Orthofix is committed to creating an environment of integrity where open, honest communication is encouraged and celebrated. Our company promotes a culture in which employees are comfortable approaching their supervisor or manager if they believe there has been a violation of policy or standards.
Our Commitment to Compliance
As a part of the Company’s commitment to compliance, we have instituted a confidential, anonymous reporting system. This resource is hosted by a third-party hotline provider, EthicsPoint, for the submission of reports relating to violations stated in the Company’s Code of Conduct. The hotline is also a source for guidance related to policies, procedures, violations of law and providing positive suggestions and stories.
Orthofix is a proud supporter of the following global industry groups that promote ethical business interactions and adheres to each organization’s code of conduct.
Our Code of Conduct
Orthofix is committed to the responsibility and integrity of all employees, stakeholders, and board members. The company works hard to ensure that its teams and distributor partners adhere to applicable laws regarding the use of Orthofix products. Orthofix sales, marketing, education and promotional activities comply with governing laws in each country in which the company conducts business. The Orthofix Code of Conduct contains guidelines for conducting business with the highest standards of ethics and is available in multiple languages by using the following links:
Orthofix recognizes its obligation to facilitate ethical interactions with health care professionals (HCPs), which helps ensure that medical decisions are based on the best interests of the patient. Collaboration between the medical device industry and HCPs improves patient care and advances technology treatment options. As a global Company, Orthofix is subject to several transparency laws that regulate our interactions with HCPs and require us to report transfers of value to HCPs to ensure that the interactions are beneficial and appropriate.
Orthofix supports global transparency reporting for our industry. The purpose of transparency reporting is to help the general public better understand the nature and extent of industry and provider interactions. Orthofix complies with laws and industry code requirements by publicly reporting payments, benefits and transfers of value made to HCPs, health care organizations (HCOs) and health care professionals’ associations.
In the United States, there are federal and state transparency laws that require Orthofix to report transfers of value to HCPs. The federal transparency law (Sunshine Act) requires Orthofix to submit this data through the CMS Open Payments website. In countries outside the United States, Orthofix participates through the relevant transparency reporting platforms as required by local law or industry code. Additionally, certain laws require Orthofix to post certifications, as well as, maintain annual transparency data on the company’s website.
California State Certification
California Health & Safety Code § 119402 requires pharmaceutical and medical device manufacturers to make publicly available their “Comprehensive Compliance Program” which outlines adherence to applicable federal and state laws and industry standards regulating the marketing and promotion of their products. Use this link to review Orthofix’s annual written declaration of compliance.
Transparency Reporting for Italy
The Confindustria Dispositivi Medici Code of Ethics, requires all member-companies to disclose transfers of value to HCPs and HCOs. Under this industry Code, Orthofix Italy is required to disclose the names of HCPs and HCOs that have received payments or other transfers of value from Orthofix, and the total amounts of value transferred by the activity type. This can consist of, for instance, an educational grant to an HCO, a consultancy fee to an HCP for speaking or payment for travel. Disclosure reports will be published by June 30th of every year for transfers of value made during the previous calendar year. Use this link to view the most recent transparency report* for Orthofix Italy.
*Data is displayed on an aggregate basis unless we have consent from the HCPs to disclose their data on an individual basis.
Sunshine Act FAQs
The Physician Payments Sunshine Act, commonly called the Sunshine Act, is intended to make the relationships between the healthcare industry and healthcare professionals more transparent. The Sunshine Act requires applicable manufacturers of drugs, devices, biologicals, and medical supplies to report certain payments or transfers of value provided to physicians or teaching hospitals and other research entities to the Centers for Medicare & Medicaid Services (CMS) on an annual basis.
“Payments” are fees for services rendered such as for royalties, speaker programs or consulting engagements, and for associated approved out-of-pocket reimbursements (e.g., mileage and parking). Payments can also be in the form of an educational grant for a third party meeting, fellowship grant, product donations or a clinical research study. “Transfers of value” are in-kind items such as meals, airfare, and/or educational materials (journal reprints, textbooks, etc) that Orthofix pays for or provides in connection with medically relevant interactions with healthcare professionals and healthcare organizations.
Orthofix interacts with physicians and teaching hospitals in many important ways. We consult doctors to get their insights and advice on developing treatments that meet the needs of patients. We facilitate programs where physicians who are experts in their fields meet with their peers to help educate them about the appropriate use of FDA-approved treatments; this helps them make informed prescribing decisions with their patients. We also engage physicians as clinical trial investigators and work with hospitals to conduct clinical research studies, which are fundamental to the development of innovative treatments for patients.
