Standards for private organizations

2020 Edition

Risk Prevention and Management (RPM) 1: Legal and Regulatory Compliance

The organization has a process for annually reviewing compliance with applicable federal, state, and local laws, codes, and regulations, including those related to:
  1. facilities and licensure;
  2. accessibility;
  3. health and safety;
  4. finances; and
  5. human resources.

Interpretation

In regards to element (a), organizations that rent facilities should obtain relevant documentation from their landlord. If the organization cannot obtain access to the required documentation from their landlord or from relevant public or private health and safety authorities, the organization may also solicit a recognized expert to verify compliance with applicable laws and safety codes.
2020 Edition

Currently viewing: RISK PREVENTION AND MANAGEMENT (RPM)

VIEW THE STANDARDS

Purpose

Comprehensive, systematic, and effective risk prevention and management practices sustain the organization's ability to positively impact the communities and people it serves by reducing its risk, loss, and liability exposure.
Examples: In regards to element (a), examples of relevant regulations and codes can include:
  1. certification of occupancy requirements;
  2. zoning and building codes;
  3. occupational safety and health administration codes;
  4. health, sanitation, and fire codes; and
  5. elevator inspections.
In regards to element (c), relevant requirements can include for example, universal precautions for minimizing exposure to contagious and infectious disease; and storage, cleaning, and disposal of medical waste.

In regards to element (e), it is recommended practice to conduct an annual review of human resource practices to ensure compliance with applicable employment and labor laws. The Human Resource Management field refers to this annual review as an annual "audit". Examples of human resource laws and regulations include:
  1. use of independent contractors;
  2. use of contingent workers such as temporary employees, volunteers, and leased workers;
  3. laws governing fair employment practices, including non-discrimination and harassment;
  4. compensation and benefits;
  5. maintenance of personnel records;
  6. selection and retention practices, including retention of hiring records; and
  7. background checks.
1
The organization's practices reflect full implementation of the standard.
2
Practices are basically sound but there is room for improvement.
3
Practice requires significant improvement; e.g.,
  • One of the elements has not been reviewed in more than two years; or
  • The organization has been notified of compliance or licensure problems and is working with the relevant authority to remediate deficiencies.
4
Implementation of the standard is minimal or there is no evidence of implementation at all; e.g.,
  • Two elements have not been reviewed in more than two years; or
  • The organization is under sanction due to noncompliance with legal or regulatory requirements; or
  • The letter certifying compliance with all applicable laws was not signed or was otherwise inadequate.
Self-Study EvidenceOn-Site EvidenceOn-Site Activities
  • Provide a letter signed by the Governing Body Chair and CEO certifying the organization is presently in compliance with applicable laws, codes, and regulations
  • Procedures for reviewing compliance with applicable laws, codes, and regulations related to management, operations, and services delivered
Networks Only
  • Procedures for ensuring provider compliance with licensure requirements and applicable laws and regulations for services provided by the network
  • Results of most recent annual, internal compliance reviews
  • Governing Body minutes for most recent discussion of legal compliance 
  • Relevant licenses as applicable to the organization's programs and operations
  • Reports from licensing/regulatory review that include adverse findings or loss of licensure, as applicable 
Networks only
  • Copies of relevant licenses and legal regulation documents, as applicable to the providers, made available at the office of the managing entity
  • Interviews may include:
    1. Governing body 
    2. CEO
    3. Relevant personnel