Check out our most recent article featured in FDLI >

compliance lawyer explains document | Kendall PC
By: Kendall PC
July 29, 2022

What Is Compliance?

The term “compliance” describes the process of ensuring your organization adheres to applicable laws, regulations, and standards. Compliance programs can protect a company’s reputation and help prevent and protect against government inquiries and investigations, lawsuits, and regulatory fines. In addition to protection, a compliance program can assist an organization in defining its expectations, ensuring that employees have the tools to understand and operate compliantly while also furthering the achievement of the organization’s goals and initiatives.  

The drivers and demands of compliance can vary between different industries. In highly regulated industries, such as pharmaceuticals, tobacco, medical device, insurance, and banking; compliance becomes a very large part of day-to-day operations and is necessary to have both an effective and permissible business.  On the other hand, for businesses in fairly unregulated industries, compliance programs may be minimal.

The corporate compliance attorneys at Kendall PC have decades of experience helping clients throughout the business lifecycle meet the evolving and oftentimes conflicting expectations of regulatory and enforcement agencies. We work with companies of all sizes to determine the appropriate compliance standards and actions to take in light of the business’s risks, objectives, and practices.

What Is Compliance In Highly Regulated Industries?

Compliance requirements vary from industry to industry. Below are examples of compliance concerns in a number of highly regulated industries.

Pharmaceutical, Biotechnology, and Medical Device Compliance

Both nationally and globally, the pharmaceutical, biotechnology, and medical device industries have and continue to undergo a period of heightened regulatory and government scrutiny. Areas that have been of particular concern to governments at all levels over the past 10 years include clinical operations, manufacturing, patient privacy, government drug price reporting, sales and marketing practices, and drug safety reporting.

Within the U.S., drugs, medical devices, and biologics products are regulated at the federal level primarily through the U.S. Department of Health and Human Services (HHS). The two departments within HHS that are generally most involved in the regulatory oversight of such industries and products are the U.S. Food and Drug Administration (FDA) and the Centers for Medicare & Medicaid Services (CMS). Each of these agencies enforces laws and regulations and develops guidances that touch upon nearly every facet of these industries, including but not limited to, those concerning the Federal Food Drug and Cosmetic Act (FDCA) and the federal health care programs such as Medicare and Medicaid. 

While membership within these two professional organizations is voluntary, the PhRMA Code and Advamed Code establish additional compliance requirements for companies within the pharmaceutical and medical technologies sectors. Both Codes are designed to promote ethical relationships between health care professionals (HCPs) and the pharmaceutical and medical device industries, respectively. Although compliance with these codes is not law on its face, compliance with the PhRMA Code is legally required in certain states. For example, California, Nevada, Massachusetts, Connecticut, and the District of Columbia have adopted or incorporated the PhRMA Code into their statutes or regulations.

Digital Health Compliance

In recent years, the use of digital health has significantly increased to deliver healthcare. The demand by patients to take more control of their health and well-being is being met by the launches of new healthcare-related innovative tools and technologies. Like many industries that experience rapid growth and innovation, the digital health sector faces a complex and shifting set of laws and regulations. 

Some of the key considerations that the digital health industry must consider involve:

  • Telehealth-related laws and regulations: In response to the Covid-19 pandemic, federal and state authorities created a patchwork of temporary waivers, executive orders, and regulations to swiftly expand access to telehealth services. These changes will impact the way providers and patients utilize telehealth services moving forward and affect scopes and modes of practice, as well as reimbursement matters.  Insurance companies have been reluctant to pay for telehealth services prior to the pandemic but there appears to be a shift happening with telehealth becoming more accepted by insurers, particularly because of its necessity during the pandemic.
  • FDA regulations: Companies in wellness or therapeutic and diagnostic spaces must vigilantly monitor the FDA’s evolving regulations on the digital health industry.
  • Privacy and cybersecurity: Cyber threats are constantly evolving and becoming more sophisticated, finding new ways to attack even the most prepared companies. It is business-crucial for digital health companies to focus on analyzing and reducing cyber risks. 
  • Fraud and abuse: The U.S. Department of Health & Human Services (HHS) Office of Inspector General (OIG) audits digital health companies to ensure compliance with Medicare and Medicaid coding and documentation requirements.
  • Antitrust issues: Digital health companies find themselves at the center of two highly regulated (and investigated) industries: technology and healthcare. Companies in this industry must carefully analyze potential antitrust issues.

The digital health landscape will continue to evolve, both in the digital tools and products it offers as well as the regulatory scrutiny that it receives. Laws and policies will continue to attempt to keep pace with this innovative industry to ensure treatment efficacy and patient safety.

Cannabis Compliance

Compliance is a key concern for companies in the recreational and medical cannabis industries, including businesses that sell, produce, or grow CBD or hemp products. Commercial cannabis’ regulatory compliance landscape requires constant analysis and refinement of business practices to ensure adherence with industry developments. Because the cannabis industry is subject to a myriad of nuanced laws, cannabis businesses must proactively mitigate risks in order to survive. They should have effective compliance programs, including quality control initiatives and monitoring directives to ensure their operations are aligned with applicable laws and regulations.

