Members of corporate boards of directors are subject to two main responsibilities — the Duty of Loyalty and the Duty of Care. In recent years, the United States Department of Health and Human Services, Office of the Inspector General ("OIG") has issued publications to make it clear to members of the boards of directors of health care companies conducting business with federal health care programs (directly or indirectly) that these fiduciary duties include an obligation at the board level to assure that the health care company maintains an effective corporate compliance program.[i]
A few recent developments with Corporate Integrity Agreements ("CIAs")[ii]reveal a trend that delineates with more specificity how the OIG believes that boards of directors of health care companies should act to demonstrate that they are satisfying this obligation with respect to corporate compliance programs and with respect to quality of care. Companies conducting business directly or indirectly with federal health care programs and with the U.S. Food and Drug Administration ("FDA") should consider these new CIA requirements as they operate their companies, even in the absence of a CIA.
The new requirements of these CIA provisions regarding corporate compliance programs include quarterly board or board committee meetings to review and oversee the companies' compliance with federal health care program requirements; FDA requirements (if applicable); the obligations in the CIA (if applicable); and the compliance program (such review and oversight may be required to be conducted with the assistance of a third party). The new contractual obligations of these CIA provisions also include the adoption of board resolutions stating that the board or a board committee has concluded, after a reasonable inquiry, that the companies have implemented "effective" compliance programs, as well as individual certifications from board or board committee members stating that each member of the board or board committee agrees with the board's resolution.
In particular, the Eli Lilly and Company ("Eli Lilly") CIA, signed on January 14, 2009, and another recent pharmaceutical manufacturer CIA, demonstrate a trend by the OIG of including specific board provisions in pharmaceutical manufacturer CIAs.[iii]Previous CIAs with pharmaceutical manufacturers (as well as other health care companies generally) only required that the company's compliance officer "shall make periodic (at least quarterly) reports regarding compliance matters directly to the Board of Directors [or to a Committee of the Board] of [the Company], and shall be authorized to report on such matters to the Board of Directors of [the Company] at any time." The Eli Lilly CIA includes the following new governance-level requirements:
The Eli Lilly CIA further states that, at a minimum, the board resolution shall include the following language:
It is unclear what is required for a "reasonable inquiry." This is likely to be subject to a facts and circumstances analysis. While it is helpful to specify in the CIA that a "reasonable inquiry" includes at least an effectiveness review and receipt of updates about the activities of its compliance personnel, it is unclear what more should be done and what steps should be included for an "effectiveness review" to be truly "effective." Also, what types of reports or interviews should board members request so that their knowledge is not limited in a way that could suggest that a contractual or fiduciary obligation was not fulfilled appropriately?
Board Member Liability
By way of background, in the 1996 Caremark case,[vi] the Chancery Court of Delaware established the potential for personal legal liability for board members if they breached their Duty of Care. The Caremark Court stated that:
The Court further stated that "only a sustained or systematic failure of the board to exercise oversight -- such as an utter failure to attempt to assure a reasonable information and reporting system exits -- will establish the lack of good faith that is a necessary condition to liability."[viii]
Several years after the Caremark decision, the OIG began issuing papers to encourage the boards of companies involved in federal health care programs to be more involved in the oversight of their companies' compliance programs.[ix]Working with the American Health Lawyers Association, the OIG released a guidance document for health care boards of directors that specifically referenced the Caremark Duty of Care to health care corporate compliance programs. Citing Caremark, the OIG elaborated that "[c]learly, the organization may be at risk and directors, under extreme circumstances, also may be at [personal] risk if they fail to reasonably oversee the organization's compliance program or act as mere passive recipients of information."[x]
On September 27, 2006, the OIG entered into a CIA with Tenet Healthcare Corporation, together with its subsidiaries, affiliates, hospitals, and other health care facilities. The OIG published a press release stating that the Tenet CIA:
The requirements for the Tenet Board of Directors under the Tenet CIA includes the following:
The Tenet CIA included detailed contractual provisions that required more active participation from Tenet's board of directors.
