The Compliance and Ethics Blog

SCCE/HCCA

The Cost of Compliance – and Why Organizations Neglect It

by Leave a Comment

By Tim Mullahy
Liberty Center One

Given how sensitive healthcare data can be, you’d expect hospitals and similar organizations to place the utmost importance on keeping it safe. So why does it seem like so many slack off?

Healthcare organizations know a lot about us, sometimes more than we know about ourselves. And when that information falls into the wrong hands, it can be devastating – it gives a criminal everything they need to commit medical identity theft. Not surprisingly, there are some pretty strict rules and regulations around the protection of that data, known as Protected Health Information (PHI).

In the United States, that set of guidelines is known as HIPAA. Similar rules exist in Australia, the United Kingdom, and the European Union. The one thing they all share in common aside from the data they protect?

A startling number of businesses – healthcare organizations and otherwise – are noncompliant.

That can be costly. In addition to opening up an organization to penalties of up to $50,000 per compromised record in the event of a breach (under HIPAA), failure to adequately protect healthcare data can also lead to even costlier lawsuits. And that’s without even accounting for the reputational damage.

In short, HIPAA compliance is in every organization’s best interest if they even tangentially work with health data. So why do so many businesses neglect it? In my experience, there are two overarching reasons.   [Read more…]

SCCE Internal Investigations Scenario

by 5 Comments

By Meric Craig Bloch

On June 7-8, 2018, Al Gagne and I will be leading the SCCE Internal Investigations Compliance Conference. It’s a two-day workshop where we teach the basics of conducting a compliance investigation in your workplace. 

Our workshop takes a practical, hands-on approach to investigations to give you the confidence and skills needed to make a real difference in your organization. Al and I will challenge your thinking and assumptions. Everyone participates in our sessions.

In anticipation of our workshop and to get you thinking, we put together a hypothetical situation. We invite you to contribute your thinking.

Here’s the situation:

You arrive at work to find a voicemail message. It is from someone who describes herself as an employee but does not give her name. She said that she has a concern but is not sure whether she wants to make a report. For now, she would like to talk to you off the record.

The caller wants to discuss her concerns about her manager, Bob Smith. She claims that Smith is “harassing” people in the office and “creating a hostile work environment.” The caller does not say whether she is one of those people or describe the behavior in detail. However, she demands the company conduct an investigation. Finally, she mentions that others may be venting their outrage on social media.

Because she was unable to speak directly with you, she plans to call you tomorrow at 9am. How will you prepare for the call? What important points do you want to inquire about or clarify?

You can find the original article here: https://www.linkedin.com/pulse/scce-internal-investigations-scenario-meric-craig-bloch/

Dealing with Short-Term-Oriented Managers: Part 1

by 1 Comment

By Ted Banks

In many companies, the challenges facing compliance officers arise from an orientation of owners and managers that aren’t interested in taking a long-term view of company success. This gives rise to questions such as:

• Does our current financial environment encourage profit-making to the exclusion of other consideration (such as compliance and ethics)?
• Is there any way to penetrate the brains of managers and directors who seem to have no concerns about compliance and ethics – or who are actively opposed to “wasting money” on doing business with integrity?
• What should a compliance officer do when you perceive that the situation in your company is hopeless?

The External Culture

The first challenge to consider is how you would characterize the current corporate culture. Part of the ethos that confronts compliance officers (or lawyers, since many of these companies don’t have compliance officer) may be expressed as a belief that the company can fly “under the radar. Nobody will pay attention to us – we’re too small.” [Read more…]

New NBA Hotline. A Good Start With A Few Questions

by 1 Comment

By David D. Dodge
david@sprtsoc.com

NBA Commissioner, Adam Silver, announced last month that the league was setting up a confidential hotline for league and team employees to report improper behavior in the workplace.  The league made the announcement in a memo sent to all of its 30 teams.

The NBA’s action came in the wake of Sports Illustrated’s damning report that portrayed the Dallas Mavericks as “a picture of a corporate culture rife with misogyny and predatory sexual behavior.”

