Compliance Perspectives

By Adam Turteltaub Neurodiversity tends to be spoken of as an issue to be recognized and, quite often, as a barrier to overcome. Katie Roemer, Vice President, Compliance & Privacy Officer at Alta Hospital Systems see it differently: as an asset to your compliance team. In this podcast she points out that many neurodivergent people excel at pattern recognition and system level thinking, as well as root cause analysis, all of which are of great value to compliance teams. They can also help us to communicate better. Meeting their needs can help with general workforce training. Some examples include: Avoiding densely packed slides with light fonts that are hard to read Breaking the learning up into discreet pieces Previewing what is going to be learned and the length of training Letting the audience know what is the most important part of the training Giving key takeaways and highlighting key points To leverage the neurodiverse fully, she recommends creating a psychologically  safe environment that

By Adam Turteltaub What do a secret wedding and Richard Nixon have in common with HIPAA? A lot more than you might think, shares Bailey Mack, Chief Compliance Officer at Together for Youth. In this podcast she tells us the interesting history of privacy and the law.  We begin in 1890 when a photographer trespassed to photograph a wedding he wasn’t supposed to be photographing.  Thirty eight years later in the Olmstead case, wiretapping wasn’t deemed intrusive because no one entered the room.  It was as if a privacy violation could occur only if there was trespassing involved. That began to change in the 1960s in which thinking evolved and the idea gained currency that privacy was about violations of the person’s right to privacy, rather than to property. Watergate led to further changes in which citizens were given access to government records about them.  And, since then, more legislation has come and likely will. Listen in to learn more, and if you’re an SCCE or HCCA member, don’t miss her article in C

By Adam Turteltaub Executive presence isn’t simply walking in the room and having everyone instantly feel that that you are in charge.  It is something different explains Jay Greenberg, the recently retired Chief Compliance Officer at the FBI.  Instead, it is being powered by your core values and then making a maximum positive contribution to any situation by fully investing yourself to achieving that assigned mission. Executive presence, he shares, is a skill acquired through the application of experience, coupled with a great deal of self-reflection that focuses on self-confidence, core values and the help of mentors. Also of great value: preparation and confidence that is informed by past experiences, including failures.  Even star leaders didn’t magically emerge, he reminds us.  They learned from their failures, missteps and other learning experiences. It doesn’t matter, he explains, if you are working with leadership or rank and file employees.  Know your core values, who you are, your positive chara

By  Adam Turteltaub Listen up people:  It’s all about the people. That’s the key message from Gabor Sulyok, Global Head of Commercial and Healthcare Compliance at BioNTech and experienced senior compliance counsel Luciane Mallmann. At its core, ethics and compliance is a human endeavor. While regulations and standards provide the structure, it’s the people within an organization who bring these principles to life. A people-centered approach to compliance programs enhances engagement, supports better decision-making, and fosters a culture of integrity. From design to execution, every aspect of the program should reflect a deep understanding of how people learn, behave, and interact. This means rethinking how we educate, maintain awareness, and ensure accountability. Policies must be relatable and actionable. Training should be immersive and role-specific. And accountability should be balanced with support to avoid creating a risk-averse culture. They explain in the podcast that there are three key elements

By Adam Turteltaub The rise of generative AI has brought transformative potential to healthcare—from streamlining administrative tasks to supporting clinical decision-making. But alongside these benefits comes a growing concern: Shadow AI. Alex Tyrrell, Chief Technology Officer, Health at Wolters Kluwer explains in this podcast that this term refers to the use of unauthorized, unmonitored AI tools within organizations. In healthcare, where data privacy and patient safety are paramount, Shadow AI presents a unique and urgent challenge both now and in the future. Healthcare professionals often turn to generative AI tools with good intentions—hoping to reduce documentation burdens, improve workflows, or gain insights from complex data. However, many of these tools are unproven large language models (LLMs) that operate as black boxes. They’re prone to hallucinations, lack transparency in decision-making, and may inadvertently expose Protected Health Information (PHI) to the open internet. This isn’t just a theo

