Compliance with Laws and Regulations
OE strives to ensure that all activity by or on behalf of OE, is compliant with all applicable laws and regulations. These standards are intended to provide guidance to the OE workforce to assist them in their obligation to comply with applicable laws. These standards are not intended to be exclusive or exhaustive. Workforce members are required to comply with all applicable laws, whether or not specifically addressed in these policies. Questions regarding the existence, interpretation, or application should be directed to the Compliance Officer.
What Governs Compliance at OE?
Federal, State, Local Laws, Regulations, Rules, and Standards.
Compliance Officer and Compliance Committee
As part of OE’s commitment to conducting its business ethically, the organization has appointed a Compliance Officer and established a Compliance Committee to help administer the organization’s Compliance Program. The Compliance Officer serves as the chairperson of the Compliance Committee. The Committee meets regularly to discuss ongoing compliance. The Compliance Officer provides direction to the day‐to‐day operations of the Compliance Program. The Compliance Officer and Compliance Committee have an overall responsibility to:
The Compliance Officer manages all elements of the Compliance Program and coordinates personnel issues with Human Resources, such as, the duty to check the list of debarred or excluded individuals published by the Office of Inspector General (OIG), before hiring employees or contracting with independent contractors or vendors and monthly thereafter. The Compliance Officer approves required compliance training for new and existing workforce members HR. The Compliance Committee updates the Code of Conduct to reflect the current federal, state, and local laws, as warranted.
OE routinely conducts reviews to assess compliance with the Code. In the event a potential violation is discovered, the Compliance Officer will investigate and, upon concluding the investigation, recommend corrective action(s), where necessary, including appropriate sanctions for the individual(s) involved.
Sanctions are required when a member of the workforce violates legal requirements such as HIPAA or OSHA. Additionally, noncompliance with OE policies shall result in disciplinary action. Sanctions may take many forms and are appropriate to the violation. Sanctions may include additional workforce training, meetings with management to discuss the violation(s), suspension, termination, or if severe enough, potentially legal action. It is especially important to understand OE’s policies and regulatory requirements in order not to accidentally violate any of these important controls. You should reach out to your supervisor, Compliance, or HR if you need assistance or additional training.
Accessibility and Amendments
OE shall include training on the Code of Conduct and shall make it available where all workforce members may access it. OE reserves the right to amend the Code of Conduct as needed in order to meet current regulatory requirements.
Conflicts occur when you or your immediate family member’s personal interests or relationships affect your ability to make impartial decisions with respect to your work at OE. OE expects you to avoid placing yourself in this type of situation by showing good ethical judgment.
Examples: Personal gain through OE business transactions and the inappropriate use of OE assets, including labor, for your personal benefit.
Workplace Opportunity and Respect
OE is committed to a culture of diversity and inclusion. We treat each other with respect. We welcome and encourage our workforce members’ differences in age, gender identity, color, disability, ethnicity, family status, sexual orientation, socio‐economic status, veteran status, and any other characteristics that may make our workforce unique.
OE provides equal opportunities to all qualified candidates and workforce members, including making reasonable accommodation for those with disabilities. Everyone should feel welcome at OE.
Confidentiality and Proprietary Information
Confidential information includes all non‐public information in any form (oral, written, electronic, or otherwise) or media that might be of use or benefit to others including, but not limited to, competitors, or detrimental to the company, if disclosed. All information in any form or media that is created or used in support of OE business activities is the property of OE.
Confidential information is a valuable asset and workforce members are expected to protect it from unauthorized disclosure. This includes, but is not limited to, company, customer, supplier, and employee data. Federal and state law may restrict the use of such information and impose penalties for impermissible use or disclosure.
Workforce members must maintain the confidentiality of all information entrusted to them by OE or its customers, or suppliers except when disclosure is authorized by law or legally mandated. Workforce members shall take all reasonable efforts to safeguard all confidential information that is in their possession against inadvertent or unintentional disclosure. The obligation to protect confidential information exists during a person’s employment or contract with OE and after termination for any reason of their employment or contract status.
All OE workforce members have an obligation to conduct themselves so that the confidentiality of patient information is maintained in compliance with all applicable laws and regulations. Workforce members shall refrain from revealing any personal or confidential information concerning patients unless permitted or required by law. If questions arise regarding an obligation to maintain the confidentiality of information or the appropriateness of releasing information, employees should seek guidance from their supervisor or the Compliance Officer.
Under HIPAA, the HITECH Act, and Omnibus Rule requirements, certain health information is required to be protected. Individually Identifiable Health Information (IIHI) requiring protection is referred to as Protected Health Information, hereafter referred to as PHI. PHI is afforded protection under the HIPAA Privacy Rule, and OE must afford this information required privacy and security controls. Electronic PHI, hereafter referred to as ePHI, is afforded protection under the HIPAA Security Rule. The Security Rule requires that Safeguards be implemented to protect ePHI. Examples: Administrative Safeguards, Physical Safeguards, Technical Safeguards, Organizational Requirements, and Policy and Procedure.
Workforce Member Information
Salary, benefit, and other personal information relating to employees are treated as confidential. Personnel files, payroll information, disciplinary matters, and similar information shall be maintained in a manner designed to ensure confidentiality in accordance with applicable laws and ethical standards. The workforce will exercise due care to prevent the release or sharing of information beyond those persons who may need such information to fulfill their job functions.
