Corporate Compliance Privacy

Our Corporate Compliance Program is designed to enhance our understanding of acceptable behavior and appropriate decision-making.


The Office of Corporate Compliance, Internal Audit and Privacy supports the mission, vision and values of Nuvance Health by facilitating compliance with healthcare-related laws and standards and promoting the organization's commitment to lawful and ethical behavior.


To ensure that the Nuvance Health Compliance Program continues to meet the elements of an effective compliance program, while adapting to the ever-changing healthcare environment.

Our Program

Our Corporate Compliance Program is designed to enhance our understanding of acceptable behavior and appropriate decision-making. It is everyone's duty to promptly report any activity that appears to violate the Health Quest Code of Conduct or any laws, regulations or organizational policies. All employees must not only act in compliance with all applicable legal rules and regulations, but also strive to avoid the appearance of impropriety

Our Corporate Compliance Program is based upon the US Department Health & Human Services-Office of the Inspector General Guidance, as well as Section 363-D of the NYS Social Services Law. Both of which detail the elements of an effective compliance program. These elements, which are incorporated in our program, include:

  1. The development and distribution of written standards of conduct, as well as written policies and procedures that promote the hospitals' commitment to compliance;
  2. The designation of a chief compliance officer and other appropriate bodies, e.g., a corporate compliance committee, charged with the responsibility of operating and monitoring the compliance program, and who report directly to the CEO and the governing body;
  3. The development and implementation of regular, effective education and training programs for all affected employees;
  4. The maintenance of a process, such as a hotline, to receive complaints, and the adoption of procedures to protect the anonymity of complainants and to protect whistleblowers from retaliation;
  5. The development of a system to respond to allegations of improper/illegal activities and the enforcement of appropriate disciplinary action against employees who have violated internal compliance policies, applicable statutes, regulations or Federal healthcare program requirements;
  6. The use of audits and/or other evaluation techniques to monitor compliance and assist in the reduction of identified problem area; and a system for identification of compliance risk areas specific to the provider type, for self-evaluation of such risk areas;
  7. The investigation and remediation of identified systemic problems and the development of policies addressing the non-employment or retention of sanctioned individuals and;
  8. A policy of non-intimidation and non-retaliation for good faith participation in the compliance program, including but not limited to reporting potential issues, investigating issues, self-evaluations, audits and remedial actions, and reporting to appropriate officials.

The goals of our Corporate Compliance Program are to:

  1. Empower our employees;
  2. Demonstrate our commitment to conducting business in an ethical manner;
  3. Serve as a resource when dealing with difficult, complex or confusing issues;
  4. Provide an outlet for addressing concerns;
  5. Ensure we follow Local, State and Federal laws that apply.

Our Compliance Program serves to:

  1. Provide employees with a central resource for addressing compliance issues;
  2. Provide employees with information and policies for successful job performance;
  3. Encourage reporting concerns and resolving issues;
  4. Minimize the risk of fraud & abuse;
  5. Provide constant monitoring;
  6. Protect our reputation in the community and ensure our continued success.


If you have a compliance question or issue, a HIPAA issue, or wish to obtain guidance on compliance related topics, please feel free to contact us using the contact information below.


You may contact the Corporate Compliance Hotline at 844-YES-WeComply (844-937-9326) and speak directly with a representative. The Hotline is available 24 hours a day, seven days a week. The Hotline is anonymous, not set up for caller ID, and cannot trace calls. However, you may decide to identify yourself in order to provide information that may be necessary in an investigation. Information you provide will remain confidential to the extent possible. You will be given a case number and a call-back date. You may call back again on or after the call-back date to find out whether action has been taken, but the nature and outcome of an investigation is always confidential.

Direct Contact

Please provide us with all the information related to your Compliance question.

Email Compliance at: or contact any of our staff members below.

Our Staff

Wayne A. McNulty, JD, MS, CHC, CIPP
Chief Compliance, Audit & Privacy Officer
(203) 739-6552

Aaron J. Lund, JD, LL.M, CHC, CHPC, CHRC, CFE
Deputy Chief Compliance Officer, Compliance Operations
(203) 702-0832 

Mark Dunn MS, RHIA
Senior Compliance Officer, Information Governance 
HIPAA Privacy and Security Officer
(203) 702-0830

Renee Pierre-Louis, Ph.D., MBA, MA, CCRP-CP
Senior Compliance Officer, Human Subjects Research and Academic Affairs
Human Protections Administrator

Suzanne Salfi, RHIT, CHC
Senior Compliance Officer, Quality, Clinical, and Physician Audit & Billing Cycle Integrity
(203) 739 6841


Senior Compliance Officer, Ancillary Programs
(203) 702-4313