Upload File

20 key considerations for implementing an effective corporate compliance program

  • Home
  • Health & Medicine
  • 20 Key Considerations for Implementing an Effective Corporate Compliance Program
2
ATTORNEY ADVERTISEMENT This fact sheet is intended as a general introduction to health care/life sciences corporate compliance programs and is not intended to provide legal advice as to any specific compliance program; it will not be deemed to create an attorney/client relationship between Cooley LLP and the reader; and you may not rely upon any of the statements contained herein for purposes of any specific matter. Each corporate compliance program is unique, and will involve complex legal issues that can only be properly analyzed by an attorney who is retained by you to provide you with legal advice specific to the facts and circumstances pertaining to that matter. © 2015 Cooley LLP HEALTH CARE/LIFE SCIENCES REGULATORY 20 Key Considerations for Implementing an Effective Corporate Compliance Program 1. BOARD COMMITMENT. A critical fiduciary responsibility of the Board of Directors of health care and life sciences companies is commitment to, and ongoing oversight of, the corporate compliance program. Boards must formally recognize this commitment to corporate compliance through a Board resolution and continue to allocate appropriate corporate resources to support the corporate compliance program. 2. LEADERSHIP & TONE AT THE TOP. Great leaders understand the critical importance of corporate compliance, have the strength to do the right thing in the face of adversity, inspire others to operate in an ethical manner, and make hard decisions. Great leaders also set the tone for the organization by being models who practice what they preach, uninfluenced by personal gain. Leadership support of the corporate compliance program must be visible, strong and reiterated frequently. 3. RESOURCES. Without the necessary resources – including staff and budget – it is a significant challenge to build, implement and maintain an effective corporate compliance program. Although the size of the corporate compliance program will vary by company based on a number of factors, including the company’s size, structure, operations and product portfolio, the level of resources available must be sufficient to support this infrastructure and adjust to address company and industry changes. 4. COMPLIANCE INFRASTRUCTURE. It is critical for the Compliance Officer to have a prominent position in the company with direct, unfettered access to all members of the company’s leadership team and Board of Directors. The Compliance Officer also must be supported by a Compliance Committee (or similar structure) that is designed to assist the Compliance Officer in the operation of the corporate compliance program on a day-to-day basis. 5. GLOBAL INTEGRATION. In today’s global market, global organizations must consider an integrated compliance infrastructure that includes compliance resources throughout the organization. This allows the company to maintain centralization of critical activities, while still allowing for customization to address local rules, practices and traditions. 6. RISK ASSESSMENT. A critical component of implementing and maintaining an effective corporate compliance program is understanding business functions, product portfolio and service offerings to identify potential risk areas. Risk assessments can assist the company in prioritizing compliance activities and allocating resources efficiently and effectively. 7. OPEN LINES OF COMMUNICATION. Employees, agents, vendors and others must know that they are able to report a compliance concern and have confidence that the company will address the report effectively. Any act of retaliation and retribution for a compliance concern reported in good faith must not be tolerated by the company. 8. COMPLIANCE STANDARDS & CONTROLS. In addition to a corporate code of conduct that addresses health regulatory requirements, companies must develop a wide range of user-friendly compliance policies, procedures, forms and checklists. These documents must be designed to clearly establish the rules for conducting business activities and the processes that must be followed for each activity. 9. TRAINING. Compliance training must be timely, effective and conducted regularly. It is critical to train the correct people on relevant topics in an appropriate format, test these individuals to ensure understanding, and maintain appropriate records of all training activities.

Upload: market-it

Post on 19-Jul-2015

133 views

Category:

Health & Medicine


0 download

Report

TRANSCRIPT

Page 1: 20 Key Considerations for Implementing an Effective Corporate Compliance Program

ATTORNEY ADVERTISEMENT

This fact sheet is intended as a general introduction to health care/life sciences corporate compliance programs and is not intended to provide legal advice as to any specific compliance program; it will not be deemed to create an attorney/client relationship between Cooley LLP and the reader; and you may not rely upon any of the statements contained herein for purposes of any specific matter. Each corporate compliance program is unique, and will involve complex legal issues that can only be properly analyzed by an attorney who is retained by you to provide you with legal advice specific to the facts and circumstances pertaining to that matter. © 2015 Cooley LLP

HEALTH CARE/LIFE SCIENCES REGULATORY

20 Key Considerations for Implementing an Effective Corporate Compliance Program

1. BOARD COMMITMENT. A critical fiduciary responsibility of the Board of Directors of health care and life sciences

companies is commitment to, and ongoing oversight of, the corporate compliance program. Boards must formally recognize

this commitment to corporate compliance through a Board resolution and continue to allocate appropriate corporate

resources to support the corporate compliance program.

