Exhibit 99.1
===============================================================================
QuadraMed Corporation
Corporate Compliance Program
===============================================================================
TABLE OF CONTENTS
===============================================================================
Page
----
Title Page 1
Table of Contents 2-3
Introduction 4-5
1. Organization 6-8
2. Written Compliance Guidelines 9-10
3. Corporate Compliance Training 11-12
4. Confidential Reporting of Noncompliance 13-14
5. Monitoring and Auditing 15-16
6. Investigation and Response 17-18
7. Disciplinary Actions 19-20
Tab
---
Appendix I
Appendix Table of Contents
A. Medicare and Medicaid Fraud and Abuse A
o Summary of Law Governing Fraud and Abuse
o Policy for Preventing Healthcare Fraud and Abuse
B. Privacy B
o Summary of Privacy Law
o Privacy Policy
C. Antitrust C
o Summary of Antitrust Law
o Antitrust Policy
D. Employment D
o Summary of Employment Law
o Policy on Equal Opportunity
o Policy on Harassment in the Workplace
E. Securities Regulation E
o Summary of Securities Law
o Insider Trading Policy
Page 2
F. Use of Corporate Funds F
o Summary of Law Governing Use of Corporate Funds
o Policy for Proper Use of Corporate Funds
G. Accounting and Revenue Recognition G
o Summary of Accounting Principles
o Proper Accounting and Revenue Recognition Policy
H. Records Retention H
o Records Retention Policy
I. Intellectual Property I
o Summary of Intellectual Property Law
o Intellectual Property Policy
J. False Advertising J
o Summary of False Advertising Law
o False Advertising Policy
K. Unfair Debt Collection K
o Summary of Law Governing Unfair Debt Collection
o Unfair Debt Collection and Billing Policy
L. Search Warrant and Subpoena Protocol L
M. Injury and Illness Prevention Policy M
Page 3
INTRODUCTION
===============================================================================
QuadraMed Corporation ("QuadraMed") is dedicated to developing information
technology and providing consulting services that help healthcare professionals
deliver outstanding patient care with optimum efficiency. Offering real-world
solutions for every aspect of acute care information management, QuadraMed has
four main product lines: Affinity(r) Healthcare Information System, Quantim(r)
Health Information Management Software and Services, Complysource(r) Compliance
Solutions, and Chancellor(tm) Financial Products and Services.
QuadraMed is committed to complying with applicable federal, state, and local
laws and regulations and to maintaining ethical business standards. Through
this Corporate Compliance Program ("Compliance Program"), QuadraMed seeks to
affirm this commitment and to comply with the U.S. Sentencing Commission's
Federal Sentencing Guidelines for Organizations ("Sentencing Guidelines"),
effective November 1, 1991.
This Compliance Program applies to all QuadraMed directors, officers,
employees, agents, operations and businesses.
Page 4
FEDERAL SENTENCING GUIDELINES
===============================================================================
The Federal Sentencing Guidelines, by standardizing punishment sentences and
limiting judicial discretion, attempt to create adequate incentives for
organizations to maintain internal mechanisms designed to prevent, detect, and
report criminal conduct. A sentencing judge must base a corporation's criminal
fine on the seriousness of the offense and the culpability of the organization.
A corporation, however, can reduce this exposure to criminal liability and its
penalties by adopting an effective compliance program that prevents, detects,
and reports violations of law.
The Sentencing Guidelines require an effective compliance program to conform
with the following seven steps:
1. Organizational Structure: High-level organization and oversight, which
charges specific members of senior management with overall responsibility for
overseeing and implementing compliance policies and procedures.
2. Written Compliance Guidelines: Guidelines that reasonably reduce the
likelihood of criminal conduct by employees.
3. Corporate Compliance Training: Compliance training that communicates the
written guidelines to employees and educates employees on effective compliance
with applicable laws and regulations.
