Year: 2026

Former HHS Counsel Discuss Enforcement Trends at PCC

NXLevel Compliance Team , , , , , , ,

Welcome! I’m poring through notes from last month’s Pharmaceutical Compliance Congress, and am going to share some recaps of the sessions in this blog. So make sure to follow!

I’ll start with Pharmaceutical Enforcement Trends, a panel discussion where former HHS OIG counsel Kate Matos and Meredith Williams shared their views on what they described as a proactive, data-driven enforcement climate for pharmaceutical manufacturers.

The big takeaway is pretty simple: enforcement is getting smarter, faster, and more connected. DOJ, HHS, CMS, and OIG are increasingly using data to spot patterns earlier, and they expect companies to be doing the same. That means compliance programs can’t just rely on policies sitting on a shelf—they need real monitoring, sharper analytics, and quicker escalation when something looks off.

Speaker programs remain a live issue, especially where the same physicians show up again and again or events start to look more like marketing than education. The same goes for free diagnostic testing and patient support services: the question regulators keep asking is whether the program genuinely helps get the right treatment to the right patient, or whether it’s really a disguised sales tool.

Another important theme is that federal guidance may not be enough anymore. State enforcers, especially in places like Texas, are taking more aggressive positions that don’t always line up neatly with OIG’s approach, so national companies need to think beyond federal standards.

Digital health and cybersecurity are also moving up the risk list, with recent settlements showing that regulators care not just about data privacy, but also about software integrity and algorithm oversight. On the pricing side, the Inflation Reduction Act adds another layer of pressure with complex reporting, certifications, and little room for error. And finally, self-disclosure keeps looking more attractive—both financially and strategically—than waiting for a whistleblower or government inquiry.

Bottom line: this is a more proactive enforcement environment, and the companies that do best will be the ones that treat compliance as an operational capability, not just a legal requirement.

It was a fun conference and we learned lots! I’ll share more as I continue to dig out. If you have anything to add, I’d love to hear it in the comments below or feel free to drop me an email: pnash@nxlevelsolutions.com.

Thanks for reading!

Paul Nash

Compliance Training and the Science of Learning

NXLevel Compliance Team , , , , , ,

Most compliance leaders didn’t set out to become instructional designers—but the reality is effective training is essential for reducing risk. Policies must be understood, behaviors must align, and lessons must hold up under pressure. Yet many well‑intended training efforts fail not because the content is wrong, but because they overload the learner’s brain.

This is where Mayer’s Principles of Multimedia Learning offer a practical, science‑based lens. Developed by Richard Mayer, a world-renowned educational psychologist, these principles recognize that the brain processes information through two separate channels (auditory and visual) and that each channel has limited capacity when processing new information.

You don’t need to be a learning expert to apply Mayer’s Principles. Think of them as a quality check to ensure your training is effective and actually sticks—especially when it comes to high-risk activities. The principles apply no matter how you’re delivering training, be it via eLearning, presentations, videos, workshops or any other way you might choose to get through to your learners.

While not an exhaustive listing of Mayer’s Principles, below are three key takeaways for compliance training. And if you’d like a handy checklist that you can use when designing, reviewing, or refining your training, send us an email at compliance@nxlevelsolutions.com.

1: Reduce extraneous cognitive load

If something doesn’t directly support the learning goal, it’s likely getting in the way. Decorative visuals, dense slides, duplicative narration, or information that’s “nice to know” but not essential all force the brain to work harder than necessary. Effective compliance training makes the key messages obvious, integrates words and visuals, and avoids narrating text that learners can already read. Less noise means more clarity—and fewer mistakes.

2: Manage essential processing

Even critical content can overwhelm working memory if it’s delivered too fast or all at once. Chunking material, introducing terms before expecting learners to apply them, and letting learners control the pace of their learning all help people process what truly matters. The goal isn’t to simplify the rules—it’s to make them understandable.

3: Foster generative processing

Learning sticks when people do the thinking themselves. Conversational language, realistic scenarios, and activities that ask learners to decide, explain, or apply concepts help them connect rules to real‑world judgments. When compliance training reflects how people actually work, it’s far more likely to make a difference in the field.

Bottom line: Small, intentional instructional design choices—applied consistently—can dramatically improve how compliance training translates into compliant behavior.

Happy Training!

NXLevel Compliance

Social Media Compliance Training: What’s Not to Like?

NXLevel Compliance Team , , , ,

Social media compliance training can be tricky. On the one hand, you want your employees to follow your company’s official social media channels and share their enthusiasm for your company online.

On the other hand, you don’t want employees accidentally sharing confidential company information, unintentionally engaging in inappropriate product promotion, or otherwise presenting themselves as official company spokespersons when posting on their personal social media accounts.

