top of page

    Health (Compliance)

 

  • Developed and implemented a prototype, comprehensive, organization-wide healthcare compliance program, pursuant to the Patient Protection and Affordable Care Act (PPACA – a/k/a “Obamacare”), as a condition precedent to enrollment in the Medicare program, promoting organizational adherence to applicable federal and state law, and private payer healthcare requirements, as an effort to protect the organization against fraud, abuse, waste, and other potential liability areas, by establishing an organizational culture that promotes the prevention, detection and resolution of conduct that does not conform to the applicable laws or to the internal ethical and business policies of the organization, including but not limited to Implementing  written policies, procedures and standards defining ethical conduct, establishing the position of compliance officer and authorizing the empowerment of a compliance committee, conducting continuous and extensive effective training and education for both management and staff, specifying clear communication protocols and reporting procedures for possible violations, establishing groups responsible for performing continuous internal monitoring and auditing, actual enforce standards and disciplinary guidelines as authorized through new corporate policies, and responding to detected violations with prompt and decisive corrective action.

 

  • Consultation regarding the corporate practice of medicine (CPOM), with concentration on New Jersey (allowing physicians to offer healthcare services as an employee of a corporation if the corporation is either licensed by the New Jersey Department of Health as an HMO, hospital, long or short-term care facility, ambulatory care facility or other type of healthcare facility or healthcare provider, or, is not in the business of offering treatment services but maintains a medical clinic for the purpose of providing first aid, or, is non-profit, sponsored by a union, social or religious or fraternal organization providing healthcare services to members only, or, is an accredited educational institution that maintains a medical clinic for services for students and faculty, or, is licensed by the State of New Jersey Department of Insurance as an insurance carrier), New York (in general, corporations cannot employ physicians to practice medicine, unless such corporations are either non-profit medical, dental expense indemnity, or hospital service corporations) and Pennsylvania (in general, healthcare facilities, including hospices, can employ physicians to provide medical services).

 

  • Developed and implemented general healthcare compliance auditing, monitoring and training programs, authored user-friendly compliance manuals, and conducted onsite training to familiarize staff with such manuals.

 

  • Developed and implemented a comprehensive database of investigation data and analyzed trends to determine appropriate compliance actions such as training or clarifying corporate policies.

 

  • Developed and implemented protocols, procedures and corporate policies governing records management and records retention relating to managed care, healthcare, life sciences and pharmaceuticals.

 

  • Compliance with domestic and international health-related guidelines, laws, regulations, rules and statutes, such as: Age Discrimination in Employment Act (ADEA); Anti-Kickback Statute (AKS); anti-money-laundering (AML) statutes; Consolidated Omnibus Budget Reconciliation Act (COBRA); Emergency Medical Treatment and Labor Act (EMTALA); Employee Retirement Income Security Act (ERISA); False Claims Act (FCA); Family and Medical Leave Act (FMLA); Food, Drug and Cosmetic Act (FD&C Act); Food and Drug Administration (FDA); FDA Office of Prescription Drug Promotion (OPDP); Foreign Corrupt Practices Act (FCPA); fraud & abuse statutes; Health Insurance Portability and Accountability Act (HIPAA); International Conference on Harmonisation (ICH) guidelines; Good Clinical Practices (GCPs); Hatch-Waxman Act (a/k/a Drug Price Competition and Patent Term Restoration Act); No Surprises Act (NSA); Physician Payments Sunshine Act (Sunshine Act); Physician Self-Referral Statute (Stark Law); Prescription Drug Medication Act (PDMA); Robinson-Patman Act.

 

  • Compliance audits and corporate policies, such as related to the: 340B Program; Prescription Drug Marketing Act (PDMA); Deficit Reduction Act (DRA); anti-inducement laws; antitrust laws; Drug Quality and Security Act (DQSA);  Drug Supply Chain Security Act (DSCSA); federal and state controlled substances laws; Health Information Technology for Economic and Clinical Health (HITECH) Act; maximum allowable cost (MAC) transparency laws.

 

  • Reviewed and revised proposed promotional material for compliance with Federal Statues such as 21 CFR 314.81(b)(3)(i) and Office of Prescription Drug Promotion (OPDP) guidelines such as Form FDA-2253.

 

  • Participated in the development of corporate policies, protocols and Standard Operating Procedures (SOPs) for compliance with applicable guidelines and regulations such as the International Conference on Harmonisation - Good Clinical Practices (ICH-GCPs), US 21 CFR Part 11 and EU Pharmacovigilance legislation, and then monitored all documents for continuing compliance as designated Quality Control (QC) team member.

