The Four C’s of Healthcare Compliance 

The Four C’s of effective healthcare compliance, Brian Kozik, CHC, CCEP, CHCP

It’s tempting to focus all your time and attention on getting board and leadership support for a compliance program. The trouble is, the board and leadership aren’t the ones making the million decisions every day that affect patient care and compliant practices. In order for me to ever deliver a truly effective and robust compliance program, I also needed all employees and physicians to get on board. It was my job to help them fully understand the importance of our compliance practices and how our policies and procedures led to better patient care, better financial practices and a more compliant organization.   

To win hearts and minds, I needed to show up with my clinical and operational colleagues and make sure that my team was seen as a resource and not as punitive police force. In order to be a partner and resource, we need to practice a commitment to what I like to call the “four C’s of compliance.”   

  • Communication  
  • Collaboration  
  • Credibility  
  • Culture  

Let’s delve into each one further. 

Communication for healthcare compliance  

Communication is essential for ensuring the Board, your employees, your physicians and the community understand the commitment your system has to operating at the highest level of integrity. Maintaining ongoing communication helps ensure that all constituents are on the same page. As a Chief Compliance Officer, I looked for every opportunity to maintain open communication. For me, this starts with attending New Employee Orientation. I wanted employees to know compliance is so important the Chief Compliance Officer conducts the training. In addition, I worked with Marketing to develop a monthly Compliance newsletter. My Compliance staff visited various locations to introduce themselves. That way, stakeholders felt a connection to us rather than just hearing about the compliance staff and program.  

Collaboration for healthcare compliance  

There is no Compliance Officer who has the budget and staff to cover all of the risk areas within a system. This is why effectively collaborating with the employees and physicians is just as essential as communication. (Ken Zeko offers metrics for the amount of time you spend with your clinical and operational colleagues in 12 key metrics for compliance officers looking to move their culture forward.)  

I collaborated by helping employees and physicians see that they, too, are compliance officers.  They need to understand the regulatory environment they work in and to feel free to reach out to the Compliance Officer or Compliance department with questions and concerns. The Compliance department is there right beside them. I tell them that the regulations are not always as simple as “yes” you can or, “no” you can’t. Therefore, it is essential that you “team” up with the employees and physicians.  

Credibility for healthcare compliance 

Credibility is earned by the Compliance Officer. Employees and physicians will feel comfortable working with you when they feel you are credible. In some instances, this may be hard to obtain, especially if the prior Compliance Officer may have acted as more of a police officer. You need to be a good listener. Each person you work with will have had a unique experience with Compliance, so you’ll have to adapt your style to meet the individual where they’re at.  

In one of my compliance officer positions, access to the Compliance Department was restricted by badge and camera. To gain credibility, I knew the Compliance Department staff had to be accessible and transparent. So, on day two of arriving, I had the camera and badge access removed. I was surprised to receive more than 25 emails from employees I had not yet met. They told me how excited they were to see the camera removed thus, allowing them to come into the Department with any questions or issues. That was a little thing that went a long way!  

Culture for healthcare compliance 

Jay Anstine writes frequently about creating a culture of compliance. He has a great short definition: A culture of compliance is a commitment throughout all levels of an organization to do the right thing and do things right.  

There’s a pretty wide spectrum between what Jay describes – everyone lined up to do things right and believing that Compliance partners with them– and one where employees and physicians see compliance as a “forced” program. One important element of the culture is whether the Compliance program is seen as punitive. For example, as a new Compliance Officer I discovered that a privacy mistake like giving a patient someone else’s discharge instructions was considered a “serious violation.” This meant that someone who made this mistake would be written up. This was critical for the employee. A reprimand would have been placed in their personnel file and could have affected future raises. If she had made a similar mistake in the future, she could have lost her job. This seemed unnecessarily punitive and unlikely to lead to the psychological safety we needed in order for people to bring their mistakes forward to fix. 

So, I worked with Human Resources and adjusted the levels of discipline for privacy violations. This simple change resulted in employees and physicians being less afraid to report a mistake. Nurses were especially pleased. They are faced with taking care of several patients and working with Case Management in getting patients discharged. This is a fast-paced process as there are other patients waiting for the beds and patients wanting to leave for home. In the rush, taking one patient’s paperwork off the centralized printer may include others discharge papers. Do nurses do this on purpose? No. Do we want the nurses to feel safe speaking up about mistakes and asking for better tools? Yes.  

I love this discharge paperwork example because it incorporates all of my Four C’s. 
  1. I had communicated with the clinical staff enough that they knew who I was, and a line manager was willing to bring me a problem. 
  2. I collaborated with Human Resources and Nursing Leadership to change the policies around violations. I also collaborated with Nursing Leadership to change processes to reduce the risk of repeated violations. (One idea was to automate the process so printing paper was unnecessary. Another was to have managers meet with staff at the start of each shift and remind them to give themselves a few extra seconds to check the name on the discharge paperwork.) 
  3. This incident helped me build credibility with my clinical colleagues. One of my best days at work was the day a nurse called to tell me this: “I work the night shift and have never met you but, my fellow nurses told me you are a good guy and I have an item I want to discuss with you.” I was so proud to have built that trust. 
  4. We changed the culture around reporting incidents. We gave people more tools and more safety to do the right thing and to do things right.

I often tell this story as a win for the Compliance function, but of course it was a win for the organization. My biggest secret weapon in this work has been putting my ego aside and leading with empathy. A willingness to walk a mile in the nurses’ shoes – and then learn from that experience – was really the key to bringing these Four C’s to life. 

Brian W. Kozik, CHC, CCEP, CHCP is a 25-year veteran of healthcare compliance and an expert in compliance monitoring and auditing. Most recently he served as Chief Compliance Officer at Broward Health. He is the author of The Healthcare Auditor’s Handbook and Ready, Set, Comply!: Compliance Games, Activities, And Tools to Train Your Staff.

Keep up with articles for healthcare compliance professionals. Register to receive weekly emails from YouCompli.

Effective regulatory change management includes expertise, process, and skills for influence. YouCompli can help with your process – freeing up time for you to focus on relationships, influence, and impact.   

Get a 15-minute strategic overview of YouCompli