Similar to the CIA provisions regarding corporate compliance programs, CIA provisions regarding quality of care require boards of directors of providers to review and oversee a function of the Company. For example, in the Corona Care Convalescent Corporation CIA, effective March 21, 2008, the CIA provisions include a requirement that the provider: "create a committee as part of its Board of Directors to provide oversight on quality of care issues."[xiii]Specifically, the CIA requires this board committee to:
Although CIA contractual governance requirements regarding quality of care issues already had appeared prior to the Tenet CIA in CIAs for certain providers, provisions imposing requirements on boards of directors regarding quality of care issues appear to have been included more consistently in the OIG's CIAs during 2007 and 2008. The trend for including contractual governance requirements regarding the effectiveness of corporate compliance programs in the OIG's CIAs appears to have begun in late 2008 and into early 2009.
* * *
For questions regarding this alert and topic, please contact:
This Epstein Becker Green Client Alert is published by EBG's Health Care and Life Sciences practice to inform health care organizations of all types about significant new legal developments.
Lynn Shapiro Snyder, Esq.
If you would like to be added to our mailing list or need to update your contact information, please contact, Jennifer Sunshine, email@example.com or 202/861-1872.
[i] See, e.g., Final Compliance Program Guidance for Nursing Facilities, 65 Fed. Reg. 14289 (March 16, 2000); Final Compliance Program Guidance for Pharmaceutical Manufacturers, 68 Fed. Reg. 23731 (May 5, 2003).Corporate Responsibility and Corporate Compliance: A Resource for Health Care Boards of Directors, United States Department of Health, Office of the Inspector General and The American Health Lawyers Association, April 2, 2003, available at
http://oig.hhs.gov/fraud/complianceresources.asp; An Integrated Approach to Corporate Compliance: A Resource for Health Care Boards of Directors, United States Department of Health, Office of the Inspector General and The American Health Lawyers Association, July 1, 2004, available at http://oig.hhs.gov/fraud/fraudalerts_other.asp; Corporate Responsibility and Health Care Quality - A Resource for Health Care Boards of Directors, States Department of Health, Office of the Inspector General and The American Health Lawyers Association, September 13, 2007, available at http://oig.hhs.gov/fraud/fraudalerts_other.asp.
[ii] Health care companies may seek to settle matters resulting from government health care fraud investigations or qui tam civil lawsuits. Some health care fraud allegations give rise to the OIG's permissive exclusion authority under 42 U.S.C.1320a-7(b)(7). In consideration for the OIG's waiver of this authority to exclude the companies from future participation in federal health care programs, these companies may enter into agreements with the OIG, such as CIAs or Certification of Compliance Agreements, that impose integrity obligation on the companies.
[iii] See also the Cephalon, Inc. CIA, effective September 29, 2008, which has similar, but not identical, board of director provisions.
[iv] Corporate Integrity Agreement between Eli Lilly and Company and the United States Department of Health and Human Services, Office of the Inspector General, Section III.A.3., January 14, 2009 (emphasis added).
[v] Id. (emphasis added).
[vi] In re Caremark International Inc. Derivative Litigation, 698 A.2d 959 (Del. Ch. 1996).
[vii] Id. at 970.
[viii] Id. at 971.
[ix] See, e.g., Final Compliance Program Guidance for Nursing Facilities, 65 Fed. Reg. 14289 (March 16, 2000); Final Compliance Program Guidance for Pharmaceutical Manufacturers, 68 Fed. Reg. 23731 (May 5, 2003).
[x] Corporate Responsibility and Corporate Compliance: A Resource for Health Care Boards of Directors, United States Department of Health, Office of the Inspector General and The American Health Lawyers Association, April 2, 2003, available at
http://oig.hhs.gov/fraud/complianceresources.asp (emphasis added).
[xi] OIG Executes Tenet Corporate Integrity Agreement: Unprecedented Provisions Include Board of Directors Review, United States Department of Health, Office of the Inspector General, September 28, 2006, available at http://oig.hhs.gov/publications/newsroom_archive.asp. Prior CIAs, such as the HealthSouth CIA, effective January, 1, 2005, also contained provisions requiring board of director oversight, but do not include all of the requirements or the detail included in the Tenet CIA.
[xii] Corporate Integrity Agreement between Tenet Healthcare Corporation, together with its subsidiaries, affiliates, hospitals, and other health care facilities, and the United States Department of Health and Human Services, Office of the Inspector General, Section III.A.7., September 27, 2006 (emphasis added).
[xiii] Corporate Integrity Agreement between Corona Care Convalescent Corporation and the United States Department of Health and Human Services, Office of the Inspector General, Section III.A.3., March 21, 2008 (emphasis added).
[xiv] Id. (emphasis added).