By Adam Turteltaub There are few parts of an investigation that are more stressful than the interview with the investigation’s subject.  Done right it can close all the loops.  Done wrong, everything can unravel. To learn how to handle things best we turn in the second of our two podcasts on investigations to Wendy Evans, Senior Corporate Ethics Investigator, Lockheed Martin and Georgina Heasman, Senior Manager, Global Investigations at Booking Holdings.  The two of them are the co-authors of our new book Fundamentals of Investigations:  A Practical Guide  and lead our Fundamentals of Compliance Investigations Workshop. In this podcast they offer a host of great insights including: While it’s generally best to interview the subject last, there are times, such as in cases of alleged harassment or data theft, where you likely will need to sit down for a preliminary interview sooner Be sure to get a read on the subject and be respectful of the stress that they are under, including giving them psychologic

By Adam Turteltaub Few people know more about conducting a compliance investigation than Georgina Heasman, Senior Manager, Global Investigations at Booking Holdings and Wendy Evans, Senior Corporate Ethics Investigator, Lockheed Martin.  The two of them are the co-authors of our new book Fundamentals of Investigations:  A Practical Guide  and lead our Fundamentals of Compliance Investigations Workshop. Not wanting to miss out on their expertise, we scheduled two podcasts with them. In this, the first of the two, they share a broad overview of best practices for conducting investigations.  Those include ensuring that even compliance team members not responsible for investigations have at least a fundamental understanding of them. As for the investigation itself, they explain, to go well it begins with the first report.  There has to be a clear line of communication and a culture that encourages employees to come forward. Once you receive that initial contact, it’s important to remember that it tells the s

By Adam Turteltaub Uh oh.  The Feds are in the front lobby with a search warrant.  Things are bad, and you don’t want anyone on site to make it worse. The secret is preparation, shares Veronica Xu, SCCE & HCCA Board Member and Chief Compliance Officer, HIPAA Privacy Officer, ADA Administrator at Saber Healthcare Group.  That begins with establishing a cross-functional team that likely includes compliance, the general counsel, CEO, CTO and, depending on your industry, the chief medical officer and others. Each should play a part in shaping the plan and be ready to play their part if a raid occurs. In addition, onsite staff, right down to the receptionist, needs to understand their responsibilities, including whom to call for help.  Not only will that avoid very costly mistakes, it will help reduce errors, fear and stress at what will likely be an extremely difficult time. What an individual gets trained on will vary by role.  Yet, there is one commonality to the training.  Everyone needs to know the impor

By Adam Turteltaub Employees may trust an AI chatbot more than they trust you, and that’s not necessarily a bad thing, if it leads to more reporting. In this podcast, Debbie Sabatini Hennelly, Founder & President of Resiliti shares that  a recent survey conducted by Case IQ reveals that nearly 70% of respondents expressed no concerns about AI being involved in the helpline process. This openness is driven by several key factors: increased anonymity, ease of use, and a perception that AI offers a fairer, more impartial experience than speaking directly with a human. These findings underscore a broader theme that continues to emerge in conversations about helplines: trust. Employees are more likely to report concerns or misconduct when they trust the system—when they believe their information will be handled confidentially, their identity protected, and their report taken seriously. Not surprisingly, they also want to understand how their information is being used and how their anonymity is being safeguarde

By Adam Turteltaub If all you’re worrying about is tone at the top, you’re missing a key portion of the choir.  With most people reporting to middle managers, they play in integral role in ensuring a culture of compliance and ethics truly permeates the organization. Evie Wentink, Senior Compliance Consultant at Ethical Edge Experts observes that while many organizations invest in crafting comprehensive codes of conduct and articulate expectations for ethical leadership, they often fall short in equipping managers with the tools, training, and support necessary to fulfill those expectations. This gap can undermine the effectiveness of compliance efforts and leave companies vulnerable to ethical lapses. At the heart of the issue is a lack of intentional communication. Middle managers are frequently expected to embody and promote ethical leadership, yet they are rarely given a clear understanding of what that entails. To bridge this gap, organizations must develop structured plans that define ethical leadersh

