All right, so I'm gonna do my best because I know they're recording this thing so if I move around because I'm Really really bad at standing in one place for too long. So if I Yeah, but I got to take this with me he said We'll see All right. Good. So again, I'm Sean Weiss I'm a partner and I serve as the chief compliance officer for doctors management. We're a full-scale healthcare Consultancy, I guess is what people like to refer to us as I'm responsible for The division which is strategic litigation and regulatory compliance. So what does that really mean? That means I engage on a daily basis when people get indicted when they get Search warrants issued at their premises when there's an issue for a grand jury subpoena for you to appear I work with about 40 different law firms across the United States to help them prepare and to prepare their witnesses for Potential trial Over to 30 years I've been very blessed and I tell people all the time I've had more fun than anybody should be allowed to have in a job I really have Throughout my career. I've been blessed to be engaged with the Office of Inspector General the US Attorney's Office The Department of Justice the Attorney General's across the country and Every day. It's just it's an opportunity to See something that you didn't think you would see the day before new schemes new scams new artifices Perpetrated against government on a daily basis what I tell people all the time is this It's not the crime that puts you in jail, it's the cover-up So we'll talk today about gap analysis because I have a lot of folks and I want everybody to understand this Okay, when we talk about federal civil matters, we're talking about the False Claims Act when it comes to fraud waste or abuse Okay, we're talking about 42 CFR 3 7 2 9 through 3 7 3 3 what we're what we're Expected to understand is that this is a knowledge based Act, okay. It's not an intent based act not at the civil level It's a knowledge base. So what does that mean? There are three things to keep in mind? one if You have knowledge of the falsity of a claim You're liable for the damages now, I have a lot of folks that say to me, but Sean I'm just the coder I'm just the office manager. I'm just the CEO. I'm just a compliance officer You're what is referred to as an entity in the law Any person if you look at 42 CFR 3 7 2 9, you can also go to 31 USC 3 7 2 9 which becomes now the criminal aspect of the False Claims Act Where they talk about intent, but there's also the definition of knowingly and we are in the process right now of awaiting Whether or not the change to the civil definition of knowingly to mirror that of the criminal Definition actually goes through CMS is contemplating that they had an open comment period it Closed in the middle of February and we should be hearing probably any time now I think 2023 is going to be a fascinating year and one of the things that I will tell you And I promise I'll go through my slides, but let me just share this with you I've been speaking for a AOE for about 10 years now If you've ever been in one of my presentations, you know that I give you a ridiculous number of slides Because there's no way that you're gonna go to all of these sessions and remember Precisely what people were telling you and then go back to your practices and try to implement those things So I've basically given you a roadmap in my presentation a step-by-step to carry out a gap analysis And to build a corporate compliance program just the same way that I would and what I'll tell you is this a Corporate compliance program does not have to be a hundred pages or 200 pages or 400 pages I have built compliance programs that are 12 pages because that's what it required Remember a compliance plan is a living breathing document. It's supposed to be scalable to your organization It's supposed to be scalable to the environment that you are currently working in So if you go out and you hire a big prestigious law firm and they bill you $800 an hour. They're gonna give you 400 pages of gobbledygook and You're gonna look at it and you're gonna go. What do I do with this? And you're gonna take it you're gonna stick it on a shelf and it's gonna collect dust a Corporate compliance program So I'm from South Georgia, right? So I'll just speak plain speak meat and potatoes, right For me the meat of a compliance program are your policies and procedures That's what drives your compliance program the potatoes your side dish is the compliance plan itself a Compliance plan once you build it. It's a static document It's not going anywhere unless you have a significant change to your organization Structure where you go from an LLC to an S Corp or C Corp or you get acquired by a private equity firm Your structure of your compliance plan is not going to change It's going to remain static what needs to change on an annual basis at a minimum or at least be updated or Reviewed to ensure that they don't need to be updated Are your policies? your SOPs Listen I have 42 litigation projects going on right now. Okay in 2023 Last year if you go and take a look at the cases that I was involved with I was responsible for about seven hundred and eighty million dollars in Damages overturned for our clients against the government They were all federal criminal cases. You can look at these cases Bothra United States v Bothra Lewis et al And the government Decided to bring 54 counts of indictment against each of the physicians in this case We got a full acquittal at trial 