In this episode of Compliance Conversations, host CJ Wolf sits down with Jill Fallows Macaluso, Corporate Vice President and Chief Compliance Officer at Novo Nordisk, to explore how ethical culture, psychological safety, and empowered risk-taking can transform compliance from a regulatory obligation into a strategic asset. 

Jill shares insights from more than two decades in a highly regulated industry, discussing how organizations can move beyond check-the-box compliance and build cultures that foster trust, innovation, and sustainable business results. 

In this episode, you’ll learn: 

• Why ethical culture consistently correlates with stronger business performance 
• How psychological safety strengthens both compliance and innovation 
• What “risk-based decision-making” really looks like in practice 
• How leaders can empower teams without sacrificing accountability 
• Why inclusion is foundational to ethical, high-performing organizations 

Whether you’re a compliance officer, legal leader, or executive, this conversation offers practical guidance for building a culture where people feel safe to speak up, take smart risks, and do the right thing. 

Thank you for listening! Please share, like, and subscribe.

If you'd like to see more compliance and auditing content feel free to follow us on social media.

• LinkedIn
• Youtube
• Facebook
• Instagram

Check out our resource center and weekly compliance newsletter for additional compliance and auditing content from our experts.

In this episode of Compliance Conversations, healthcare compliance expert Jessica Zeff, the Founder & CEO of Simply Compliance, shares real-world insight into why structured, electronic case management is essential for demonstrating compliance, managing risk, and responding efficiently to audits and investigations. 

What You’ll Learn 

• What compliance case management actually looks like in practice 
• Why consistency and categorization matter for risk analysis 
• Common mistakes organizations make when handling compliance cases 
• How case management supports audits, investigations, and leadership reporting 
• Why even basic systems are better than none 

Who Should Listen 

Compliance officers, privacy professionals, legal teams, audit teams, and anyone responsible for managing compliance or incident investigations.

About Jessica Zeff: 

Jessica Zeff is the CEO & Founder of Simply Compliance, a healthcare compliance consulting firm specializing in regulatory compliance, privacy, and risk management. A strategic leader with nearly 25 years of experience, Jessica is skilled in building compliance programs, translating complex regulations into actionable strategies, and mitigating compliance risks through proactive program development and data-driven decision making. 

Jessica is also an experienced speaker and educator, having delivered presentations and webinars for the Health Care Compliance Association (HCCA) and numerous healthcare partners on topics ranging from privacy and data security to compliance risk management. She is the creator and host of the Compliance Deconstructed podcast, where she explores practical approaches to healthcare compliance, and the author of the popular blog series Olivia’s Compliance Diaries, which brings real-world compliance lessons to life through storytelling. 

Thank you for listening! Please share, like, and subscribe.

If you'd like to see more compliance and auditing content feel free to follow us on social media.

• LinkedIn
• Youtube
• Facebook
• Instagram

Check out our resource center and weekly compliance newsletter for additional compliance and auditing content from our experts.

Critical care coding isn’t just about time at the bedside. In this new episode of Compliance Conversations, CJ Wolf and Maya Turner discuss how recent CPT® guidance expands what’s billable, from telehealth consults to pre-arrival care coordination. 

Key Takeaways: 

• When critical care starts (and where it doesn’t) 
• CPT® vs. CMS Guidance— and what happens when they differ 
• How to handle transport, telehealth, and overlapping E/M services 
• Ways to help providers feel recognized — even when the answer is “no” 

Here is a link to the OIG audits referenced in the episode. 

You can read Maya’s book, Billable: The Revenue Cycle Professional's Guide to Branding, for more insights. 

Thank you for listening! Please share, like, and subscribe.

If you'd like to see more compliance and auditing content feel free to follow us on social media.

• LinkedIn
• Youtube
• Facebook
• Instagram

Check out our resource center and weekly compliance newsletter for additional compliance and auditing content from our experts.

