Compliance and Risk Management...

The Medical College of Georgia is committed to providing instruction, research, health care, and other activities in compliance with applicable federal, state, and local laws and regulations.

The Office of Institutional Audit and Compliance (OIAC) was charged with developing an Institutional Compliance Program to provide independent oversight of MCG’s compliance and risk management efforts in accordance with MCG’s core values and mission. MCG’s commitment to compliance promotes an organizational culture that encourages ethical conduct and a commitment to compliance with applicable laws and regulations. 

A survey of MCG’s campus identified areas of concern that comprise the Compliance Matrix.  The matrix serves to develop a compliance oversight plan that connects the different components, coordinates their operations, and represents MCG’s institutional perspective. The goals of the compliance plan initiative are to:

• Coordinate MCG’s compliance assurance activities (laws, regulations, contractual requirements)
• Ensure the institutional perspective is always present
• Assess existing programs against elements of the U.S. Sentencing Guidelines and improve as necessary the Compliance Matrix
• Implement “early warning” program for emerging compliance issues
• Carry out specific compliance support activities
• Coordinate risk assessments of compliance areas

The risk assessment process is part of the compliance and risk plan that is coordinated by OIAC.  Its purpose is to evaluate compliance related activities and determine an acceptable level of overall risk based on the potential impact affecting MCG. A corrective action plan is then developed for each identified risk until the overall level of risk is reduced to an acceptable level. 

Through senior leadership discussions and risk assessments, the highest level risks are identified and make up the Top Risk Factors Facing MCG.  These top risks take priority in implementing a corrective action or response plan and are monitored with periodic reviews to avoid having the analysis become stale and non-reflective of actual potential risks.

The Institutional Risk Management Policy provides direction to the campus community in a coordinated effort to identify high risks, understand the financial, reputation and safety impacts of all activities and ensure that institutional risks are appropriately managed.

In conjunction with MCGHI and PPG, the MCG campus provides a compliance hotline that allows for the reporting (anonymity optional) of non-compliance issues, as well as the opportunity to ask questions regarding compliance issues.