450 million dollars was thrown out Guess what it had to do with nine nine two one four How many of your docs bill nine nine two one four on a very regular basis? Okay, we'll talk about it don't get too nervous Leslie Pompey United States v. Leslie Pompey. This was another one nine nine two one three and nine nine two one four These were also Substance Control Act cases for prescribing of opiates If your doctors are prescribing opiates, it's very important to look at the last Supreme Court ruling that was issued from the majority opinion from Justice Breyer before he retired It was an absolutely brilliant opinion It was probably he saved his best for last and it really changed the landscape for prescribers in their favor because now a Prosecutor has to be able to demonstrate that a prescriber Knowingly prescribed outside of what is considered to be generally accepted standards of medical practice Good luck So lots of things to keep in mind The you know, I heard a lot of folks say in 2022 I had a lot of folks in 2022 say that 2022 was the year of the audit It wasn't a year of anything to say something was the year of something that means after that years over Everything's going to revert back to the way it was prior to whatever the event was that caused it to change We didn't enter The year of the audit what we entered was a new era for how things are done in the government I have a podcast if you haven't listened to it, it's free You can find it on any of these channels. It's called the compliance guy. Go figure and We have incredible people on all the time We're in season five now something that actually started off is kind of like I said to my partners in February of 2020 When pandemic first hit I was like god, you know, there's a lack of dissemination of information. Nobody's really giving us anything I think I'm gonna start a podcast and they're like, what do you know about a podcast? I said absolutely nothing Or like have you ever listened to one I said, I heard this guy Joe Rogan. He's pretty cool They're like, don't you dare? I said, yeah, I'm not gonna smoke weed with Elon Musk I doubt he's gonna come on the compliance guy podcast So long story short here. We are now in our fifth season couple of hundred episodes behind us. We've We've been nominated again this year for the People's Choice Awards. We have incredible people on like Christy Grimm the inspector-general Kevin Kevin Polite, who is the Assistant Attorney General. He is the head of the criminal division of the Department of Justice He was just on we had a huge conversation about corporate compliance compliance officers. What are your roles? What does it mean to have a compliance plan? How does a gap analysis impact the structure of your compliance program? So I think everything that we're going to talk about in this session today can be summed up in two words risk mitigation Risk mitigation. That's it. That's what a gap analysis does it provides you a path to mitigating the risks of exposure in your organization now a lot of folks when you talk about compliance becomes a very dirty word in the operational setting right because CEOs CFOs they don't want to talk about spending money on compliance But if you have an effective compliance program if it's a living breathing document Breathing document it should do what? It should Come on anybody It should eliminate your risk or mitigate your risk, but it should help to stabilize your revenues because having an effective compliance program means that we're going to have a better level of educated employees in the organization Which is going to what cut down on errors for our claims? It's going to help our providers structure their documentation So that it's more conducive to support the claims that are submitted for remuneration to an insurance company All right, so let me jump through a few of these things. You've already seen all this stuff All right, so we're going to talk about the purpose of a gap analysis now again They only gave me about 45 minutes to do something that I need a whole day to do But we'll figure out how to get through the majority of it. We're going to talk about mitigating Practices risk and we're going to talk about the importance of continued improvement in training. Here's one of the things that I will tell you We've entered into a new era of aggressive audits Not only at the government level. I will tell you the commercial payers are as if not more aggressive than Medicare or Medicaid I am sitting at the table negotiating settlement agreements on behalf of our clients with Aetna and Cigna and Optum and Blue Cross on a daily basis. We just had one it was for an orthopedic group 1.5 million dollars that Aetna wanted back for hyaluronic acid injections, okay It's a big target the TPEs. Are you all familiar with the term TPE targeted probe and educate? That's CMS's idea of a good time on a Friday night It's called TPE targeted probed and educate They are now looking at hyaluronic acid injections, but here's the thing to remember It's a game and what do I mean by that they're going to ask you for the records for the date of service for the injections But those documents that are created for the date of service don't Structure the medical necessity they don't paint a clear picture for the reason Why the patient's getting a hyaluronic acid injection or a syn disc right it basically says the patient returns today for their second of Whatever injection third of whatever injection That's What they're hoping you're