As federal deadlines, a shutdown, and stalled legislation churn the rules, telehealth coverage looks different across Medicare, Medicaid, and commercial payers. In this episode, CJ Wolf, MD and Keisha Wilson (Founder/CEO of KW Advanced Consulting) breaks down what’s actually covered right now—and how to stay compliant without disrupting care. 

You’ll learn: 

• Where Medicare telehealth reverted and where behavioral health remains an exception 
• How to use ABNs correctly (and why timing is everything) 
• Why payer & state policies diverge—and how to operationalize a payer matrix 
• The must-have front desk workflow: eligibility, POS, modifiers, codes 
• HIPAA platform requirements and documentation tips 

Who should listen: Compliance leaders, revenue cycle teams, practice managers, telehealth program leads, behavioral health providers. 

Recorded: October 30, 2025 (details current as of this date) 

You can also tune into our previous Compliance Conversations episode with Keisha, The ABCs of ABNs. 

Thank you for listening! Please share, like, and subscribe.

If you'd like to see more compliance and auditing content feel free to follow us on social media.

• LinkedIn
• Youtube
• Facebook
• Instagram

Check out our resource center and weekly compliance newsletter for additional compliance and auditing content from our experts.

Headlines change. Your mandate doesn’t.  

In this Compliance Conversations episode, CJ Wolf, MD, and Brian Burton, Healthicity Chief Compliance & Privacy Officer, cut through the noise to show how to keep programs objective, patient-first, and audit-ready—even amid shutdowns, delayed rules, and shifting priorities. 

What you’ll learn 

• Enforcement reality check: Why fraud, waste, and abuse actions keep moving—and how to prepare. 
• Backlogs & timing: Practical impacts of shutdowns on OCR complaints, self-disclosures, and CIAs. 
• Medicare Advantage focus: Signals that MA audits are scaling and what that means for you. 
• Telehealth decisions: “Hold or bill?” Cash-flow, denial risk, and documenting your rationale. 

Thank you for listening! Please share, like, and subscribe.

If you'd like to see more compliance and auditing content feel free to follow us on social media.

• LinkedIn
• Youtube
• Facebook
• Instagram

Check out our resource center and weekly compliance newsletter for additional compliance and auditing content from our experts.

CJ Wolf sits down with Jacklyn DeMar (President and Chief Executive Officer of The Anti-Fraud Coalition) and Elin Kunz (testifying expert and former whistleblower) to explore the False Claims Act (FCA), the realities of retaliation, and how compliance programs move from “paper tiger” to practice. 

What You’ll Learn 

• FCA in plain English: How cases start, why most settle, and the government’s role 
• Real-world whistleblowing: Documenting concerns, building evidence, and choosing counsel 
• Anti-retaliation basics: What protections exist and how to think about timing 
• Stronger programs: Closing gaps between contracting, coding, and monitoring 

Guests 

• Jacklyn DeMar, President & CEO, Anti-Fraud Coalition 
• Elin Kunz, coding/billing expert witness; former whistleblower 

Resources from The Anti-Fraud Coalition 

• https://www.taf.org/  
• https://www.taf.org/podcast/  
• https://www.taf.org/latest-news/  

Thank you for listening! Please share, like, and subscribe.

If you'd like to see more compliance and auditing content feel free to follow us on social media.

• LinkedIn
• Youtube
• Facebook
• Instagram

Check out our resource center and weekly compliance newsletter for additional compliance and auditing content from our experts.

Artificial intelligence is no longer a future concept; it’s here, embedded in healthcare systems, vendor platforms, and even your day-to-day operations. But with innovation comes risk. 

In this episode of Compliance Conversations, host CJ Wolf, MD, talks with Santosh Kaveti, Founder and CEO of ProArch, about: 

• Emerging AI Risks: From shadow AI to model drift 
• Governance & Education: Why AI literacy across your workforce matters 
• Explainability: The critical requirement compliance leaders should insist on 
• Future-Proofing: How to prepare your compliance program for the next wave of AI innovation 

Get actionable insights to help you stay ahead of regulation, strengthen data security, and keep patient safety at the center of your strategy. 

