Monitor and Maintain Compliance

Fundamentally, monitoring legal and ethical compliance helps to monitor standards of service delivery and protect the best interests of clients, workers, as well as the organisation. Remember that practice managers often work with vulnerable clients, and there is an ethical duty for organisations to make sure that staff abide by legal and ethical standards. Clients generally feel more comfortable to receive service from a compliant organisation; on the other hand, workers will have more reassurance knowing that their rights and safety are looked after.

For the organisation, monitoring is important for managing risks of non-compliance. Failure to adhere to relevant state and federal laws and standards does not only present risks to your clients and workers; it can also have serious consequences for the organisation and leave it vulnerable to lawsuits, audits, fines, penalties, or even dissolution/suspension of organisational activities. For example, failure to comply with WHS regulations can seriously compromise clients’ and workers’ health, safety and wellbeing and put them at risk of injuries or even death. Breaches of WHS duties can attract various penalties and consequences depending upon the severity of the breach, as outlined in the extract below:

As you can see from the above extract, differing degrees of breaches/non-compliance will attract varying levels of penalties, not just for the organisation, but also for individual workers. Moreover, the Person Conducting Business Undertaking (PCBU) or officer (e.g., manager) has a legal responsibility to monitor compliance with requirements, hence they will have a liability for when a non-compliance issue is causing risks to others. While this example specifically relates to breaches of WHS legislation, non-compliance with other legislative requirements will attract their own risks, penalties, and consequences.

As an employer, the organisation (and those managing it) may also be held legally responsible for employees’ wrongful actions – this is known as ‘vicarious liability’. For instance, the extract below explains an employer’s vicarious liability for acts of discrimination or harassment:

As above, organisations must demonstrate that they have taken “reasonable steps” to prevent these incidents. This includes having appropriate processes and documents in place to communicate and monitor legal and ethical compliance, as well as undertaking regular auditing and inspection regimes to evaluate work practices. Auditing refers to an objective process of systematically working through and evaluating existing systems or practices to determine whether they are compliant. This can be carried out internally (e.g., by a compliance manager in-house) or externally (e.g., by a qualified auditing body).

As a practice manager, it is important for you to engage in evaluation of your own practice. As a practice manager, you may be responsible for reporting any legal or ethical breaches or safety issues you notice in the workplace to the necessary personnel or authorities and should take action to remedy the situation.

Another important reason for monitoring legal, ethical, and industrial compliance is to fulfil obligations in relation to applying for license, funding, certification, or accreditation. All these processes are likely to require an audit of the organisation’s governance and operations to make sure they are capable of delivering high quality services. Where an organisation is deemed as non-compliant, they may not be able to obtain or maintain certification or license, which may lead to losing funding or status as service provider. As such, it is important that we briefly discuss these concepts.

Certification and Accreditation

Like other care providers, practice managers must maintain their certifications and they also have a requirement to ensure general compliance with WHS, fair work practices, anti-discrimination, and other standards. Practice managers may be in a position to take part in the hiring process of new staff and professionals within an allied health organisation. In this case, the practice manager will likely be responsible for verifying that any certifications the hiring professionals/staff have are current and true. For example, to be a registered psychologist, one must have a minimum number of years studying an undergraduate and postgraduate degree/internship pathway, be registered as a psychologist with APHRA, and meet mandatory practice/ongoing professional development. This can be checked by verifying certificates of relevant degrees and registration status with APHRA. Practice managers may also need to ensure that the certification and skills of current staff is kept up to date through professional development.

Certification

Certification is “confirmation by an authorised body that a service provider meets all requirements of a set of standards and/or quality program” (Queensland Government, 2015, p. 4). Health and community services organisations are governed by their own industry-specific guidelines and standards, depending on the scope of service and clientele. As a way of monitoring compliance with these standards, organisations are often required to obtain certification. Moreover, organisations must continuously monitor their compliance, through regular audits, to maintain and update the certification.

Given the variation of compliance requirements between the different States and Territories, for the purpose of this Study Guide we will be using Queensland as an example. In Queensland, the government has developed the Human Services Quality Framework (HSQF) to streamline compliance measures for human services. All organisations that are funded by the Queensland Government to deliver human services must demonstrate their capacity to comply with the Human Service Quality Framework (HSQF). The framework is made up of six service standards. The purpose of the standards is to set a benchmark for the quality-of-service provision in order to protect those using the services (i.e., clients).