going to submit why because they're going to send it back and they're going to say the Documentation fails to substantiate the medical necessity for the services for which were billed Well, how do you beat them at their own game? You got to be two steps ahead Go back and find the initial Evaluation that the provider performed to where they talked about conservative measures the patient has tried and failed Include any imaging that you can any x-rays to show bone-on-bone any Imaging that you have to show from an MRI critical the more Documentation, but please listen to me on this do not submit the documentation until it goes to the provider for them to Thoroughly review it to ensure that it paints an accurate picture now You cannot manipulate the data Once you have been requested to submit to an audit, but what you can create is a clinical summary It's a summary that the physician says patient Sean Weiss presented to the office with the complaints of bilateral knee pain after imaging it demonstrated bone-on-bone or whatever it is and they give a clinical summary so that the Uneducated at the insurance companies can start to understand why? through your physicians clinical judgment They made a determination to provide these services and one of the things I'll give you to one of the tips that I use in Every one of my letters. Yes, sir, please So it's it's not really an addendum because an addendum So you have three things right that Medicare talks about you have an addendum You have a late entry or you have a correction. This is a clinical summary It becomes a part of the note, but we're not addending to note, right? We're not adding any information to the existing note We're creating a clinical summary of events It's a great question That's right, this is it's a great term are you a lawyer So she used the term ex post facto so yes, so basically you are creating these clinical summaries in response to an ADR that you're receiving for Review of your clinical documentation okay, I Was going somewhere with that Oh I was gonna tell you one of the things that I start every one of my letters off with and it makes it almost impossible for somebody at an insurance company to Respond intelligently to I always start my letters off with all Services rendered to the beneficiaries were done. So in accordance with generally accepted standards of medical practice What does that mean means that? Generally accepted standards of medical practice includes peer-reviewed literature It includes clinical trials it includes Standards that have been proven safe and effective in the industry for the services that have been rendered to the patient. Excuse me So again, I started off by saying all services rendered to the beneficiaries have been done in Accordance with generally accepted standards of medical practice Okay So you got your checking code, oh, hey, that's me. All right Disclaimer the PowerPoint is accurate as of today I know that because I was up to one o'clock this morning freaking out because my slides were all out of order somehow So I know they're accurate as of today. So the gap analysis again a gap analysis basically provides us with insight versus what we are doing as an Organization versus what should be done based on industry standards what people like to refer to as best practices When I talk about a gap analysis, I'm not really interested in best practices I could care less what somebody says I can't go into a courtroom and Sit there and say to a judge or a jury, but they use best practices What does that even mean? So when we're talking about industry standards, I'm talking about laws regulations statutes acts I'm talking about authoritative documents. I'm talking about national coverage determinations and DC's I'm talking about LCDs local coverage determinations now a lot of people want to refer to the American Medical Association's CPT assistant or CPT guidelines as authoritative So Under the Code of Federal Regulations 42 CFR and there's a whole subsection with this and that attached to it I'm not going to bore you with it. It states that the Centers for Medicare Medicaid Services and the federal government has Has elected to establish the CPT code set as the standard for which claims A submission process takes place. It does not say that they have accepted CPT guidelines as the authoritative regulations because they're not they're guidelines Remember that when somebody says to you, but CMS is guidelines. You're right But a guideline is just a guideline a guideline has not been promulgated into the law It's not gone through a formal rulemaking process local coverage determinations And this is really important because this ties into your gap analysis right because you need to have a policy on local coverage determinations national coverage determinations and CDs and LCDs Local coverage determinations are issued by the Medicare Administrative Contractors in your local market They are not law. They are referred to as sub-regulatory or quasi regulations They are non-binding in a court of law. Now. Does that mean you ignore them? Absolutely not because if you are ever audited by the Office of Inspector General and you get a letter from a Division called OSIG. It's the Office of Counsel of the Inspector General. They're popping up a lot these days They don't care about medical necessity because David Trasky who's the attorney that you'd probably deal with there. He's gonna say to you Sean Or whatever your name is if you want to be Sean you can he's