Thank you for listening! Please share, like, and subscribe.

If you'd like to see more compliance and auditing content feel free to follow us on social media.

• LinkedIn
• Youtube
• Facebook
• Instagram

Check out our resource center and weekly compliance newsletter for additional compliance and auditing content from our experts.

Artificial intelligence is transforming healthcare, from ambient documentation to virtual assistants. But as opportunities grow, so do risks. How can compliance and security leaders enable innovation while ensuring patient safety and regulatory alignment? 

In this episode of Compliance Conversations, CJ Wolf talks with Walter Haydock, former national security advisor and founder of StackAware. Together they unpack: 

• ISO 42001: The emerging “SOC 2 for AI” standard 
• The balance between AI innovation and patient safety 
• Shadow AI and the risks of unmonitored deployments 
• Key U.S. and EU regulations shaping AI in healthcare 

Resources: 

You can find additional resources from Walter Haydock below: 

• Free in-person risk assessment for healthcare CxOs 
• Free email course on ISO 42001 
• Blog Article: How to deploy high-risk artificial intelligence systems and still comply with Colorado SB-205 

Thank you for listening! Please share, like, and subscribe.

If you'd like to see more compliance and auditing content feel free to follow us on social media.

• LinkedIn
• Youtube
• Facebook
• Instagram

Check out our resource center and weekly compliance newsletter for additional compliance and auditing content from our experts.

In this episode of Compliance Conversations, CJ Wolf sits down with Melinda Hawk, recognized as Healthicity’s Revenue Cycle Manager of the Year, to talk about her career journey, leadership lessons, and the power of collaboration between compliance and revenue cycle teams. 

What You’ll Learn: 

• Insights from 35 years in home health and hospice 
• The importance of compliance-revenue cycle communication 
• Strategies to mentor and prepare the next generation 
• Practical ways to stay current with regulatory updates 

Thank you for listening! Please share, like, and subscribe.

If you'd like to see more compliance and auditing content feel free to follow us on social media.

• LinkedIn
• Youtube
• Facebook
• Instagram

Check out our resource center and weekly compliance newsletter for additional compliance and auditing content from our experts.

In this episode of Compliance Conversations, CJ Wolf speaks with Eddie Qureshi, CEO of Rainfall Health, to break down the new CMS TEAM Model—and what it means for your hospital’s future. 

What You’ll Learn: 

• Which hospitals are impacted (and how to check the list) 
• Why CMS is shifting post-acute accountability to hospitals 
• What compliant documentation, coordination, and reporting looks like 
• How AI and integrated tools can make all the difference 

Thank you for listening! Please share, like, and subscribe.

If you'd like to see more compliance and auditing content feel free to follow us on social media.

• LinkedIn
• Youtube
• Facebook
• Instagram

Check out our resource center and weekly compliance newsletter for additional compliance and auditing content from our experts.

In this episode of Compliance Conversations, CJ Wolf, MD, is joined by Rui Ribeiro, Co-Founder and CEO of Jscrambler, to dive into the client-side security threats healthcare organizations often overlook.  

From patient portals to embedded video players, Rui explains how browser-based vulnerabilities are creating new risks that healthcare teams need to be aware of. 

You’ll learn: 

• Why client-side protection could be the next step in HIPAA evolution 
• How healthcare can follow the lead of PCI DSS standards 
• The critical role of Zero-Trust Architecture and JavaScript integrity 
• Simple ways to start reducing hidden compliance risks today 

Thank you for listening! Please share, like, and subscribe.

If you'd like to see more compliance and auditing content feel free to follow us on social media.

• LinkedIn
• Youtube
• Facebook
• Instagram

Check out our resource center and weekly compliance newsletter for additional compliance and auditing content from our experts.