization it's your job as a compliance officer to help them understand what they need to do to be a promoter within the organization for the program to be continually revising and changing the program to keep it up to date to keep it effective and to be reporting to management on how well they're doing and to be reporting to the board on how well it's doing and the organization is doing but you're not responsible for compliance most of you are not paid enough money to do that dr. Herman how about you you're the CEO of a health system and what do you see is the role of a compliance officer in our health system John's role is really to make sure that we're aware of what's going on out there and then what I want him to do is to work very very closely with the people in the organization to help make that happen I think it's very important that everyone within the compliance office and people across the organization understand that we're in the business of health care and when Kim and Jenny talked about credibility John has to have that dual role or any compliance officer has to have that dual role of understanding what's going on in the industry what regulations apply to us but at the same time be that bridge between the compliance and operations I find it very interesting that we call it compliance where as a physician if I accused a patient of being non-compliant they would say compliance is not something you talk about with the patient we want our patients to be adherent so i would say some of the things that John and his tea have to do is not to drive up compliance through organization but help us all to be adherent to the regulations that are out there and for good reason and at the same time put them in the framework of the health care that we have to provide every day Greg you you're in a unique position in providing government leadership on the issue of compliance what has been your experience and what is your view of the role of a compliance officer in an organization well from our perspective when we started doing corporate integrity agreements some 20 years ago we have always required the appointment of a compliance officer and that's direct from the federal sentencing guidelines and one of the seven elements there and we've looked to the compliance officer to be taking the lead on promoting compliance with the standards of federal health care programs and really standing to some extent in the shoes of the government we've had we've looked to really have a multiplier effect by we can't we can't be in the OIG or in the government at every healthcare provider we don't have the resources it wouldn't be a good use of resources but we look for the compliance officers to be in within the organization of voice promoting compliance with the law and promoting an avenue to address problems when they arise in an appropriate way what about Dan what about reporting lines for a compliance officer what's been your experience into various roles that you've played the you know it's been different for the past 16 years almost at dignity health I reported to the board with the dotted line in the management I think that reporting to the CEO or to the board is the best practice standard but other reporting relationships can work and I think one of the challenges for compliance officers is to be effective wherever you report but to advocate I think for a more effective reporting relationship and advocate for the best practices well if you have direct reporting to to the board of the organization you know as a compliance officer what do you expect from a board or maybe ideally and what's been your experience yeah it's a it's a great question one of the things that I initially expected from boards when I got into compliance is that they would understand compliance and I realized very quickly that that wasn't going to happen it was my job to give them a basic understanding of compliance but let's face it compliance is not their most important responsibility I've worked for health care organizations their most important responsibility is to deliver health care to deliver high quality health care and that's where they're going to focus a lot of the time and attention they have another huge responsibility around the financial health of the organization they're going to focus a lot of time and attention there so my goal is to get them the information they need to understand what our risks are and understand how well as an organization management is mitigating those risks so that they can focus with laser precision on those areas where we have significant risks where the risks aren't being mitigated but then devote most of their time to the other very important pieces of their role Ryan what I mean how would you describe the board's function from compliance what what you know I guess from a black letter standpoint I mean what would we say is the board's role in compliance well I think you have to go back to ask basic questions what is the board's role in the corporation and what's the business they they are in a sense the corporation and run it though they're not involved in the day-to-day management they have a fiduciary duty to ensure that the corporation business is following the law and they have to exercise that with with due care and so forth so it's as I think we all know there's a there's a line of cases not not a lot but a strong line of cases which we show that the boards must pay attention now what we're seeing develop is in settlement agreements with DOJ Oh IG where the board is reorganizing to have compliance committees if they don't already have them to pass regular resolutions and to exercise that due diligence in a more directed way sometimes required as a condition of settlement so we're certainly seeing the