Corporate Compliance

An important component of the complex roles and responsibilities held by Community Health Center Boards of Directors is to establish, and demonstrate that they have followed, a compliance oversight process.  The following tools and resources will help your Board of Directors function effectively and with an understanding of its obligations.

Note: Legal liability is governed by state corporation law. Please seek legal advice to learn about the laws in your state.

Please click or scroll down for:
Corporate Compliance
Additional Corporate Compliance Resources
Corporate Compliance Programs
Sample Corporate Compliance Programs and Work Plans
Additional Corporate Compliance Program Documents
Conflict of Interest/Standards of Conduct


According to the electronic US Code of Federal Regulations Public Health Regulations Governing Grants for Operating Community Health Centers, specifically § 51c.304: Governing Board, and as presented in the Health Center Program Compliance Manual, Chapter 19: Board Authority, the governing board is responsible for “assuring that the center is operated in compliance with applicable Federal, State, and local laws and regulations.”

Corporate compliance is the process of ensuring an organization and its employees follow the laws, regulations, standards, and ethical practices that apply to the organization, including both internal policies and rules and external federal and state laws. This process includes expectations for behavior for staff members, board members, volunteers, and others acting on behalf of the organization. (Visit the CHAMPS Conflict of Interest/Standards of Conduct webpage for additional information.)  Corporate compliance is an ongoing process, and Boards of Directors have specific responsibilities within that process.

The Office of Inspector General (OIG) of the US Department of Health and Human Services (HHS) and American Health Lawyers Association (AHLA)
Practical Guidance for Health Care Governing Boards on Compliance Oversight (2015)
19 page document providing practical tips for Boards as they work to effectuate their oversight role of their organizations’ compliance with State and Federal laws that regulate the health care industry.
Corporate Responsibility/Compliance Series:
Corporate Responsibility and Corporate Compliance: A Resource for Health Care Boards of Directors (2003)
Nine-page educational resource designed to help health care organization directors ask knowledgeable and appropriate questions related to health care corporate compliance.
An Integrated Approach to Corporate Compliance: A Resource for Health Care Organization Boards of Directors (2004)
18-page supplement to Corporate Responsibility and Corporate Compliance: A Resource for Health Care Boards of Directors, addressing the roles of the in-house corporate general counsel and an organization’s Chief Compliance Officer in supporting the compliance oversight function of health care organization governing board.
Corporate Responsibility and Health Care Quality: A Resource for Health Care Boards of Directors (2007)
11-page educational resource seeking to assist directors of health care organizations in carrying out their important oversight responsibilities, in an era when oversight of quality is becoming more clearly recognized as a core fiduciary responsibility of health care organization directors.


Feldesman Tucker Leifer Fidell (FTLF)
Health Center Compliance
A website including compliance e-newsletter, news, training opportunities, risk areas, and additional resources.

Health Care Compliance Association (HCCA)
An association for compliance professionals in the healthcare provider field, providing training, certification, networking, and other resources to compliance officers and staff from a wide range of healthcare organizations.
HCCA – Nonprofit Governance: What Every Compliance Officer Should Know
September 2012 conference materials addressing the compliance officer and the board, nonprofit versus tax exempt, nonprofit director fiduciary duties, the Duties of Care, Loyalty, and Obedience, a governance check sheet, etc.

Health Resources and Services Administration (HRSA) Bureau of Primary Health Care (BPHC)
Health Center Program Compliance Manual
Manual to serve as a streamlined and consolidated resource to assist health centers in understanding and demonstrating compliance with Health Center Program and Federal Torts Claims Act program requirements.
Health Center Mergers, Acquisitions and other Corporate Changes
A guide on how changes in corporate structures may impact the Health Center Program Federal award or result in a change in the award recipient, highlighting related considerations.
Health Center Program Site Visit Protocol (SVP) (12/2017)
HRSA’s tool for assessing compliance with Health Center Program requirements during Operational Site Visits (OSVs); the SVP is designed to provide HRSA with the information necessary to perform oversight responsibilities using a standard and transparent methodology that aligns with the Compliance Manual.

The Office of Inspector General of the US Department of Health and Human Services (OIG, HHS)
Compliance Webpage
Contains information relating to Accountable Care Organizations, compliance guidance, special fraud alerts, etc.
Compliance Education Materials
Free educational resources to help health care providers, practitioners, and suppliers understand the health care fraud and abuse laws and the consequences of violating them, and also provide ideas for ways to cultivate a culture of compliance within a health care organization.

How to Keep Your Non Profit in Compliance: A Checklist
A list of what nonprofit organizations should do, should not do, and may do in order to maintain nonprofit compliance.


Health centers should establish a Corporate Compliance Program to provide a framework specifying the centers policies, procedures, and actions and a process to help prevent and detect violations of laws and regulations.  According to the US Department of Health and Human Services (HHS) Office of Inspector General (OIG), a Corporate Compliance Program should include the following seven elements:

  1. Standards, Policies, and Procedures
  2. Compliance Program Administration
  3. Screening and Evaluation of Employees, Physicians, Vendors and other Agents
  4. Communication, Education, and Training on Compliance Issues
  5. Monitoring, Auditing, and Internal Reporting Systems
  6. Discipline for Non‐Compliance
  7. Investigations and Remedial Measures

The March 2017 OIG publication, Measuring Compliance Program Effectiveness: A Resource Guide, provides ideas for measuring the effectiveness of various activities within each of these seven program element areas.  Health Center Boards of Directors have specific responsibilities within, and will be involved in various aspects of, the organization’s program.  These may include, but may not be limited to, the following:

  • Element 1: Standards, Policies, and Procedures
    • Annual board review and approval of Compliance Plan, Code of Conduct, and related policies, all reflected in board meeting minutes
  • Element 2: Compliance Program Administration
    • Compliance program activity reported to the governance board/related board committee
    • Board understands responsibilities relating to the compliance program and culture
    • Independent reporting structure to the board/related board committee exists
  • Element 4: Communication, Education, and Training on Compliance Issues
    • Compliance competencies exist within the board/related board committee membership
    • Board undertakes appropriate and formal education about the compliance program and board responsibilities, including orientation of new board members and ongoing board training; training is reflected in board meeting minutes
    • Board member input is considered when assessing the effectiveness of training
    • Compliance department/staff regularly present at board meetings; reflected in board meeting minutes
  • Element 5: Monitoring, Auditing, and Internal Reporting Systems
    • Compliance program reporting system includes reports about direct contacts, investigations, escalations, etc. to the board/related board committee
    • Board minutes are reviewed to identify approval of work plans, discussion about any incomplete work plan items, and discussion about any changes to the work plan
    • Audit results and resulting actions reported to board, reflected in board meeting minutes
    • Board/related board committee periodically reviews monitoring and auditing plans
    • Un-timely corrective actions reported to the board
  • Element 6: Discipline for Non‐Compliance
    • Reports to board of recognition/appreciation for those exhibiting compliance/ethical behaviors/actions
  • Element 7: Investigations and Remedial Measures
    • Significant investigations and outcomes reported to the board; reflected in the board meeting minutes


Holland and Hart
Sample Compliance Program – Group Practice


Corporate Compliance Insights
Effective Corporate Compliance Programs Article (2009)

FTLF Learning Center
Compliance Program Standards Webpage