By Adam Turteltaub Why did the AI do that? It’s a simple and common question, but the answer is often opaque, with people referring to black boxes, algorithms and other words that only those in the know tend to understand. Alessia Falsarone, a non-executive director of Innovate UK, says that’s a problem.  In cases where AI has run amok, the fallout is often worse because the company is unable to explain why the AI made the decision it made and what data it was relying on. AI, she argues, needs to be explainable to regulators and the public.  That way all sides can understand what the AI is doing (or has done) and why. To create more explainable AI, she recommends the creation of a dashboard showing the factors that influence the decisions made.  In addition, teams need to track changes made to the model over time. By doing so, when the regulator or public asks why something happened, the organization can respond quickly and clearly. In addition, by embracing a more transparent process, and involving co

By Adam Turteltaub Despite being a Civil War era statute, the False Claims Act (FCA) always has something new going on.  To find out what’s hot these days, we spoke with Joshua Drew (LinkedIn), a former federal prosecutor and chief compliance officer and currently a Member at Miller & Chevalier. Lately, he explains, there has been a steady stream of activity. May:  The Civil Rights Fraud Initiative was announced by the administration and proposes to use the FCA against any federal funding recipient that it believes are operating DEI initiatives that violate antidiscrimination laws. July:  A new working group was created between the DOJ and HHS to focus on healthcare and life sciences.  It encouraged whistleblowers to file action in areas such as Medicare Advantage, drug device and biologics pricing and barriers to patient access, amongst others. August:  A trade task force was created to encourage whistleblowing against tariff violators. All of this occurs against a backdrop of activity by the Admin

By Adam Turteltaub The possibilities of AI don’t stop with generative AI such as ChatGPT.  Agentic AI may have more potential for compliance teams, Zahra Timsah, co-founder and CEO of i-GENTIC AI tells us. Unlike generative AI, which is well known for its ability to create content, agentic AI can be used an internal enforcement agent.  Trained properly, she tells us, it can look for a potential violation and stop it.  For example, it can spot personal health information that is about to be transferred and redact the sensitive data automatically. This ability to step in and take action will, she believes, free compliance teams from many routine tasks and allow them to shift their focus to matters that are more complex and fall within the grey area.  It will also help teams speed up the rate in which new laws and regulations turn into effective internal policies. In addition, agentic AI will be able to produce measurable value by demonstrating what it can do to manage risk, improve trust and increase effici

By Adam Turteltaub Lewis Eisen (LinkedIn) is the author of the book RULES: Powerful Policy Wording to Maximize Engagement, and he wants to change the way people think about and write  policies. Too often, he observes, policies contain parent-child language, with a scolding tone that turns people off and keeps them from wanting to read the policy, or even follow it.  It also contains a great deal of complexity, laying out all the many processes and procedures. Instead, he recommends that companies adopt policy statements that are simpler and can tie values that people can identify with.  All the other stuff – complex procedures, examples, backgrounds and so forth – belongs elsewhere he argues, for employees to see after they have had the opportunity to see the policy and buy into it. It’s an intriguing approach.  Listen in to learn more about how to reimagine your policy-making process.

