Compliance Perspectives

By Adam Turteltaub If all you’re worrying about is tone at the top, you’re missing a key portion of the choir. With most people reporting to middle managers, they play in integral role in ensuring a culture of compliance and ethics truly permeates the organization. Evie Wentink, Senior Compliance Consultant at Ethical Edge Experts observes that while many organizations invest in crafting comprehensive codes of conduct and articulate expectations for ethical leadership, they often fall short in equipping managers with the tools, training, and support necessary to fulfill those expectations. This gap can undermine the effectiveness of compliance efforts and leave companies vulnerable to ethical lapses. At the heart of the issue is a lack of intentional communication. Middle managers are frequently expected to embody and promote ethical leadership, yet they are rarely given a clear understanding of what that entails. To bridge this gap, organizations must develop structured plans that define ethical leadership in practical terms. These plans should include specific deliverables, resources, and expectations tailored to the manager’s role. By doing so, companies can ensure that managers are not only aware of their responsibilities but also empowered to carry them out effectively. Authentic, ongoing conversations led by these managers are a cornerstone of a successful compliance culture. These discussions should not be limited to formal training sessions or annual reviews. Instead, they must be woven into the fabric of everyday operations. Managers should be encouraged—and required—to initiate “ethics or integrity minutes” at the start of team meetings. These brief segments provide a consistent opportunity to address ethical topics, reinforce values, and normalize open dialogue about compliance issues. To support these conversations, organizations should provide managers with practical tools. These might include: Ethics spotlight cards that highlight key compliance themes. News articles that can be used to spark discussion around real-world ethical dilemmas. Access to updated policies and codes of conduct, with notifications when changes occur. Tracking and analyzing these conversations is equally important. Compliance teams should maintain records of who is engaging in discussions, what topics are being covered, and which issues are generating the most questions. This data can be invaluable in identifying risk areas, refining training programs, and tailoring future communications. Often, the most common questions arise immediately after a training session, indicating that such moments are prime opportunities for deeper engagement. Moreover, it’s essential to recognize the broader impact of middle management on organizational integrity. Prosecutors and regulators increasingly view middle managers as pivotal figures in corporate misconduct cases. Their actions—or inactions—can significantly influence whether a company succeeds or fails in maintaining ethical standards. Consequently, fostering a culture of accountability and proactive communication at this level is not just beneficial—it’s critical. Ultimately, the goal is to create an environment where ethical conversations are natural, frequent, and valued. When managers consistently lead by example and facilitate open dialogue, employees become more comfortable raising concerns and asking questions. This cultural shift enhances transparency, reduces risk, and strengthens the overall integrity of the organization. In summary, bridging the compliance gap at the middle management level requires a multifaceted approach: clear expectations, practical tools, authentic conversations, and ongoing tracking. By investing in these areas, organizations can transform their compliance programs from static documents into dynamic, living systems that truly support ethical behavior at every level from the top on down.

By Adam Turteltaub Despite being a Civil War era statute, the False Claims Act (FCA) always has something new going on. To find out what’s hot these days, we spoke with Joshua Drew (LinkedIn), a former federal prosecutor and chief compliance officer and currently a Member at Miller & Chevalier. Lately, he explains, there has been a steady stream of activity. May: The Civil Rights Fraud Initiative was announced by the administration and proposes to use the FCA against any federal funding recipient that it believes are operating DEI initiatives that violate antidiscrimination laws. July: A new working group was created between the DOJ and HHS to focus on healthcare and life sciences. It encouraged whistleblowers to file action in areas such as Medicare Advantage, drug device and biologics pricing and barriers to patient access, amongst others. August: A trade task force was created to encourage whistleblowing against tariff violators. All of this occurs against a backdrop of activity by the Administration to identify and fight waste, fraud and abuse. Listen in to learn more about where the Administration is focusing and what compliance teams can learn from recent actions.

By Adam Turteltaub Lewis Eisen (LinkedIn) is the author of the book RULES: Powerful Policy Wording to Maximize Engagement, and he wants to change the way people think about and write policies. Too often, he observes, policies contain parent-child language, with a scolding tone that turns people off and keeps them from wanting to read the policy, or even follow it. It also contains a great deal of complexity, laying out all the many processes and procedures. Instead, he recommends that companies adopt policy statements that are simpler and can tie values that people can identify with. All the other stuff – complex procedures, examples, backgrounds and so forth – belongs elsewhere he argues, for employees to see after they have had the opportunity to see the policy and buy into it. It’s an intriguing approach. Listen in to learn more about how to reimagine your policy-making process.

By Adam Turteltaub Why? Why are you asking that? Do you really need to know it? Is it going to tell you something you need to know? Is it a question that anyone could even answer? All of these are questions to ask yourselves and colleagues when they propose adding an item to your due diligence questionnaire. As Kristy Grant-Hart (LinkedIn), author, speaker and Head of Advisory at Spark Compliance, which is now owned by Diligent, explains, too often due diligence questionnaires are filled with questions that are unnecessary at best and counterproductive at worst. They are born out a desire to cover all the bases not necessarily get you just the information you need. Instead of throwing in everything including the kitchen sink, it’s far better to take, as elsewhere, a risk-based approach. Work directly with those who own the risk review. And, if the response doesn’t matter, don’t ask the question. Listen in to learn more about how to create a due diligence questionnaire that gets the answers you need, and not the ones you don’t.