2. LEADERSHIP & TONE AT THE TOP. Great leaders understand the critical importance of corporate compliance, have

the strength to do the right thing in the face of adversity, inspire others to operate in an ethical manner, and make hard

decisions. Great leaders also set the tone for the organization by being models who practice what they preach,

uninfluenced by personal gain. Leadership support of the corporate compliance program must be visible, strong and

reiterated frequently.

3. RESOURCES. Without the necessary resources – including staff and budget – it is a significant challenge to build,

implement and maintain an effective corporate compliance program. Although the size of the corporate compliance

program will vary by company based on a number of factors, including the company’s size, structure, operations and

product portfolio, the level of resources available must be sufficient to support this infrastructure and adjust to address

company and industry changes.

4. COMPLIANCE INFRASTRUCTURE. It is critical for the Compliance Officer to have a prominent position in the company

with direct, unfettered access to all members of the company’s leadership team and Board of Directors. The Compliance

Officer also must be supported by a Compliance Committee (or similar structure) that is designed to assist the Compliance

Officer in the operation of the corporate compliance program on a day-to-day basis.

5. GLOBAL INTEGRATION. In today’s global market, global organizations must consider an integrated compliance

infrastructure that includes compliance resources throughout the organization. This allows the company to maintain

centralization of critical activities, while still allowing for customization to address local rules, practices and traditions.

6. RISK ASSESSMENT. A critical component of implementing and maintaining an effective corporate compliance program

is understanding business functions, product portfolio and service offerings to identify potential risk areas. Risk

assessments can assist the company in prioritizing compliance activities and allocating resources efficiently and effectively.

7. OPEN LINES OF COMMUNICATION. Employees, agents, vendors and others must know that they are able to report a

compliance concern and have confidence that the company will address the report effectively. Any act of retaliation and

retribution for a compliance concern reported in good faith must not be tolerated by the company.

8. COMPLIANCE STANDARDS & CONTROLS. In addition to a corporate code of conduct that addresses health

regulatory requirements, companies must develop a wide range of user-friendly compliance policies, procedures, forms

and checklists. These documents must be designed to clearly establish the rules for conducting business activities and the

processes that must be followed for each activity.

9. TRAINING. Compliance training must be timely, effective and conducted regularly. It is critical to train the correct people

on relevant topics in an appropriate format, test these individuals to ensure understanding, and maintain appropriate

records of all training activities.

Page 2: 20 Key Considerations for Implementing an Effective Corporate Compliance Program

COOLEY HEALTH CARE/LIFE SCIENCES REGULATORY

ATTORNEY ADVERTISEMENT This fact sheet is intended as a general introduction to health care/life sciences corporate compliance programs and is not intended to provide legal advice as to any specific compliance program; it will not be deemed to create an attorney/client relationship between Cooley LLP and the reader; and you may not rely upon any of the statements contained herein for purposes of any specific matter. Each corporate compliance program is unique, and will involve complex legal issues that can only be properly analyzed by an attorney who is retained by you to provide you with legal advice specific to the facts and circumstances pertaining to that matter. © 2015 Cooley LLP

10. INVESTIGATE & CORRECT. Conducting an efficient and effective internal investigation is a challenge for many

companies. When a potential compliance concern is identified, the internal investigation must be designed and conducted

in order to determine whether a compliance violation occurred and the root cause of the violation. The company also must

take swift corrective action to address the current compliance violation and prevent similar future misconduct.

11. MONITOR. An effective corporate compliance program does not simply wait for potential compliance concerns to be

brought to its attention, but also uses auditing and monitoring to proactively identify potential issues and program

weaknesses. Findings from auditing and monitoring must be used to update and inform other aspects of the corporate

compliance program, including compliance standards and training.

12. BUSINESS PARTNERS. Because a company may be responsible for the misconduct of its business partner, contractor,

third-party intermediary or other agent, an effective corporate compliance program ensures that robust due diligence of new

business partners is conducted. Additionally, effective internal controls relevant to business partners must be established

and compliance training provided. Audit rights should be exercised regularly.

13. BACKGROUND CHECKS. Background checks of employees and business partners must be conducted prior to entering

into a new relationship, as well as on a regular basis thereafter. It also is critical to require employees and business

partners to notify the company of a debarment, exclusion, suspension or other criminal activity that impacts the

relationship.

14. CERTIFICATIONS. Compliance officers provide external certifications related to the corporate compliance program for a

variety of reasons. Compliance officers must establish robust processes to evaluate relevant information and data related

to the certification and conduct follow-up prior to submitting any certification. Compliance officers also should consider

whether downstream certifications from company management, employees and/or business partners are appropriate to

establish compliance oversight and accountability.

15. BRANDING. In the same way that the company and its products or services are each branded, the corporate compliance

program should have its own branding that is memorable and meaningful. This branding should be used consistently and

broadly to remind company employees and others about the program and its purpose.

