The Office of Compliance

Purpose of the Program

The University is committed to the highest standards of ethics, honesty, and integrity and to comply with all applicable laws and regulations. The purpose of this Compliance and Quality Improvement Program (the “Program”) is to call the attention of persons associated with the University to some of the laws and regulations applicable to academic institutions. The Program is intended to (a) promote legal and ethical behavior in the academic context and (b) prevent and detect violations of law. The Program is intended to provide for more effective and efficient compliance efforts and oversight.

Action by Board of Regents

This Program was originally adopted on the 30th day of January 2002 by resolution of the University’s Board of Regents (the “Board”).

Pre-existing Standards and Procedures 

In addition to this Compliance and Quality Improvement Program, the University has established and maintains various practices, policies, and procedures which are incorporated into the Program. This Program does not supersede or diminish any other policy or program of the University that, in whole or in part, also addresses compliance issues, unless such other policies or programs are inconsistent with this Program.

1.4 Compliance with Other Laws

University employees are required to comply with all applicable laws and regulations, whether or not specifically addressed in the Program. The standards of conduct set forth in this Program cannot cover every legal situation. It is the responsibility of each University employee to act honestly and with integrity in all dealings and to seek appropriate guidance when necessary.

Modification of the Program

This Program will be periodically updated or otherwise modified by the Board of Regents as necessary. In addition to this document, the University will periodically distribute memoranda or other policies, which supplement the Program.

General Application

This Program applies to all University colleges, departments, and employees that:

• Submit claims for reimbursement of medical services;
• Perform human and/or animal research; and/or
• Handle or work with or around hazardous, controlled substances, and/or radioactive materials.

2.1 Board of Regents

The Board of Regents has the responsibility for (a) implementing and (b) overseeing the Program and related compliance activities. Functions of the Board of Regents will include, but are not limited to the following:

• Authorizing the University to implement the Program.
• Approving the structure for management oversight and reporting of compliance activities.
• Reviewing periodic reports concerning the Program and compliance activities.
• Reviewing any special reports on any compliance activity.

2.2 University Officers and Other Management Personnel

University officers and directors must pay special attention to the laws and regulations applicable to their colleges or departments and should promptly bring areas of concern to the attention of the Director of Compliance.

3.1 General Purpose

The University’s Office of Compliance, under the direction of the Director of Compliance, is responsible for overseeing, monitoring, and assisting the University in its efforts to (i) raise awareness regarding legal and ethical issues; (ii) improve compliance training and quality improvement and review functions; and (iii) ensure adherence to the highest standards of conduct.

3.2 Specific Purpose

In addition to the general purpose stated above, the Office of Compliance will coordinate the University’s efforts to:

• inform University employees about the Standards of Conduct and Improvement;
• implement and conduct training programs where needed and/or monitor existing training programs;
• perform and/or arrange periodic compliance/quality improvement reviews;
• conduct investigations of compliance complaints in coordination with the applicable University department and/or office
• serve as a resource to the University on matters of compliance;
• assist with the correction of compliance concerns; and
• draft and implement, in coordination with the applicable department, any necessary policies and procedures.

3.3 Structure

The Office of Compliance will report to the University’s General Counsel. However, the Director of Compliance may present time sensitive compliance issues or concerns directly to the President or the Board of Regents.   

4.1 Appointment

The Program is overseen by a Director of Compliance.

4.2 Selection Criteria

The Director of Compliance oversees and monitors the University’s compliance activities. The day-to-day decisions related to the Program will be made by the Director of Compliance. The Director of Compliance will coordinate the Program and identify and build on existing University policies and procedures. The Director of Compliance should be an individual who has the following characteristics:

• High integrity and a thorough understanding of the operations of the University.
• Effective analytical skills required to direct regulatory monitoring.
• Effective public speaking skills and the ability to articulate complex regulatory information in understandable terms.
• Effective interpersonal skills required to work with University officers and employees as well as third party vendors and government representatives.
• Effective organizational and planning skills as well as the ability to handle multiple tasks simultaneously.
• Effective writing skills.
• Thorough understanding of the laws and regulations which apply to the areas covered by this Program, and the ability to identify the legal issues and refer them to the Office of Legal Counsel.

