Compliance and integrity

Rigorous compliance. Ethical behavior.

As an independent, public charity with a critical, life-saving mission, the Patient Access Network Foundation™ is committed to meeting the highest standards of compliance, integrity, and operational excellence.

Independent charitable patient assistance foundations—like PAN—have long been recognized by the U.S. government for their role in providing a critical safety net for patients on Medicare and commercial insurance who are living with life-threatening, chronic, and rare diseases.

To provide financial assistance to patients in a compliant and ethical way, charitable foundations must adhere to local, state, and federal laws, regulations, and government guidance—including but not limited to the U.S. Department of Health and Human Services Office of Inspector General (OIG) Advisory Opinions and the federal Anti-Kickback Statute.

Rigorous compliance and ethical behavior are foundational to who we are and how we operate as an organization.

Kevin L. Hagan, President and CEO, PAN Foundation

Our commitment to compliance is reinforced and upheld by our Board of Directors, who provide critical oversight of PAN’s compliance initiatives and operations.

PAN also continues to invest in best-in-class operational safeguards and processes—allowing us to quickly deliver financial assistance to thousands of seriously ill patients across all 50 states and U.S. territories so they can stay on their lifesaving and life-extending medications.

PAN’s Code of Conduct and Ethics

As part of our organizational commitment to operating in a compliant and ethical manner, PAN follows a Code of Conduct and Ethics and maintains a rigorous Compliance Program. This ensures we are adhering to all applicable federal and state laws, regulations, and government guidelines and serving as a model of ethical behavior among charitable foundations.

Our Code of Conduct and Ethics helps us put our organizational values into practice and ensures that we uphold our compliance commitment in today’s complex healthcare environment. The Code of Conduct and Ethics is also designed to provide general guidance, supplement PAN’s policies and procedures, and serve as the groundwork of our Compliance Program. 

PAN’s Compliance Program

PAN operates under an OIG issued Advisory Opinion (as modified) and our Compliance Program incorporates the seven key elements outlined in OIG’s Compliance Program Guidance as necessary for an effective program.

Compliance oversight from the Board of Directors

PAN’s Board of Directors is deeply committed to ensuring that we meet and exceed compliance with all legal and regulatory requirements. The Board of Directors’ Audit Risk Oversight and Compliance Committee (AROCC) is responsible for overseeing the Compliance Program, an annual risk assessment process, internal audits, and internal controls to mitigate risk. The AROCC Committee meets four times per year outside of regular Board meetings to review and assess the Compliance Program.

Compliance leadership

PAN’s Compliance Program is overseen and implemented by PAN’s Compliance Office, led by PAN’s Chief Compliance and Privacy Officer, Mia Harmon, and two full-time compliance staff. Through an Executive Compliance Committee that meets regularly, PAN’s leadership team ensures compliance remains a top priority at every level of the organization by discussing potential risks and mitigation strategies. In addition, all staff must complete extensive compliance training when they first join PAN and then regularly throughout the year.

I am committed to ensuring PAN continues to be the gold standard when it comes to compliance and privacy.

Mia Harmon, Chief Compliance and Privacy Officer, PAN Foundation

PAN’s operational safeguards

In addition to our Compliance Program, PAN also implements key internal safeguards to ensure we are operating in accordance with any and all guidelines and advisory opinions issued by the OIG and meeting the highest standards of excellence in our operations. Specifically, PAN has robust operational safeguards in place related to the following key domains, of which are just a few examples:

  • Working with a subcommittee of its Board of Directors comprised of clinicians, PAN maintains an independent and standardized process of identifying, establishing, and modifying its disease funds based on patient need.

    PAN works with medical and pharmacy experts with oversight from the Board of Directors to define its disease funds in accordance with ICD-10 codes and review ICD-10 codes and medication formularies for all disease funds on a regular basis.

  • PAN sets eligibility requirements based on objective and uniform measures of patient need that are reviewed and approved by a subcommittee of its Board of Directors.

    PAN prohibits donors from providing lists of patients who need assistance or batch processing of enrollments and requires that each patient go through the standardized application process. In addition, when a wait listed disease fund is re-opened for enrollments, individuals on the wait list are given the opportunity to apply before the general public, in the order they were placed on the wait list.

  • PAN develops quarterly demand models for each covered disease state to analyze and project patient need and request the same amounts from each donor for a disease fund based on those demand models.

    PAN proactively shares information about total demand for disease funds, including the methodology used for determining patient need, in accordance with all laws, regulations, and policies.

    PAN only accepts donations to an entire disease fund and prohibits any special demarcation of a donation.

  • PAN creates standardized formularies for each disease fund that contains all prescription medications, including generic or bioequivalent drugs that are FDA-approved, listed in official compendia, or published in evidence-based or clinical guidelines for a diagnosis that qualifies a patient for the assistance program.

    PAN maintains comprehensive standard operating procedures and policies that detail the process of creating, reviewing, and approving formularies and monitoring and updating formularies on a regular basis for all disease funds.

    If the FDA has approved only a single drug, or only drugs marketed by a single manufacturer or its affiliates, for a given disease fund, PAN will provide support for other medical needs of patients with the disease, in addition to copayment support for the FDA-approved treatment of the disease. In these cases, PAN’s formulary will cover all drugs used to treat the symptoms of the disease, including treatment of side effects.

  • PAN provides donors with communications guidelines that outline information that can and cannot be shared and conducts internal trainings to safeguard patient and donor identities and information.

    PAN operates a comprehensive annual audit program working with a third-party auditor to conduct annual risk assessments, donor audits, financial audits, and program audits.

  • PAN meets all IRS requirements needed to be a public charity and maintains rigorous policies and standard operating procedures to ensure strong internal controls over the organization’s financial stewardship.

  • PAN implements training, user management policies, and standard operating procedures to ensure all personal health information data is kept secure, including setting appropriate encryption as needed.

    PAN maintains business continuity and contingency plans in the event of unexpected outages and conducts annual vulnerability scans to identify areas for improvement within its information technology systems.

Through these, and other, operational safeguards and programs, PAN aims to connect thousands of underinsured people each year with the support they need and deserve.

Value to our patients and donors

PAN’s robust Compliance Program and operational safeguards provide both patients and donors peace-of-mind that we are operating in full compliance of our legal, ethical, and fiduciary obligations. All PAN employees, contractors, and other key stakeholders are encouraged to report any compliance related concerns or issues immediately through our confidential Compliance Hotline. PAN also operates under a non-retaliation policy and takes any reports of fraud, waste, or abuse seriously.

How to anonymously report a concern

The compliance hotline is a confidential and anonymous way to report concerns. There are five ways you can report concerns through the compliance hotline.  

  • Phone: Call 877-210-0006 to speak with an independent operator.
  • Third-party website: Use the Lighthouse Services website to submit a concern.  
  • Email: Email a concern to Please include the PAN Foundation as the company name with your report. 
  • Fax: Fax your report to 215-689-3885 (please include the PAN Foundation as the company name with your report). 
  • Smartphone app: Download the Anonymous Reporting app, available in the Apple Store and Google Play Store, to report a concern. On the app, use the keyword panfoundation to save and submit your report. If you need help navigating the app, reference these instructions to submit or follow up on a report. 

No retaliation

It is imperative that all PAN stakeholders feel comfortable and confident to share concerns without fear of retaliation. We do not tolerate retaliation of any kind and adhere to a non-retaliation policy to protect people who report concerns or compliance issues to management, the Chief Compliance and Privacy Officer, or the compliance hotline.

Other compliance-related resources