16. BUSINESS INTEGRATION & COLLABORATION. An effective corporate compliance program will include methods to

integrate into business activities to provide compliance personnel with a deeper knowledge of business activities,

processes and systems. In addition to the better design of compliance standards and controls, employees and vendors are

more likely to view compliance as a routine part of the business rather than a department to fear. It also is critical to foster

a collaborative working relationship with departments essential to the success of the corporate compliance program,

including Legal, Human Resources and Internal Audit.

17. CONNECT WITH FIELD EMPLOYEES. Findings ways to connect and interact with field employees is a particular

challenge of corporate compliance departments. An effective corporate compliance program will include a variety of

mechanisms to reach these employees specifically, such as live compliance presentations at meetings and compliance

“champion” or “ambassador” programs.

18. EXTERNAL REVIEW. Companies should consider hiring a third-party to conduct an assessment of the corporate

compliance program from time to time. These third-party assessments can provide the company with a fresh perspective

on the state of its corporate compliance program, including recommendations for improvement based on better industry

practices and trends.

19. BOOKS AND RECORDS. Documentation related to the corporate compliance program must be maintained in an

organized, easily accessible manner that reflects the circumstances in which it was created and used. This includes

processes for version control, privilege, and maintenance of historical documents.

20. REASSESS & IMPROVE. A corporate compliance program must be dynamic to respond to regulatory changes, address

new risk areas, and incorporate better industry practices. In other words, the work is never done.


Compliance Strategies Operational Considerations to Manage

Considerations for Implementing Voice- Controlled ......NASA/TM—2018—219980 Considerations for Implementing Voice-Controlled Spacecraft Systems through a Human-Centered Design

Implementing an EDRMS – Key Considerations (pdf, 254kb)

“Considerations for Implementing IPTV in Healthcare” · 2013-01-28 · Internet Protocol-based Television (IPTV) in Healthcare Considerations for Implementing IPTV in Healthcare

Legal considerations in developing and implementing the

Compliance and Employee Engagement Solutions, LLC …...Employer Wellness Programs- Employer Considerations Prior to implementing a wellness program ERS may take the following preventive

Implementing Effective Contractor Compliance Programs

Implementing a sustainable compliance framework

Practical considerations while implementing - Rochereagent-catalog.roche.com/documents/Practical... · Practical considerations while implementing a digital pathology solution I

Technical Operation Considerations for Implementing

Compliance Considerations in Pharmaceutical Product Development Compliance Considerations in Pharmaceutical Product Development John C. (Jack) Garvey,

358-2011: Considerations for Implementing a Highly

Considerations for Implementing International Standards ... · Considerations for Implementing International Standards and Codes of Conduct in National Invasive Species Strategies

Security and Practical Considerations when Implementing the ......Security and Practical Considerations when Implementing the Elliptic Curve Integrated Encryption Scheme V. GAYOSO

Practical Considerations in Implementing a Pediatric … · Practical Considerations in Implementing a Pediatric COA Measurement Strategy S ... study involving COAs for pediatric

Considerations for Implementing a Matter- Centric Document ...ilta.personifycloud.com/webfiles/productfiles/194/LAW3.pdf · Considerations for Implementing a Matter- Centric Document

Considerations when Implementing HIFIS

V&V Considerations In Implementing IEC61508-3

Ethics & Compliance Considerations

Considerations for Implementing a Hotel Revenue Management

CONSIDERATIONS FOR SMALL BUSINESSES IMPLEMENTING …

Considerations for Implementing Voice- Controlled

Considerations for Implementing Maintenance Line

Implementing Effective Contractor Compliance Programs

Key Policy Considerations When Implementing Next-Generation Firewalls

IMPLEMENTING NYS’MANDATORY COMPLIANCE ......1 IMPLEMENTING NYS’MANDATORY COMPLIANCE PROGRAMS A YEAR LATER: OMIG AND PROVIDER PERSPECTIVE HCCA Annual Compliance Institute April

Habitat Design Considerations for Implementing …...Habitat Design Considerations for Implementing Solar Particle Event Radiation Protection Matthew A. Simon and Martha Clowdsley

Practical Considerations for Implementing Prefabricated Data Centers

GOVERNANCE, RISK & COMPLIANCE CONSIDERATIONS IN …

COMPLIANCE CONSIDERATIONS

Resource Sharing Considerations of Implementing the Indian

Implementing a Converged Identification, Compliance and Reporting Strategy for Gaming Environments The Technologies and Considerations at Play Gaming Security

TECHNICAL AND OPERATIONAL CONSIDERATIONS FOR IMPLEMENTING ...apps.who.int/iris/bitstream/10665/128121/1/9789241507578_eng.pdf · technical and operational considerations for implementing

Compliance Officer Reports Key Issues & Considerations BVI Association of Compliance Officers

Scientific and Regulatory Considerations for Implementing ... · Scientific and Regulatory Considerations for Implementing Mathematical Models in the Quality by Design (QbD) Framework