While HSQF certification is optional, it may be a licensing requirement for organisations who wish to apply for governmental funding opportunities.

There are three different methods an organisation can use to become certified. The choice of method will depend upon the type and complexity of services provided, the vulnerability of service users, and the amount of departmental investment involved (Department of Seniors, Disability Services and Aboriginal and Torres Strait Islander Partnerships, 2021a):

1. Certification under HSQF: This involves the organisation employing the services of an external and approved auditing body (known as a certification body) who complete an assessment on whether or not the organisation is compliant with the HSQF standards. Organisations who use this method are generally working directly with vulnerable clients.
2. Evidence of alternative accreditation or certification: This means that the organisation may be able to demonstrate that they are compliant with the HSQF standards through certification with an alternate quality system that is recognised by the department. This method would only be approved on a case-by-case basis.
3. Self-assessment: This involves the organisation conducting their own assessment to rate the organisation’s processes and performance against the HSQF standards, and providing evidence of the self-assessment to the department. This method would generally only apply to non-direct service delivery (that is, no direct contact with clients), low-intensity service delivery, or where the level of departmental investment is below a certain threshold (i.e. the organisation is not fully funded by the department). Note: organisations that are required to obtain certification under the HSQF through an auditing body are encouraged to first conduct their own self-assessment in preparation for their audit.

Most health and community service organisations would likely be required to undertake option one. However, organisations typically begin with the self-assessment process anyway in preparation for the audit processes. This means that an organisation may undergo both internal and external auditing processes for achieving and maintaining certification under HSQF. Auditing is also commonly undertaken for accreditation purposes, which we turn to next.

Accreditation

Allied health organisations may also seek accreditation by qualified reviewers to demonstrate high quality governance systems, service processes, and continuous improvement. Accreditation may be required for licensing, such as to become a Medicare-approved provider or eligible private health insurers service or increase their eligibility for specific funding. Accreditation may also increase client confidence in service quality. One prominent example is the Rainbow Tick accreditation which provides a benchmark for safe, inclusive service delivery for LGBTIQIA+ people. Other applicable standards may include, but are not limited to:

• Australian Service Excellence Standards (ASES).
• National Safety and Quality Health service (NSQHS) Standards.
• National Standards for Mental Health Services (NSMHS).
• National Disability Insurance Scheme (NDIS) Practice Standards.
• QIC Health and Community Services (QIC) Standards.

Maintaining Certification or Accreditation

Certification and accreditation need to be maintained, which means organisations must be prepared to undertake regular audit processes. They will also need to develop good governance systems in place to support delivery of quality services and continuous improvement – reviewing policies and procedures and monitoring compliance are important aspects here. Apart from legal and ethical requirements that apply to client service delivery, organisations will also be assessed on operational aspects including:

• Statutory reporting: These refer to any reporting duties that an organisation is legally obligated to carry out – for example, mandatory reporting of child abuse is a common statutory reporting duty that apply to most allied health organisations. Furthermore, many allied health organisations are government-funded which means they are required to provide certain evidence and information to the relevant government authority or department, such as how funding is being spent and how services are being delivered. In this way, organisations are held accountable for monitoring expenditure and quality of service provision.
  Statutory reporting requirements may differ depending upon the industry and jurisdiction you work in and the type of services your organisation provides. Therefore, it is important for management of allied health organisations to make sure they have appropriate systems and procedures in place to meet these reporting requirements.
• Mandatory training: Some workplaces also have mandatory training that all workers must undertake. For example, national regulations require all professionals who work with children to have training in first aid, CPR, emergency asthma management, and anaphylaxis management. Additionally, as practice managers work directly with clients, they may sometimes be required to handle medical emergencies. For this reason, it is considered advantageous for practice managers to be trained in first aid, so that they will know how to respond in the event of a medical emergency or crisis situation.

Other areas that practice managers may require mandatory training in include:

• Epilepsy Training.
• Medication Administration.
• Manual Handling (including hoist training).
• PART (Professional Assault Response Training).
• Positive Behaviour Support Planning.
• Fire Safety Training.

The type of mandatory training you will be expected to complete will be dictated by legislation and will depend upon the specific sector you work in, the type of clients your organisation services, and the specific requirements of your role. A number of organisations have developed their own internal training departments to cover these requirements. Others may use external training services to ensure practice managers acquire, maintain, and update their skills. Regardless of which method your organisation uses, it is essential for managers and supervisors of allied health organisations to ensure that all workers complete and remain up-to-date on any mandatory training in order to remain compliant with legislative requirements.