4.3 Responsibilities of the Director of Compliance

The Director of Compliance is responsible for ensuring that the Program is implemented and monitored. Coordination and communication are key functions of the Director of Compliance. It is not the duty of the Director of Compliance to perform all compliance related tasks. Rather, the role of the Director of Compliance is to coordinate compliance activities. The Director of Compliance will have authority to review documents and records relevant to compliance activity. The duties of the Director of Compliance will include, but not be limited to, the following activities:

• Oversee implementation of the Program in all areas designated by the Board of Regents and President pursuant to the time line established in consultation with the Office of Legal General Counsel.
• Work with University officers, department chairs and employees to prevent, detect and respond appropriately to compliance issues.
• Identify University functions and routine business practices and activities requiring compliance training and monitoring.
• Establish procedures to make available the appropriate portions of this Program and any amendments thereto to all affected University employees.
• Establish a reporting system with University employees who have compliance responsibilities.
• Serve as a resource for the University on matters of compliance.
• Perform routine, periodic compliance reviews, or arrange for such reviews, of high-risk areas.
• Monitor (in conjunction with the Office of Legal Counsel) developments and changes in statutes, court rulings, rules and regulations that affect compliance requirements; bring them to the attention of the appropriate officers and employees; and assist with remedial activities when appropriate.
• Make recommendations, as needed, to University departments regarding their compliance efforts.
• Implement systems to ensure that all University employees are adequately informed of their responsibilities under the Program.
• Maintain records related to the Program.
• Review and periodically propose revisions to the Program to meet changes in the University’s needs and in the business and regulatory environment.
• Submit periodic reports to the Office of Legal Counsel regarding compliance activities.
• Conduct investigations in coordination with the applicable department or University officer as needed and act on compliance related matters. The Director of Compliance will notify the appropriate University officer, in addition to the Office of Legal Counsel, prior to initiating any investigation.
• Monitor and respond to any questions, concerns and reports of possible violations reported through any means.
• Hire or retain, with the approval of the General Counsel and President and in a manner that is consistent with University policies, any employees or independent contractors necessary to implement the Program and perform the compliance review and training functions.

5.1 Establishment of Committee

In January 2021, the University of Oklahoma formed its first Enterprise Risk and Compliance Oversight Steering Committee, now known as ERCO. This committee supersedes the Compliance Advisory Committee which was established in 2002. ERCO Members include (i) Vice President for Executive Affairs (ii) Vice President and General Counsel (iii) Vice President and Chief Financial Officer (iv) Vice President and Chief Operating Officer (v) Senior Vice President and Provost, Norman Campus (vi) Senior Vice President and Provost, Health Sciences Center (vii) President, OU Tulsa (viii) Vice President and Chief Audit Executive and (ix) Director of Compliance. 

5.2 Purpose of Committee

ERCO is advisory to the President and the Board, and its purpose is to assist the University in identifying, evaluating, and mitigating all major areas of compliance and regulatory risk by partnering with key stakeholders across all campuses. Using the information gathered and based on the advice from professionals working in the risk areas, the ERCO Steering Committee will strive to provide the President and the appropriate Board of Regents subcommittees with timely and accurate reporting on risks affecting the University, the efficacy of mitigation measures, necessary policy changes, and resource balancing and allocation as necessary.

6.1 Introduction

The Standards of Conduct (“Standards”) is a non-exclusive compilation of guidelines regarding ethical and legal standards that all University employees are expected to follow when performing services for or on behalf of the University that are related to the areas covered by this Program. The Standards shall be available in the Office of Compliance and on the University’s website.

6.2 Hiring and Retention

The University will not hire or retain as an employee, independent contractor or agent any health care professional it knows to have been convicted of a criminal office related to health care or who is debarred by the General Services Administration or is excluded or otherwise ineligible for participation in Federal Health Care Programs. When credentialing physicians, the College of Medicine, Oklahoma City and Tulsa, will consult with the National Practitioner Data Bank as well.

6.3 Coding and Billing Standards and Procedures

6.3.1 Billing in General

Honesty and accuracy in billing and in the making of claims for payment by a Federal Health Care Program, or payment by any third party payer, is vital. Each health care professional employed by the University is expected to monitor compliance with applicable billing rules. No University employee shall submit, authorize or sign a false claim for reimbursement in violation of applicable laws and regulations. Claims for the provision of services and/or supplies should be submitted only by the University department or college that generated the charges unless an alternative billing arrangement has been approved by the Director of Compliance and the Vice President for Health Affairs and Associate Provost – Health Sciences Center.  