Key concerns in the cannabis industry:

  • State cannabis commissions and control boards 
  • State health agencies
  • Banking
  • Licensing
  • Inspections
  • Intellectual property and management of trade secrets
  • Corruption, fraud, and racketeering issues
  • Patient and customer privacy and data protection concerns
  • Public safety, security, and enforcement considerations
  • Advertising, labeling, and packaging laws and regulations

Although marijuana is legal in many states in some capacity, it is still classified as a Schedule I drug and illegal under the Federal Controlled Substances Act (CSA). This is an uncertain time in the cannabis space. It is important for business owners to consult with knowledgeable cannabis compliance attorneys to achieve and maintain compliance in today’s industry.

Food, Beverage, and Dietary Supplement

The food, beverage, and dietary supplement industries are overseen by several state and federal agencies including the Federal Trade Commission, the  U.S. Department of Agriculture (USDA), and the FDA. These industries are subject to many regulatory issues, including FDA regulations and proposals and challenges to the Food Safety and Modernization Act.

Businesses operating in these industries must be aware of and comply with several laws, regulations, and industry best practices.  Notable areas include: 

  • Manufacturing processes and procedures 
  • Export and import matters
  • Recall, correction, removal, and supply chain processes and procedures
  • Warning Letters/Letters of Inquiry from a regulatory body or governmental agency
  • Facility registration(s) and inspection(s)
  • U.S. FDA compliance matters
  • Environmental compliance
  • Corporate compliance 
  • Retailer and distributor compliance 
  • Product labeling, packaging, and warning(s) 
  • Food biotechnology and nanotechnology assessments
  • New dietary ingredient analyses
  • Generally Recognized as Safe (GRAS) determinations
  • Food and color additive approvals
  • Pre-and post-market applications 
  • Regulatory category and related health benefit claim assessments for conventional food, dietary supplement, medical food, or food for special dietary use products 


Passed by Congress in 2009, the Family Smoking Prevention and Tobacco Control Act (TCA) gives the FDA comprehensive control over tobacco products sold in the U.S.  FDA closely monitors manufacturer, retailer, importer, and distributor compliance with Federal tobacco laws and regulations and takes corrective action when violations occur.  Indeed, FDA inspects tobacco product retailers to determine a retailer’s compliance with federal laws and regulations which includes the TCA as well as the FDCA.  Notably, in December 2019, President Biden signed into legislation an amendment to the FDCA that raises the federal minimum age for the sale of tobacco products from 18 to 21 years.  Since this amendment, it is now illegal for a retailer to sell any tobacco product, including cigarettes, e-cigarettes, and cigars – to anyone under the age of 21.

Today, whether you manufacture or distribute tobacco products, companies in the modern tobacco sector face a multitude of regulatory challenges. In this environment of elevated political and social pressures, tobacco companies must work diligently to ensure state and federal corporate, environmental, regulatory, and FDA compliance.

Experienced tobacco compliance attorneys offer strategic guidance on a range of tobacco-related matters, including: 

  • State and Federal laws and regulations
  • Manufacturing processes and procedures 
  • Export and import matters
  • Civil Money Penalty Complaints (CMP)
  • Recall, correction, removal, and supply chain processes and procedures
  • Responding to Warning Letters and/or Letters of Inquiry
  • Facility inspections/registration(s) 
  • U.S. FDA compliance matters
  • Undercover Buy Inspections
  • Environmental compliance
  • Corporate compliance matters
  • Tax laws
  • Retailer and distributor compliance 
  • Notice of Compliance Check Inspection (CCI)
  • No Tobacco Sales Order(s)
  • Product labeling, packaging, and warnings 


In today’s highly regulated environment, where ethics, governance, and risk management are top priorities, energy and utility companies are under increased scrutiny by regulators such as the Federal Energy Regulatory Commission, Nuclear Regulatory Commission, and Department of Energy. Energy non-compliance can result in steep fines.  Areas of interest include but are not limited to the submission of energy data to appropriate agencies including EPA, as applicable, and energy code compliance.

Energy companies must comply with ever-changing local, regional, state, federal, and global regulations, laws, and best practices. Energy companies are expected to proactively stay on top of standards of conduct and maintain numerous documents for auditing and reporting. Increased corporate risk management and compliance initiatives are expected to continue to become more complicated in the future.

Contact a Compliance Lawyer Today

Learn how a compliance lawyer can help your business. Contact Kendall PC today online or at (484) 414-4093 to learn more about our services. We proudly serve clients throughout the United States and across the globe.

  • shield

    We guarantee 100% privacy.
    Your information will not be shared.

  • This field is for validation purposes and should be left unchanged.