• Mandatory checks: Organisations must also make sure employees completed any mandatory checks (probity) where necessary for their role. This can include:
  • Child related screening e.g., Blue Card in Queensland.
  • Criminal history check.
  • Aged care sector screening
  • Disability services sector screening
  • Vulnerable person employment screening
  • General employment probity screening
  These requirements must be clearly communicated with workers as part of recruitment process. The organisation must also document workers’ check records and make sure that they renew or update their clearance checks in time.
• Business insurances: Providing services to clients and the community comes with a lot of responsibilities and leaves an organisation vulnerable to being sued. No organisation is impervious to risk, and, although insurance should never be considered a substitute for adequate risk management, it can help to protect the organisation and its workers if a claim is made against them.
  The types of insurance that an organisation requires will typically depend upon the types of services provided, and the types of business activities the organisation engages in. The extract below outlines four common types of insurances that apply to most health and community services organisations.

Now that you are aware of the importance to monitor compliance, from both an employee’s and employer’s perspective, let’s consider ways of monitoring compliance.

Essentially, monitoring and maintaining compliance is the organisation’s responsibilities. Practice manager has a minimum obligation to participate in monitoring processes such as performance review, supervision, and policy review that are all part of the organisation’s effort in monitoring legal, ethical, and industrial compliance, and may be more directly involved.

Who Does What?

While it is everyone’s responsibilities to build and maintain a compliant service, workers in different roles will have slightly different obligations when it comes to monitoring compliance. The diagram below provides a general yet not exhaustive list of responsibilities to demonstrate how each person’s responsibilities fit into the overall picture of managing legal and ethical compliance in practice management. As you read this diagram, keep in mind that these roles and responsibilities will differ depending on the size and context of the organisation you work in. Smaller organisations may incorporate these responsibilities into existing managerial roles. Whereas in a larger organisation, responsibilities are usually more diversified and may be delegated to multiple people – roles and responsibilities of different people should be noted in the relevant policies and procedures – there may even be a compliance manager who is in-charged of this matter.

As above, each worker has the obligation to commit to maintaining compliance in their own behaviours. They should also be mindful of and report any non-compliant behaviours they observe in the workplace, such as if they become aware of a co-worker’s unlawful acts. Having an understanding of different scope of responsibilities will help you gain a big picture of the compliance processes.

Practice managers are not expected to be legal experts. However, they must develop sufficient understanding of the legal, ethical, and industrial requirements in relation to the sector and the services delivered to monitor and maintain compliance. Fortunately, there are a range of sources that they can access for information and advice on compliance. You have learned about sourcing legal information in Section 1.

Information regarding government standards can generally be found on the applicable government department’s website. Each State or Territory government will offer a number of publications or guides designed to help organisations understand what they need to do in order to be compliant with current legislation, including information on how to get assessed and certified, the auditing bodies who can assess them, and other general information about the compliance process (we will be exploring these processes in more detail shortly). This information is also typically provided in plain English documentation which explains the relevant legislation in very simple and easy to understand terms. Additionally, for new implementations, state/territory government departments will often run face-to-face information sessions, webinars, and events to help organisations understand how to implement any new changes. Organisations can also obtain information about compliance through contacting their relevant government department (i.e., by phone or email), or through research on the internet (e.g., websites, online publications etc.).

Industry associations can also provide valuable information, advice, and support to allied health and community service organisations about requirements for compliance. For example, in Queensland, the state body for organisations and individuals working within Practice Management is the Australian Association of Practice Management (AAPM). It is advantageous for organisations to join relevant associations like AAPM, as they can provide policy advice and work with organisations and professionals to strengthen and improve their practice. They can also provide information about common legal and ethical issues, and the approach that organisations can take to resolve these issues.

Industry associations like AAPM can help organisations stay up-to-date with changes to legislation and government/industry standards, and support organisations with certification and licencing processes through providing workshops and valuable information and training to organisations and their staff. For example, a membership with AAPM would provide access to training opportunities, industry specific resources, discounted registration for events and conferences. Each profession has an organisation that offers similar services and organisations should seek opportunities to be aligned with the relevant association for their industry specific area. Some of these include:

In addition to these industry specific associations, there is also a national organisation which can help allied health and workers to stay abreast of current and emerging legal and ethical requirements and issues: AHPA – Allied Health Professions Australia - https://ahpa.com.au/about-ahpa/

Another important source of information and advice on compliance is the regulatory authorities. Whilst each regulatory agency may play slightly different roles, they are generally set up to monitor and strengthen compliance with particular legislation. As such, organisations may go to these authorities for advice and information in relation to how to best comply with particular standards or legislative requirements.