gonna say to you listen If the service wasn't medically necessary If the service wasn't medically necessary you wouldn't have billed it to us, right? So let's not talk about medical necessity They're looking for strict liability issues. How many of your doctors are doing spine injections? Facet injections. Well, you know in a rolling 12 months. You can only do five Or four or six it depends on your Mac if you exceed the number of injections They don't care if it was medically necessary or not they say the LCD now we argued that there are no NCDs for spine procedures Can you believe that there's not a national coverage determination issued by CMS and he agreed he said you're right I agree and then we said to him David look There's an inconsistency between the LCDs from Wisconsin Physician Services to First Coast service options to Palmetto General He said you're right there is but your clients in Palmetto GBA and There says five. I don't care what the rest of it says Sean here's the deal You either pay up double damages $240,000 or I had the right to seek treble damages three times the amount which way do you want to go? And of course my client was like just pay it These are the type of situations that we're entering into now, that's why I said, we're in a new era of aggressive Investigations and overzealous prosecutions the prosecutions that these folks at DOJ are bringing to federal court are Absolutely insane. I was just talking to ET. I think it was you that we were talking about. I just had yesterday a Young lady who was Arrested by the Federal Bureau of Investigation Taken downtown to the federal building in DC and arraigned all on the same day. She wasn't a physician She wasn't the CEO or CFO or the chief compliance officer she was the coder of the organization Nate took her straight down. I can't make this stuff up Grand jury subpoenas, they're popping up like M&Ms on Halloween Folks this is a three point three trillion dollar industry and believe me until the government Changes the pay and chase model We're in for a long run All right. So remember the gap analysis allows us to measure our standards against laws acts regulations The gap analysis allows us to measure our standards against laws acts regulations It's the difference between or the difference between these is the gap and the deficiencies in our compliance program. There's nothing rocket science level or earth shattering when it comes to performing a gap analysis, but what I will tell you is in order to create an effective compliance program, you have to perform a gap analysis. You have to take the blinders off and you have to be objective. You cannot go into this with a preconceived notion. And for those of you that went out and spent $99.95 on a compliance plan in a box, or you went online and you went to the interwebs and you found on Google, you know, sample compliance programs and you downloaded it and you saw the word practice and you changed the word practice to whatever the name of your practices. And at the end it says we made 142 changes. And then you print that off and stick it in a binder and you go, yeah, we're compliant. No, you're not. That is not a compliance plan. First thing when somebody hires me and they say, Sean, can you take a look at our corporate compliance program? I swear I had one the other, uh, about a month ago I was reading it. I was like, God, this document looks really familiar to me. Well, of course it does. It was the same one that I saw last year where they had downloaded from the university of Iowa. This is a primary care physician practice and they're talking about clinical research. Come on folks, be smart about this stuff. I understand there are financial and human expenditures that have to be made to build a compliance program. But the only way you're going to be able to stave off investigations, allegations of fraud, waste, and abuse is to establish a culture of compliance in your organization. It has to start from the top of the organization and it has to trickle all the way down to the lowest of positions, including your third party vendors. Folks, you are responsible for the actions of your third party vendors. One of the things that I do when I'm a compliance officer for different groups around the country, I put a vendor validation program in place. Folks, how many of you have gone through the absolute nightmare of amniotic fluid injections? Anybody dealing with that where you're calling, they're calling back all their money now? Folks, there's another one that's out. It's called CMT biologics. This is one where they're saying it's another derived amniotic fluid that they are injecting for musculoskeletal tears and weaknesses and things like that. But here's the problem. The CPT code that they're telling you to use, the 15777, it's for the breast and trunk. Folks, if you are listening to your distributors, if you are taking what they are giving you as the gospel and you are billing the CPT codes that they are telling you, it's on you. You have to vet the information. You have to independently confirm the accuracy of the information because if you just start billing this stuff, you're going to see clawbacks and it's not a pleasant thing to go through. All right. Let's move forward from this here. So I've just kind of shown you, similar to like what you would see with a revenue cycle, you have a gap analysis cycle, right? We want to understand what the problem or problems are. We want to understand the root cause of the