Blog Post

Tips on Developing and Revising the Code of Conduct

Richard P. Kusserow | January 2020

Key elements of any effective compliance program include written guidance for employees that clearly states the organization’s expectation for workplace conduct.  A Code of Conduct (“Code”) is a central part of this guidance and should underscore the organization’s commitment to compliance with all applicable laws, regulations, and professional conduct standards.  Reviewing, updating, and revising the Code should be part of the ongoing monitoring of the Compliance Program.  Carrie Kusserow, a senior compliance consultant with 15 years’ experience providing compliance advisory services to organizations and serving as a compliance officer, advises that, “One of the biggest mistakes in creating or revising the Code and compliance policies is not involving those to which it will apply during development and revision phases. Their involvement will help gain buy-in by the staff and provide a reality check on whether these documents will be readily understood and user-friendly. Imposing finished documents without this input frequently results in poor reception. It is also important to integrate senior management and the Board in the process by involving them in reviewing and approving these documents.” Ms. Kusserow offers the following suggestions and tips for developing or revising the Code:

  1. Include a cover letter from the CEO with the Code, endorsing it and calling for everyone at all levels to abide by its provisions, and inviting anyone who is aware of potential violations to report them without fear of retribution;
  2. Write the Code as a statement of principles and limit it to 12-15 pages.  Leave details to other written guidance, such as the policies and procedures;
  3. Codes are normally divided into sections by subject matter, and the OIG compliance guidance offers ideas that should be included in both the Code and compliance training, especially matters related to applicable laws and regulations;
  4. Include a description of the compliance program and compliance officer with contact information;
  5. Balance out each of the topical sections so that they have the appearance of parity to avoid inference that one section is less important to the organization than another;
  6. Use a bullet point format to provide simple, crisp, and easy understanding for the general employee population;
  7. For clarity and understanding, all statements should be declarative and consistently in the active voice, person, and mood;
  8. Avoid compound sentences. Each statement should stand alone;
  9. Language used and sentence construction should be written so that the lowest common denominator in the covered population can understand it. The Code should not be written above a 10th grade reading level;
  10. Decide whether the Code should be presented in positive or negative terms. The latter expresses conduct that is not permitted, whereas the former expresses expectations of employees that will be far more acceptable to the work force;
  11. Codes should focus on all stakeholders, including patients served and privacy of their records; work force issues; organization interests; health/safety standards; conflicts of interest issues; compliance with applicable laws, regulations, rules, and standards, etc.;
  12. It is imperative that the Code have a restatement of the policy against retaliation or retribution for reporting violations of the Code, organization policies, laws, and regulations;
  13. There should be clear guidance on how to report potential wrongdoing to management, the compliance office and/or hotline; this should include the hotline number; and
  14. It is useful to have a receipt signed by those who receive the Code, along with a statement that they understood it and agree to abide by it.

About the Author

Richard P. Kusserow established Strategic Management Services, LLC, after retiring from being the DHHS Inspector General, and has assisted over 3,000 health care organizations and entities in developing, implementing and assessing compliance programs.

Subscribe to blog