board getting much more deeply involved in in compliance and that that oversight well dr. Herman what do you look to from your board or put another way if if you had a significant compliance issue in your organization that had a fairly significant financial impact are you going to be accountable to your board for that and what are the questions they're going to be asked Oh most definitely I think most boards have been on a journey already and I think we can leverage this in compliance with health care is that back in the mid-2000s each one of our boards I think took the journey towards quality and safety so that through that they've learned what it takes to get a culture of quality and safety in an organization and I think we can leverage a lot of that operations and a lot of that learning towards compliance so our board knows that if they don't set the tone if they don't hold management accountable that it's not likely to get done and what our board is doing is they leverage that experience that they've had with quality and safety and provide that feedback to us as leaders in the organization that says let's not just prove that we're compliant and word here into the law but what are we developing as in a culture that supports that messages from the board messages from my office messages from other leaders are relatively ineffective unless you've built that type of culture within the organization does your board hold you accountable for compliance in an indirect performance measure very much so very much so so there are very few things that a board can actually measure with the CEO other than the bottom line and what how the organization is performing to care for the people that they're caring for but there are specific things as far as compliance goes and we keep our board very very well informed as to what the trends are out there what our organization challenges are and what they can do to help get that message across the organization of course deficiencies in compliance can often be reflected in the bottom line too they certainly can and I think there's going to be a lot of pressure across many organizations regarding the bottom line with the new things that are happening in healthcare and I think boards are going to have to be particularly diligent that the bottom line isn't being supported through shortcuts and compliance great i know you've looked at board activity management activity over the course of many years and have addressed it in in resolution of cases what have you seen past present look going forward with this well when we when we started doing CIA's we really didn't have a role for boards in the documents but as we've evolved over time and seeing what works and what what doesn't work in CI is one of the things that we've looked to do is add some responsibilities for the boards and this really started in the pharma area where we were seeing companies sometimes for the second sometimes for the third time often cases involving hundreds of millions of dollars and sometimes criminal conduct and our feeling was that as much as management has to have a primary responsibility for compliance the board of a publicly traded company or of a hospital or other other type of entity needs to be engaged in compliance as well so we started to make the board members or the board committee that's responsible for compliance do have a duty of reasonable inquiry into the operation of the compliance program and to pass a resolution where the people with that responsibility are actually signing with their names saying that they've looked into the program they've seen that it is operating on then to the best of their knowledge of the entity is in compliance with federal health care program guidelines we have in a few cases in addition required the board to actually hire an independent expert on compliance so that they are hearing a voice other than from management and the compliance officer to help inform their inquiry into how the compliance program is running and one of the examples of a case like that you can see that in some of our big hospital chain cases in pharma cases but also in the recent settlement that the Inspector General mentioned yesterday the Halifax case involves that type of requirement on the board you need let me let me just follow up on Greg's comment I think if you really want to help yourself as a compliance officer and you want to help your organization getting an outside compliance professional on the board or on the compliance committee of the board or the audit and compliance committee of the board is really really helpful at least from my perspective when we did this back in 1998 I dignity health it made a world of difference in my ability to impact of the organization and I know that there are a dozen or more of your colleagues sitting among you today who serve on boards of you know small medium and large healthcare systems in precisely those roles so I think that's a huge step forward and really something that we should continue to promote you know dan you you mentioned that sometimes you've had reporting a direct reporting to the board sometimes it's a CEO and there's been other forms you know from my observation I more and more I think that that our compliance professionals or compliance officers need to have a seat at the c-suite table have you found where your say reporting to the CEO as opposed to the board can be equally as effective or is it necessary to have direct reporting to the court personally I've never reported to the CEO in the compliance officer rule it's always been to the board but you have to have a great relationship with the CEO you have to be constant communication with the CEO quite frankly if the CEO doesn't trust you in my humble opinion the board