By Adam Turteltaub Andrew McBride, Founder & Chief Executive Officer at Integrity Bridge, recently wrote an article entitled Generative Artificial Intelligence Use Cases for Ethics & Compliance Programs.  Intrigued by the topic, I sat down with him for this podcast. He shared that many compliance teams are charged with using AI but may not have the  desire or know how to create and implement a use case. He shares that AI is very good at doing a specific role and a specific activity.  Consequently, compliance teams should consider not just the use of AI as a whole but specific needs that they have for it.  He gives five specific use cases: Interpreter. AI can translate documents and training in seconds.  It can also help you distill long documents into pithy, usable summaries both for you and management. Drafter.  It can draft from scratch or improve what you have already put together, even creating interactive scenarios that can be useful in training. Researcher.  You do have to be mindful of halluc

By Adam Turteltaub Why? Why are you asking that? Do you really need to know it? Is it going to tell you something you need to know? Is it a question that anyone could even answer? All of these are questions to ask yourselves and colleagues when they propose adding an item to your due diligence questionnaire. As Kristy Grant-Hart (LinkedIn), author, speaker and Head of Advisory at Spark Compliance, which is now owned by Diligent, explains, too often due diligence questionnaires are filled with questions that are unnecessary at best and counterproductive at worst.  They are born out a desire to cover all the bases not necessarily get you just the information you need. Instead of throwing in everything including the kitchen sink, it’s far better to take, as elsewhere, a risk-based approach.  Work directly with those who own the risk review.  And, if the response doesn’t matter, don’t ask the question. Listen in to learn more about how to create a due diligence questionnaire that gets the answers you nee

By Adam Turteltaub With ever more attention paid to the role of boards in overseeing compliance, the question naturally comes up:  Do boards even understand what makes for an effective compliance program?  To help answer that question we spoke with Vera Cherepanova (LinkedIn), Executive Director of the non-profit Boards of the Future. She shares the unfortunate news that many boards are not where they should be.  They are not fully seeing culture as a risk factor and driver of misconduct.  Nor do many understand their own duty to manage it. That’s dangerous in these times, especially now that governments are paying closer attention to culture. Forces, though, are starting to change the equation and force boards to understand the role they and compliance play together in ensuring both integrity within the company and business success.  Supply chain issues and ESG, for example, have brough compliance in closer contact with the governing authority.  So, too, is regionalization.  As countries take divergent p

By Adam Turteltaub With a rising focus on value-based care, and a new program seeking to make the approach mandatory, we spoke with Ed White (LinkedIn), Partner at Nelson Mullins. Previous efforts to move toward value-based models, such as Accountable Care Organizations (ACOs), faced significant barriers due to regulatory frameworks like the Stark Law and Anti-Kickback Statute. These laws were designed to prevent financial incentives from influencing medical decisions, but they also limited the ability of hospitals and physicians to collaborate in ways necessary for effective value-based care implementation. Recognizing these constraints, CMS and the Office of Inspector General (OIG) collaborated in 2020 to issue new regulations aimed at facilitating the transition to value-based care. The next step in the transition is the new Transforming Episode Accountability Model or TEAM program, which will become mandatory in 2026. This program includes 740 hospitals across the country and targets five specific sur

By Adam Turteltaub Imagine that it’s time to move on from compliance to another role, either by choice or being voluntold.  Does what you learned in compliance help? Absolutely, according to Kortney Nordrum, Vice President and Senior Corporate Counsel at Deluxe.  Amongst other benefits, it taught her how to break down large issues into more manageable pieces, better identify and manage risks and help deals close. That isn’t to say the transition has come without challenges.  She has had to learn to trust others to run compliance and also to be less risk averse. Listen in to learn more about how your compliance skills can help if your career ever takes you to another profession.

By Adam Turteltaub When Garth Jordan learned about the opportunity to lead the SCCE & HCCA, he was excited about the idea of helping to build trustworthy organizations.  And, the more he spoke with the board and talked to his peers, the more convinced he was that this was the role for him. Unlike our previous CEOs he came to the association not from compliance, but from the field of association management.  He has served in leadership roles for the American Animal Hospital Association, Healthcare Financial Management Association and Medical Group Management Association.  As he looked at SCCE & HCCA he saw a great opportunity for growth and greater impact. He tell us in this podcast that he will be focusing on the complete range of things that we do, from publishing to creating events to providing certifications to facilitating networking. Listen in to learn more about him and how he plans on using design thinking to help create a robust future for the SCCE & HCCA.