6.3.2 Billing and Coding

University employed health care professionals will refrain from any of the following practices and work to identify and correct instances in which mistakes have occurred in the following areas:

• Billing for items or services not rendered or not provided as billed;
• Submitting claims for equipment, medical supplies and services that are not reasonable and necessary;
• Double billing resulting in duplicate payment;
• Billing for non-covered services as if covered;
• Knowingly misusing provider identification numbers, resulting in improper billing;
• Unbundling (billing for each component of the service instead of billing or using an all-inclusive code);
• Failure to properly use coding modifiers;
• Falsely indicating that a particular health care professional attended a procedure;
• Clustering (billing all patients using a few middle levels of service codes, under the assumption that it will average out to the appropriate level of reimbursement);
• Failing to refund credit balances; and
• Upcoding the level of service provided.

6.3.3 Billing to Receive Denial

A University department or college may bill Medicare in order to receive a denial for services, but only if the denial is needed for reimbursement from a secondary payer. The Medicare claim submission should indicate that the claim is being submitted for the purpose of receiving a denial in order to bill a secondary insurance carrier.  

6.3.4. Waiver of Co-payments and Deductibles

University-employed health care professionals will not waive co-payments or deductibles except to the extent consistent with applicable laws, regulations and guidance issued by the Office of Inspector General. Permissible waivers may include, but are not necessarily limited to, waiver based on indigence and contractual write-offs and discounts.

6.3.5 Billing and Coding Queries

Billing and coding staff shall be able to communicate with and receive communications from University-employed health care professionals at all times. Billing and coding staff will not submit claims for reimbursement until all coding questions have been satisfactorily answered and appropriate documentation has been submitted by the appropriate health care professional.

6.3.6 Use of Consultants

From time to time, the University may retain consultants to provide reimbursement and/or coding assistance. Such consultants may not be paid on a percentage based upon the increase in reimbursement to the University or one of its departments or colleges (i.e. a contingent fee contract).

6.3.7 Documentation

Claims for payment will be coded and billed based on the documentation contained in the patient’s medical record. University-employed health care professionals will appropriately document the services and supplies provided to, or the diagnosis and treatment of, each patient and will complete medical records in a timely manner. Medical record documentation must be completed and legible.

6.4 False Claims Statutes, Anti-Kickback Statute and Self-Referral Proscriptions

The University is committed to complying with the requirements of Federal and State law, including the Federal Deficit Reduction Act of 2005 and the Fraud Enforcement and Recovery Act of 2009, and to preventing any fraud, waste, or abuse in its organization in connection with government health care programs.

6.4.1 Federal False Claims Act

Under the Federal False Claims Act, any person or entity that knowingly submits a false or fraudulent claim for payment of United States Government funds or knowingly conceals or knowingly and improperly avoids or decreases an obligation to pay or transmit money or property to the Government is liable for significant penalties and fines. The fines may include a penalty of up to three times the Government’s damages plus civil penalties ranging from $11,181 to $22,363 per false claim, and the costs of the civil action against the entity that submitted the false claims.  Generally, the federal False Claims Act applies to any federally-funded program.  The False Claims Act applies, for example, to claims submitted by healthcare providers to Medicare or Medicaid. 31 U.S.C. §§ 3729-3733

A similar federal law is the Program Fraud Civil Remedies Act of 1986 (the “PFCRA”).  It establishes administrative remedies for knowingly submitting false claims and statements.  A false claim or statement includes submitting a claim or making a written statement that is for services that were not provided, that asserts a material fact that is false, or omits a material fact.  A violation of the PFCRA may result in a maximum civil penalty of $11,463 per claim plus an assessment of up to twice the amount of each false or fraudulent claim. 31 U.S.C. §§ 3801-3812

6.4.2 State Medicaid False Claims Act

The Oklahoma Medicaid False Claims Act essentially mirrors the federal False Claims Act.  For each violation, the civil penalty is not less than $5,500 and not more than $11,000, plus three times the amount of damages the State sustains because of the fraudulent act. Oklahoma has also adopted a generally applicable Medicaid anti-fraud statute that makes it unlawful for a person to submit false and fraudulent claims to the Oklahoma Medicaid program.  Violations of the Oklahoma Act are both civil and criminal offenses and are punishable by imprisonment and significant monetary penalties.  The Oklahoma Medicaid False Claims Act does include a qui tam provision through which the whistleblower may recover between 15% and 25% of the proceeds of the action if the State chose to pursue the claim.  If the information was available through another source, such as an administrative hearing or news media, the whistleblower may recover up to 10%. Okla. Stat. tit. 63 §§ 5053.1-5053.7, 5015.8