isn't going to trust you as well so I think again regardless of where your you report you have to build those relationships and and I was mentioned earlier this morning by Jenny and Kim that building relationships is extraordinarily important and in my view that starts at the top with the CEO Greg what's your view on reporting I mean I know in a number of CIA's you look to foster of direct reporting to the board but can it work other ways too and well from our perspective when we enter into CIA's we always require that the compliance officer have direct access to the board and periodic meetings and reports to the board we think that that's that's crucial in a case that we're resolving now we understand there are organizations are different different sizes and resources and that can affect how it's setup and what the board's role is visa V that the compliance officer but from our perspective if you're if the entity is settling a fraud case with the government we think that the board needs to be involved engaged and has to have that direct communication with the compliance officer and we likewise feel that there needs to be a compliance officer needs to be separated from the legal function of the entity and we have required companies to restructure to ensure that the compliance function is separate from the legal function well let's talk about that a little um I think the whole issue of the compliance officers role and its relationship to the legal function to general counsel has been a topic of ongoing discussion take us through a little bit of the history of that and and how the inspector general's views have been reflected with on that issue and and generally you know why you think that's all well when we started doing see eyes we did not have that requirement and several of the first CIA's we had companies that the compliance officer was also the general counsel and we but we saw companies had set it up different ways so we experienced and saw in our monitoring of those CIA's what we thought worked better or not as well we had an issue in one prominent case where the person who was wearing both hats is the compliance officer and general counsel didn't didn't provide information to us that we felt should have been provided about compliance problems at the on the entity and later claimed that they were privileged on these audits that had been done that identified problems so we want to avoid any confusion on that front and when there's a compliance issues that are identified and are required to be reported to this too OIG we want that to be they want we want them to come in to us and not have any issue of privilege that's one issue but I think the bigger issue that we've seen in our observation and monitoring CIA's and when we talk to compliance officers is that when the roles are separated the compliance officer has more time with the board with a CEO they get more resources and they operate more independently and they are in a better position to promote compliance so as we've seen that we've changed and now the CIA's require that separation and we've said it in repeated guidance documents that we've we've sent out to the industry that we think that that's the best practice now we recognize a a small physician practice is there a very different situation from a multinational corporation or even a hospital on so you have an entity has to make a decision based on its own capacity and capabilities but the general rule is that we think from our perspective it's better to have the role separated you mentioned the issue of privilege I want to want to sort of get into that a little bit I mean Dan Ryan can tend the compliance professional in an organization effectively address compliance problems you know without the use of privilege especially in today's environment where are you know the whistleblower threat is fairly significant I mean can we have effective compliance without using the privilege I think there's a question which is deeper than just privileged here and that's interpreting the rules so before we get to the question of giving legal advice and whether that is privileged and investigating issues and gathering facts just the role the compliance officer versus the general counsel or legal counsel is one that the industry is trying to ferret out in a complex regulatory environment of you take an example of the to midnight rule yea which was involved in the legislation yesterday that actually I had that question last night @midnight @midnight did it cross any midnight and as soon as I said what this panel I got to find somebody to go look at cording to CMS if you started the question at 1145 p.m. in a cross midnight uje Council and what it has to cross time nice for you to get paid for it okay yeah and who has to sign the discharge yeah all right but yesterday for example in the legislation on the legislation take a look at it if you want section 111 it's called extension of to bid night rule what what does that mean if you read deeply into it it doesn't delay the to midnight rule has been somewhat reported it just it prohibits the racks from auditing until March 2015 is but what does the organization going to do now is it is it interpreted as a delay do you have to follow the to midnight rule what's the compliance officers position on that the compliance officer even if they're a lawyer is not likely in a position to give legal advice so I think it's important particularly in complex regulatory environments to make sure that the relationships and the roles of compliance officer and legal counsel are clearly established they might have different perspectives on risk or defense and I think this probably goes to 0 a G's position on I mean equal voices at the table to to look at risk in different ways