Loading presentation...

Present Remotely

Send the link below via email or IM

Copy

Present to your audience

Start remote presentation

  • Invited audience members will follow you as you navigate and present
  • People invited to a presentation do not need a Prezi account
  • This link expires 10 minutes after you close the presentation
  • A maximum of 30 users can follow your presentation
  • Learn more about this feature in our knowledge base article

Do you really want to delete this prezi?

Neither you, nor the coeditors you shared it with will be able to recover it again.

DeleteCancel

Make your likes visible on Facebook?

Connect your Facebook account to Prezi and let your likes appear on your timeline.
You can change this under Settings & Account at any time.

No, thanks

Corporate Compliance

No description
by

Joseph Valdalez

on 22 March 2016

Comments (0)

Please log in to add your comment.

Report abuse

Transcript of Corporate Compliance

Corporate Compliance Responsibilities
BAA
HIPAA
Report Non-compliance
Navigating Corporate Compliance

7 Elements
Element #1
Compliance Officer and Compliance Committee
Element #2
Code of Conduct and Policies & Procedures
Code of Ethics and Standards of Conduct (The Code)
Element #4 Effective Lines of Communication
Element #5 Monitoring and Auditing
Element #7 Enforcing Disciplinary Standards
Element #3 Training and Education
Element #6 Responding Promptly to Detected Non-compliance
Juan DeLeon, HPS Chief Compliance Officer (CCO)
Leads the Corporate Compliance Program
Regular compliance updates to Compliance Committee
Oversight of organization's compliance with internal and external requirements
Why do we need a compliance department?
#1 The federal government recommends certain organizations (e.g. health plans that offer on-exchange plans) and their contracted entities (e.g. HPS) maintain an effective compliance program

#2 HealthPlan Services (HPS) clients (carriers) expect HPS to have a formal compliance program

#3 To identify and remediate potential non-compliance

#4 Its the right thing to do
Did you know...

The Federal Sentencing Guidelines provide detailed recommendations on maintaining an effective compliance program. These recommendations are commonly referred to the "7 Elements of an Effective Compliance Program".
Applies to all associates, vendors, and contractors of HPS
Provides a guide to making the right, ethical decisions
Topics include: Conflict of Interest, Reporting non-compliance, Audits, and Investigations
Policies and Procedures (P&Ps)
Guide the organization in complying with internal and external requirements
Some P&Ps apply to all associates, while other P&Ps may be specific to departments
Can be accessed on the Corporate Compliance SharePoint site
Compliance Training
Applies to all associates, vendors, and contractors
Ensures associates are aware of compliance obligations
Failure to complete may result in system termination and possible disciplinary action(s)
Training Includes:
The Code
Fraud
HIPAA Privacy/Security
Resources to report noncompliance and receive compliance guidance
Resources include:
Compliance Hotline
Compliance email (HPScorporatecompliance@healthplan.com)
Compliance Officer
"Compliance and You" Newsletter
Compliance communications
Validates if the organization is compliant
Identifies potential risks
Monitoring=Real time with quick actions
Auditing=Targets specific business components in a specified time frame

Prompt review and investigation on identified gaps and/or allegations
Remedial actions on identified non-compliance
Investigations
Hot Topics
Your Obligation
Resources
All allegations of non-compliance are investigated by the Corporate Compliance Department
All investigations are treated confidentially
Associates, vendors, and contractors are required to participate with a compliance investigation
Compliance materials can be accessed from the Corporate Compliance SharePoint site.
Available materials include:
The Code
Conflict of Interest Form
Policies and Procedure Template
All associates are expected to follow The Code and applicable Policies and Procedures
All associates are required to report non-compliance to the compliance team
Associates that do not report non-compliance are in direct violation of The Code and subject to disciplinary measures including but not limited to termination
Health Insurance Portability and Accountability Act (HIPAA)
Federal Government standards that outline how we must handle an individual's protected health information (PHI)
PHI includes: name, address, phone number, social security number, and health plan account numbers
Agreements with our clients (carriers) require that we have processes in place to ensure we are HIPAA compliant
Violations can result in monetary fines and loss of business
Business Associate Agreement (BAA)
HPS is a "Busines Associate"
A Business Associate is person or entity that creates, receives, maintains, or transmits PHI on behalf of a covered entity.
Business Associates, such as HPS, are also required to comply with HIPAA
HealthPlan Services must comply with HIPAA while rendering services to our clients under BAAs
Standards require organizations to implement measures to protect an individual's payment card information
Associates are prohibited from writing down any individual's payment information
Payment information includes: Cardholder name, Cardholder address, and Cardholder account number
Payment Card Industry (PCI) Data Security Standards


Privacy Program
Natarsha Nesbitt, HPS Privacy Officer

Provides oversight over the organization's privacy program
Responsible for reporting privacy non-compliance to clients and regulators
Enforces internal and external regulations
Incident Reporting
All privacy related incidents must be reported to the privacy team
Incidents must be reported by completing the HIPAA Incident Report Form (accessible from the privacy SharePoint site)
Completed forms must be emailed to privacysecurity@healthplan.com

It is everyone's responsibility to speak up and report non-compliance
You can report concerns of non-compliance via numerous channels
You have the right to remain anonymous when reporting possible non-compliance
HPS has a zero tolerance policy for retaliation

Non-compliance Reporting Channels
Juan DeLeon, Compliance Officer: 813-289-1000 x7004186
Natarsha Nesbitt, General Counsel & Privacy Officer: 813-289-1000 x7002724
Jay Schwitzgebel, Security Officer: 813-289-1000 x7002029
Human Resources
Your Supervisor or Manager (so long as they are not involved with the non-compliance)
Corporate Compliance Email: HPScorporatecompliance@healthplan.com
Recap
Compliance is here to protect you and the organization
The compliance program adopts many of its values from the Federal Sentencing Guidelines
Associates are obligated to follow internal (e.g. Code, P&Ps) and external guidelines (e.g. HIPAA and PCI)
It is your obligation to report non-compliance
If you have any questions please contact Corporate Compliance at:
HPSCorporateCompliance@healthplan.com
Disciplinary standards enforced with P&Ps
Consistent disciplinary actions
The Corporate Compliance, Legal, Human Resources, and Regulatory Affairs departments all share the same goal of protecting the organization and its employees, but each have different roles and responsibilities.


Department Roles and Responsibilities
Corporate Compliance
Compliance Oversight
Audits
Monitoring
Investigations
Policy and Procedures
Legal
Human Resources
Contract Review
Litigation
Subpoenas
HIPAA Privacy
Corporate Governance
Licensing
Legal advice and regulatory interpretation
Regulatory Affairs
On-Exchange Regulation Oversight
On-Exchange Regulation Interpretation
On-Exchange Liaison
Employee Relations
Corporate Training (HPS University)
Associate Handbook Enforcement
Talent Development
Employee Relations Investigations
Benefits
Recruiting
Report It !
Use the "Report It" service to anonymously report non-compliance
Via phone: 877-778-5463
Via web: www.reportit.net


Note: When reporting via the web, enter the following information
Username: HealthPlan
Password: Reportit
Full transcript