4. Confidential Reporting of Noncompliance: A compliance hotline that allows
employees to anonymously report instances of noncompliance without the fear of
retaliation.
5. Monitoring and Auditing: Protocols that assess risk, detect criminal
conduct, and recognize areas in need of modification.
6. Investigation and Response: Measures designed to respond appropriately to
compliance violations and to prevent similar offenses.
7. Disciplinary Action: disciplinary actions that are consistently and equally
enforced against offenders.
Page 5
SECTION 1: ORGANIZATION
===============================================================================
QuadraMed's Compliance Program entrusts high-level personnel with overall
responsibility for implementing, monitoring, and updating compliance standards
and procedures. A Chief Compliance Officer directs the Compliance Program with
the support of the Corporate Compliance Committee ("the Committee") and
Compliance Liaisons in each business division.
Chief Compliance Officer
A. Overview
1. QuadraMed shall appoint a Chief Compliance Officer to direct the Compliance
Program.
2. The Chief Compliance Officer shall be, at all times, a high-level officer
with direct access to QuadraMed's Board of Directors, Chief Executive Officer,
other senior management, and inside counsel.
3. QuadraMed designates the Executive Vice President and Corporate Secretary as
Chief Compliance Officer.
4. The Chief Compliance Officer, as necessary, may appoint individuals to
assist in directing compliance efforts.
B. Duties of the Chief Compliance Officer
The duties of the Chief Compliance Officer include:
1. Overseeing and monitoring the implementation of the Compliance Program;
2. Appointing the necessary personnel in the principal business divisions to
ensure that the Compliance Program functions appropriately;
3. Overseeing the administration of the Compliance Program and assisting the
business divisions in establishing and updating compliance policies and
procedures;
4. Providing final authority, as necessary, for the adoption and/or revision of
QuadraMed's Compliance Program and any policies promulgated pursuant to it;
5. Overseeing the development, coordination, and participation in a training
program that educates employees on effective compliance with applicable laws
and regulations;
6. Overseeing the development of a compliance hotline that enables all
employees to report compliance violations anonymously and/or confidentially
without fear of retaliation;
Page 6
7. Working with Compliance Liaisons to identify and assess specific risk areas
in each of QuadraMed's principal business divisions;
8. Assisting business divisions in coordinating compliance monitoring
activities, including internal audits when appropriate;
9. Ensuring the investigation of and response to compliance-related matters,
such as reports of fraud and other violations of law and corporate policy by
employees, vendors, or clients;
10. Overseeing disciplinary actions taken against individuals who fail to
comply with applicable laws of the requirements of the Compliance Program;
11. Periodically reporting the results of compliance efforts directly to the
Chief Executive Officer and the Audit committee of the Board of Directors; and
12. Monitoring the Compliance Program to ensure that compliance standards and
procedures are appropriately updated.
Corporate Compliance Committee
A. Overview
1. QuadraMed shall establish a Corporate Compliance Committee to support the
Chief Compliance Officer in implementing, monitoring, and updating the
Compliance Program.
2. The Committee shall consist of the Chief Compliance Officer and, at a
minimum, one officer from each of QuadraMed's principal business divisions.
3. The Chief Compliance Officer shall head the Committee and direct its
activities.
4. The Committee shall meet as necessary, but no less than two times a year.
B. General Duties of the Compliance Committee
The duties of the Compliance Committee shall include:
1. Reviewing QuadraMed's compliance efforts in the periods between Committee
meetings;
2. Discussing compliance violations and QuadraMed's responses to such
violations;
3. Discussing those policies and practices that have effectively assured
compliance; and
4. Updating applicable laws and revising the Compliance Program and specific
policies as necessary.
Page 7
Corporate Compliance Liaisons
QuadraMed recognizes that an effective compliance program requires individuals
working at operational levels to ensure that compliance requirements are met.
Compliance Liaisons, therefore, will serve in each principal business division
to promote and monitor compliance efforts.