problems. We want to understand, is the gap due to a lack of skills or knowledge? Because if it is, we can educate our employees, right? What corrective action is the organization going to put in place to ensure that the same mistakes don't happen again? How many times should a mistake happen before we correct it? Once. How do we mitigate risk and then prevent the issues from occurring again? So this is the gap analysis cycle. So remember, what it does is it allows for a standardization of process in determining the gap of knowledge or a lack of policies and procedures. That's the whole premise of a gap analysis. We are trying to understand, is there a gap in our employees' skills and or a lack in their fund of knowledge, or is it based on a lack of effective policies and procedures missing from our compliance program? Remember, you can't go into court and an attorney says to you, why, Christy, did you do things the way that you did them? And Christy goes, well, we've always done it that way. Uh-huh. You can't give that answer. We've always done it that way. I've heard that from experts in court. I've heard that from the witnesses. You got to base it on policies and procedures. So with a gap analysis, we gap. So the gap analysis is used to identify high-risk areas where education and training is required or PMPs can be developed and implemented. So remember, my final thought on this slide is very simple. Compliance must be absolute for all providers of healthcare, regardless of the setting, the specialty, or to which insurance companies you're actually participating with. Bless you. All right. So I've given you some steps of the gap analysis here, right? So we start with the current state, what's happening, what is our desired state, what should be happening, and then the gap. What is versus what should be, right? So again, we're looking at gap due to knowledge skills. So what is the underlying root cause? Do we need to educate our staff? What are the methods that are used to identify the practice gap? So what evidence exists? You have to do an investigation. Folks, please listen to me. You cannot put an effective compliance plan in place without doing a gap analysis. So risks can be identified. So here are your steps for doing a gap analysis, okay? We identify the risks through auditing and monitoring. What are we auditing and what are we monitoring? Well, we're auditing and monitoring policies and procedures. If we don't have policies and procedures, well, we have to start by auditing the process. We have to start by auditing our provider's documentation. You should be auditing at a minimum 30 to 40 encounters of your physicians annually. You know why? Because under the Medicare Program Integrity Manual, the MPIM, it specifically says, you know that term probe audit, everybody familiar with that term? Everybody likes to think a probe audit's 10 charts. It's not. A probe audit is defined in the Medicare Program Integrity Manual as 30 to 40 encounters. A TPE audit is 40 encounters. Office of Inspector General, minimum 30 encounters. Typically a desk audit is 100 encounters. DOJ, 100 encounters. Most people will call me and they're like, well, they did a probe audit, Sean. They only looked at like five or 10 charts. No, that's not a probe. That was just them dipping their line in the water to see what's biting. And then they will expand that to a probe audit. And if the probe audit demonstrates a higher sustained error rate, then they'll move to what's called an SVRS, a Statistically Valid Random Sample. All right. So we can do it through auditing and monitoring, investigations, tracking logs, training logs, review of the current laws that are on the book that pertain to our organization, acts, regulations, statutes. Remember, third-party vendors provide a lot of risk. Anyone can call themselves a consultant. Anyone can go out and start an LLC and put it in Delaware where the laws are very favorable. Vet your vendors. I serve as the Chief Compliance Officer for all of Ortho, Florida. I will tell you, we do our diligence. We have an effective corporate compliance program. We validate every single vendor. Our providers don't start billing for a new technology or a new service without it going through the Office of General Counsel and the Office of Compliance. Why? Because we're not going to get caught up in a situation where we have significant liabilities in the future that could be offset from our revenues now. Just not going to happen. We're very meticulous with it. Again, you have to take the blinders off and you have to look holistically at the practice from top to bottom, inside and out. You have to be objective. You have to be as objective as possible in order to perform that true gap analysis. Again, the whole point of a gap analysis is to cover your assets. Did good, didn't I? I show my wife the things that I create sometimes and she looks at me and she just shakes her head. She never says a word and walks away. All right. So this is where I've given you the process. Again, I don't want to spend too much time on here because they didn't give me a whole lot of time to be able to do this, but I hope I'm painting a clear picture. Remember, this wasn't about building an effective compliance program. This was building an effective compliance program using the gap analysis, right? So I want to make sure we're all on the same page, but I want to show you something even more important. Okay? So these are just some additional steps. Again, conducting