Say Hello to the Chief Compliance Officer at a Pharmaceutical Company Near You
This article first appeared in Pharmaceutical Compliance Monitor on February 11, 2013.
As any teenager will tell you, nobody likes a snitch. When it comes to the antics of the adolescent, rarely is unwanted disclosure or unsolicited intervention met with appreciation. And yet, in observing the conduct displayed recently throughout many fields in our nation’s business sector, similar sentiment rang true across corporate America, and the moral “high road” was rarely found to intersect with the path most traveled. The health care industry was no different, and any strict constructionist interpretation of the Hippocratic Oath usually limited “do no harm” to the delivery of patient care in its most literal sense, foregoing the machinations conspiring behind the scenes to keep a hospital’s doors open in the face of a souring economic climate.
Now Is the Time for Compliance
The ethical transformation in health care that gained momentum one score and seven years ago has its origins in a law signed on March 2, 1863, by the president famous for the words “four score and seven years ago” uttered that same year. The False Claims Act (the “FCA”), also known as “Lincoln’s Law” and the “Informer’s Act,” has evolved considerably since its enactment to become the “primary litigative tool for combating fraud” (see S. Rep. 99-345, at 2 (1986)). Indeed, the FCA has altered the health care landscape so profoundly that even General Sherman would be envious of that single individual who now stands in prime position to survey the fraud and abuse behemoth from on high: Meet the modern day hall monitor, your Chief Compliance Officer.
The path from Lincoln’s Law to the 2010 Patient Protection and Affordable Care Act is anything but linear, and today’s Chief Compliance Officer must navigate through anti-fraud amendments, omnibus reconciliations, the 1981 introduction of civil monetary penalties for health care violations, the infamous Ethics in Patient Referral Act of 1989 (also known as the Stark Law), the anti-kickback regulations, and an ever expanding cadre of codified exceptions and advisory opinions. An apt description comes from the writings of Judge Billings Learned Hand: “Much of the law is now as difficult to fathom, and more and more of it is likely to be so; for there is little doubt that we are entering a period of increasingly detailed regulation, and it will be the duty of judges to thread the path through these fantastic labyrinths.” (Thomas Walter Swan, Learned Hand, In Memoriam, 57 Yale L.J. 167, 169 (1947)).
A Hero Rises to the Occasion
Finding the right compliance officer for pharmaceutical and biotechnology communities is no easy task, especially with a job description that implicitly includes “must read minds and be able to understand hundreds of pages of regulations on command.” The scrutiny under which these communities find themselves in modern American health care is no anomaly, and the myriad rules and regulations in the last decade alone are flanked by nothing less than advice from the Office of the Inspector General (“OIG Compliance Program Guidance for Pharmaceutical Manufacturers, 68 Federal Register 23731 (May 5, 2003)) and the highly anticipated final rules issued in February 2013 on transparency disclosures and reporting of physician ownership or investment interests by manufacturers of drugs, devices, and biological or medical supplies covered by most federal health programs. Known as the Physician Payments Sunshine Act, the industry must now report payments to physicians and teaching hospitals each year, as well as certain ownership and investment information relating to group purchasing organizations (to be codified in 42 C.F.R. Parts 402 and 403).
If that were not enough, the Chief Compliance Officer must also navigate through all 138 pages that make up the January 2013 changes to HIPAA and HITECH which, among other things, makes it clear that an annual fine to a covered entity or business associate may exceed the previously assumed cap of $1.5 million. As the Chief Compliance Officer begins to update each and every business associate agreement to which his or her company is a party, he must not forget that any health insurance benefits offered to employees should include preventative contraceptive care for women, at least until such time as the Roman Catholic Church enters the pharmaceutical or biotechnology sector. In a service oriented industry, a little knowledge about the Hospital and Physician Value-Based Purchasing Programs, the Hospital Readmission Program, and the Hospital Acquired Condition penalty might go far in building client relationships. Finally, if time permits, a frequent review of the operative OIG Work Plan is always in order, paying particular attention to company distribution of coupons and reconciliation of rebates, at least through 2013.
An Ordinary Day
Though compliance veterans know the health care industry lacks the functional equivalent of an ordinary day, constant vigilance in overseeing a company compliance program must be the mantra of any Chief Compliance Officer. While a company’s code of conduct and its written policies and procedures for compliance are intended to provide structure and focus, certain industry-wide “at risk” areas demand equal attention. Ten years after receiving guidance from the OIG, some tasks have not changed, such as maintaining the integrity of company data used by state and federal governments for payment purposes, monitoring any possible violations of the ever-expanding fraud and abuse laws, and ensuring that the company’s policy relating to drug samples is both understood and obeyed.
Having completed the aforementioned tasks before the morning’s first cup of coffee, only then can the Chief Compliance Officer review the company’s relationships with purchasers and their agents, paying careful attention to discounts and other remuneration, product support services offered that day, any upcoming educational grants, and pending research funding.
Behind a door that never closes due to the Chief Compliance Officer’s company-wide accessibility, lunchtime is spent trying to enjoy a home made sandwich and non-alcoholic beverage while reviewing marketing expenses relating to entertainment, recreation, travel or meals, not to mention gifts, gratuities and other business courtesies. A healthy lunch will be an advantage for tackling that first afternoon assignment, the careful review of company compensation arrangements with its sales agents. Only a rested and watchful eye should pour over data that includes the identity of the sales agent, amounts of compensation, the agent’s relationship with actual or potential buyers/providers, any marketing or promotional activity involved, the company product or products at issue, and the target audience for the sales agent.
Once this is done, a savvy Chief Compliance Officer will reserve the balance of the afternoon for any one of several meetings (scheduled or not) with company officers. This may include an interface with company auditors, the investigation of any compliance concern from the company hotline or any other reporting mechanism, a meeting with company counsel (in-house or outside as appropriate), and on a good day, an opportunity to connect with company leadership. Finally, should the Chief Compliance Officer find himself with a rare day in which he does not need to prepare for, respond to, or actually conduct a meeting of the company compliance committee, it would still behoove him to meet with one member from the compliance committee before leaving the office.
Of course, as many health care entities keep their doors open around the clock, it is never unwarranted to visit work between midnight and 4:00 a.m., if only just to say hello and cast a quick regulatory eye over the proceedings. If your Chief Compliance Officer happens to oversee such a facility, he or she may just be better off staying at the office until then. After all, with the new HIPAA/HITECH regulations and the Physician Payments Sunshine Act, to name just a few of the new regulations recently issued, chances are the Chief Compliance Officer has plenty of reading material to keep himself busy.
Such is the life of the Chief Compliance Officer, where a dull moment is as hard to find as issues that avoid ambiguity, complexity, or steep penalties. The next time you pass your company’s CCO in the hall, rather than avoiding eye contact or drawing silent comparisons to the hall monitors of youth, why not offer a smile and maybe even a nod of approval? If this is too much for your sensibilities to bear, just be thankful you don’t have to walk in his shoes.