A. Overview
1. The Chief Compliance Officer, in consultation with the Committee, shall
designate Compliance Liaisons in each of QuadraMed's principal business
divisions.
2. The Chief Compliance Officer shall designate individuals who are
knowledgeable of the operations of that business division.
3. Compliance Liaisons shall monitor day-to-day compliance efforts and actions
by employees.
4. Compliance Liaisons shall report directly to the Chief Compliance Officer.
B. Duties of the Compliance Liaisons
Compliance Liaisons shall have the following duties:
1. Communicating with the Chief Compliance Officer on overall compliance
efforts;
2. Working with the Chief Compliance Officer in creating training programs that
educate employees on the policies specific to that business division;
3. Working with the Chief Compliance Officer in identifying areas of risk or
exposure for that business division; and
4. Working with the Chief Compliance Officer in investigating and responding to
violations of law or corporate policy that occur in that business division.
Delegation of Authority
QuadraMed shall exercise due care to avoid delegating substantial discretionary
authority to any individual whom it knows or should know has a propensity for
inappropriate behavior.
Page 8
SECTION 2: WRITTEN COMPLIANCE GUIDELINES
===============================================================================
QuadraMed recognizes that an effective compliance program requires compliance
standards and procedures that are reasonably capable of reducing the prospect
of criminal conduct. Accordingly, the Compliance Program establishes
compliance principles and standards to guide the creation of function-specific
compliance policies.
A. Overview
1. Each business division shall develop and implement specific compliance
policies to guide its personnel in performing everyday job functions.
o The Compliance Liaison for each business division shall have primary
responsibility for creating and updating compliance policies.
o The Chief Compliance Officer shall assist in the development of these
policies.
2. Policies shall comply with applicable federal, state, and local laws and
regulations and overall corporate policy.
o Appendix I contains a non-exhaustive list and description of potentially
applicable laws.
3. The Compliance Liaisons and the Chief Compliance Officer shall review
compliance policies and make changes as necessary.
Page 9
4. Personnel in each business division shall receive policies pertinent to
their job responsibilities.
B. Principles of Compliance
The following principles shall govern all policies and procedures under
QuadraMed's Compliance Program:
1. QuadraMed's commitment to full compliance with all federal, state, and local
laws and regulations.
2. QuadraMed's commitment to acting in a manner consistent with its bylaws,
board resolutions, and all other corporate policies, including this Compliance
Program.
3. QuadraMed's commitment to not employing individuals who have been convicted
of a criminal offense relating to healthcare or otherwise made ineligible for
participation in federally-funded healthcare programs.
C. Outline of Compliance Policies
QuadraMed shall develop compliance policies according to the following outline:
1. A summary of the applicable laws with which the specific policy seeks to
comply; and
2. A brief statement of corporate policy appropriately refined for application
to each business division.
D. Dissemination of Compliance Guidelines
1. QuadraMed shall set forth standards of conduct applying to all employees in
the Employee Handbook.
2. The Chief Compliance Officer shall oversee the distribution of the Employee
Handbook to employees of QuadraMed.
3. Each business division shall communicate to its employees those standards of
conduct specific to that business division, to the extent that such standards
are not already articulated in the Employee Handbook.
4. The Chief Compliance Officer and Committee have the authority, as necessary,
to revise and supplement the standards of conduct set forth in the Employee
Handbook.
SPECIFIC POLICIES FOR VARIOUS AREAS OF LAW ARE ATTACHED AS AN APPENDIX TO THIS
COMPLIANCE PROGRAM. QUADRAMED MAY UPDATE AND REVISE THESE STANDARDS OF CONDUCT
AS NECESSARY.
Page 10
SECTION 3: CORPORATE COMPLIANCE TRAINING
===============================================================================
The proper education and training of corporate directors, officers, managers,
and employees, and the continual retraining of current personnel at all levels,
are significant elements of an effective compliance plan. Consequently,
QuadraMed's Compliance Program shall include training to educate employees on
complying with corporate policy and applicable laws and regulations.