a document review of charters, the code of conduct, your compliance related policies, your hotline log, minutes of compliance oversight committee meetings, the compliance training program, compliance audit plans and reports. These are all things that need to be reviewed as part of your gap analysis. But here's what I want to take you right here. These are the United States sentencing guidelines, right? The USSC. This is the advisory committee recommendations. Take a look at this. Talks about two components, right? Traditional auditing and monitoring to review, assess, adherence to applicable laws, regulations and policies, and two, periodic evaluation of the effectiveness of the compliance program itself. I'm telling you in the US sentencing guidelines, you've got to conduct periodic reviews, taking your compliance plan, sticking it on a shelf for three years and not looking at it is not a periodic review. At a minimum, it needs to be annual and if you're not comfortable doing it, there's lots of highly qualified, competent people that are out there that can do it. Lots of phenomenal attorneys out there. Robert Lyles is absolutely brilliant at Lyles-Parker, Ron Chapman of Chapman Law Group, Ashley Morgan, Jenna Milliger of Goldberg Law Group. I mean, these are brilliant people who understand healthcare compliance because as attorneys, that's all they do. They don't dabble in healthcare. That's their life. That's all they do. Robert Lyles is the former deputy director of the DOJ, he's been one of my best friends for 20 years. Amazing, the stuff that he understands and does. So here, and this is really important, look at this, to have an effective compliance program, this is subsection 8B2.1 of the US sentencing guidelines, to have an effective compliance and ethics program for the purposes of subsection F, blah, blah, blah, blah, blah, for what they call a culpability score. Everything's based on a culpability score. How culpable are you for the errors and or damages that the government suffered at the hands of your organization? It says they recommend a couple of things. One, exercise due diligence to prevent and detect criminal conduct, and two, otherwise promote an organizational culture that encourages ethical conduct and commitment to compliance with the law. One of the first things that you have to put into place is a policy on non-retaliation. You have got to put a non-retaliation policy in place as your first policy of your compliance plan. People are like, why would it be number one? Great question. Here's the reason why. Have you heard of a whistleblower? People become whistleblowers when they believe that they have no other option. When they believe that they going to, by going to the senior physician of the group, by going to the office manager, the practice manager, whoever it may be, the compliance officer, is going to result in retaliation, a bad peer review, no promotion, no bonus, no raises. They worry about that because they heard a horror story that it happened to another former employee. That's why you have to be able to go into court and say, your honor, it's right here. Here's our policy. It is a non-retaliatory policy. We have an open door policy to the compliance officer. They will begin investigations immediately. Again, with Ortho Florida, and I know I'm using them as my example, but with Ortho Florida, I get notification from the CEO who is actively engaged in every aspect of compliance. Our MSO is actively engaged in every component of compliance. They send me something, and they're like, we need you on this today, and we go after it. Within 24 to 48 hours, an investigation has started, and we run the investigation until we feel we have exhausted all avenues, and then we report back to the person who raised the concern. Why? Because we're transparent. The good, the bad, the ugly, it doesn't matter. As long as we don't break privilege with general counsel, we share our information. It has to be. You have to have an open line of communication between compliance and your employees. That's why we're able to stave off kitamax or whistleblowers. But here's one thing, and please hear me on this. If somebody raises a legitimate concern in your organization, don't fire them three days later, thinking you're sweeping it under the rug. Now, not only are they going to come after you for a kitam, they're going to come after you for a wrongful termination, and they are going to win. The courts are very sympathetic to people who have been ushered out the door who raised a legitimate concern. Be cognizant for how you respond to them. Be smart in your response. If somebody brings something to your attention and you believe that it is a potential liability to the organization, get with general counsel, get with outside counsel, make sure that they are advising you on how best to proceed to cover the assets of the organization and to protect you as a member of the leadership team. A couple of things that I want to show you here, because I'm running low on time. I've given you the five steps to building a corrective action plan. Remember, you can download my entire PowerPoint presentation. If you have any problems downloading it, you can grab one of my business cards or my emails on the last slide here. I'll have a share file set up, and I'll be happy to transmit it to you. It's no problem. If you can't get it from AAOE, you shouldn't have a problem because this is the new one that they uploaded. So I gave you the five steps to