actually that that raises question dan I mean do you think having a legal background is important to being a compliance officer I think what or maybe even sometimes a detriment the answer that question is yes okay so being a lawyer has helped me a lot I think in my role as a compliance officer but it is also heard me and one of the things that I learned very quickly is that despite all my legal training you know and all of the things that I was supposed to learn in law school I know very little about operating a hospital I know very little about how nurses work I know I knew even less about how doctors work those kinds of things and I say this and that sometimes come comes across as being facetious but I'm serious about it I feel like my principal role as a compliance officer particularly as a lawyer compliance officer is to hire people smarter than I am and listen to them so I want people you know who have been nurses I want people who have been doctors and I want people who have worked in physician offices who really understand the operations but who are also committed to compliance to do the right thing because they're very effective influencers and those that have worked for me will know that I had a lot of brilliant ideas that could never have been implemented and they were kind to me and they helped me see you know what wouldn't work in what would work and change my point of view but clearly you know I think being a lawyer can be helpful but I don't think you have to be a lawyer in order to be an effective compliance officer there are a tremendous number of compliances of compliance officers out there who do a great job who are lawyers but they partner well with lawyers well right I mean even though you have a significant legal background and you're in your role as a compliance officer when you have a legal question I assume you didn't try to answer it yourself not most of the time you should yeah but most of the time you know I would go to the lawyers and and I was fortunate to have great lawyer resources now there are times as a compliance officer you have to push back okay the I think we heard keep it simple stupid this morning my lawyers at dignity health and they're all great people managed to create about an 80-page position financial arrangements policy and it's a fabulous policy but let's face it most employee that dignity health aren't going to read the thing so I have to figure out a way to take that policy and condense it down into simple directives and simple guidelines that people can follow and I think that sometimes the tension between being a lawyer and being the compliance officer is lawyers want to be precise sometimes and I want to be effective and I had to change that hat as I changed rules well now I know for a fact that you're now in a role where you're wearing both hats at the same time I think your office's said that's an untenable confident about and for me that puts the CEO of an organization a difficult spot to I want people around the table that are providing the advocacy for their particular position their particular realm of responsibility and when that's shared it's almost like Harry Truman used to say about the two-handed economist you know I just wants an economist with one hand because the Economist has been on the other hand I want to come on clear direction from Council than clear recommendations from the compliance officer and then we can start working together to figure something out and well is it an untenable conflict for you the f it is how would you deal with it yeah how would you recognize it yeah my quest yeah that's a fair question so a couple of cents those of note you who have known before the more than 20 years that I've been in compliance have heard me say probably hundreds of times I don't think you should wear both hats I continue to believe that when I took this job in a start-up organization I said to management in the CEO that I would do both jobs on an you know for a while but eventually we're going to have to split them out as the organization grows I continue to believe that's the right thing to do now the good news is from my perspective in terms of the conflict and how I recognize that is we are owned by two large sophisticated healthcare organizations who have great compliance programs who have great compliance officers who have great legal departments and both of those organizations are resources to me and they'll also be checks on me to make sure that I don't miss something in terms of that conflict that I should miss I will not wear both hats in the long term but right now in in the short term you know that's what they've asked me to do yeah once i had this question sort of put to me by a client and you know the organization was such that really that person had to wear both hats that that certainly happens and at the end of the day I just viewed it as a sort of simple conflict management situation and I kind of prepared a memo that's it well you know if you identify a conflict in addressing the situation you do have alternatives you can bring in a third party to deal with it and and you know manage the conflict I mean I think that's that's possible but you know I've seen I've seen situations where if if the compliance officer is sophisticated and the General Counsel gets it and they know how to work together that the the byproduct of that for the organization is effective compliance and it isn't one plus one equals two it can be one plus one equals five I mean have you have you seen that in your experience correct yeah well we certainly see the legal shop the general counsel has a huge role in compliance and there should be communication interaction between those two offices and functions and I think where we've seen entities succeed