Featured image

How company principles and values make compliance simple

What you'll learn on this podcast episode

What is the most effective way to help employees make ethical and compliant decisions regardless of the different situations they face? Should they consult a lengthy list of rules and try to find one that fits the situation? Or can they be trusted to apply critical principles that embed company values? In this episode of the Principled Podcast, host Susan Divers talks with Dana McMahon, the vice president and chief compliance officer of Stryker, about how her team works to empower and help its employees live the medical device company’s mission and values. Their secret? Simplicity.  

Where to stream

Be sure to subscribe to the Principled Podcast wherever you get your podcasts.

Listen on Apple Pocasts Listen on Spotify Listen on Audible Listen on Google Podcasts_@2x Listen on TuneIn

Listen on Amazon Music Listen on iHeart Radio Listen on Podyssey Listen on Listen notes Listen on PlayerFM


Guest: Dana McMahon


Dana McMahon leads global compliance, privacy, and enterprise risk at Stryker. Prior to her current role, Dana served as Chief Legal Counsel and led a global legal and compliance team advising on regulatory and quality, manufacturing and supply, technology and cybersecurity, commercial and government contracting, and privacy.

Dana has 20 years of experience in the life sciences industry. She joined Stryker in 2017 from Novo Nordisk, where she served as Assistant General Counsel. During her 14-year career at Novo Nordisk, Dana held several positions of escalating responsibility within the legal team, overseeing support to the commercial, regulatory, clinical, medical affairs, compliance, and government affairs organizations. Dana has worked extensively on matters related to product development and commercialization, market access and compliance. Previously, Dana worked in private practice at O’Melveny in New York City.

Dana received her law degree from New York University School of Law and her bachelor’s degree from Hamilton College.


Host: Susan Divers


Susan Divers is the director of thought leadership and best practices with LRN Corporation. She brings 30+ years’ accomplishments and experience in the ethics and compliance arena to LRN clients and colleagues. This expertise includes building state-of-the-art compliance programs infused with values, designing user-friendly means of engaging and informing employees, fostering an embedded culture of compliance, and sharing substantial subject matter expertise in anti-corruption, export controls, sanctions, and other key areas of compliance.

Prior to joining LRN, Mrs. Divers served as AECOM’s Assistant General for Global Ethics & Compliance and Chief Ethics & Compliance Officer. Under her leadership, AECOM’s ethics and compliance program garnered six external awards in recognition of its effectiveness and Mrs. Divers’ thought leadership in the ethics field. In 2011, Mrs. Divers received the AECOM CEO Award of Excellence, which recognized her work in advancing the company’s ethics and compliance program.

Before joining AECOM, she worked at SAIC and Lockheed Martin in the international compliance area. Prior to that, she was a partner with the DC office of Sonnenschein, Nath & Rosenthal. She also spent four years in London and is qualified as a Solicitor to the High Court of England and Wales, practicing in the international arena with the law firms of Theodore Goddard & Co. and Herbert Smith & Co. She also served as an attorney in the Office of the Legal Advisor at the Department of State and was a member of the U.S. delegation to the UN working on the first anti-corruption multilateral treaty initiative. 

Mrs. Divers is a member of the DC Bar and a graduate of Trinity College, Washington D.C. and of the National Law Center of George Washington University. In 2011, 2012, 2013 and 2014 Ethisphere Magazine listed her as one the “Attorneys Who Matter” in the ethics & compliance area. She is a member of the Advisory Boards of the Rutgers University Center for Ethical Behavior and served as a member of the Board of Directors for the Institute for Practical Training from 2005-2008. She resides in Northern Virginia and is a frequent speaker, writer and commentator on ethics and compliance topics.

Principled Podcast transcription

Intro:  Welcome to the Principled Podcast, brought to you by LRN. The Principled Podcast brings together the collective wisdom on ethics, business and compliance, transformative stories of leadership and inspiring workplace culture. Listen in to discover valuable strategies from our community of business leaders and workplace change-makers.