6.4.3 Qui tams

One aspect of the federal and state False Claims Acts is the “qui tam” provision, commonly referred to as the “whistleblower” provision.  This provision allows a private person with knowledge of a false claim to bring a civil action on behalf of the United States Government.  The purpose of bringing the qui tam suit is to recover the funds paid by the Government as a result of the false claims. The United States Government may decide to join the qui tam suit.  If the suit is ultimately successful, the whistleblower that initially brought the suit may be awarded a percentage of the funds recovered.  Because the Government assumes responsibility for all of the expenses associated with a suit when it joins a false claims action, the percentage is lower when the Government joins a qui tam claim. 

Regardless of whether the Government participates in the lawsuit, the court may reduce the whistleblower’s share of the proceeds if the court finds that the whistleblower planned and initiated the false claims violation.  Further, if the whistleblower is convicted of criminal conduct related to his role in the preparation or submission of the false claims, the whistleblower will be dismissed from the civil action without receiving any portion of the proceeds.

The federal False Claims Act also contains a provision that protects a whistleblower from retaliation by his employer.  This protection applies to any employee who is discharged, demoted, suspended, threatened, harassed, or discriminated against in his employment as a result of the employee’s lawful acts in furtherance of a false claims action.  The whistleblower may bring an action in the appropriate federal district court and is entitled to reinstatement with the same seniority status, two times the amount of back pay, interest on the back pay, and compensation for any special damages as a result of the discrimination, such as litigation costs and reasonable attorneys’ fees.

Reporting Concerns Regarding Fraud, Abuse and False Claims

The University takes issues regarding false claims and fraud and abuse seriously.  The University encourages all employees, management, and contractors or agents of OUHSC to be aware of the laws regarding fraud and abuse and false claims and to identify and resolve any issues immediately.  Issues are resolved fastest and most effectively when given prompt attention at the supervisory level.  The University, therefore, encourages its employees, contractors and agents to report concerns to their immediate supervisor when appropriate.  If the supervisor is not deemed to be the appropriate contact or if the supervisor fails to respond quickly and appropriately to the concern, then the individual with the concern should be encouraged to discuss the situation with the Department Chair, another member of management, or violations or concerns may be submitted to the OU Report It! hotline 24 hours a day through the following methods described in section 10.2.3

6.4.4 Anti-Kickback Statute

No University-employed health care professional or University department or college may pay or accept a payment to induce the referral of a patient in violation of the federal or state Anti-kickback statutes. No one acting on behalf of the University, or one of its departments or colleges, may offer gifts of more than nominal value, loans, rebates, services, or payment of any kind to a referral source or to a patient without consulting the Director of Compliance.

A number of safe harbor regulations have been adopted under the Federal Anti-Kickback Statute. Analysis of an activity under the Anti-Kickback Statute and its safe harbors is complex and depends upon the specific facts and circumstances of each case. University employees should not make unilateral judgments on the availability of a safe harbor for a financial transaction, payment practice, discount or other financial arrangement. Such situations must be brought to the attention of the Director of Compliance prior to implementation.

6.4.5. Self-Referral Proscription

The Physician Self-Referral Statute, more commonly known as “Stark II”, prohibits a physician’s referral of a patient for a designated health service to an entity with which the physician has a financial relationship unless an exception is met. Compensation and ownership relationships with physicians, including physician employment and independent contractor arrangements, must satisfy an exception to Stark II. Analysis of whether an exception is met depends upon a number of specific facts. University employees should not make a unilateral judgment on the availability of an exception. The responsibility for evaluation the availability of an exception lies with the University’s Director of Compliance.

6.4.6 Physician Recruitment

The recruitment and retention of physicians require special care to comply with applicable laws and regulations. Each recruitment package or commitment must be in writing and consistent with applicable laws and regulations. New or unique recruitment arrangements must comply with Board of Regents policy and must be reviewed by the Director of Compliance in consultation with the University’s Office of Legal Counsel before a formal offer is made.