By Adam Turteltaub With a rising focus on value-based care, and a new program seeking to make the approach mandatory, we spoke with Ed White (LinkedIn), Partner at Nelson Mullins. Previous efforts to move toward value-based models, such as Accountable Care Organizations (ACOs), faced significant barriers due to regulatory frameworks like the Stark Law and Anti-Kickback Statute. These laws were designed to prevent financial incentives from influencing medical decisions, but they also limited the ability of hospitals and physicians to collaborate in ways necessary for effective value-based care implementation. Recognizing these constraints, CMS and the Office of Inspector General (OIG) collaborated in 2020 to issue new regulations aimed at facilitating the transition to value-based care. The next step in the transition is the new Transforming Episode Accountability Model or TEAM program, which will become mandatory in 2026. This program includes 740 hospitals across the country and targets five specific surgical procedures. Participating hospitals must coordinate care with a range of providers—including specialists, primary care physicians, labs, durable medical equipment (DME) providers, hospice agencies, and others. The TEAM program is designed to last for five years, during which time hospitals are responsible for ensuring that patients are connected to appropriate post-discharge care, including follow-up with primary care providers. The goal is to reduce complications, avoid emergency room readmissions, and promote better health outcomes—all while keeping costs below a CMS-established target price. To drive efficiency, the TEAM program introduces three financial risk “tracks”: Upside-only track – Hospitals can earn shared savings if costs come in below the target price. Moderate risk (upside/downside) track – Hospitals can either earn savings or incur penalties depending on performance. Full-risk track – This track will offer both greater risks and rewards. According to industry consultants, two-thirds of participating hospitals are expected to lose money in the early phases of the TEAM program. Hospitals must rethink their compliance, care coordination, and partnership strategies in the wake of these changes. Listen in to learn more about what this all means for your compliance program both today and in the future.

By Adam Turteltaub When Garth Jordan learned about the opportunity to lead the SCCE & HCCA, he was excited about the idea of helping to build trustworthy organizations. And, the more he spoke with the board and talked to his peers, the more convinced he was that this was the role for him. Unlike our previous CEOs he came to the association not from compliance, but from the field of association management. He has served in leadership roles for the American Animal Hospital Association, Healthcare Financial Management Association and Medical Group Management Association. As he looked at SCCE & HCCA he saw a great opportunity for growth and greater impact. He tell us in this podcast that he will be focusing on the complete range of things that we do, from publishing to creating events to providing certifications to facilitating networking. Listen in to learn more about him and how he plans on using design thinking to help create a robust future for the SCCE & HCCA.

By Adam Turteltaub Being a leader is hard. Being a compliance leader is harder. Being a compliance leader in fast-changing times takes it up yet another level, but it’s not impossible. Kim Jablonski, Chief Compliance & Ethics Officer at Bristol Myers Squibb shares that with these challenges it’s important for leaders not to think in static terms but to recognize that the landscape is constantly changing. The transformations include not just new laws and regulations but also new expectations for compliance programs, such as when it comes to taking a more data-driven approach. At the same time, though, some things don’t change. For example, you need to communicate with the workforce the importance of acting with integrity, even when there is business pressure to deliver. That same message should come from leadership as well so that employees see integrity as a part of the culture and behavioral expectations. For their part, compliance leaders, and their teams, need to have a deep understanding of the business and how it works. They must also be flexible with more than one solution to a problem. She also advocates for a collaborative approach. Working together with a wide range of internal teams leads to better outcomes, both from a compliance and business perspective. Most notably of all, she shares an insight that is relatable and very eye opening: We all have obstructed view seats. As she explains, we all only see a part of the picture and need to be mindful that we benefit from the views of others and that bad decisions are often the product of not being able to see the whole panorama before us. Listen in for more eye-opening insights.

By Adam Turteltaub Things are a bit out of balance when it comes to Business Associates (BAs) in healthcare. Organizations invest a great deal of time and resources in vetting these third parties to make sure that they will safely handle data from the covered entity. But, when the relationship ends, those same organizations may overlook the risks to their data post-separation. The problem is complex because different BAs will fall under different regulations and use data differently. Some may process but not retain data. Others may have terabytes of your data to return or destroy immediately. For others, there may be a law or regulation requiring them to hold onto that data for several years. The compliance team, explains Marti Arvin (LinkedIn), Vice President, Chief Compliance and privacy Officer at Erlanger Health System, needs to ensure it is part of the process whenever a BA relationship is coming to an end. At that point, it’s time to reach out to the BA to ensure there is a plan in place for how data will be handled, and to begin documenting the process. This helps in case there is an incident later. Listen in to learn more about what you can and should be doing to ensure that the close-out process is as healthy as it should be.