Office of the General Counsel
INSTITUTIONAL COMPLIANCE PROGRAM
Table of Contents:
All faculty, staff and students who work on behalf of New York Medical College assume responsibility for conducting their operations and activities within the law and in keeping with the University’s highest ethical standards. At the institution level, compliance is the responsibility of a number of different departments and offices (see Compliance Directory) with oversight residing under the Compliance Officer and the Institutional Compliance Committee. While each of these departments and offices operate with specific knowledge and training on compliance issues relevant to its subject matter or functional area, given the increasing scrutiny and rising standards for corporate accountability, this institutional compliance program is intended to coordinate, monitor and, when appropriate, improve, the wide array of compliance areas.
This comprehensive institutional compliance program integrates and coordinates all significant requirements with which the University must comply by law, regulation, or other binding rule or agreement. Comprehensive organizational compliance programs are common in many industries, and are increasingly important in higher education, especially in light of the passage of the Sarbanes-Oxley Act and some well-publicized cases of over-billing of federal agencies. In 1987, the Federal Sentencing Guidelines provided one of the first “models” for organizational compliance programs, and recommended that federal judges give “credit” for reduced penalties to organizations found guilty of violations if they had previously developed an effective compliance program. An institutional compliance program based on Sarbanes-Oxley and the Federal Sentencing Guidelines should demonstrate that there is an internal process to prevent and detect violations of law.
New York Medical College’s institutional compliance program will enable the University and its faculty, staff and students to better manage the University’s operations and risks for which they are individually and collectively responsible. This program aims to achieve the following:
1. Coordinating the University’s compliance assurance activities (e.g., laws, regulations, contractual requirements).
2. Ensuring the institutional perspective is always present.
3. Assessing existing programs for compliance and improving as necessary.
4. Developing and communicating policies and procedures.
5. Facilitating compliance education and training.
6. Monitoring compliance and responding in a timely manner to instances of noncompliance.
7. Implementing a confidential helpline system for reporting noncompliance or for asking questions regarding compliance issues.
8. Ensuring that the appropriate University department or office identifies appropriate disciplinary sanctions and applies those sanctions when infractions occur.
9. Coordinating and implementing specific compliance support activities.
The Institutional Compliance Committee (the “Committee”) is charged by the Board of Trustees to coordinate the University’s compliance activities and programs to ensure that they are reasonably designed, implemented, enforced and generally effective in preventing and detecting noncompliance. The Committee oversees actions to promote an organizational culture that encourages a commitment to compliance and ethical conduct. The Committee shall report to the Audit Committee of the Board of Trustees (“Audit Committee”). The Committee shall meet at least semi-annually or more often as necessary.
The responsibilities of the Committee shall include without limitation:
1. Providing general oversight and reviewing at least annually the compliance roles, responsibilities and activities of the compliance program.
2. Assisting the Institutional Compliance Officer in determining compliance priorities.
3. Advising and making recommendations, as appropriate, to the Audit Committee with regard to the compliance program.
4. Providing periodic reports of its activities to the Audit Committee.
5. Taking appropriate actions to ensure compliance awareness and that compliance deficiencies are reasonably addressed consistent with the compliance program.
The members of the Committee shall consist of:
1. Dean of School of Medicine
2. Dean of School of Public Health
3. Dean of Graduate School of Basic Medical Sciences
4. Chief Financial Officer
5. Vice President and General Counsel
6. Director of Internal Audit
The Compliance Director shall attend the meetings of the Committee.
The Vice President and General Counsel is responsible to oversee the compliance functions of the University and shall thereby serve as the Institutional Compliance Officer to coordinate the various compliance activities across the University. The Associate General Counsel shall assist the Institutional Compliance Officer and shall serve as Compliance Director. The Institutional Compliance Officer shall also be assisted by the compliance coordinators identified in the Compliance Directory below who shall be responsible for the compliance activities within their respective areas.
The responsibilities of the Institutional Compliance Officer includes without limitation:
1. Promoting compliance awareness through publicity, education and training.
2. Implementing and publicizing a confidential helpline system.
3. Developing and maintaining an institutional compliance Web site.
4. Coordinating and monitoring compliance programs, work plans and activities.
5. Reviewing periodic reports on compliance submitted by responsible offices and compliance coordinators for key compliance areas (see Compliance Directory in Section H below).
6. Conducting or monitoring the investigation of reported or suspected violations of noncompliance and determining appropriate disciplinary and corrective actions when violations occur.
7. When appropriate, reporting instances of noncompliance and any actions taken to the President, the Audit Committee of the Board of Trustees, and/or the Institutional Compliance Committee.