A. Overview of Training Program
1. QuadraMed's training program shall consist of:
o General training on legal requirements and policies that apply to all
employees; and
o Specialized training for employees who perform job functions in specific
risk areas.
2. QuadraMed may conduct training in person or by videotape, Internet, or any
other media form.
3. Attendance and participation at training programs is required, and employees
who fail to comply with training requirements may be disciplined.
B. General Training
1. All employees shall attend and complete general training.
2. General training shall include sessions:
o Highlighting QuadraMed's Compliance Program;
o Summarizing relevant laws and regulations;
o Explaining reporting mechanisms including QuadraMed's confidentiality and
non-retaliation policies; and
o Discussing the consequences to both individuals and to QuadraMed that will
result from a failure to comply with the Compliance Program or with applicable
laws and regulations.
3. The Chief Compliance Officer shall oversee the development of general
training programs.
C. Specialized Training Sessions
1. QuadraMed shall provide specialized training to employees, including
corporate officers and managers, who perform job functions in identified areas
of compliance risk.
Page 11
2. The Chief Compliance Officer shall oversee the development of specialized
training sessions for each area of compliance risk.
o Compliance Liaisons, in conjunction with the Chief Compliance Officer,
shall identify those risk areas that will require specialized training.
o Compliance Liaisons, in conjunction with the Chief Compliance Officer,
shall develop training sessions that target risk areas.
D. Continuing Education
1. QuadraMed shall revise employee training as changes occur in QuadraMed's
policies and the governing laws and regulations.
2. Employees shall attend continuing education sessions for compliance training
as necessary.
3. Continuing education seminars shall reinforce prior training and update
employees on any new laws, modifications to existing law, or changes to the
Compliance Program.
E. Documentation Requirements
1. QuadraMed shall retain appropriate documentation of employee training. Such
documentation may include attendance logs and copies of materials distributed
to employees.
2. At the conclusion of training, each employee shall sign and date a statement
that reflects the employee's knowledge of and commitment to the Compliance
Program and those policies relevant to their job.
o QuadraMed shall retain these signed documents in each employee's personnel
file.
o For contract workers, the signed document shall become a part of the
contract.
Page 12
SECTION 4: CONFIDENTIAL REPORTING OF NONCOMPLIANCE
===============================================================================
An open line of communication between the Chief Compliance Officer and
QuadraMed personnel is essential to the success of the Compliance Program and
the reduction of potential violations of law.
A. General Policy
1. All directors, officers, employees, contract workers, and agents are
required to report instances of noncompliance with corporate policies,
including this Compliance Program, or with any federal, state or local laws or
regulations.
2. Individuals may report instances of noncompliance either through the
Compliance Hotline or directly to the Chief Compliance Officer, any member of
the Compliance Committee, or Compliance Liaison.
3. Individuals reporting instances of noncompliance are encouraged to provide
information that will allow effective investigation and response.
4. Individuals failing to report instances of noncompliance shall be subject to
disciplinary action as discussed in Section 7.
B. Compliance Hotline
1. The Chief Compliance Officer shall oversee the development of a telephone
Compliance Hotline for employees to report alleged instances of noncompliance
so that supervisors and other employees cannot conceal violations.
2. QuadraMed shall make the Compliance Hotline readily known to all employees
by posting the telephone number on all employee bulletin boards, in employee
common rooms, and on QuadraMed's Intranet.
3. The Compliance Hotline shall be staffed or able to take messages twenty-
fours hours a day, seven days a week.
4. Employees may report incidents of noncompliance on an anonymous basis.
5. The Chief Compliance Officer shall ensure that reports are appropriately
documented, dated, and investigated to determine their veracity.
6. The Chief Compliance Officer shall include reports of noncompliance in
updates to the CEO and Audit Committee of the Board of Directors, as
appropriate.