6.5. Gifts and Gratuities

6.5.1. Gifts from Patients

University-employed health care professionals are prohibited from soliciting tips, personal gratuities or gifts from patients and from accepting monetary tips or gratuities. Health care professionals may accept non-monetary gratuities and gifts of nominal value from patients. If a patient or another individual wishes to present a monetary gift, he/she should be referred to the University Development Office. When an employee receives a gift that violates this policy, the gift should be returned to the donor and reported to the Director of Compliance.

6.5.2. Gifts Influencing Decision-Making

University-employed health care professionals shall not accept gifts, favors, services, entertainment or other things of value to the extent that decision-making or actions affecting such employee may be influenced. Gifts may be received by University-employed health care professionals when they are of nominal value and they could not reasonably be perceived as an attempt to affect the judgment of the recipient. For example, token promotional gratuities from suppliers, such as advertising, novelties and food are not prohibited under this policy. The offer or giving of money, services or other things of value with the exception of influencing the judgment or decision making process of any purchaser, supplier, customer, government official or other individual by University employee, department or college is prohibited.

6.5.3 Gifts to Referral Sources

Gifts of nominal value may be provided to a referral source if made without intent to induce a referral. If a gift is to be made to a referral source which will result in that individual receiving gifts valuing over $300.00 in a calendar year, that gift must be approved in advance by the Director of Compliance. Cash gifts to referral sources are prohibited. Non-cash gifts are permissible only if made without regard to the volume of business received from the referral source. No University funds may be used to provide gifts to referral sources.

6.6 Unlawful Advertising

Neither the University nor the departments and colleges of an employed health care professional will use the names, abbreviations, symbols, or emblems of the Social Security Administration, Center for Medicare and Medicaid Services (CMS), Department of Health and Human Services, Medicare, Medicaid or any combination or variation of such words, abbreviations, symbols or emblems in a manner that conveys the impression that the advertised item or service is endorsed by such government agencies.

6.7 Confidentiality of Patient Information

University employees shall maintain the confidentiality of individually identifiable health information in accordance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy and Security Regulations and all other applicable laws and regulations and to adhere to the University’s policies and procedures implementing such laws and regulations.

6.8 Environmental Health and Safety/Radiation Safety

6.8.1. Workplace Health and Safety

The University wants all employees to work in a safe environment. All University employees must perform their jobs in compliance with all applicable institutional policies and state and federal laws and regulations relating to the protection of workers’ safety. Employees must become familiar with the worker safety laws and regulations which apply to their jobs. Employees should seek advice regarding workplace safety and compliance issues from the supervisors or the Environmental Health & Safety Office of any serious situation presenting a danger of injury so that timely corrective action may be taken. 

6.8.2 Protection of the Work Environment  

All University employees must manage and dispose of hazardous chemical, radioactive, and other wastes in a way that maximizes protection of human health and the work environment and is in accordance with all applicable local, state and federal laws and regulations. All employees must be trained to perform their duties and conduct their activities in an environmentally responsible manner in accordance with applicable laws, regulations and University policies.

6.9 Research

6.9.1 Protection of Human and Animal Subjects

The University is committed to dealing ethically with the human and animal subjects which participate in research projects conducted by University faculty, staff and students or performed using University property. Employees involved in human subject or animal research must comply with all federal and state statutes and governing regulating such research and must adhere to all University policies and procedures regarding research.

6.9.2 Research Financial Issues

Research costs and budgets must be prepared and submitted accurately and in accordance with (i) generally accepted accounting principles, (ii) the terms set forth in an industry-sponsored or government grant or contract, whichever is applicable, in addition to applicable statutes and regulations. Financial conflicts of interests will be reported in accordance with University policy.

6.9.3 Scientific Misconduct

The University will not tolerate scientific misconduct that includes, but is not limited to: (i) plagiarism; (ii) falsification; (iii) fabrication; and (iv) other unethical scientific practices. Scientific misconduct is further defined in and governed by other University policies.

