Home Private Equity Five compliance questions private equity firms should be asking their healthcare portfolio...

Five compliance questions private equity firms should be asking their healthcare portfolio companies right now | Waller Lansden Dortch & Davis, LLP


The healthcare industry is highly regulated, and as such, private equity firms and dealmakers in the industry must pay immense attention to regulatory compliance, particularly with regard to their portfolio companies. The government’s reach may not stop at a firm’s portfolio company or even its executives, as we have seen in situations like this one where a private equity firm was fined $25 million for oversight failures related to false claims made by its portfolio company.

In this environment, private equity firms and the boards of their portfolio companies need to get out in front of potential regulatory compliance issues. Below are five questions private equity firms should be asking their healthcare portfolio companies right now.

(1) Do you have a written compliance program?

The portfolio company should have a written compliance program that includes all elements recommended by the Office of the Inspector General (OIG):

  • Implementing written policies, procedures and standards of conduct.
  • Designating a compliance officer and compliance committee.
  • Conducting effective training and education.
  • Developing effective lines of communication.
  • Conducting internal monitoring and auditing.
  • Enforcing standards through well-publicized disciplinary guidelines.
  • Responding promptly to detected offenses and undertaking corrective action.

For a compliance program to be effective, it must be implemented and incorporated into daily operations and corporate culture, rather than gathering dust on the shelf. Determine the last time the company conducted a training with personnel. In addition to comprehensive training for all new hires, employees should be receiving annual compliance training, and standards should be enforced through well-publicized disciplinary guidelines. To be effective, the Chief Compliance Officer (CCO) should be respected as a key member of the senior management team and have a direct line of communication to the Board.

(2) Do you have an anonymous hotline for employees to report suspected fraud or improper billing?

If the company already has an anonymous hotline, have there been any concerning reports? What has management done to follow up and resolve those issues? Especially in cases involving termination, be on the look-out for potential whistleblowers – this is how the vast majority of False Claims Act cases arise.

(3) Do you conduct regular internal billing and coding audits?

Is the portfolio company undertaking internal billing and coding audits and regular documentation reviews? What are the findings and are problems being swiftly remedied and overpayments returned in 60 days?

(4) Do you have comprehensive D&O insurance?

Does the portfolio company have comprehensive directors and officers (D&O) liability insurance coverage that includes coverage for healthcare fraud matters? Private equity personnel sitting on portfolio company boards are being increasingly targeted in False Claims Act investigations on the theory the board members designated by the private equity firm had the power to prevent fraud and improper billing from occurring. Some private equity firms and directors, like these investment companies here, have been hit with False Claims Act liability charges for failing to correct issues the firm learned about during the diligence process prior to acquiring the portfolio company.

(5) What are you doing about cybersecurity and patient privacy?

Historically, private equity firms primarily relied on the boards of their investment companies to monitor, question and evaluate cyber risks within each portfolio company. The expanding footprint of and increasing reliance on technology typically means there are a growing number of vulnerabilities.

Does the portfolio company conduct an annual HIPAA risk assessment?  What are the recommendations of such assessments and are follow-up actions taken?  Does the portfolio company have an adequate cybersecurity policy, and does it cover all applicable entities, including any affiliated practices?


Healthcare continues to be among the most appealing and profitable sectors for private equity investors. But along with the potential rewards comes real risk and exposure for private equity firms and their designates who sit on healthcare portfolio company boards. Private equity is squarely in the government’s cross-hairs for increased False Claims Act enforcement. Yet, private equity firms can protect their investments by taking compliance seriously and ensuring effective compliance programs are embedded in the culture of their healthcare portfolio companies.

Source link

Previous articleAmazon shoppers call this $23 serum a ‘holy grail’ for dark spots and acne marks
Next articleKlapp: Hedge funds can provide economic stability in times of uncertainty


Please enter your comment!
Please enter your name here