Intellectual Property and Proprietary Information
Workforce members must carefully maintain and manage the intellectual property rights of OE, including trademarks, copyrights, and trade secrets, to preserve and protect their value. Information, ideas, and intellectual property assets of OE are important to the company’s success.
OE’s name, logo, trademarks, and processes are intellectual property assets, and their protection is vital to the success of the OE business. Use of OE names, logos, and trademarks are to be used only for authorized company business and never in connection with personal or other activities unless appropriately approved in advance and in accordance with company policy. In addition, OE workforce members must respect the intellectual property rights of third parties. Violation of these rights can subject both violators and the company to substantial liability, including criminal penalties.
OE Expectations with OE Assets
OE expects the workforce to ensure that OE assets are protected, and guarded against theft, loss, and abuse.
OE uses security measures and policies to monitor and protect their assets. OE expects all workforce members to follow all security measures that are in place for facilities, OE assets, and IT systems.
Data includes that which falls until Protected Health Information (PHI), Confidential, Proprietary, Sensitive, and other categories. The HIPAA Privacy and Security rules apply to patient information at OE and are designated as PHI. Confidential information includes all non‐public information that may cause harm to OE if it was distributed outside of the company. This includes computer records, financial statements, marketing programs, business plans, lists of suppliers or customers, employee personnel and wage data, and company policies.
OE assets are issued per policy, your role with OE, and as necessary. Unless identified through policy, at no time should you use OE assets for personal use. OE assets are the property of OE and are expected to be returned upon the request of OE in the same condition it was issued to you. Failure to return OE assets may result in criminal or civil actions.
Examples: vehicle, computer, cell phone, MFA hard token, paper files, credit card, key, badge, PPE, and uniform
Government or Law Enforcement Interactions
OE strictly adheres to all regulatory, federal, state, and local laws and shall cooperate with any appropriate agency as a result of an inquiry or investigation. OE shall respond appropriately, truthfully, and promptly.
If you are approached by law enforcement, or other governmental investigator, you should notify your supervisor and contact a member of Senior Leadership, or the Compliance Officer.
OE encourages its workforce to be active voters. However, your personal involvement should never involve the use of OE assets or any of your time on the job.
Entertainment, Gift, and Hospitality
Anti‐bribery principles require that organizations should never offer or receive anything of value for the purpose of securing business. In limited circumstances, such as holidays, it may be appropriate to give or receive a modest gift. Giving or receiving cash is prohibited. Discussing business over a meal is permitted so long as meal limits and reporting of the expenses are followed.
Marketing and Advertisement
OE marketing and advertising shall be truthful, not misleading, and shall be in full compliance with the law.
Communication and the Media
OE expects all workforce members to be aware of their actions and activities that may harm OE’s reputation. Workforce members are not authorized to speak or communicate on behalf of OE outside of the organization unless designated in their job description.
All media inquiries should be forwarded to: [email protected]
OE uses the HIPAA Privacy Rule for guidance in the use of social media. Workforce members shall keep work and personal social media accounts separate and abide by the Social Media Policy.
Proper documentation is required for reimbursement of expenses. Original receipts and official invoices that reflect the business purpose are required. You should never falsify or mislead any entry into the OE accounting system or records.
OE strives to have a workplace that protects the health and safety of workforce, patients, and service partners. That includes requiring our employees to come to work free from the negative effects of drugs or alcohol and be able to perform all of their job duties. Our Zero Tolerance Policy does not allow you to unlawfully make, distribute, dispense, possess, use, transfer, solicit, purchase, or sell alcoholic beverages, controlled substances, Illegal, or prescription drugs. The Zero Tolerance Policy applies while you are on OE property or while conducting or representing the OE brand, anytime and anywhere.
Security is everyone’s concern at OE. OE does not allow unauthorized or unwanted persons to trespass on OE property. Each of us must be aware of what is considered to be normal activity in your facility and work area and report any suspicious person(s) or activities to your supervisor immediately. This includes and is not limited to bringing ex‐workforce members into workforce member only areas. These individuals must remain in the public area of our facilities and away from all patient areas.
OE prohibits weapons, firearms, ammunition, explosive devices, or any other dangerous substances onto OE property. OE does not tolerate acts or threats of violence, either verbal or physical.
OE adheres to all regulations regarding workplace safety. You should report any safety violation to your supervisor or Compliance Officer.
Anyone that is aware of suspected violations of this Code or company policy must report it. When reporting a suspected violation, we encourage you to speak with your supervisor first or contact Compliance or HR.
The Compliance Hotline is an anonymous and confidential communication channel for employees, patients, and other interested parties to report potential fraud, waste, abuse, ethics, and safety violations. Callers may remain anonymous or leave their contact information for follow up.
Compliance Hotline: (888)‐211‐6054
The Red Flag Hotline is designed to confidentially report incidents of harassment and discrimination. We recommend that callers who wish to remain anonymous provide as much information as possible. All information that is provided will be reviewed and investigated.
Red Flag Hotline: (855)‐978‐6771
No Retaliation for Reporting Violations
OE will not tolerate retaliation or intimidation of anyone for reporting a suspected violation in good faith. Any concerns about retaliation should be promptly reported to Compliance or HR.