6.10 Employee Response to Investigations/Audits

If a University employee is contacted by a government investigator or auditor, the employee should fully and appropriately cooperate. The Employee Investigative and Audit Response Guidelines are available from the Office of Compliance and provide guidance to employees on an appropriate response to such contacts. (See Exhibit A)

7.1 Adherence to the Compliance Program

It is intended that all University employees subject to this Program carry out their duties for the University in a manner that is consistent with this Program. Conduct that does not comply with the Program (i) is not authorized by the University; and (ii) may subject the employee to corrective action pursuant to Section 7.03. Such corrective actions also may apply to an employee’s supervisor or department chair, as applicable, who (i) directs or approves the employee’s improper actions; (ii) is aware of the improper actions, but does not appropriately correct such actions; or (iii) otherwise fails to exercise appropriate supervision.

7.2 Questions about the Compliance Program

If any question arises as to (i) the existence of, interpretation of or application of any law or regulation which applies to an area or matter that is covered by this Program; or (ii) whether any action complies with the Program, a University employee should present that question to such employee’s immediate supervisor. If the question cannot be addressed in that manner because the supervisor is absent, does not know the answer, does not respond in a timely manner, or is suspected of being involved in or condoning the activity, the question should be addressed to the Director of Compliance. Legal issues should be referred to the Office of Legal Counsel. The University encourages employees not to guess, but to ask for clarification from the Director of Compliance if there is confusion or a question with regard to the Program, the law, or a policy or procedure.

7.3 Corrective Action

The Program includes corrective action for University employees who have failed to comply with (i) the Program; (ii) other University policies and procedures; or (iii) applicable Federal and State laws and regulations. Corrective action also may be appropriate where an employee should have detected, but failed to detect a violation. Any violation of applicable Federal or State laws or regulations or deviation from the appropriate standards of conduct as set forth in this Program will subject an employee to corrective action, which may include, but is not limited to, any of the following:

• Mandatory training,
• Counseling session,
• Corrective action plan,
• Required leave,
• Reduction in salary,
• Demotion,
• Suspension,
• Abrogation of tenure,
• Suspension of billing privileges, if a health care provider, and/or
• Termination of employment or contractual relationship.

7.4 Self-Reporting

To be effective, the Program depends to some extent upon self-reporting and acceptance of responsibility by University employees who may have made mistakes out of lack of knowledge or inattention. To the extent a University employee self-reports a potential wrongdoing; both the self-reporting and the acceptance of responsibility will be taken into account by the University as a mitigating factor in determining the form of corrective action to be taken. University employees can use the Hotline described in Section 10.02.3 of this Program to self-report or they may contact the Director of Compliance directly.

8.1 Generally

Education and training are a critical part of the Program. Education and training will involve not only new employees, but all existing employees as needed.  The University will require participation by all employees in appropriate training programs. University officers, department chairs and other management personnel will be involved in the educational process by (i) identifying areas that require training and (ii) supporting the training process. The Director of Compliance will be actively involved in the design and implementation of training and educational programs.

8.2 Mandatory Training

An employee’s failure to attend a mandatory training session will subject that employee to corrective action as discussed in Section 7.03 above. The supervisor or management employee responsible for conducting the training will maintain attendance records and will make such records available to the Director of Compliance at the Director’s request.

8.3 Dissemination of Information

Upon the adoption of this Program by the Board of Regents, the University will distribute to employees; (i) a letter from the President discussing the University support of the Program; and (ii) the Standards of Conduct summarizing the Program. From that point forward, Human Resources and the affected departments will provide a copy of the President’s letter and the Standards of Conduct to response at the same time an offer of employment is made and such individuals will be required to execute a Certification and Agreement of Compliance as a condition of employment. On at least an annual basis, employees will be reminded of their obligations under the Program and their duty to report suspected violations of the Program and applicable statutes and regulations through a written or electronic communication from the Office of Compliance.

9.1 Generally

Regular monitoring and review of compliance activities is a feature of the Program. There will be regular reporting to University administration, the President and the General Counsel.

9.2 Monitoring Techniques

The University will utilize regular and periodic compliance reviews. The compliance reviews will focus on those areas within the University which have substantive exposure and which otherwise put the University at risk. If it is determined that any error or deviation is caused by improper procedures, misunderstanding of the rules, including fraud or other systematic problems, the Director of Compliance, in consultation with the General Counsel should take immediate steps to correct the problem. To the extent that monitoring and auditing discloses that variations or deviations were not detected in a timely manner due to deficiencies in the Program, the Program will be modified.

