Since 2010, the Affordable Care Act came into force in the U.S., which required the existence of a compliance program for the so-called Medicare and Medicaid providers (which covers medical/hospital facilities and pharmaceutical companies). Moreover, the North American standard counts with specialized agencies to audit and to inspect such healthcare companies, who imposes fines for the non-compliance, such as the OCR (Department of Health and Human Services Office for Civil Right), main public agency responsible for the HIPAA (Health Insurance Portability and Accountability Act) compliance.
Important to have in mind, that since 1996, HIPAA establish a set of national rules of information protection from health sector in the U.S., covering several types of entities, such as hospitals, diagnostic companies and even universities. Altogether, some pillars for the compliance program of those entities should be focused on HIPAA accomplishment, whereas it regulates confidentiality issues, data protection and integrity at working environment,
In addition, as guidelines for healthcare compliance programs, since 1997 the U.S. counts with some concepts established by the OIG (Department of Health and Human Services Office of Inspector General) through the publication “OIG Compliance Program for Individual and Small Group of Physician Practices”. The OIG is responsible for fraud investigations in health programs conducted by the North American government, however, this department came to pronounce on ideal parameters of a healthcare compliance program, what was followed by most of the companies in that country as the best practice in health sector.
When comparing the regulation of the other corporate compliance programs in the U.S., supported by the U.S. Sentencing Guidelines and the most recent guideline from the U.S. Department of Justice, “Evaluation of Corporate Compliance Programs”, the healthcare programs are not so far from the corporate programs, following a natural trend of best practices for compliance, meanwhile, with a greater focus on the needs that health sector requires. According to OIG, the healthcare compliance program has seven pillars, as follows:
1. Implement written compliance policies, procedures, and standards of conduct;
2. Designate a compliance officer and compliance committee, who will be responsible for monitoring compliance efforts and enforcing practice standards;
3. Conduct effective training and education on the compliance policies, procedures, and standards of conduct;
4. Develop effective lines of communication to facilitate communication with staff and allow anonymous reporting mechanisms;
5. Conduct internal monitoring and auditing by performing periodic self-audits;
6. Enforce standards for employees through well-publicized disciplinary guideline;
7. Respond promptly to detected offenses and develop corrective action plans.
By: Hítalo Henrique do Amaral Silva
Hítalo Silva is a Brazilian lawyer graduated from Centro Universitário do Estado do Pará (CESUPA), where received a Bachelor of Laws (LL.B.), and he has a Master’s Degree (LL.M.) in American Legal System with a focus on International Business Transactions from the University of Missouri-Kansas City (UMKC) School of Law. Hítalo also has specialization in contemporary legal systems at the Universidad Complutense de Madrid – UCM.