Warning: Why Subcontracting Your Compliance Officer Should Be Avoided

Posted on in HME Government Issues

By: Wayne van Halem, president, The van Halem Group, a Division of VGM Group, Inc.

I recently had a conversation about compliance with the owner of a DME business. The owner told me that they had subcontracted their company’s compliance officer position, and they solicited my opinion on this topic. This certainly isn’t the first time I have heard about subcontracting the compliance officer position, but it seems to be more common these days.  

Let me provide full disclosure that at The van Halem Group, we provide a wide variety of compliance services to our clients, including monthly packages that are specifically designed to assist an organization’s compliance officer. We do not, however, act as a subcontracted compliance officer and do not recommend this for our clients. Our recommendation has always been to appoint someone from within your organization as was suggested by the Office of Inspector General (OIG) in their Compliance Program Guidance for the DMEPOS Industry released in the Federal Register way back on July 6, 1999.

Specifically, the OIG notes, “Designating a compliance officer with the appropriate authority is critical to the success of the program, necessitating the appointment of a high-level official in the DMEPOS supplier with direct access to the DMEPOS supplier’s owner(s), president or CEO, governing body, all other senior management, and legal counsel.”

As a member of the Health Care Compliance Association, I have attended and served as faculty at their conferences. I have heard representatives from the OIG on more than one occasion say that the compliance officer position should not be a subcontracted position. Any true compliance “expert” should understand this and not participate in this type of activity.

Essential Elements of OIG’s Program

The OIG’s program describes seven elements for an effective compliance program, two of which are designating a compliance officer and developing effective lines of communication. Let’s examine how these two elements make the need for an internal individual acting as your compliance officer essential.

The OIG specifically states in their guidance, “The compliance officer should be highly enough placed in the company so that he or she can exercise independent judgment without fear of reprisal, and so that employees will know that bringing a problem to that person’s attention is not a wasted exercise.” While the program outlines many responsibilities of the compliance officer, the main theme throughout is that the compliance officer needs to know what is going on with all facets of the organization and be available to provide support, education and implementation. Developing a rapport with staff and having an innate familiarity with the internal policies and procedures is integral to the success of a compliance officer. A subcontractor, perhaps one who serves as a compliance officer for multiple entities, is unable to establish the necessary relationship with employees.

Effective Lines of Communication

Another one of the seven elements is to develop effective lines of communication. The OIG states that an open line of communication between the compliance officer and the employees is equally important to the success of the compliance program and the reduction of potential fraud, abuse and waste. If there is any question or confusion about processes that could lead to potential fraud, an employee needs an easy path to the compliance officer to seek answers.

For both elements, it is clear that the compliance officer needs to be someone who the employees can identify and go to should they have a compliance concern. If the compliance officer is outside of the organization, it makes reporting a much more difficult process and may result in slower response times to investigate concerns appropriately. Non-reported incidents could lead to compliance issues or concerns that result in unnecessary scrutiny or actions taken by the government, including extrapolated overpayments or even worse, criminal or civil penalties. 

No Need for New Position

It is important to note that it is not necessary to create a new position to employ a full-time compliance officer. In fact, the OIG acknowledges that the role of compliance officer may be added to an existing employee’s responsibilities, depending on the size and resources of your organization. This furthers the need for the appointed position to be internal.

Although it is imperative that the role of compliance officer stay in-house – to ensure that your organization easily and effectively promotes and maintains a compliant environment – there are several other areas of your compliance program that can be subcontracted, including:

  • Development of a compliance manual
  • Reporting mechanisms such as anonymous hotlines and email
  • Annual training
  • Auditing and monitoring

In fact, the OIG requires companies that enter into a Corporate Integrity Agreement (CIA) to address compliance issues they had to hire an independent review organization (IRO), such as The van Halem Group, to perform the required internal audits.

If you are currently subcontracting your compliance officer role, I recommend you reconsider based on this information. If you are interested in some of our services designed to assist and complement the work performed by your compliance officer, in an effort to have a comprehensive program that meets the guidelines outlines by the OIG, please feel free to contact me at [email protected] for more information.