Susan Divers: What is the most effective way to help employees make ethical and compliant decisions in all the different situations that they might face? Should they consult a lengthy list of rules and try to find one that fits the situation? Or can they be trusted to apply critical principles that embed company values? Hello, and welcome to another episode of LRN's Principled podcast. I'm your host, Susan Frank Divers, director of thought and best practices, and today I'm delighted to be joined by Dana McMahon, the Vice President and Chief Compliance Officer of Stryker, a leading global medical device company with headquarters in Michigan. We're going to be talking about Stryker's approach to empowering and helping its employees live the company's mission and values. Dana has more than 15 years of leadership experience in the legal and regulatory area for life science companies. LRN has had the pleasure of working with Dana and her team, and we've been consistently impressed with their focus on helping employees do the right thing in real time using a principle-based approach and providing accessible, relevant tools and resources. Dana, welcome and thanks for coming on Principled Podcast. 

Dana McMahon: Thanks for having me. 

Susan Divers: It's my pleasure. So, Dana, in getting to know your program and your team, I've been really struck by your focus on respecting employees and extending trust to them to make the right choices consistent with Stryker's mission and values rather than using layers of rules as the basis for your ENC program. Can you tell us about this approach and what it looks like in practice for Stryker? 

Dana McMahon: Sure. What we've been focusing on is getting to the core principles. It's so difficult to have rules that cover every potential situation and working in healthcare, it's a really complex environment, and our employees are interacting with customers and interacting with suppliers day in, day out. And so really getting them to own and believe in those core set of principles that they can always fall back on, helps them move faster, go with their gut a little bit more, and really embrace the way that they work day in, day out, again, without having to think about every possible situation that could come up and teach rules according to all of those different situations. So I think what employees like about it is it a little bit more simple, but it also requires them to engage in decision making and take accountability for their decisions. And of course, their partners, the compliance team, their HR business partner, their legal partners, everyone is here to help and support them, their managers as well. But again, it's really about being driven by those principles and being accountable for decisions. 

Susan Divers: Yeah. I'm really struck by your insight in that area and the way you've carried it off in practice. I was reading a 2022 white paper from Transparency International UK called Values Added, that notes that values allow for, "The implementation of a more dynamic anti-corruption approach, which is agile in the face of changing business objectives." Your approach, as I understand it, emphasizes that risks and challenges are not static and that situations can change quickly. Can you give us some examples of how you've structured your compliance program to meet this challenge and how have the business partners reacted to it? 

Dana McMahon: Absolutely. Our program in the past was a little bit more static, and what we've done over the last couple of years is built up a more dynamic risk assessment process. So at every local business unit and local division, and at every country, the business is working together with compliance officers and other partners to annually assess the risks that they're facing right now. And that's based on internal data from monitoring, from investigations that may have happened, from business strategy, where's the business going, what decisions are they taking? Has their approach to the market changed? And then external factors, what's happening from an external enforcement environment in similar fields with similar products or in similar regions. And then looking at that and really saying, okay, based on where we're going as an organization, these are the risks we feel like we're going to be faced with today, over the next 12 months, maybe over the next 18 months. 

And then building practical plans to mitigate the prioritized risks. So not every risk, but really the prioritized risk, the ones that can really derail Stryker, create reputational damage or other harm. And so that process allows us to say, okay, this is what we're going after today, and these are the solutions we can employ to really help us get ahead and help us support the business to get where they're going. So these aren't theoretical risks. They're not risks that the business is likely not to face. So it's not a cookie cutter approach where you're saying, okay, what's happening in a business on the West Coast in neurovascular is the same thing that's happening in our trauma and extremities business in Africa, right? You're really looking at what is potentially happening here and now, and how can we set up people for success? 

Susan Divers: That's a very dynamic approach, and it reminds me that the Department of Justice 2020 Guidance talks about the importance of not letting your risk assessment and your compliance program become a snapshot in time. And I think you've just described perfectly how not to do that and how to really make sure that it sounds like you're very focused on getting the voice of your business partners and their input into determining what risks are real and what the priorities are and how you're going to mitigate them. Another notable feature of your program is something that you mentioned before, and it's something that I've been happy to work with you on, and that's your focus on simplicity, that again, rather than having a very elaborate series of rules which can take people, I speak from experience when I've been at companies an hour to find the answer. 

