Blog Post

Chief Compliance Officer vs. General Counsel: How Should They Interact?

Richard P. Kusserow | April 2021

Major 2021 HCCA Program Topic

One of the most discussed compliance issues is the contrast between the roles and authorities of compliance officers and general counsel. In the 2021 SAI Global Healthcare Compliance Benchmark Survey, developed with and analyzed by Strategic Management, 15% of respondents reported that their organization’s compliance office function was part of the legal department or reported to legal counsel. This appears to be a longstanding phenomenon; in a 2012 survey by the Society for Corporate Compliance and Ethics (SCCE) and the Health Care Compliance Association (HCCA), 15% of respondents reported that both compliance and legal functions were organized under legal counsel. Both the Department of Justice (DOJ) and the Department of Health and Human Services Office of Inspector General (OIG) have taken the position that an organization’s general counsel should not exercise a dual role with legal and compliance responsibilities. 

The 2021 HCCA Compliance Institute included a session titled “The Roles of the Compliance Officer and the General Counsel,” during which a speaker from the OIG stated that it is not advisable for compliance functions to be subordinate to the general counsel. The speaker’s position was that an organization’s compliance officer and general counsel should have separate and co-equal roles. The speaker cited the OIG Compliance Program Guidance for Medicare+Choice Organizations and Compliance Program Guidance for Home Health Agencies; both were published in the late 1990s, evidencing that the OIG has held this position for more than 20 years. OIG Corporate Integrity Agreements clearly reinforce this position by including the following as standard language: “The Compliance Officer shall be an employee and a member of senior management…and shall not be subordinate to the General Counsel.” (Emphasis added.)

This all indicates that federal authorities view compliance as an independent function that gathers facts and evidence, ensures that corrective action measures are taken when weaknesses or violations are found, and discloses violations to appropriate authorities. On the other hand, the general counsel is viewed as an advocate who is meant to zealously defend the organization’s interests. The HCCA session speakers elaborated on the tensions that can be created by having an organization’s general counsel in a dual role that includes compliance. Examples of potential issues included the following:

  • The general counsel may become a witness in a compliance investigation;
  • Attorney-client privilege may be lost;
  • An Upjohn Warning may need to be provided to those whom the general counsel interviews;
  • The general counsel may provide services outside the scope of legal issues;
  • The general counsel may engage in operational (rather than legal) issue areas; and
  • Compliance requires day-to-day management vigilance, which is not an attorney function. 

The session’s concluding comments indicated that for best results, there should be separate but co-equal legal and compliance positions that collaborate in advising management and the board of directors, investigating and resolving relevant issues, and ensuring that the organization functions both legally and ethically

Learn about our Compliance and Ethic Services.

Get More Information


  1. Ensure that program charters and job descriptions of the compliance and legal functions are clearly defined.
  2. Work with the general counsel to develop protocols in the form of a policy with procedures that delineate the respective duties and responsibilities of the compliance officer, particularly in relation to investigating potential wrongdoing.

For more information on this subject, contact Richard Kusserow at [email protected].

About the Author

Richard P. Kusserow established Strategic Management Services, LLC, after retiring from being the DHHS Inspector General, and has assisted over 2,000 health care organizations and entities in developing, implementing and assessing compliance programs.

Subscribe to blog