The Successful Compliance Program

1
The Successful Compliance Program

• For PHS Research Award Recipients

Presented by Pat W. Myrick, CCRP, CIP Director,
Office of Research Integrity Compliance The
University of Texas at Arlington
2
Agenda

• Define Compliance
• Compliance in the daily view
• Research Misconduct Regulation Final Rule
• Federal Guidance (NSF)
• Draft OIG Compliance Program
• Federal Demonstration Partnership response to the
  OIG Draft Program
• Essentials of an Effective Compliance Program
• How and Where to Begin Establishing levels of
  accountability
• Conducting the Risk Assessment
• Lessons Learned
• Best Practices (Open Discussion)
• Final Comments Questions

3
Compliance

• 1. Acquiescence to a wish, request, or demand. 2.
  A disposition or tendency to yield to the will of
  others. 3.a. Extension or displacement of a
  loaded structure per unit load. b. Flexibility

4
A closer look at COMPLIANCE
It is not new!
5
Research Misconduct Regulation

• Final Rule (May 15, 2005) published at 70 Fed.
  Reg. 28370.
• Purpose of the regulation is to protect the
  public health and safety, the integrity of
  scientific research, and the conservation of
  public funds.
• General policy states that institutions and its
  members have affirmative duty to protect PHS
  funds from misuse and ensure the integrity of the
  science.

6
Federal Government DefinitionNEW

• Research misconduct is defined as fabrication,
  falsification, or plagiarism in proposing,
  performing, or reviewing research, or in
  reporting research results.
• The destruction or absence of research records is
  also evidence of research misconduct under the
  new regulation.
• Research misconduct does not include honest error
  or differences of opinion.

7
Findings of Research Misconduct

• Requires a, significant departure from accepted
  practices to the relevant research community
  and
• That the misconduct be committed intentionally,
  knowingly, or recklessly, and
• That it be proven by the preponderance of the
  evidence.

8
Institutional Responsibilities

• Institutions retain responsibility for
• Responding to allegations
• Conducting an inquiry
• Conducting an investigation and reporting it to
  ORI (during both stages)
• Adjudication (at the institutional level)
• Appeal (if the institutional procedures provide
  for one)

9
Institutional Responsibilities

• Must have written policies and procedures for
  addressing allegations.
• Respond to each allegation in a thorough,
  competent, objective and fair manner.
• Must deal promptly with the allegations.
• Foster a research environment that promotes
  responsible research conduct.

10
Institutional Responsibilities

• Must protect the positions and reputations of
  good faith complainants, witnesses, and
  committee members.
• This includes protecting them from retaliation by
  Respondents or other institutional members.
• Provide confidentiality (disclose on need-to-know
  basis only)

11
Institutional Assurances(Applies to institutions
receiving PHS support)

• Must provide HHS with an assurance of compliance
  to the responsibilities delineated in the
  regulation.
• Compliance means
• Having written policies and procedures
• Fostering research integrity
• Filing an annual report with ORI, DHHS, NIH, NSF,
  etc.

12
Responsible Conduct is . . .

• Conduct of science with full integrity with
  respect to
• Intellectual input
• Data collection, retention, analyses, reporting,
  sharing
• Reviewing and editing
• Disclosure of interests
• Teaching and mentoring

13
Why is it important?

• Incorporated into ethics codes of societies
• Required for NIH-trainees who do research with
  humans and animals and their research staff
• Researchers need to know rules regulations
  that govern their activities
• Administrators need to know rules regulations
  governing faculty students
• Affects public perception of science scientists
• Education/training increases awareness fosters
  research integrity
• Education/training may help to prevent research
  misconduct questionable research practices.

14
Expectations

• NSF
• Clear articulation of rules/expectations
• Balance compliance, institution responsibility
  and latitude, reduction of bureaucracy
• Numerous funding opportunities
• Institution
• An environment in which employees can operate
  with integrity
• Responsible administrative, financial, and
  research management, and oversight (e.g., Article
  1, GC-1)
• Investigators
• Overall Uphold ethics and standards of
  community
• Submit quality proposals and conduct the funded
  activity
• Know and adhere to rules, regulations and ethics
• Ensure compliance and education of staff,
  students, etc.

15
NSF Guidance

• Grantee Responsibilities and Federal Requirements
• The grantee has full responsibility for the
  conduct of the project or activity supported
  under this award and for adherence to the award
  conditionsthe grantees responsibility for
  making sound scientific and administrative
  judgmentsThe grantee is responsible for
  notifying NSF about (1) any allegation of
  research misconduct that it concludes has
  substance and requires an investigation in
  accordance with NSF research misconduct
  regulations published at 45 CFR (Code of Federal
  Regulations) 689 or (2) any significant
  problems relating to the administrative or
  financial aspects of the award.
• By accepting this award, the awardee agrees to
  comply with the applicable Federal requirements
  for grants and cooperative agreements and to the
  prudent management of all expenditure and
  actions affecting the award.

16
Where do we stand?

• On November 28, 2005, the DHHS Office of
  Inspector General published a notice in the
  Federal Register requesting comments on Draft OIG
  Compliance Program Guidance for Recipients of PHS
  Research Awards.

17
OIG Compliance Program

• Through the notice the OIG set forth its general
  views on the value and fundamental principles of
  compliance programs for colleges and universities
  and other recipients of PHS awards for biomedical
  and behavioral research.
• Three major risk areas for recipients of NIH
  research awards
• Time and effort reporting
• Properly allocating charges to award projects,
  and
• Reporting of financial support from other sources

18
Federal Demonstration Partnership(FDP)

• January 2006, open forum
• Agree that comprehensive compliance programs are
  needed
• Draft focuses only on PHS research
• Possibility for conflicting guidance depending
  upon funding source
• Prescriptive nature of the guidance
• Deviation would be perceived as non-compliance
• Technical inaccuracies
• Time effort reporting should be written in
  compliance with A-21, section J.10
• Recommended the Draft Compliance Guidance be
  withdrawn
• Work with other Federal Agencies to develop a
  Compliance Guide across all agencies.

