The mission of the UNT Health Science Center (UNTHSC) Institutional Compliance Department (“Department”) is to create solutions for a healthier community through a compliance and enterprise risk management program (“Program”) that supports (a) UNTHSC’s Code of Ethics and (b) enables UNTHSC to identify the benefits of certain opportunities and to consider the potential impact of risks on processes, activities and services when making strategic decisions.
The vision of the Department is to support UNTHSC’s vision, “be an extraordinary team, committed to excellence, unafraid to challenge conventional wisdom”, through standards and procedures in the Program that are reasonably capable of reducing the occurrence of criminal conduct, which support ethical practices in conducting UNTHSC’s business affairs and which identify opportunities for benefit and threats to success of UNTHSC’s strategic plan and values.
The Program is implemented in accordance with (1) the University of North Texas System Compliance Program as set forth in UNT Regents Rule 4.502 “Audit and Compliance”, (2) UNTHSC Policy 5.05 “Employee Ethics and Standards of Conduct”, the basis for the Code of Ethics, and (3) the ISO 31000 Risk Management Principles which state that a well-functioning risk management program should meet the following principles:
- Create value
- Be an integral part of organizational processes
- Be part of decision making
- Explicitly address uncertainty
- Be systemic, structured and timely
- Be based on best available information
- Be tailored
- Take into account human and cultural factors
- Be transparent and inclusive
- Be dynamic, iterative and responsive to change
- Facilitate continuous improvement and enhancement of the organization
The Program is also based upon the Federal Sentencing Guidelines for Organizations and program guidance documents published by the Office of the Inspector General of the Department of Health and Human Services of the U.S. Government. These requirements for UNTHSC are as follows:
- Development of written standards, policies and procedures: The Program is responsible for the development of compliance programs for each of the Compliance Divisions. The Program shall establish compliance standards, policies and procedures to be followed by employees, students, contractors and vendors that are reasonably capable of preventing and detecting the unethical behavior and criminal conduct and which include adherence to compliance as an element in evaluating employees.
- Appointment of appropriate oversight: UNTHSC shall designate a Chief Compliance and Enterprise Risk Management Officer and shall establish an Institutional Compliance Council (“Council”) composed of Compliance Division Officers all of whom will have the appropriate knowledge and adequate resources to evaluate risk, operate, monitor and enforce the Program. The Chief Compliance and Enterprise Risk Management Officer shall report directly to the UNTHSC President and shall have authority to report periodically on the effectiveness of the compliance program to the UNT Board of Regents.
- Conduct appropriate training and education: The Program shall develop and implement regular and effective training for employees, students, and as applicable, vendors and contractors, about the Code of Ethics, standards, policies and other matters.
- Process to effectively communicate and to receive complaints/concerns: The Program is responsible for communicating compliance updates and other information to employees and students on a regular and as needed basis. The Program will establish an Ethics Hotline or other reporting system allowing employees, students and others to report, either confidentially or anonymously, criminal conduct or other non-compliant behavior by others without fear of retaliation. Additionally, the Program is responsible for receiving complaints or concerns directly through Compliance Division Officers or other individuals.
- Auditing, monitoring and evaluation process: The Program shall require the use of audits or other evaluation techniques to monitor compliance with the Code of Ethics, policies and applicable laws and regulations. The auditing and monitoring process shall be designed to detect non-compliant or criminal conduct and shall evaluate the effectiveness of the Program. The Program may request UNT Internal Auditor’s Office to conduct or assist in conducting audits as necessary.
- Response and disciplinary mechanism: The Program shall establish and implement a Report and Response Protocol to address allegations of improper or illegal activities. The Report and Response Protocol shall require enforcement of disciplinary action against employees or students who have violated the Code of Ethics, policies, laws or regulations and shall require the disclosure of incidents, as applicable, to the appropriate government agencies or entities. UNTHSC policies shall address the non-employment or retention of sanctioned individuals or individuals who have engaged in criminal activity and terminating relationships with vendors or contractors that have been sanctioned or who have engaged in criminal activity.
- Investigation/remediation of systemic problems: The Compliance Program shall identify, investigate and remediate systemic compliance problems through the Report and Response Protocol. The Program shall conduct or participate in an annual risk assessment in conjunction with the UNT Internal Auditor’s Office, and the Council shall create a work plan resulting from the risk assessment.