Page 13
C. Confidentiality and Protection from Retaliation
1. To the extent permitted by law, QuadraMed shall protect the confidentiality
of all individuals who communicate compliance violations to the Chief
Compliance Officer, the Compliance Committee, the Compliance Liaisons, or
through the Compliance Hotline.
2. QuadraMed shall inform all employees that, while QuadraMed shall strive to
maintain an employee's confidentiality, the individual's identity may be
revealed or become known under certain circumstances.
3. QuadraMed shall take no adverse actions or retaliate against employees for
good faith reporting of noncompliance; provided, however, that the foregoing
shall not preclude appropriate disciplinary action in response to deliberate,
knowing, and intentional misconduct by reporting employees.
4. To encourage communication and the reporting of incidents of potential
fraud, QuadraMed shall develop and distribute confidentiality and non-
retaliation policies to employees.
Page 14
SECTION 5: MONITORING AND AUDITING
===============================================================================
An ongoing evaluation process is critical to a successful compliance program.
QuadraMed shall promote and ensure compliance through the monitoring mechanisms
outlined as follows:
A. General Policy
1. Monitoring is a useful tool for identifying, correcting, and preventing the
recurrence of noncompliance problems.
2. The Chief Compliance Officer shall oversee the development and
implementation of monitoring mechanisms to evaluate and monitor compliance
within QuadraMed's business divisions.
3. The Compliance Liaisons have primary responsibility for monitoring
compliance efforts within their respective business divisions.
4. The Chief Compliance Officer shall periodically report the findings of such
monitoring to the Compliance Committee and to the Audit Committee of the Board
of Directors.
B. Specific Monitoring Procedures
1. Monitoring techniques shall focus on whether the essential elements of the
Compliance Program have been satisfied. Specifically, QuadraMed shall seek to
determine:
o Whether employees have received copies of or information on the Compliance
Program and policies relevant to their job functions;
o Whether employees understand and follow existing compliance policies and
procedures;
o Whether employee training is adequate;
o Whether personnel are reporting compliance violations;
o Whether reports of noncompliance are properly investigated and responded
to; and
o Whether violators receive adequate and just disciplinary action.
C. Specific Auditing Procedures
1. As part of the overall monitoring scheme, the Chief Compliance Officer, as
necessary, shall direct internal audits of the practices and procedures of
QuadraMed departments that are at risk of noncompliance.
Page 15
2. Audits shall focus upon affected areas thought to involve greater
noncompliance risks and upon areas where QuadraMed has received a report of
noncompliance.
3. The Chief Compliance Officer shall make audit findings available to the
Compliance Committee and the Board of Directors.
Page 16
SECTION 6: INVESTIGATION AND RESPONSE
===============================================================================
QuadraMed recognizes that detected but uncorrected misconduct can seriously
endanger its mission, reputation, and legal status. Accordingly, QuadraMed
shall investigate reasonable indications of noncompliance to determine whether
a material violation of applicable law, regulations, or corporate policy has
occurred; and, if so, what steps QuadraMed should take to appropriately address
the violation.
A. General Policy
1. The Chief Compliance Officer shall ensure the investigation of all
reasonable indications of noncompliance.
o The Chief Compliance Officer may appoint individuals, as necessary, to
assist with the investigation.
2. Investigations shall be conducted:
o Confidentially;
o Objectively;
o In conformance with applicable law;
o In a manner supporting rapid resolution of the matter; and
o In a manner respecting the rights of those individuals involved, whether as
sources of information or as suspected violators.
3. Management shall cooperate fully in all investigations.
4. Management shall take action to correct an identified violation and fulfill
applicable reporting requirements.
B. Investigation Procedures
1. Upon receipt of a credible report of noncompliance, the Chief Compliance
Officer shall direct an appropriate investigation, including, as necessary:
o Interviews with suspected violators and possible sources of information;
o Review of potentially relevant documents; and
o Collection of relevant physical evidence.