In Section 1, for example, you have been provided with a list of WHS regulators responsible for overseeing and promoting WHS compliance within each state/territory. Their roles include enforcing WHS laws, conducting WHS audits for compliance, issuing notices and infringement where non-compliance is identified, investigating WHS incidents, and prosecuting organisations that breached WHS legislation (Federal Safety Commissioner, n.d.). Other regulatory agencies relevant to the community services sectors include:

Essentially, sourcing accurate and relevant information is important for demonstrating and monitoring compliance. We recommend that you spend some time viewing each of these websites and exploring the range of information available. Because compliance requirements do change from time to time, it is also important to make sure that you are receiving updates on requirements as soon as they become available. Strategies you can implement to update and maintain your knowledge of compliance requirements include:

• Registering for email updates: You can register for an account with the Federal Register of Legislation website so that you will receive email notifications when there have been updates or changes to your choice of Commonwealth legislation.
• Subscribing to newsletters/publications: Publications from government, industrial associations, and regulatory authorities can assist you in understanding how legislative or trend changes might impact on your services. For instance, ACOSS offers a range of communications to its members, including a daily bulletin of media articles that are relevant to community services and civil society sector.
• Networking activities: There are various networking and professional development opportunities that enable community services workers and organisations to connect with other services and share information. ACOSS, for example offers a range of national policy and advocacy networks for members to engage in policy development.

Organisational Processes to Oversee Compliance

In addition to sourcing relevant, updated information, organisations must evaluate work practices for non-compliance on an ongoing basis, and implement modifications as required. Reflective practice is important for ethical practice, which involves evaluating your own practice against standards. Similarly, your organisation will have implemented several mechanisms to evaluate practices, on an ongoing basis, so that necessary modifications can be made in a timely manner. There are multiple ways of monitoring compliance, including:

• Review policy and procedures. As mentioned previously, the purpose of policies and procedures is to provide guidance for meeting compliance requirements. It is important that these documents are regularly reviewed and revised to ensure they serve the purpose, and that all staff are trained and supported to follow these standards.
• Obtain independent review and advice. Some organisations may seek independent and/or external advice, such as specialist legal advice, to make sure that their plan, policy documents, and administrative decisions abide by relevant laws. It is also common for community services organisations to seek consultation with community members, stakeholders, government, or regulatory body to evaluate their practices and service delivery approach.
• Uphold internal and external audit and inspection processes. Audits and inspections are usually conducted periodically to assess and monitor compliance. The goal of audit is to assess whether the organisation’s operations are compliant with legislation, policies, or other standards. Audits are usually conducted on regular basis, by either an internal or external person/team. For instance, an organisation may undertake internal audit for compliance with WHS requirements, which may include having a designated WHS representative perform inspection procedures on site using a standard checklist. External audit may also be undertaken to fulfill certification or accreditation requirements. Through auditing, the organisation can become aware of any areas that are non-compliant and take prompt actions to address them.
• Promote a culture of compliance. Essentially, organisational compliance comes down to every person in the organisation complying with the policies and standards set out. As such, incorporating compliance in the organisational culture is important. For instance, the expectations of compliance should be integrated into employment contract and be reinforced during induction processes. Regular training and internal communications will help workers stay updated with the legal, ethical, and industrial requirements relevant to their work. Another aspect is to make sure there are robust systems for reporting and investigating misconduct.
• Establish robust systems for reporting and investigating misconduct. Organisations should make sure that there are appropriate processes in place to encourage and assist recognition of issues or potential breaches of ethical or legal practice. Issues may be identified by staff, clients or other stakeholders, or from an inspection or audit undertaken. In some charity organisations, having a whistleblower policy is required to increase accountability.

Address Issues of Compliance

Through regular monitoring, you may come across issues or breaches of ethical or legal practice. As practice managers, you may also be approached by another staff member with questions or issues regarding potential breaches. You will typically have to provide more guidance on how this issue can be most appropriately dealt with. You will have to carefully think through the situations to determine what is the best course of action. They often follow a structured decision-making process, which is similar to the ethical decision-making process you have learned in Section 2.