A physician (excluding medical residents) with an active license in the US who possesses any of the following degrees: Medical Doctor (M.D.), Doctor of Osteopathy (D.O.), Doctor of Dental Surgery (D.D.S.), Doctor of Dental Medicine (D.M.D.), Doctor of Optometry (O.D.), Doctor of Podiatry (D.P.M.) or Doctor of Chiropractic Medicine (D.C.). The Covered Recipient list was expanded in January 2021 to include five new provider types: physician assistants, nurse practitioners, clinical nurse specialists, certified registered nurse anesthetists & anesthesiologist assistants, and certified nurse-midwives. Health care providers who practice either in collaboration with or under the supervision of a physician, including physician assistants, nurse practitioners, and clinical nurse specialists, are referred to as non-physician practitioners (NPPs).I.
Every year, CMS publishes a list of teaching hospitals identified as reportable “Covered Recipients.” The teaching hospital list contains all hospitals that CMS has recorded as receiving a payment(s) under a Medicare direct GME, IPPS IME, or psychiatric hospital IME programs during the latest full fiscal year for which such information is available to CMS.
Examples of payment or transfers of value include:
Meals provided to physicians during medically relevant discussions and presentations;
Meals and/or travel accommodations provided for a product training and education event;
Travel and lodging associated with a product training and education event;
Consulting fees and related expenses paid to physicians;
Educational Grants and other payments to teaching hospitals;
Educational materials, such as journal reprints and textbooks; and
Royalties and licenses fees.
If you have any questions about the Sunshine Act, Open Payments or published data, please email firstname.lastname@example.org or call +1.800.527.0404 and request to speak with a member of our Compliance team.
HIPAA stands for the Health Insurance Portability and Accountability Act. This law was passed in 1996 in order to protect individual’s Protected Health Information (PHI) from impermissible uses and disclosures by Covered Entities and their Business Associates.
PHI (Protected Health Information) means any information, whether oral or recorded, in any form or medium that is created by a health plan, a health care provider, or a health care clearinghouse that relates to the past, present or future physical or mental health of an individual, including the provision of and payment for health care, that either identifies the individual or provides a reasonable basis for such identification.
Yes. HIPAA applies to all Covered Entities and their Business Associates. Covered Entities include healthcare providers, healthcare plans and billing clearinghouses. Since Orthofix is defined as a healthcare provider, it is considered a Covered Entity under HIPAA and must comply with all HIPAA requirements.
A Business Associate is a person or entity that performs certain functions or activities on behalf of a Covered Entity. Business Associate services include, but are not limited to: legal, actuarial, accounting, consulting, data aggregation, management, administrative, accreditation, and financial.
The HIPAA Privacy Rule explicitly excludes from the Business Associate requirements disclosures by a Covered Entity to a healthcare provider for treatment purposes. Therefore, Orthofix may share PHI with other healthcare providers for treatment purposes without a Business Associate Agreement (BAA). Other healthcare providers such as hospitals and physician offices frequently request Orthofix to sign their BAAs. In most instances, Orthofix does not sign these BAAs due to the reasons explained above. Please forward all such requests to the Privacy Officer so that the requestor can be contacted to explain Orthofix’s position.
Covered Entities are not permitted to simply abandon PHI or dispose of it in containers that are accessible by the public or other unauthorized persons. Examples of proper disposal methods may include, but are not limited to:
For PHI in paper records, shredding, burning, pulping, or pulverizing the records so that PHI is rendered essentially unreadable, indecipherable, and otherwise cannot be reconstructed.
For PHI on electronic media, clearing (using software or hardware products to overwrite media with non-sensitive data), purging (degaussing or exposing the media to a strong magnetic field in order to disrupt the recorded magnetic domains), or destroying the media (disintegration, pulverization, melting, incinerating, or shredding).
Impermissible Uses and Disclosures – e.g., using patient data to commit fraud
Lack of Safeguards – e.g., allowing visitors entry into workplace without sign-in
Failure to Provide Access – e.g., denying patients the ability to access their records
More than Minimum Necessary – e.g., ability to access PHI without work-related reason
Lack of Administrative Safeguards of PHI – e.g., coworkers sharing login information
If you have any questions about HIPAA, please email Privacy@orthofix.com or call +1.800.527.0404 and request to speak with a member of our Compliance team.