Board Members’ Compliance Obligations

Richard P. Kusserow | December 2018


Due to the health care industry’s heightened enforcement environment, organizations must ensure that all individuals and groups associated with the organization are remaining compliant with state and federal laws and regulations. Whether a provider, medical staff, executive or member of the Board of Directors (Board), every party must abide by the organization’s Compliance Program.

Compliance Obligations

In recent years, there has been an increase in Board members’ obligations of overseeing the compliance program and its operations. This trend could be the result of the Department of Health and Human Services Office of Inspector General’s (OIG) recommendation of a top-down approach for compliance programs that starts at the Board level. Additionally, the Centers for Medicare & Medicaid Services (CMS) often use the OIG’s guidance on developing requirements for Board members to meet certain compliance measures. CMS’ typical recommendations on ensuring that Board members meet compliance measures include:

  • Increasing exposure of and liability for Board members who fail in their fiduciary duties and obligations
  • Urging outside Board members to become independent
  • Expecting outside and independent Board members to have more skills, knowledge and expertise in financial and compliance matters

Traditionally, outside Board members are the primary watchdogs of any Board and typically oversee auditing, compliance with rules and regulations and compensation committees, whereas internal Board members oversee management of the organization.  However, some Board members can also be independent from both designated outside members and internal members. In order to be considered an independent Board member, he or she should not:

  • Be affiliated with the organization as an advisor, auditor or consultant
  • Have personal services contracts with the organization
  • Be affiliated with a significant supplier or vendor
  • Have an immediate family member, i.e. spouse or child, who has any affiliation with the organization, supplier or vendor

Whether a designated internal, external or independent Board member, a best practice is for at least one member of the Board to have intimate knowledge and a high level of comprehension of compliance, either through previous experience as a Compliance Officer, attorney or consultant who handled compliance issues. This member should also have relevant knowledge and skills to critically evaluate the information relating to these areas. To satisfy this best practice, organizations should thoroughly review potential Board members for the appropriate pre-requisites to accurately fulfill the role.

In Review

Due to growing importance of having Board members with compliance oversight obligations, organizations need to establish a credible, experienced Board that can successfully meet compliance measures. The OIG and CMS stress moving towards a Board that is a majority of independent or outside members that have specialized expertise on compliance matters. But if the organization chooses to keep Board members internal, a recommended best practice is to maintain at least one member who is highly knowledgeable of significant issues and risks involving compliance.

About the Author

Richard P. Kusserow established Strategic Management Services, LLC, after retiring from being the DHHS Inspector General, and has assisted over 3,000 health care organizations and entities in developing, implementing and assessing compliance programs.