Audit, continuous monitoring and review – and associated improvements – are key expectations in our Compliance programs.  Here are three areas to review if you’ve not re-visited these aspects of your program in a while, with some specially curated tips for healthcare Compliance officers.

1. Hotline abandonment rates

One of the areas we care about in respect of our Compliance programs is the abandonment rate of our hotline calls.  We often consider this to be an indicator of the quality of service of our external hotline provider – we want their call intake staff to answer the phone promptly and we want them to provide language support immediately where required.  Would it shock you to know that colleagues or third party stakeholders may be deterred from following through with their report due to… dun dun dun… us?  Mystery shop your hotline and listen to the preliminary recording supplied by the company. Does it drone on and on?  Are there scary references to data privacy and other legal points that aren’t explained in layman’s terms?  If it isn’t short, snappy, to the point and sounding welcoming, what can you do to address that?  Personally I’d go so far as to say that ideally it should sound warm and welcoming given reports are a gift and it is incredibly nerve wracking to make one.

2. Key Performance indicators

When we think of continuous monitoring and review, we often think of this practice in respect of the hard elements of our Compliance program.  But what about how we choose to measure our Compliance program? Have you ever gone back to the KPIs you created years ago and considered whether they are still fit for purpose? Have you thought about incorporating newer areas that are relevant to today’s Compliance Officer such as data analytics, behavioral science, AI/machine learning?  Even increased possibilities for discussing automation are likely to have presented themselves since you set up the KPI framework. Will you have any KPIs in respect of your ephemeral messaging policy (I know y’all are busy working on the logistics of audit and enforcement of those right now!). Where, if at all, should ESG, including DEI fit in? Would service level agreements be appropriate to introduce?

Given that this blog post is for Streamline Verify, it would be remiss of me to not suggest a KPI especially for our healthcare Compliance Officers in the community administering the exclusion checks process for their healthcare system:

Zero instances warranting voluntary disclosure to the OIG for employing or contracting with an excluded party.

Pro tip to keep in mind with the above KPI: If you’re never getting an exclusion or sanction hits, you should confirm everything is configured correctly – courtesy of Samantha Kelen, Chief Compliance Officer of Stellar Health.

3. Your Compliance Policies

You probably already know that it’s best practice to review your Code of Conduct and update it every once in a while.  This is especially important for healthcare companies that, unlike many other industries, have not been as fast to adapt to more visually appealing, easier on the eye Codes that no longer represent pages of black and white text in Times New Roman font.  Compare your Code design and appearance with that of organizations such as Kohls’s, L’Oreal, and Nokia.  Note how much easier it is for your mind to process the information when it’s broken up and segmented carefully.  Thumbs up to Cleveland Clinic for a rare, clear and concise Code that is user friendly for stakeholders in the healthcare space!

Snap Inc re-launching their Code in 2021 was a great example of leveraging the revised document to highlight how they prioritize kindness.  Is your primary focus patient care as a healthcare company?  How might you re-imagine your Code to weave that signature theme into this document? The year before, Novartis told the story of their new Code that incorporated behavioral science and was “co-created” with the business.  These novel approaches reminded the rest of us about the value and necessity of keeping our Codes modern and fresh. But what about all of your other Ethics and Compliance policies? Has it been too long a sip between drinks since reviewing them?  Do you still have policies that sound like they were drafted by lawyers, for lawyers? Have you incorporated tone from the top? Have you thought about leveling up your tone from the top, for example by way of including ethics quotes from leaders across many areas of the business, a la the McDonalds Supplier Code of Conduct? (Source: https://corporate.mcdonalds.com/content/dam/sites/corp/nfl/pdf/Supplier_Code_of_Conduct.pdf) Have you considered modernizing them at all?  For example, would infographic style policies suit your organization?  Have you ever tried asking key business stakeholders who must apply certain policies to explain to you in their own words what the policy requires and what feedback they’d have for you if you were to revise it?  Have you started to draft a policy around your company’s use of Artificial Intelligence yet?

We hope these questions help to inform your Compliance program activities this year and address an opportunity or two to supplement your best practices with even more of them and perhaps even inspire you to do some trail blazing, just like McDonalds, Novartis and Snap!