In Silver’s introduction of the new hotline, he reminded the teams of the NBA’s commitment to providing employees a safe and inclusive work environment.  He went on to reiterate the NBA’s core values, respect and integrity. [Read more…]

2018 European Compliance & Ethics Institute Guest Blogs: Adventures in Networking

by Leave a Comment

By Sally Afonso

Networking is hard for me. Introverted by nature and workaholic by habit, I’m more at ease behind a computer or in a conference room. I’ve been guilty of calling networking a “soft” skill.
This year, however, I’m pushing myself outside of my compliance comfort zone – and venturing into networking has been a key challenge. I’ve learned just how “hard” networking is, both in terms of difficulty to master as a competency, as well as in how much concrete benefit there is in practicing it.

Some of the advantages I’ve gained from my adventures in networking include:

  • Collaborators – You are not alone! Meet people outside of your company, community, or business sector who are interested in the same topics as you are and might like to work with you, including researching, writing articles and blog posts, or even speaking at future events.
  • Challengers – Break free of habits and heuristics. Even the routines and choices you think are great could benefit from a refresh by chatting to someone with new best practices to suggest.
  • Opposing views – Beyond checks and balances, take the chance to meet people whose experiences or ideas totally differ. See it as an ambition to work through your divergent opinions to find shared conclusions.
  • Show and tell – We’ve all been there, done that, in different ways. Networking allows us to reach out to each other – up, down, and across. We’re giving back to the evolving compliance function not just as a reflection of individual seniority or interest, but in contribution to our collective development and expertise.
  • Get a clue – Be triggered in a positive way! Ignite new interests and curiosities by hearing about backgrounds and expertise of others. This can even include suggestions for other organizations to join or learning opportunities to pursue.

Although anyone who recognizes me from conferences or events would still find me reading a book during lunch sooner than table-hopping by the buffet, I appreciate how my small efforts in networking have already added greatly to my professional self-development.

If you’re hesitant, as I was, I encourage you to get out of your comfort zone just a little – you can start by saying hello to me!

Workplace Misconduct Investigations and the Emphathetic Investigator – Is There a Place?

by 1 Comment

By Naomi Schmold, LL.B.
Chief Privacy Officer & Sr Legal Counsel
Ethics & Compliance

Most people in the business of conducting workplace misconduct investigations would agree that they require a dispassionate, objective approach to their work.  A good internal investigator is a neutral third party, looking to make a sound determination based on well-supported findings of fact.  Evidence must be weighed.  Credibility assessed.  To ensure fairness, rational analysis must prevail – not emotion, nor partisanship.

Yet at the heart of all internal misconduct investigations are people – subjects of investigations, complainants, witnesses, and investigators.  We are all unique individuals with our own backgrounds, biases, and perspectives about ourselves and the world around us.  So how, as investigators, do we reconcile an objective yet humanistic approach to investigations?  Can an investigator be both dispassionate and empathetic?

Looking at it from a slightly different perspective, I believe an investigator of workplace misconduct allegations has an overarching duty to treat everyone involved in the investigative process with the same level of dignity and respect.  In order to do this, investigators need to acknowledge their own preconceptions – often a result of years of experience that sometimes tempt investigators to start prejudicially jumping to conclusions.  At the same time, investigators should remain live to the likelihood of the emotional distress other parties to the investigative process may feel – distress often generated because of the unknown.  A combination of anxiety, fear, and even shame can be at play in any given misconduct investigation.

Instead of downplaying or ignoring these things, a good investigator acknowledges and even empathizes with the emotional component of a workplace misconduct investigation, and takes steps to soften the jarring effects.  This does not mean “siding” with the subject of an investigation, or confusing the role of an investigator with the role of a counsellor or friend.  Instead, easing the discomfort of an investigation by consciously focusing on a transparent investigative process is key to ensuring parties are participating in a procedurally fair, methodical, ethical investigation.  Being clear about what to expect as a subject, complainant, or witness throughout the investigative process is sometimes overlooked, but could perhaps be the most important way to ensure dignity and respect is maintained for all parties.   To this end, organizations should focus on clearly articulating the process steps of a workplace misconduct investigation, including clear triggers for when an investigation will be conducted.  This means reviewing policies to ensure expectations around conduct and potential disciplinary consequences are well articulated.

Empathy in the form of procedural transparency will in turn drive integrity in a workplace misconduct investigation process that can subsequently be executed in a neutral and objective way – something all organizations should strive to achieve.