under corporate integrity agreements we seen really robust compliance but with strong communication and cooperation with the with the legal side I think maybe in your future corporate integrity agreements you might work in a provision that requires the General Counsel's of organizations to attend our compliance academy Debbie would really appreciate speaking of conflict of interest yeah all right how about do we think do we think that the compliance officers role is clearly defined presently in the industry or and do we think that we have people coming to the table who have the necessary qualifications to be a compliance officer now and in the future Ryan I know you spend a lot of time in the educational sector in this what are we doing about that well although I think it's very clear and the success of HCCA and the 2,600 people here shows that compliance is now a profession and it's not going away it's an established profession what's next I think what's next is to have compliance recognized as an academic discipline we now have 15 18 go close to two decades years studying what is the effective compliance program on the organization where should it fit what are best practices what works what doesn't work there's no one right way but we need to start studying this and also training the conference's the academies that you and I teach at those are vital education components but i think that the compliance as a profession is now reached to stayed stage where we need to study it systematically and offer that opportunity that's that's in my new role at lola's director of regulatory compliance studies that's what we're doing with our online on campus but mostly online master's degree and where who can they can't move and come to Chicago and who would want to come to Chicago this year with 50 below wind chills you wanted rather stay in San Diego but but to try to learn and go more deeply how do you do compliance on it take a stark intensive course so that you can you can get more than 90 minutes or two hours it this is where the profession needs needs to go I think and I think to dance point you don't need to be a lawyer to be a compliance officer but we do work in an area of intense regulation and law and we have to have some understanding and some facility with reading those I mean I when I look at the sentencing guidelines for effective compliance I mean that those are all pretty much operational type tasks they're not they're not legal functions no right and I never I never thought that the compliance officer needed to have any different role with respect to legal advice than any other operational VP and an organization you know that all right right but it seems that there's both horizontal and vertical aspects of compliance programs you've got the seven elements from the sentencing guidelines and Oh AG's guidances but then you have a deep substantive regulatory environment that we live in whether it's privacy research reimbursement for abuse and how do those how do those interact and integrate with each other in the context of the seven elements well so in your in your educational lineup what kinds of things are is that program sort of hitting on for the compliance officers and this leads to a master's degree yes it's a master's degree for lawyers and non-lawyers MJ or llm well studying compliance I think is important just the seven elements flushing it out what I've been talking about is both it in in ethics we have ethics ethical theory and applied ethics I think we need to move to thinking about compliance and applied compliance so what we can study the seven elements we have to study those elements but what do they look like on the ground yeah what did how do you take a stark not how do you stick stark non-compliance or something that's very close to non-compliance and turn it into a corrective action and effective late what they're teaching that at this program well Greg why don't we talk a little bit about what we've seen roll out in terms of organizational liability you know over the past few years I mean when we talk about organizational liability what are we talking about well first of all there's a range of statutes that apply certainly in the federal level starting with the false claims act on the civil side and then criminal statutes administrative statutes that our office has for civil money penalties and exclusion and then you've got all the state authorities in play and really what I think the government has tried a lot of different types of things to try to change organizational behavior in the context of investigations sometimes it's been through criminal prosecution although of course an organization can't go to jail it's different from an individual and so we try to do things corporate integrity agreements that apply both in criminal and civil context to change behavior the Department of Justice has done cases where they do where they call a deferred prosecution agreement where they believe the crime has been committed but instead of going forward and prosecuting the enter into an agreement I mean these are much more intensive usually than a CIA where there can be a monitor that actually is directing some of the business operations of the end T we've seen also the government has continued to try to find ways to hold individuals accountable in the context of resolutions of cases against corporations and those cases are inherently more difficult to bring particularly criminal cases so I would say the government hasn't always been successful in our efforts to do that but there have been in this last year there was a case down in Florida the wellcare case where the former CEO CFO and two vice presidents were convicted on health care fraud and related offenses where the company had previously