 

  • Compliance with CFR Title 21, Subchapter A (including Part 11 – Electronic Records, Part 26 – Good Manufacturing Processes, Part 50 – Protection of Human Subjects, Part 54 – Financial Disclosure by Clinical Investigators, Part 58 – Good Laboratory Practices, Part 60 – Patent Term Restoration, Parts 70-82 – Color Additives and Part 99 – New Uses for Marketed Drugs, Biologics and Devices), Subchapter C (Parts 200-299 - Drugs), Subchapter D (Parts 300-369 – Drugs for Human Use), Subchapter F (Parts 600-680 – Biologics) and Subchapter H (Parts 800-898 – Devices).

  • Compliance with EU General Data Protection Regulation 2016/679 (GDPR), Directive 95-46-EC, and international privacy regulations, Personal Information Protection and Electronic Documents Act (PIPEDA).​

  • Compliance with French Law Act No. 2002-303, dated March 4, 2002, and accreditation procedure mandated by Decree No. 2006-6, dated January 4, 2006, for the hosting of health data within any French jurisdiction.

 

  • Compliance with the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA), such as policies for consumer access and deletion requests regarding their personally identifiable information (PII), opt-out procedures to prevent the unauthorized use and sale of consumer PII, clear language on websites relating to the use of and opting-out for PII, continual training for personnel regarding consumer rights under the CCPA, the application of the CCPA to consumers located outside California but using facilities and services within California, W3C Web Content Accessibility Guidelines (WCAG).

 

  • Compliance with New York State Department of Financial Services (NYDFS) Cybersecurity Regulation 23 NYCRR 500.

  • Compliance with domestic and international privacy-related guidelines, laws, regulations, rules and statutes, such as:  the “safe harbor” framework; Controlling the Assault of Non-Solicited Pornography And Marketing Act (CAN-SPAM); Data & Marketing Association (DMA) Guidelines; EU Data Protection Directive; Fair Credit Reporting Act (FCRA) and Regulation V (Fair Credit Reporting); False Claims Act (FCA); Federal Reserve Regulation P (Privacy of Consumer Financial Information); Federal Trade Commission (FTC) Behavioral Advertising Principles; FTC Telemarketing Sales Rule;  Federal Risk and Authorization Management Program (FedRAMP); Foreign Intelligence Surveillance Act (FISA); Gramm-Leach-Bliley Act (GLBA); Health Information Technology for Economic and Clinical Health Act (HITECH); Health Insurance Portability and Accountability Act (HIPAA) – applying to any digital platform that may the collect or handle any protected health information (PHI); ISO 27000; Mobile Marketing Association Best Practices; Network Advertising Initiative (NAI) Guidelines; Office of Management and Budget (OMB) Memoranda M-10-22 and M-10-23; Payment Card Industry (PCI) Data Security Standard (DSS) (collectively, PCI DSS).

 

  • Compliance with Good Manufacturing Practices (GMP), Current Good Manufacturing Practices (CGMP), International Conference on Harmonisation (ICH) Q7 for active pharmaceutical ingredients, ISO13485 and FDA Quality System (QS) for medical devices, warning letter response and remediation, due diligence and various audits (such as for analytical data and quality systems, facilities, validation of cleaning processes and pre-approval inspections).

 

  • Compliance with Good Laboratory Practices (GLP), Organization for Economic Cooperation and Development guidelines and audits of study protocols, bioanalytical methods and related data.

 

  • Compliance with Good Clinical Practices (GCP), including audits of contracts, sourcing and procurement chains, Contract Research Organizations (CRO), ICH E6 Clinical investigators and vendors of electronic data capture, manufacturing and distribution of clinical supplies and medical services.

 

  • Compliance with Other Good Practices (GXP), such as audits for Good Clinical Laboratory Practices, Good Pharmacovigilance Practices, Standard Operating Procedures (SOP), qualifications (such as for installations, performance and protocols), validation master plans, sterilization documentation, drug substance starting materials and packaging, risk management planning and facilitating on-site FDA inspection of foreign sites.

 

  • Development and implementation of compliance plans conforming to laws and regulations such as the HIPAA Omnibus Rule, the HIPAA Privacy and Security Rules, and the Health Information Technology for Economic and Clinical Health (HITECH) Act.

  • Continuing risk management assessment of project-specific situations in coordination with relevant project personnel and development of strategies and protocols for risk avoidance.

    Progress_Page_Last_Updated_221122_1322

bottom of page