8. Responding to external agency requests regarding compliance issues.
9. Serving as the central office when noncompliance occurs.
10. Identifying policy concerns that impact compliance.
The Institutional Compliance Officer shall report directly to the President and to the Audit Committee of the Board of Trustees on the Institutional Compliance Program. The Institutional Compliance Officer and the Compliance Director shall have the authority to review all documents and other information relevant to compliance activities.
The Institutional Compliance Officer shall periodically review the existing Code of Conduct and recommend revisions that are consistent with the objectives of the Institutional Compliance Program. The University Code of Conduct can be found in its entirety on the Web site of the Office of the General Counsel, at http://www.nymc.edu/depthome/ogc/COC_COI.pdf.
Consistent with applicable statutes, regulations and program requirements involving Federal and State health care programs including guidance issued by the Office of Inspector General of the United States Department of Health and Human Services for Individual and Small Group Physician Practices for Third-Party Medical Billing and in view of the potential liability to the College arising from noncompliance with applicable billing and other requirements of perceived related, associated or affiliated professional clinical services entities, a written corporate compliance plan conforming with such guidance and the requirements of the Health Insurance Portability and Accountability Act (“HIPAA”) is required for each faculty practice plans, approved by New York Medical College, through which full-time faculty of the College conduct any of their clinical practice (“FPP”). Each such FPP shall be responsible for developing, implementing, monitoring and enforcing such plan. Each FPP shall provide the Institutional Compliance Officer with a signed certification affirming that it has a written compliance plan, along with a copy of such plan. Each FPP shall also provide the Institutional Compliance Officer with an annual report of compliance activities and results and with any other information requested from time to time by the Institutional Compliance Officer.
For the College’s Faculty Practice Plan at Metropolitan Hospital Center whose billing services are handled by Phy-CARE Solutions, Inc. (“Phy-CARE”), all activities and services relating to billing and coding shall comply with the corporate compliance plan of Phy-CARE and with the Practice Management Services Agreement between Phy-CARE and New York Medical College. The corporate compliance officer of Phy-CARE shall be responsible for ensuring that all billing and associated services are in compliance with applicable laws, regulations and requirements. The Institutional Compliance Officer shall provide general oversight and review reports of corporate compliance activities by Phy-CARE, including without limitation, training and education on billing and documentation requirements and internal and external audits.
The Institutional Compliance Officer, in conjunction with the responsible officers and compliance coordinators of key compliance areas (see Compliance Directory in Section H below), shall develop a program that provides general compliance education and training in a variety of formats.
All new hires should be given a copy of this policy and sign a statement acknowledging receipt of the policy.
In addition to education and training, the Institutional Compliance Officer shall collect and make available compliance tools and resources, such as University policies, references to statutes and regulations, and other useful Web sites and materials
The Institutional Compliance Officer shall develop and maintain a compliance directory of responsible officers and compliance coordinators for key compliance areas, whose responsibilities shall include without limitation:
1. The day-to-day compliance functions within their respective areas.
2. Ensuring compliance with the Institutional Compliance Program.
3. Submitting bi-monthly reports to the Institutional Compliance Officer.
4. With the approval of the Institutional Compliance Officer, develop and implement compliance education and training programs for their respective areas.
5. Reporting instances of noncompliance to the Institutional Compliance Officer, as appropriate.
6. Taking appropriate and timely actions in response to instances of noncompliance.
7. Promptly comply with all requested information from the Institutional Compliance Officer and/or Compliance Director.
Attached as Exhibit A is the Compliance Directory (login required), which shall be amended by the Institutional Compliance Officer, as appropriate.
Any good faith concerns stemming from possible noncompliance with government or external agency regulations, related University policies, and errors or irregularities in the University’s financial accounting practices or polices, are to be reported to management, the responsible officer or compliance coordinator identified in the Compliance Directory, the Institutional Compliance Officer or, if desired, through the Compliance Helpline A call to the Compliance Helpline can also be anonymous. Raising such concerns is a service to the University and will not jeopardize employment or academic standing at the University provided that such concerns are made in good faith.
The Institutional Compliance Officer shall develop a Compliance Helpline system that is designed to facilitate confidential and anonymous reporting of any concerns of noncompliance. The Institutional Compliance Officer shall manage the Compliance Helpline and staff it with knowledgeable individuals. The Compliance Helpline shall provide a variety of means by which any individual in the University community may submit inquiries and/or requests, including without limitation: Web form submission (anonymous, if desired); email submission; telephone contact; fax contact; and mail submission. Use of the Compliance Helpline, whether identified or anonymous, to report good faith instances of noncompliance will not result in retaliatory acts.
The Institutional Compliance Officer shall develop a Web page within the Web site of the Office of the General Counsel that describes the Institutional Compliance Program and provides information and resources of the program to the University community.
Approved by the Board of Trustees of New York Medical College at its meeting of March 5, 2007.