Compliance Program

In order to lead the world in orthobiologic technology, we surround ourselves with the brightest, most creative minds in the business.
Introduction

Isto Biologics (“Isto”) strives to operate within the letter and spirit of all applicable federal and state laws and regulations, as well as relevant industry guidance applicable to our operations. Ethical conduct means not only observing the law, but also conducting business so that Isto will deserve and receive recognition as a law-abiding organization. In furtherance thereof, the officers, directors, employees, and representatives of Isto are each expected to conduct themselves in accordance with sound ethical business practices. These practices include, but are not limited to, compliance with all federal and state laws and regulations, and government and industry guidance that govern interactions between the pharmaceutical and medical technology industries and healthcare professionals.

Isto is committed to establishing and maintaining an effective compliance program that accords with the Compliance Program Guidance for Pharmaceutical Manufacturers issued by the Office of Inspector General (“OIG”) of the U.S. Department of Health and Human Services (the “OIG Guidance”), the AdvaMed Code of Ethics on Interactions with Health Care Professionals (the “AdvaMed Code”), and the Pharmaceutical Research and Manufacturers of America voluntary Code of Interactions with Health Care Professionals (the “PhRMA Code”). The purposes of our compliance program are to prevent, detect, and respond to violations of laws, regulations, and Isto policy and to promote a culture of compliance. The implementation of a compliance program cannot always guarantee that improper conduct will be eliminated, but it is Isto’s goal that our officers, directors, employees, and representatives will comply with our compliance program policies. In the event that Isto becomes aware of violations of law, regulations, or our policies, we will investigate the matter in accordance with our policies and procedures and, as appropriate, take disciplinary action and implement corrective measures to prevent future violations.

The fundamental elements of our compliance program are described below. As directed by the OIG, we have tailored our compliance program to fit the unique environment of Isto. Our compliance program and our policies are ever-changing and evolving as Isto grows and as applicable laws, regulations, and industry guidance change.

A summary of our

Compliance Program

1. Leadership.
  • Chief Compliance Officer. We have appointed a Chief Compliance Officer to oversee our compliance program. The Chief Compliance Officer has the ability to effectuate change within Isto as necessary to promote compliance and to exercise independent judgment. The Chief Compliance Officer, among other responsibilities, is charged with developing, operating, and monitoring the compliance program.
  • Compliance Committee. Isto is establishing a Compliance Committee to work with the Chief Compliance Officer and to assist in the implementation of the compliance program. The Chief Compliance Officer also meets on an informal basis with management on compliance matters as needed.
2. Written Standards.
  • Policies. Isto maintains comprehensive policies on a variety of compliance matters, including Policies Regarding Interactions with Healthcare Professionals. These policies constitute our code of conduct and are our statement of ethical and compliance principles that guide our daily operations. The policies establish that we expect officers, directors, employees, and representatives of Isto to act in accordance with applicable law, regulations, and Isto policy. The policies articulate our fundamental principles, values, and framework for action within our organization.
  • Risk Areas. The OIG Guidance identifies several key risk areas for pharmaceutical and medical device manufacturers and called on companies to develop compliance policies in these risk areas. These risk areas are: (1) data integrity pertaining to government reimbursement practices; (2) kickbacks and other illegal remuneration; and (3) compliance with laws regulating sampling activities. To the extent applicable to Isto, we have established policies that address these areas.
3. Education & Training.

Education of our officers, directors, employees, and representatives on their legal and ethical obligations is a key component of our compliance program. Isto is committed to taking steps to effectively communicate our standards and procedures to all affected personnel. In addition, Isto will regularly review and update our training programs and identify additional areas of training on an as-needed basis.

4. Lines of Communication.

Isto has a longstanding policy of open communication among officers, directors, employees, and representatives. Our goal is that all parties know who to turn to report and discuss compliance matters and should be able to do so without fear of retribution. In order to assist with the reporting compliance matters, Isto has established a 24-hour toll-free telephonic answering service for reporting and tracking of compliance concerns to assist in the identification of possible unethical, illegal, or questionable behavior. The toll-free number is 1-800-724-1285 and should be utilized to report and discuss any compliance matters pertaining to Isto Biologics.

5. Auditing and Monitoring.

Isto’s Compliance Program includes efforts to monitor, audit, and evaluate compliance with our policies and procedures through the use of both internal and external resources.

6. Possible Violations and Discipline.

Isto investigates every instance of a possible compliance violation. Although every potential compliance situation is considered on a case-by-case basis, Isto will consistently impose appropriate disciplinary action to address inappropriate conduct and deter future violations.

7. Corrective Actions.

Isto’s compliance program increases the likelihood of preventing or, at least, identifying unlawful and unethical behavior. However, Isto recognizes that even an effective compliance program may not prevent all violations. Isto’s compliance program requires that Isto respond promptly to all potential violations of applicable law, regulation, or policy, take appropriate disciplinary action, perform an assessment of the violation to ascertain if the violation reveals a gap in our policies, practices, or internal controls, and take appropriate action to prevent future violations.