19
Essentials for an Effective Compliance Program

• Establish a transparent infrastructure that works
  to assure that the institution is in compliance
  with all applicable laws, regulations, policies
  and procedures.

• Everything is not a regulation

20
Essential Components

• Applicable regulations and standards
• Identify institutional official and other
  individuals of accountability
• Communication and Education
• Establish partnership and trust
• Monitoring Plan
• Confidential Reporting Mechanisms (internal and
  external)
• Consistency enforcement, discipline, reporting
• Respond to feedback
• Learn from others and be flexible when possible

21
Essential Components

• Approval from highest ranking institutional
  official
• Plan ahead the process will take longer than
  you think
• Use relevant examples
• Train infrastructure employees
• Be service-minded
• Be user friendly

22
Communication Educationan issue of Partnership
. . .

• Understand and apply PHS requirements and
  principles
• Put the rights, welfare, and safety of each
  individual enrolled in the research ahead of
  professional, academic, financial, personal, or
  other interests
• Meet institutional and regulatory requirements
• Responsible management of personnel
• Performance Feedback
• Rewards and penalties
• Participation in improving the process
• Administrative Rules

23
Setting the Standard

• The bar is raised through communication

• The bar is set by example

24
Culture Change

• Establish and clearly communicate the vision and
  goal of the compliance program (sooner rather
  than later)
• Monitor or audit activity
• Establish open commitment from the highest
  officials
• Be consistent as an example of how the
  institution expects its employees and students to
  act
• Voluntary disclosure

25
Levels of Accountability

• Institutional Accountability
• Systematic failure of the institution to
  implement practices and procedures contained in
  the assurance held by the institution.
• Investigator Accountability
• Initiating unapproved research
• Oversight Ad Hoc, Boards, Committees, etc.
• Deviation from duties required by federal
  regulation, state or local law, institutional
  policies, established codes of conduct, SOPs, etc.

26
Compliance Officer(CO)

• Pro
• Knows the culture
• Immediate start
• Network established
• No reallocation of resources
• Con
• Consider established relationships
• Not main job
• Possible conflicts

• Pro
• Main job
• Not attached to existing functional area
• No previous relationships
• Con
• Must learn the culture
• Hiring takes time
• Develop network
• Arduous program implementation
• Resources must be reallocated

27
CO Duties

• Compliance should become a part of everyday life
• Establish compliance as a function
• Meet with various directors to create monitoring
  plans
• Monitor the related compliance program activities
• Establish risk-based plan (e.g., Enterprise Risk
  Management)
• Create confidential reporting mechanism and
  procedures
• Communicate with the highest ranking official and
  appropriate others regarding compliance activities

28
Executive Management

• Decisions, decisions.

• State of the Union
• Instances of non-compliance that require
  executive action
• Risk-based plan
• Monitoring activities
• Program Self-Assessment
• Action plan for improvement

29
Definition of Compliance Risks

• The likelihood that an employee (faculty,
  administration, or staff) will fail to follow an
  internal policy or procedure or an external law,
  rule or regulation that applies to the activity
  in which they are engaged. (Crawford Crawford)

30
Risk Assessment Process

• Identify risk areas within the institution
• (GCS, Research Compliance, EHS, Athletics, etc.)
• Compose a risk matrix
• Area, authoritative guidance, exposure, current
  and future strategies
• Establish agreement within each working unit
• Re-determine the impact and probability of these
  risks from an institutional perspective rather
  than from an area perspective

The result is the Institutional Compliance Risk
Matrix
31
The Responsible Party

• Exclusive responsibility for managing the risk

Knowledge to manage the risk
Authority to manage the risk
32
Lessons Learned . . . .

• If more than one responsible party is indicated,
  it usually means
• Risk should be split into multiple risks.
• One of the responsible parties does not fulfill
  the requirements of a responsible party usually
  the authority to manage is the requirement not
  met.
• True responsible party does not want to
  acknowledge responsibility
• Competing interests among the executive ranks.
• Use the monitoring plan
• Use agreed upon procedures

33
Lessons Learned . . . .

• Require examination of documented evidence of
  compliance
• To verify that supervisory controls were
  performed
• To verify that corrective action was taken if
  appropriate
• Assure pre-determined consequences for
  Noncompliance
• Ensures consistent, equitable action
• Influences behavior
• Fulfills the Federal Sentencing Guidelines
  requirement for discipline and corrective action

If it is not documented, It did not happen!
34
Thank you for participating!

• Final Questions ? . . .

35
References

• Bankert, E., Amdur, R. (2006) Institutional
  Review Board Management and Function (2nd Ed.)
  pgs. 16-20, 315-318.
• Bewley, Esq., B. (2006) the new HHS Research
  Misconduct Regulation, Important Issues and
  Changes that Affect Institutions. Office of the
  General Counsel, HHS.
• Crawford, D., Crawford, J. Best Practices in
  Implementing an Effective Compliance Program. JD
  Enterprises (March 2006 UT System presentation)
  available at www.utsystem.edu/compliance
• Kroll, J. (2006) Ethical Conduct Made Easy A
  Compliance Program Approach. Head/Administrative
  Investigations, Office of Inspector General, NSF.
• Nebeker, C. Developing RCR for the Social and
  Behavioral Sciences SDSUs Experience, Division
  of Research Affairs
• Websters II New Riverside University Dictionary
  (1994).