developing a corrective action plan. Why is a cap so important? You need to have a policy on developing corrective action plans. So I'm guaranteeing most of you, if you do your gap analysis, you're going to come back and you're going to be like, well, I don't have a policy on developing a corrective action plan. All settlement agreements today, whether it's with a commercial insurance company, the government, an investigatory agency, a prosecutor, in order for them to accept a settlement agreement, you will have to develop and have approved a corrective action plan. You could literally take what I wrote right here on this slide, cut and paste it into a Word document and call it your cap policy, because these are the steps to building an effective cap. All right. Last thing that I want to share with you right here. These are just considerations as a compliance officer. This is it right here. Last thing we're going to talk about, okay? There's a document and I would hope that if you've not seen it, you please go and download it. You can get it off of Google. The Department of Justice, or just put DOJ, Criminal Division, Evaluation of Corporate Compliance Programs. DOJ, Criminal Division, Evaluation of Corporate Compliance Programs. There are three key questions that the Department of Justice asks. Why do I say this document is so critical? It's called a Prosecutor's Playbook. I actually wrote and I teach a program called the Prosecutor's Playbook. It's a 20 page document, but I will tell you, it is such an easy read and it is so brilliant because what it tells you, bless you, step by step, and for all of you that are sneezing, y'all are blessed for the rest of the day. What it tells you is step by step what a prosecutor is supposed to do. It literally says a prosecutor should. You can literally build your P&Ps from this, but here are the three questions. Is the corporation's compliance program well designed? Is the program being applied earnestly and in good faith? In other words, is the program adequately resourced and empowered to function effectively? Finally, does the corporation's compliance program work in practice? This is all cited right here at 928-800. And then it goes into specifically, and if you take a look at all of this, you'll see where it literally says a prosecutor should, and then it gives you every citation. That's what I've done here in going through this. For example, and this is what we're looking at, does the corporation's compliance program work in practice? For example, prosecutors should consider among other factors whether the corporation has made significant investments in and improvements to its corporate compliance program and internal control system. How do we do that? Through a gap analysis. And whether remedial improvements, right, because we're talking about lack of skills or lack of knowledge for education. Whether remedial improvements to the compliance program and internal controls have been tested to demonstrate that they would prevent or detect similar misconduct in the future. How do we do that? Auditing and monitoring, right? These are all the steps that we've been talking about. Is the corporate compliance program well designed? Look what it says. Prosecutors should examine the comprehensiveness of the compliance program. Right here, JM928800, ensuring that there is not only a clear message that misconduct is not tolerated, but also policies and procedures. They're telling you, you got to have effective policies and procedures. They're showing you a roadmap, every single aspect of this. Prosecutors should endeavor to understand why the company has chosen to set up the compliance program the way that it has. You can't say it on because we've always done it this way. These are our policies and procedures. This is how they do their risk assessment. Folks, I promise you, if you follow this PowerPoint, it will take you step by step by step through the process of building an effective corporate compliance program using a gap analysis methodology and using the risk assessment tools that I've put in here for you. Here's your steps to a risk assessment right here. All right, so it's taken me right to my time. I'll give you my ... I'll tell you what. I blog almost on a daily basis on LinkedIn. If you're not connected with me on LinkedIn, you could connect with me on there. I blog every single day about what's going on in the world of regulatory compliance. Our podcast, The Compliance Guy, there's never a cost to it. It's always free. It streams live every Monday for the Monday Coding and Compliance Roundtable on LinkedIn every Tuesday. Wednesday, we have our legal roundtable. We do podcasts three to five days a week depending on my travel schedule. Again, if you get an opportunity, would love your feedback on it if any of you are interested. Other than that, if you have any questions, concerns, anything like that, I'm happy to take those. Otherwise, what I would say is they handed out a ... I'm just going back to the beginning. They handed out a ... whatchamacallit at the beginning, a post-course survey. If you liked it, my name is Sean Weiss. If you didn't, my name is Shannon DeConda. She's one of my partners speaking tomorrow. All right, thank you all so much. I appreciate your time. Have a wonderful conference. Perfect. Thank you.

Sean Weiss

Doctors Management

healthcare compliance program

gap analysis

fraud prevention

non-retaliation policy

United States sentencing guidelines

Department of Justice