Developing Effective Compliance Policies

Richard P. Kusserow | September 2018


Development and implementation of compliance policy documents is essential to maintaining an effective compliance program. However, many health care organizations encounter various challenges in complying with the Department of Health and Human Services Office of Inspector General’s (OIG) recommended practices outlined in their compliance program guidance documents¹. A good starting point to address these practices is to establish a formalized process for policy development. This includes implementing form, formatting and processes to create and implement new and revised policy documents.

Organizations should understand that a policy statement conveys officially-approved guiding principles or courses of action. Further, a policy statement is a general description of a course of action serving as a guide toward accepted strategies and objectives. Whereas, procedures convey a means by which a policy can be accomplished by defining and outlining officially-approved processes and standard practice instructions.

How to Format Your Policy

Developing a compliance policy template is very important because it ensures that all key elements are present when drafting a policy document. These templates also have the added benefit of making the policy documents immediately recognizable to everyone in the organization. The following general policy document template and format is suggested for developing all compliance-related policy documents:

  • Header Block. The header block should include several key features, including but not necessarily limited to (a) the title of the policy document; (b) identity of the department responsible for drafting, reviewing and enforcing the policy; (c) effective date of the policy; (d) policy number; (e) date of approval; (f) identity of approval authority; (g) whether it replaces or modifies an existing policy; and (h) number of pages inclusive in the document. The title should clearly identify the general topic of the policy to assist those who may be searching for guidance on the policy’s topic area. It should also indicate whether the policy is replacing an existing policy and the last revision date. The effective dates of implementation and revisions must be maintained, and if an issue arises, it is essential to update these dates.
  • Background. The background section explains the context behind creating the policy, such as changes in laws, regulations, standards, compliance guidance, etc. If the policy relates to a specific law, regulation or compliance standard, this section can explain how the policy document is designed to address that issue. This section should also help covered persons understand and apply the policy.
  • Purpose. The purpose statement outlines what the policy document is designed to achieve. When developing a policy document, begin with a statement of purpose that defines the intent and objectives of the policy and is relatively short and direct. It is a recommended best practice to begin the purpose section with an active verb such as, “To promote,” “To comply,” or “To ensure.”
  • Scope. The scope explains the range of application of the document in terms of covered persons, facilities, sites, etc.
  • Definitions. In some cases, policies will have terminology that requires further clarification in order to meet the intention of the policy document. Such terminology may be of a legal nature or specific to the organization or the type of work. Therefore, organizations should include definitions to provide a clear understanding of key terms used in the policy document. Organizations should also cite the authority for the definitions that are included.
  • Policy Statements. Each policy statement should reflect the basic objectives of the organization and include a description of the general guiding principles or rules.
  • Procedures. Procedures provide detailed procedural requirements, methods and guidance on how covered persons are expected to act in accordance with the policy.
  • Related Policies. Organizations should make sure to link policies addressing similar or related issues to ensure that they are consistent. This will prevent issues or incidents arising due to conflicting information in similar policies. Further, organizations should include related documents to provide additional information that may be helpful to covered persons in complying with the policy.
  • References/Citations. Organizations should use the references or citations section for legal and regulatory citations and government guidance documents, as well as for citing internal organization documents. If the policy document was in response to legal or regulatory authority, the organization should note that authority along with a list of supporting source documentation to validate the compliance program policies and procedures. The organization can also use this to reference other internal documents, such as a Code of Conduct or Standard Operating Procedures.

¹ Federal Register.Vol.63.No. 35.Page 8987 (Published 1998).

In Review

Standardizing policy templates during development ensures consistency across the organization when it comes to drafting and explaining relevant rules and operations. This leads to improved effectiveness in implementing the policies and a stronger, more effective compliance program overall.

About the Author

Richard P. Kusserow is currently the President and CEO of Compliance Resource Center. He served as the Inspector General of HHS for 11 years and brings decades of valuable experience from the government sector to Compliance Resource Center. Mr. Kusserow’s expertise on compliance policy and regulation as well as his extensive knowledge of compliance solutions enables Compliance Resource Center to effectively help health care organizations best manage their compliance programs.

About Compliance Resource Center

Compliance Resource Center has been leading the compliance industry since 2010 with our complete suite of solutions that are geared towards improving compliance program operations. Our solutions ensure that organizations regularly meet federal and state laws and supply the necessary resources to sustain long-term compliance.

About the Author

Richard P. Kusserow established Strategic Management Services, LLC, after retiring from being the DHHS Inspector General, and has assisted over 2,000 health care organizations and entities in developing, implementing and assessing compliance programs.