Construction Injuries and the Impact of OSHA Rules and Regulations

by Leave a Comment

By Tim Mullahy
Executive Vice President and Managing Director, Liberty Center One

Having a safe workplace is a fundamental right for all workers in the U.S. In order to provide a base of standards and regulations to protect employees, Congress established the Occupational Safety and Health Administration (OSHA) under the Department of Labor.

Due to the high level of safety hazards in its normal course of work, the construction industry has its own Directorate of Construction and system of compliance within OSHA to address health and safety issues for workers.

Construction workers who are injured at work or that have concerns about the health and safety of their work environment have several rights under OSHA. Whether you are in the private or public construction sector, in most cases you are entitled to these benefits in every US jurisdiction regardless of who your employer is. [Read more…]

Breaking Trust

by Leave a Comment

By Rosemary Daszkiewicz
Straight Forward Compliance PLLC
Daszkiewicz07@gmail.com

The Washington D.C. Public Schools Chancellor resigned less than 13 months into his tenure after it was discovered he skirted the process for admission to the District’s most coveted high school in order to get his daughter into that school. A bad story got worse when it revealed that he had written the new process himself as part of his efforts to turn around the school system.

Adam Turtletaub spoke for all of us when he expressed amazement on this blog that doping impacted even curling, a sedate-appearing sport that most everyone falls in love with each winter Olympics. The idea that a parent might cheat to advance their child’s interests will cause far less surprise. A couple of years ago Lisa Miller explored the ethical and philosophical depths of this issue in a fascinating article. Miller’s article certainly discussed clear-cut acts of cheating to get advantages for one’s child, but focused more on “something slipperier than blatant cheating, a cut below sneaking answers into an exam, a hazy space where right and wrong seem porous.” Perhaps most sobering are her citations to research that suggests that the children who have been the recipients of this parental philosophy have far less of a moral compass than their elders. Of course, that certainly makes sense, what we do always sends a far more powerful message than what we say. [Read more…]

NBA Team Takes Big First Step Amid Turmoil

by 3 Comments

By David D. Dodge
david@sprtsoc.com

Following an explosive story in Sports Illustrated (SI) about the corrosive culture of the Dallas Mavericks front office, the Mavs announced their search to fill a new position, Chief Ethics and Compliance Officer.  This move to create and fill a “compliance” officer position by a professional sports team in the U.S. is rare indeed.

The scandal, as first reported by Sports Illustrated, characterizes “the Mavs’ hostile work environment – ranging from sexual harassment to domestic violence – as an open secret.”  More than a dozen current and former Mavs’ employees were interviewed for the story.  At the heart of the story, the then team president and CEO was accused of repeated harassment infractions.  SI reported that while the team president and CEO was a “serial sexual harasser of women,” the corrosive workplace culture was pervasive within the entire front office. [Read more…]

Frank Brown on the Changing Global Compliance Environment [Podcast]

by 1 Comment

Podcast: Play in new window | Download (Duration: 12:51 — 11.8MB)

Subscribe: Apple Podcasts | Android | Email | Google Play | Stitcher | TuneIn | RSS

By Adam Turteltaub
adam.turteltaub@corporatecompliance.org

The world is often a difficult place in which to do business.  Many countries lack the rule of law, are corrupt, and make it hard for a company to do business and to do so lawfully and ethically.

The Center for International Private Enterprise (CIPE) is trying to make a difference.  Its mission is to strengthen “…democracy around the globe through private enterprise and market-oriented reform.”  That mission puts them on the forefront of the fight against corruption.

In this podcast, Frank Brown, the Director of the Anti-Corruption and Governance Center at CIPE, provides an overview of the Center for International Private Enterprise and its work outside the US.

The podcast shares some notable progress.  As he explains, there is a very strong anti-corruption wave in Indonesia, and the KPK, the anti-corruption authority there, has had a 100% conviction rate.  In so doing, it has become a model for much of the world.

In this far-ranging conversation he discusses:

  • The traction ISO 37001 is gaining in some countries, but not others
  • Due to the new French anti-corruption law, a very specific approach to how state-owned enterprises should act is starting to spread
  • Some mid-sized firms are not always motivated to change their behavior because they may not see the benefits of an anti-corruption compliance program because they feel that they are not likely to be prosecuted