Compliance Program Summary
ISTO Technologies, Inc. (“ISTO”) strives to operate within the letter and spirit of all applicable federal and state laws and regulations, as well as relevant industry guidance applicable to our operations. Ethical conduct means not only observing the law, but also conducting business so that ISTO will deserve and receive recognition as a law-abiding organization. In furtherance thereof, the officers, directors, employees, and representatives of ISTO are each expected to conduct themselves in accordance with sound ethical business practices. These practices include, but are not limited to, compliance with all federal and state laws and regulations, and government and industry guidance that govern interactions between the pharmaceutical and medical technology industries and healthcare professionals.
ISTO is committed to establishing and maintaining an effective compliance program that accords with the Compliance Program Guidance for Pharmaceutical Manufacturers issued by the Office of Inspector General (“OIG”) of the U.S. Department of Health and Human Services (the “OIG Guidance”), the AdvaMed Code of Ethics on Interactions with Health Care Professionals (the “AdvaMed Code”), and the Pharmaceutical Research and Manufacturers of America voluntary Code of Interactions with Health Care Professionals (the “PhRMA Code”). The purposes of our compliance program are to prevent, detect, and respond to violations of laws, regulations, and ISTO policy and to promote a culture of compliance. The implementation of a compliance program cannot always guarantee that improper conduct will be eliminated, but it is ISTO’s goal that our officers, directors, employees, and representatives will comply with our compliance program policies. In the event that ISTO becomes aware of violations of law, regulations, or our policies, we will investigate the matter in accordance with our policies and procedures and, as appropriate, take disciplinary action and implement corrective measures to prevent future violations.
The fundamental elements of our compliance program are described below. As directed by the OIG, we have tailored our compliance program to fit the unique environment of ISTO. Our compliance program and our policies are ever-changing and evolving as ISTO grows and as applicable laws, regulations, and industry guidance change.
SUMMARY OF COMPLIANCE PROGRAM
- Chief Compliance Officer. We have appointed a Chief Compliance Officer to oversee our compliance program. The Chief Compliance Officer has the ability to effectuate change within ISTO as necessary to promote compliance and to exercise independent judgment. The Chief Compliance Officer, among other responsibilities, is charged with developing, operating, and monitoring the compliance program.
- Compliance Committee. ISTO is establishing a Compliance Committee to work with the Chief Compliance Officer and to assist in the implementation of the compliance program. The Chief Compliance Officer also meets on an informal basis with management on compliance matters as needed.
II. Written Standards.
- Policies. ISTO maintains comprehensive policies on a variety of compliance matters, including Policies Regarding Interactions with Healthcare Professionals. These policies constitute our code of conduct and are our statement of ethical and compliance principles that guide our daily operations. The policies establish that we expect officers, directors, employees, and representatives of ISTO to act in accordance with applicable law, regulations, and ISTO policy. The policies articulate our fundamental principles, values, and framework for action within our organization.
- Risk Areas. The OIG Guidance identifies several key risk areas for pharmaceutical and medical device manufacturers and called on companies to develop compliance policies in these risk areas. These risk areas are: (1) data integrity pertaining to government reimbursement practices; (2) kickbacks and other illegal remuneration; and (3) compliance with laws regulating sampling activities. To the extent applicable to ISTO, we have established policies that address these areas.
- California Law. In response to California’s Drug Marketing Practices Law, we have also established an annual spending limit for certain promotional activities directed towards a healthcare professional licensed by the State of California. More specifically, the promotional activities referenced in the preceding sentence shall not exceed the sum of One Thousand Five Hundred Dollars ($1,500.00) per year per healthcare professional. This $1,500 amount is an upper limit and should not be viewed as a “goal.” Any exception to this $1,500 amount requires the prior, written approval of the Chief Compliance Officer.
III. Education and Training.
Education of our officers, directors, employees, and representatives on their legal and ethical obligations is a key component of our compliance program. ISTO is committed to taking steps to effectively communicate our standards and procedures to all affected personnel. In addition, ISTO will regularly review and update our training programs and identify additional areas of training on an as-needed basis.
IV. Lines of Communication.
ISTO has a longstanding policy of open communication among officers, directors, employees, and representatives. Our goal is that all parties know who to turn to report and discuss compliance matters and should be able to do so without fear of retribution. In order to assist with the reporting compliance matters, ISTO has established a 24-hour toll-free telephonic answering service for reporting and tracking of compliance concerns to assist in the identification of possible unethical, illegal, or questionable behavior. The toll-free number is 1-800-724-1285 and should be utilized to report and discuss any compliance matters pertaining to ISTO Technologies.
V. Auditing and Monitoring.
ISTO’s Compliance Program includes efforts to monitor, audit, and evaluate compliance with our policies and procedures through the use of both internal and external resources.
VI. Responding to Possible Violations and Discipline.
ISTO investigates every instance of a possible compliance violation. Although every potential compliance situation is considered on a case-by-case basis, ISTO will consistently impose appropriate disciplinary action to address inappropriate conduct and deter future violations.
VII. Corrective Actions.
ISTO’s compliance program increases the likelihood of preventing or, at least, identifying unlawful and unethical behavior. However, ISTO recognizes that even an effective compliance program may not prevent all violations. ISTO’s compliance program requires that ISTO respond promptly to all potential violations of applicable law, regulation, or policy, take appropriate disciplinary action, perform an assessment of the violation to ascertain if the violation reveals a gap in our policies, practices, or internal controls, and take appropriate action to prevent future violations.
ANNUAL DECLARATION OF COMPLIANCE WITH CALIFORNIA LAW
California Health and Safety Code Sections 119400–402 require pharmaceutical and medical device companies, including ISTO, to adopt comprehensive compliance programs relating to their interactions with healthcare professionals. The compliance program must be in accordance with both the PhRMA Code and the OIG Guidance and must contain certain components required by the law.
Based on a good faith understanding of the requirements of the California law, as of January 1, 2014, ISTO believes it is in material compliance with its comprehensive compliance program and the requirements of the relevant sections of the California Health & Safety Code. It is ISTO’s expectation that all officers, directors, employees, and representatives comply with its comprehensive compliance program and all policies that support this program. ISTO is committed to assessing ongoing compliance with the comprehensive compliance program, which is designed to prevent, detect, and address potential or actual instances of non-compliance.
Copies of this Compliance Program Summary and Annual Declaration of Compliance with California Law may be obtained by contacting the Chief Compliance Officer of ISTO Technologies, Inc.
Revised January 2014