settled with the government that's an example of where the government has been successful at holding decision-makers and executives responsible and accountable for criminal conduct why has that become important because we've seen it more and more in recent enforcement policy and actions I mean why is it become important well I think that there's a way in the government struggle with the issue of how do we change behavior I mean from the oh I Jays perspective we want to see enforcement we want to get money back for the government but we really are most focused on trying to protect our programs and Medicare Medicaid programs and the other programs of HHS going forward and how do we do that and we think that perhaps CIA s are very important in changing and putting in a culture and processes and controls at an entity and the work the people in this room do is is sort of is irreplaceable as far as changing conduct at a corporate level we also think sometimes for individuals and positions of responsibility it's helpful for them to know that there could be there could be consequences and accountability if they engage in fraudulent conduct or even are responsible for a business unit where where fraud has occurred so we're trying to find better ways to do that both criminally civilly and as well as administrator plea now i guess if oregon has some compliance deficiencies somebody somewhere in the organization has to be responsible on some level right right so and particularly where we've got criminal conduct the government wants to hold individuals accountable in addition to just collecting money back let me go back to something that you mentioned and preface it with I think we all know that that you know our government payers who pay substantially for fed for health care and that's even more so on the horizon with with health care reform expect the organizations to partner with the payers in detecting and preventing non-compliant conduct and in you know in my experience I'm work with many organizations to to respond to reports of non-compliance to you know investigate it detected corrective action and end or make a disclosure of the situation but there you know we've had situations where we're legitimately and in good faith in the process of doing that and creating whistleblowers as we're doing it and and the organization's feel you know at great risk even while they're taking remedial action so you know the the concept of privilege is important but at the same time the organization doesn't want to limit its responsibilities to the payers to partner and detecting preventing what recommendations do you have for organizations when they come to you and you know they have done a privilege investigation but you know you need to know the facts transparency but on the other hand you know there's a desire not to undermine the privilege and its usefulness for effective compliance what what recommendations do you have for and you know dealing with that dynamic well certainly in our self-disclosure protocol we're very clear about the fact that we don't require anyone who's disclosing to waive privilege but at the same hand on the other hand we need to have the information about what happened the facts we are not interested at all in the legal advice that was given to an entity what we want to know is what happened and we need to have that to decide how to resolve the case appropriately and the fact is we have done hundreds and hundreds of self disclosures it really hasn't been an issue we have never asked anyone to waive privilege to get the information that we've needed to resolve the case and we have a right thing a very good track record of handling those cases in resolving them fairly quickly compared to the situation the opposite situation that we see in a key teams a relator case where the entity has much less control the process often takes years and costs a lot of money and a lot of disruption to primary examples for the last year would be Halifax and then the to me case which is still not resolved but there's a verdict of over 200 million dollars against the hospital in both of those cases you could see there were people either within the hospital or a physician at the hospital that raised concerns that the hospital didn't really address appropriately and instead of identifying the problem ending it and coming to the government the prof they lost control that process and was that was at one of the primary reasons why your office felt like a corporate integrity agreement would be necessary for resolution yes I mean first of all to have an 85 million dollar settlement with a single hospital that's a lot of money and that's one of the factors that we look at with respect to whether we are going to require a CIA but also the breakdown of the basic the substance of a compliance program while however however looks on paper if you've got somebody from within the hospital who's ray using a concern that's legitimate a true compliance culture would find an avenue to deal with that internally and that didn't happen there dan have you ever ignored a report of non-compliance on a hotline or otherwise the question is the answer to that is no not as serious calls of the hotline I don't think I've ever ignored you know we do have and we were talking about this earlier this morning they're not every call to the hotline is created equal I've had people call complaining about the views from their offices for the most part I have ignored those kinds of calls but if someone is raising a substitute I know the difference feeling that every absolutely but you know you shouldn't ignore calls that are serious and quite frankly it's one of the quickest ways for the organization to get in trouble because eventually the government