Monitoring techniques can take a variety of forms, including, but not limited to: (i) onsite visits; (ii) document reviews; (iii) personal interviews. The Director of Compliance will have access to (i) any pertinent records and (ii) relevant personnel. Cooperation with the Director of Compliance is mandatory.

9.3 Advice from the Government and its Agents

To the extent the University requests advice, or receives advice, from the government or its agents, the University will document and retain a record of such request and response or unsolicited advice received. Each employee receiving such advice will be responsible for providing a copy of the advice, if written, or a memorandum describing the advice, if oral, to the Director of Compliance. Every effort should be made to obtain such advice in written form. The Director of Compliance will maintain a record of advice received.

10.1 Reports of Wrongdoing

All University employees have a duty under this Program to report possible wrongdoing or suspected violations of applicable federal and state laws and regulations. The University has an open door policy available to all employees acting in good faith to encourage communication, dialogue and the reporting of incidents of potential wrongdoing or suspected violations. A “suspected violation” occurs when an employee has reasonable cause to believe that a violation of a law regulation applicable to an area covered by this Program, or a violation of this Program, has occurred or will occur. The University will not retaliate or discriminate against any employee who makes a good faith report of a suspected violation regarding the observed conduct or actions. While the University will strive to maintain the confidentiality of an employee’s identity, it may become necessary for such employee’s identity to become known or revealed during the investigation process. It will be a violation of this Program to make a report of a suspected violation which is knowingly false.

The reporting methods set forth below apply to reports of suspected violations of law or regulations which apply to areas and matters covered by this Program or to suspected violations of this Program. Other issues should be reported through the University’s normal reporting structure.

10.2 Methods of Reporting

10.2.1 Immediate Supervisor

The first option for reporting suspected violations of law or regulation is to make the report to the employee’s immediate supervisor who can in turn, work with the Director of Compliance to investigate and rectify any problems. If reporting to the supervisor is inappropriate because the supervisor is absent, does no know the answer, does not respond in a timely manner, or is suspected of condoning the activity, reports can be made pursuant to one of the other options set forth below.

10.2.2 Director of Compliance

The University desires to establish an open line of communication between all employees and the Director of Compliance to provide for the successful implementation and operation of the Program. The Director of Compliance can be reached by telephone at (405) 271-2511 or during regular office hours. A message may also be sent to the Director of Compliance via regular or electronic mail.

10.2.3 Hotline

The OU Report It! hotline enables reporting of concerns related, but not limited, to: Human Resources, Academics, Safety, Student Affairs, Accounting and Financial, Regulatory/Policy, Compliance, Institutional Equity, Athletics, Research

The University has partnered with EthicsPoint, an independent third party, to provide this avenue to confidentially report suspected wrongdoing or unethical behavior without the fear of retaliation. The Office of Compliance may also be contacted directly at their anonymous hotline number 405-271-2223 or 866-836-3150.

Violations or concerns may be submitted to the OU Report It! hotline 24 hours a day through the following methods:

1. Phone: (844) 428-6531
2. Online: The OU Report It! website has been redesigned to make it easier to submit concerns. To make a report, select the appropriate campus below:
   • OU Health Sciences Center: https://ouhsc.ethicspoint.com
   • OU-Tulsa: https://outulsa.ethicspoint.com
   • OU Norman Campus: https://www.ou.ethicspoint.com
   • All campuses governed by the OU Board of Regents: https://ouregents.ethicspoint.com
3. Mobile: The OU Report It! hotline’s new mobile intake feature makes the reporting process even easier and faster. Access the mobile intake by scanning this QR code: 

     

10.3 Responding to Reports

When a report of a suspected violation is received on a matter that does not concern compliance issues, that report will be referred to the appropriate University department. Whenever the Director of Compliance receives a report of a suspected violation from any source that may reasonably constitute a criminal or civil offense, the Director of Compliance will promptly conduct a preliminary review of such allegation. Advice from the Office of Legal Counsel may be sought to determine the seriousness of the allegation. The preliminary review should be completed within a reasonable time of the receipt of the report. If the Director of Compliance reasonably determines that it is necessary to conduct an internal investigation of the alleged misconduct, the Director of Compliance will conduct such an internal investigation in coordination with the applicable department or University officer. The Director of Compliance will notify the appropriate department or University officer, in addition to the General Counsel, prior to initiating any investigation. The internal investigation should be completed within a reasonable time of the initial report. When circumstances so require, the Director of Compliance will proceed more quickly than the time standards set forth herein or authorize additional time to complete the investigations. All internal investigations and their results will be reported to the General Counsel.

