The university has established an institutional-level compliance infrastructure to provide centralized oversight, strategic management, and substantive support toward the ethical, lawful, and otherwise responsible conduct of all operations. In mid-2012, the university appointed a director for the Lawrence campus to develop and manage this program, and the university formally launched its initial Institutional Compliance Program on January 1, 2013.
The first stage of the program included (a) a comprehensive risk assessment and the identification of preliminary substantive and procedural priorities (e.g., substantive areas such as lab safety and HIPAA; procedural elements such as communication, data, and training), (b) establishment of an Executive Committee (including the university’s Chancellor, Provost, Senior Vice Provost for Academic Affairs, and other senior administrators) to facilitate vertical communication and, ultimately, decision making at the highest level of the institution; and (c) creation of the Institutional Compliance Partners Network (including leadership for over 20 units with specific subject matter expertise and responsibility for the individual, decentralized compliance areas) to facilitate horizontal communication. The Institutional Compliance Partners Network meets at least quarterly, along with ongoing interaction, to share best practices and other resources and to identify and address emerging areas of risk across the institution.
Subsequent components of the Institutional Compliance Program have included (a) collection and analysis of data reflecting the primary exposures, and then progress in addressing each such exposure, within individual compliance areas, (b) development and implementation of strategic action plans to address key compliance areas, (c) performance of tabletop and other preparatory exercises (e.g., simulated inspections/incidents) in order to anticipate, and then better address, areas of concern, (d) creation of new interdisciplinary committees, (e) implementation of a centrally administered reporting hotline/helpline (telephonic and online) with decentralized handling of reports, and (f) development of a centralized website/portal to connect all compliance resources and otherwise enhance communication. Additionally, the program is in the process of enhancing the unit-level data function and implementing a formal reporting protocol to measure progress, and then to strategize for further progress, in all key compliance areas.
Overall, the Institutional Compliance Program is designed to honor the university’s decentralized culture of primary responsibility within individual units possessing specialized subject matter expertise, as enhanced by centralized oversight and engagement in the development and implementation of positive and productive strategies to prevent wrongdoing and promote “rightdoing” in support of all aspects of the university’s mission.