will find out one of the things that has been said over and over by people a lot smarter than I am is set you can't hide stuff very long it will come out and you know we're better off being transparent in my view following up and fixing the problems yeah I know from my experience that that are at our Academy presentations I don't have any hesitation saying at least two things you you ignore a report of non-compliance at fairly significant risk to the organization and you live in a fishbowl no that's just stated what do we see when we talk about compliance now that we have major health care reform and what are some of the things on the horizon that that you're expecting to deal with even more directly or more immediately well I think from the OIG's perspective a couple of things with respect to the Affordable Care Act one is the expansion of Medicaid and the much greater federal stake in Medicaid so for those states that are expanding Medicaid one hundred percent of the spending for those newly eligible beneficiaries is going to be federal government spending so that really changes the equation that's for the first few years and then it goes down ninety percent but it really changes the equation for us because we have traditionally looked to the states to be on the front line of protecting the integrity of the Medicaid program so that's one thing we have to really be focused on we have to look at how the states are doing but also directly look at more Medicaid and then the second thing would be in the sum of the payment changes in the Medicare system under acos and the whole direction that we're going through paying more for quality and outcomes rather than volume of services is the validity of the information that we're receiving on clinical outcomes that affect payment and I think that's a new compliance risk area that we'll be looking at and then in addition finally just more money more money federal money at stake yeah I don't really I don't really see that I mean the state resources for enforcement are limited I certainly don't see the states exercising compliance leadership like the office of inspector general as has done over the years it's going to be interesting why don't you talk a little bit about the things that your office tries to do to to you know take a leadership position on compliance because I think of all the government agencies the Office of Inspector General of HHS really has has taken on this role the most effectively but what are the kinds of things that you know when you wake up in the mornings we're going to do repeatedly you're tired well first of all historically you can go back 25 years to when Congress gave us the responsibility of issuing safe harbor regulations under the kickback statute and we did those regulations at the same time we came up with fraud alert that we would issue to the public about joint ventures so we were identifying what you could do to comply with the law as we were required to do by Congress but we're also identifying problematic conduct and so over time when we started doing cia's we also try we put all those on our website and then we put out compliance guidance for anyone who wasn't under CIA to know what we thought were risk areas and what we thought were best practices to promote compliance and we've continued to do that through different forums and we've done in person training we've got videos on our website on a variety of topics of trying to both from talk about best practices but also risk areas and that really comes from a realization that we have a responsibility as we said to try to protect the integrity and economy and efficiency of the federal health care programs and we can't do that every every employee and oig if you look at all the auditors and investigators and lawyers we're responsible per per person for over half a billion dollars of federal spending we can't really monitor that by ourselves so we have been able to and promoted voluntary compliance and it's a credit to the industry that we've got the health care compliance association is such a large organization you are out there on the front lines of doing work that really benefits all the government and all the taxpayers and the federal health care programs that we are remain committed to that doing what we can to promote voluntary compliance and give information to the industry as well as our enforcement and auditing and evaluation rules where we're almost out of time I guess I want to ask you dr. Herman so does this make you want to go back to but health care and make a request of the board for expanded resources for your compliance Department well or do you want to ask John fell so town I not to retire and to stay up for another bar challenge is going to be with all the changes in regulation building those into operations you know when I hear what he's been saying you know it's about behavior it's about conduct and it's about culture we can't brute force everything yeah what we're in kind of in an error right now is we're getting the regulations or something's happening it's just another sticky note on the computer screen that tells us to do something different we really have to build it into the culture and really have to build it into the operations we have to make sure that the right thing to do is the easy thing to do and so will be working with John and whatever resources he needs he'll get but he and I sit down and decide what he needs there you go John and then we work it from there but we're committed to building the same culture of accountability for compliance that we are for quality and safety and our organization that's how we'll continue to take great care of patients now in the future I think that's a wrap we're out of time thanks very much for your attention