If your training comes across too heavy-handed, your employees might be too scared to ever like a company post. But if your training is too vague, you could leave them confused, or worse, they could feel like they can post or comment on just about anything.

So how do you hit the sweet spot? Here are a few tips.

1) Know your audience. If your social media training is being assigned to all your employees, don’t weigh it down with rules that only apply to the people who can post to your company’s official social media channels. Handle their training needs separately. Your employee-wide training should focus more on the do’s and don’ts of personal social media use.

2) Include lots of examples. Be sure to include enough examples to illustrate your social media rules. Are there some company posts that employees can comment on and others they should not? Show at least one realistic example of each.

3) Explain the “why.” Remind employees why your company has a social media policy in the first place. It’s not just because regulations apply to the information your company shares. Patients, healthcare professionals, investors, job candidates, and other stakeholders rely on accurate and clear information about your products and your company.

4) Tell them who to ask. No matter how great your training is, people will have questions. Make it clear who employees can reach out to with questions.

5) Take a continuous learning approach. Just like any training, your social media training won’t stick without some sort of reinforcement. Consider sending out short follow-up videos or occasional email blasts that reinforce key guidance.

I’m sure you’ve noticed that all these rules apply to any training subject. But social media training can be a slippery slope, partly because it addresses non-work activities and partly because government and industry guidance is not as robust as it is for other areas.

To help your employees understand how they can appropriately engage with company-related social media content, NXLevel Compliance has just released a new training module, Social Media Matters. If you are interested in more information about this module, contact us at info@nxlevelsolutions.com.

In the meantime, we hope you find these tips helpful as you continue your journey as a compliance training hero!

It Starts With the Code

NXLevel Compliance Team

Anyone who’s paid attention to DOJ or OIG guidance the last few years knows that both agencies are looking for more than just policies and procedures when evaluating the effectiveness of a company’s compliance program. Both want to see evidence of a culture of ethics and compliance — one that encourages and rewards employees for doing the right thing.

Image of Code of Conduct module title screen

A foundational part of that culture is a company’s code of conduct. It is a declaration of a company’s values and expectations for all of its employees.

How well a company trains its employees on its code directly impacts how far those employees will go in embracing and acting on its values.

A company’s code of conduct training should be the jewel in the crown of its compliance training program, not just because of the size of its audience, but because of the importance of its objectives.

So, how do you create effective code training?

Make it engaging.

First and foremost, do not let your code training devolve into an exercise where you are reading the code to your employees. Require your employees to read the code on their own and use the code training to bring your code to life.

Keep the tone conversational and positive. Remember that people want to do the right thing and work for a company they can be proud of. Speak to the positive outcomes everyone wants to achieve – specifically how doing the right thing ultimately benefits patients.

Example of a scenario question in a code training module

Consider using leading questions, where an employee needs to first consider their own opinion about a topic before covering how that topic is addressed in your code. This helps prime their attention for the information that follows.

Make it contextual.

Help employees understand how the code is applicable to their jobs. Include exercises that ask them to apply its principles to real life situations. However, while these situations should be realistic, they should also be broad enough so that they are accessible to everyone. This is easier to achieve when you remember to emphasize the principles over the details.

Try to anticipate questions employees may have and address them head on. Provide concrete examples whenever possible, again avoiding details that only a narrow audience would appreciate.

Make it continuous.

Do not ask your employees to take the exact same code training year after year. For example, you can create a foundational training that covers your entire code and have all employees complete that training the first year. This training could be between 20-30 minutes in length.

Title screen from a Code of Conduct refresher training module

Then, in subsequent years, you can have employees take shorter (5-10 min) refresher training modules that remind them of key principles. Or you can modify your foundational training each year to focus on different aspects of the code or include different situations and examples.

The important thing is to keep it fresh. Asking your employees to repeat the same code training every year sends the wrong message – that it is not a priority for them or your company.

You can also help keep the spirit of your code alive throughout the year by deploying short videos, micro modules, and intranet banners that reinforce key points, like speaking up, avoiding conflicts of interest, or protecting confidential information.

Consider how the code is published.

Finally, you may even want to consider how the code itself is published. Instead of an expensive, glossy booklet that gets thrown in a drawer or a bland, static PDF that requires a lot of scrolling, your code can be published as an interactive, visually appealing, engaging online experience (a microsite) that can even include exercises that turn the code itself into a learning tool.

There are many strategies you can adopt to help bring your code to life and nurture the culture of ethics and compliance that the DOJ and OIG are consistently pointing to. Whichever strategy you think may work for your company, NXLevel is here to help. To learn more, contact us at compliance@nxlevelsolutions.com.

Thanks for reading.