Whether you are a practitioner or a manager in your organisation, your first steps always involve assessing the situation with your obligations and duties in mind. That initial assessment helps you to determine who or which document you may need to consult to find out possible options. It is also important to document your reasoning and actions to demonstrate that you have taken into account relevant considerations.

In Jerry’s case, the issue may be addressed in-house as a staff misconduct matter so that Jerry is supported to make changes to his practice. Issues relating to staff conduct may also be referred to human resource manager and/or Chief Executive Officer for operational considerations. Some legal requirements also mandate a report to relevant authority – for example, disclosure of child abuse will mandate a report to child safety authority; criminal matter may involve a report to the police; WHS issue may be referred on the WHS regulatory body. As such, careful considerations must be given to make sure any of such issues are managed properly in accordance with the requirements.

Occasionally, the nature of issue may be more complicated in nature and the organisation may decide to engage an external specialist for advice. For example, a worker suffered severe injury while being at work and decided to sue the organisation for negligence. The organisation may obtain advice from legal practitioner with expertise in workers’ compensation matters to determine what the best resolution is. Another example is when a legislative change is implemented and has a potential to impact on the organisation’s practices, in which case the organisation must consider how they could modify their operations to make sure they are compliant with the new legislation.

As per Step 1 and 2 in the decision-making model above, a manager will need to assess their scope of practice, where their responsibilities lie, and if they are the right person to deal with this matter. They will also refer to the organisational policies and procedures to find out if there are any existing directions set out on the issue. Where a matter is beyond their role, expertise, or the coverage of organisational policies and procedures, they must seek consultation with and refer the matter to appropriate persons, such as the managing board of the organisation or external experts.

A Note on Seeking Specialist Legal Advice

Specialist legal advice is often sought to gain clarification on legal compliance and help an organisation manage potential legal risks. This is particularly important as managers are not usually legal experts and non-compliance with legislation can attract serious consequences for the people and the organisation involved. In the event that there is ambiguity in terms of the organisation’s legal responsibilities and liabilities, or a potential legal risk has been identified (e.g., triggered by an incident or complaint), attaining legal advice from a relevant specialist may be necessary.

As such, an organisation should consider developing a database of specialist legal experts that they may contact for advice when necessary. Additionally, legal practitioners may have different range of expertise, such as human rights, industrial relations legislation, WHS laws, corporate laws, intellectual property law, taxation law, and corporate litigation lawyer – it is important to take this into consideration when determining the most appropriate person to consult with.

This section of the module has focused on compliance, including why organisations must monitor compliance and a range of processes to assist. Apart from internal processes, you also learn about certification, accreditation, and licensing requirements that are often implemented to make sure allied health organisations are actively compliant with relevant legal and ethical standards. You have also learned about how to monitor and address potential non-compliant issues. Overall, this module explores the legal, ethical, industrial, and organisational frameworks that guide practice management work, which inform the operations and processes within an allied health organisation.

• Australian Human Rights Commission. (n.d.). Vicarious liability. https://humanrights.gov.au/our-work/employers/vicarious-liability

• Allied Health Professions Australia (AHPA). (2023). About AHPA. https://ahpa.com.au/about-ahpa/
• Business Queensland. (2020). Penalties for breaches to work health and safety law. https://www.business.qld.gov.au/running-business/whs/whs-laws/penalties
• Community Door. (2018c). Working within an ethical framework. In Section 2: Working within an ethical framework. Queensland Council of Social Service. https://etraining.communitydoor.org.au/resources/etraining/units/chccs301a/section2/section2topic10.html
• ELDAC. (2023). Allied Health Regulatory Bodies and Accrediting Organisations. https://www.eldac.com.au/tabid/7685/Default.aspx#:~:text=Membership%20to%20a%20relevant%20professional,AHPRA)%20as%20their%20regulating%20body.
• Federal Safety Commissioner. (n.d.). Regulatory bodies. Attorney-General’s Department. https://www.fsc.gov.au/regulatory-bodies-0
• Joint Accreditation System-Australia and New Zealand (JAS-ANZ). (n.d.). Accreditation or certification. https://www.jas-anz.org/accreditation-or-certification
• Lookout Services Inc. (2019). [Image of the word ‘Compliance’ with related icons and images such as ‘standards’ and ‘rules’ below it]. https://www.i-9intelligence.com/what-employers-need-to-know-about-i-9-audits-work-site-investigation.html
• Our Community. (n.d.). Help Sheet - What types of insurance does my organisation need? https://www.ourcommunity.com.au/insurance/view_help_sheet.do?articleid=263