In February, RevSpring named Analiese Fusner as its chief compliance officer and general counsel. Analiese will oversee RevSpring’s rigorous compliance program, providing guidance on regulatory requirements and policies, particularly related to HIPAA regulation and consumer data privacy. Below is an article that appeared in the Risk & Compliance Journal, The Wall Street Journal. Check back often for the latest updates and tips on maintaining compliance in your organization.
What was your first order of business when you got to RevSpring?
AF: I’m doing a current state-of-compliance study. A lot of the compliance functions used to be spread across the company. What’s nice about having a central contact is that you can reduce some redundancies. We’re tightening up our policy to focus on seven to eight core elements. We’re also forming a compliance committee.
I’ve already conducted our enterprise risk assessment and next I’ll turn to developing more focused training. Hope to have all the initial work done in about two more months. What we really want to build is an integrated culture of compliance across the company.
Tell me more about the committee you’re forming.
AF: There are 10 people on the steering committee from across the company. We wanted to make it as broad-based as possible. People on the committee will keep their current business functions as well. We think this will bring a wider range of experience and knowledge to the committee. Each member will then share the responsibility to go back to the unit and implement compliance.
How do you create a “culture of compliance”?
AF: You try to foster an area where people are comfortable chatting about compliance and understand that compliance is important. A big part of that is helping employees internalize complicated regulations – helping them understand how it effects what they do on a practical level is critical.
You create training and ongoing education to help employees understand what the issues are, but you also want to have dialogues after the training so people can speak freely about their questions and concerns. You want to engage employees to make them stakeholders and part of the process.
Can you give me a typical day in the life of Analiese Fusner?
AF: A lot of it starts with maintaining certifications. The calendar is regimented, so you have to stay on top of that. Quiet time is used to educate myself and see the headlines and court cases that are relevant, and also to monitor what the other compliance officers are dealing with. Gathering all that at the beginning of the day sets the tone.
Then it’s education, and training, and looking at policies. You can’t look at or update all of the policies in one day, so I might take two. I also like to get around the office. Take a walk and see what people are talking about, do some proactive monitoring.