Employees under investigation may be removed from their current work activity and put on administrative leave pending completion of an investigation or preliminary review upon action of the Director of Compliance or the General Counsel, to the extent permitted by applicable University policies and procedures.

The Director of Compliance should take appropriate steps to secure or prevent the destruction of documents and other evidence relevant to the investigation. Advice from the Office of Legal Counsel regarding any such investigation may be obtained if necessary. Once an investigation is completed, if corrective action is warranted, it should be immediate and imposed in accordance with the University’s Staff and Faculty Handbooks.

As government and public scrutiny increases regarding the areas addressed by the University’s Compliance and Quality Improvement Program, the possibility of a government investigator or auditor contacting a University employee at his/her home or place of work increases.

The Program outlines appropriate procedures for interaction with state and federal agents, investigators, members of law enforcement, and external auditors (together referred to as "Investigator") and requires that employees follow certain steps when they are contacted by an Investigator.  Employees should not release or provide access to any information or facility owned or controlled by the University before contacting their supervisor and either the Office of Legal Counsel (405-325-4124 Norman; 405-271-2033 HSC) or the Office of Compliance (405-271-2511).  The Office of Legal Counsel may elect to assign an attorney or University representative to be part of the inspection, review, or audit and/ or may elect to provide an attorney or University representative to assist with or oversee any mandatory or voluntary responses or document releases.

POLICY AND PROCEDURES

The "Employee Response to Investigations/ Audits" section of the Program provides these procedures for employees to follow when they are contracted by a state or federal Investigator:

A. In-Person Contact.

1.  Verify Identity:  Employees should ask the Investigator for identification or credentials, such as a business card, and review and make a copy of the identification or credentials.

2.  Place Two Calls:  Employees should tell the Investigator that it is the University's policy that before any information or access to information or facilities can provided, the employee must contact the supervisor.  The employee or supervisor must also contact the Office of Compliance or the Office of Legal Counsel.

a.  Supervisor  Employees may ask the Investigator to talk to the supervisor, who should contact the Office of Compliance or the Office of Legal Counsel prior to responding to a request for information or access.

b.  The Office of Compliance (405-271-2511) or the Office of Legal Counsel (Norman Campus, 405-325-4124; Health Sciences Center, 405-271-2033).  Employees may ask the Investigator to talk with a representative of the Office of Compliance or the Office of Legal Counsel.

3.  Escort Investigators:  The University expects that a supervisor or member of the Office of Legal Counsel, Office of Compliance or designee will accompany the investigator into or through any patient care or export-controlled areas.

B.  Interview Requests1 In cases in which an Investigator contacts an employee for the specific purpose of interviewing that employee, employees are advised that it may not be in their best interest to talk with an Investigator without an attorney present.  Employees are encouraged to tell the Investigator that they will participate in an interview once they have had the opportunity to seek and receive guidance from the Office of Legal Counsel or a private attorney.

C.  Requests for Records.  Employees are not authorized to make decisions regarding what University documents are subject to release to Investigators, including those from government or law enforcement agencies, or to release such documents.  Employees should refer any request for documents to the Office of Legal Counsel as soon as possible.

D.  Search Warrants.  If an Investigator presents a search warrant, employees should ask to copy the warrant and should notify the supervisor and the Office of Legal Counsel of the search warrant immediately.  Ultimately, the employee must allow the search to occur, even if the Investigator will not wait for the employee to contact the supervisor and Office of Legal Counsel.  If this occurs, employees should contact the Office of Legal Counsel as soon as possible and must also log all documents taken during the search and attempt to obtain the Investigator’s permission to copy the documents prior to their removal.

E.  Subpoenas.  If an Investigator presents a subpoena for University documents or if an employee receives a subpoena for such by mail or fax, the employee should give the subpoena to the supervisor, who will contact the Office of Legal Counsel regarding the appropriate response to the subpoena.  Not all subpoenas for documents are compliant with state or federal laws, such as HIPAA.  The Office of Legal Counsel will determine whether the University must comply with a particular subpoena.

1 If an Investigator is conducting a routine student background check, such as for military service, and presents a signed release from the student, the department may proceed without contacting the Office of Legal Counsel, if preferred.