2. The Chief Compliance Officer shall take appropriate steps to secure or
prevent the destruction of documents or other evidence relevant to the
investigation.
Page 17
3. Pending the results of the investigation, the Chief Compliance Officer may
remove individual(s) under investigation and cease all activity relating to the
suspected problem.
4. If evidence indicates that any employee may have violated a statute or
regulation and thereby triggered criminal or civil liability, the Chief
Compliance Officer may notify inside and/or outside counsel.
5. The Chief Compliance Officer may consult with outside counsel to ensure the
independence of the investigation. Outside counsel may be charged with
performing three functions:
o Insulating corporate personnel from activities that have already occurred
while conducting a privileged investigation of the facts;
o Providing an objective view of the facts gathered; and
o Advising QuadraMed of necessary defensive and proactive steps.
C. Response Procedures
1. If an investigation discovers that the misconduct constitutes a violation of
criminal, civil, or administrative law, or the policies of this Compliance
Program, then the Chief Compliance Officer shall take appropriate actions
required to resolve the violation. Appropriate actions may include:
o Referral to criminal and/or civil law enforcement authorities;
o Corrective action;
o A report to the government;
o Monetary restitution to aggrieved parties, including the government; and
o Proper disciplinary action against those individuals who caused or allowed
to occur the violation.
2. The Chief Compliance Officer shall report the results of investigations and
remedial actions to the Compliance Committee, senior management officers, and
the Audit Committee of the Board of Directors.
3. When appropriate, the Chief Compliance Officer may review the circumstances
that formed the basis for the investigation to determine whether similar
problems exist or modifications to the Compliance Program are necessary to
detect and prevent other inappropriate conduct or violations.
D. Documentation
1. The Chief Compliance Officer shall maintain appropriate records of
investigations, results of the investigation, and any remedial actions taken.
Page 18
SECTION 7: DISCIPLINARY ACTIONS
===============================================================================
QuadraMed recognizes that an effective compliance program includes guidance
regarding disciplinary action for corporate officers, managers, and employees
who fail to comply with the Compliance Program, or federal, state, or local
laws.
A. General Policy
1. QuadraMed shall appropriately discipline corporate officers, managers, and
employees who fail to comply with applicable statutes and regulations and the
Compliance Program or policies promulgated pursuant to it.
2. The Chief Compliance Officer shall have the final authority to discipline
transgressors.
3. The Chief Compliance Officer may consult with business division heads and
Compliance Liaisons on the proper disciplinary response.
4. Disciplinary action shall be prompt and consistent.
5. Disciplinary action shall be fair and equitable.
6. All levels of employees shall be subject to the same disciplinary actions
for similar offenses.
7. QuadraMed shall publish and disseminate the policy governing disciplinary
action and the range of possible disciplinary actions for improper conduct.
B. Disciplinary Standards and Procedures
1. QuadraMed shall institute an appropriate policy of progressive discipline
for infractions committed by employees.
2. The Chief Compliance Officer or individual charged with disciplining
employees shall determine the necessary disciplinary action based on the facts
of each particular case and with the ultimate goal of fairly and equitably
resolving each situation.
o The individual charged with disciplining the employee may consider whether
the prohibited conduct constitutes simple negligence, gross negligence, or
willfulness.
o Intentional or reckless noncompliance may subject the transgressor to more
significant sanctions.
3. QuadraMed shall consider disciplinary actions for:
o Intentional or reckless noncompliance by any employee;
Page 19
o A supervisor or other responsible employee's negligent or reckless failure
to detect a violation;
o Negligence or gross negligence resulting in noncompliance; and
o Improper conduct.
4. Disciplinary actions may include:
o Oral warnings;
o Written reprimands;
o Paid suspensions;
o Unpaid suspensions;
o Financial penalties; or
o Termination.
Copyright 2002 QuadraMed Corporation. All rights reserved.
Page 20