You really focus on principles, and that's not an approach that many lawyers embrace, speaking as one to another, but it's consistent with your respect for employees and avoiding lecturing and hectoring. Can you talk about this focus and how you've implemented it? I know some companies have really struggled in this area, and then let's talk about how the employees have reacted and how the legal department embraced it in the end. 

Dana McMahon: I'm happy to talk about it. So in focusing on the principles, it's really about winning hearts and minds. So for example, in the healthcare space, we care a lot about potential kickback situations, but rather than talk about we don't give things of value to healthcare professionals because of possible violations of the anti-kickback statute and subsequent penalties, right, what we talk about is why it's meaningful. We need to respect the independent judgment of healthcare professionals and the treatments that they use for their patients. If you were having surgery or your family member or friend was having surgery, you would want your healthcare professional to choose the best products for you as their patient and not choose products because of an affiliation that they may have or a consultant arrangement that they may have with a manufacturing company. 

So it's really about what are we doing and why are we doing it? We want to impact healthcare. Our mission is together with our customers, we make healthcare better and that's what we're about. And so the compliance program really is just part and parcel of that mission and of our values. And so when you talk about the principles in those ways, it is so much easier to get employees on board with what we're trying to achieve. 

Susan Divers: I've seen that obviously in the work we've been doing with you on policies, but I know it extends to other areas of your compliance program. Can you give us some further examples of how that principle of simplicity is reflected? 

Dana McMahon: Another place where that came to life was we wanted to do an ethics and integrity survey for the first time to really understand how employees at Stryker feel about our culture of ethics and integrity. And what came through very strongly in that was a correlation between the frequency with which managers and leaders talk about integrity and how employees feel about the ethical culture at Stryker. So that was just such a simple message, and again, rather than bring in a lot of data and a lot of studies, what we did was point our leaders to this result and really show them, Hey, by bringing in this discussion, bring up this discussion in your regular business meetings once a quarter or once a month, you can really change the perception of employees. And it's not just about ethics and integrity, it's about culture. 

And so we tried to make it simple so they don't have to think always in silos about DE&I, and about employee wellbeing, and about the compliance program, and about legal rules, but rather think about we're looking to create a culture where everyone can be their best selves at work, raise their ideas, whether it's innovation, raise their concerns, share their perspective, and ultimately win together. So that simplicity is how do we connect the dots across a lot of different initiatives that different groups are trying to achieve on behalf of Stryker and really come together and say, Hey, we want to create a culture where everyone can thrive. And that has so many benefits, including creating a culture where ethics and integrity is day in and day out a part of how we do our work. 

Susan Divers: I love that example because it is so simple, and as you said, you didn't have to bring in a lot of complicated data, but really asking leaders to talk about your values and your mission. And in our research we see that ethical culture is very strongly influenced by those kinds of gestures and engagement. And certainly during the pandemic, we saw that too. Before we leave simplicity though, I do have to ask you, did you have to overcome objections from the legal department or other departments because people get used to having very complex policies or very convoluted procedures or long, long questionnaires or whatever. What was your experience there? And if you did have to overcome any objections, how did you do it? 

Dana McMahon: That's a great question. There wasn't a lot of pushback. There were questions around what do you mean by a principals based policy or principal based communication and training? But once we were able to provide some samples of what we meant, and there were some really good examples out there, we looked to Novartis's new code of conduct, for example, folks quickly gravitated toward it and really liked the idea of the simplicity and liked the idea of empowering employees. We had to do some convincing along the way. I think there were folks who were a little bit reticent to let go of the very dense rule-based policies that had been created or rule-based guidances, but it was a little bit easier than I thought it would be. 

Susan Divers: Well, that's good news, and it speaks volumes about your culture, that people are open to change in innovation, particularly change in innovation that's values based. So talking a little bit more about the power of values versus rules, I have had many conversations about that over the years at LRN, and some people see it as an either or choice, that you're either relying on rules or you're relying on values. And at LRN, we sometimes compare rules to the human skeleton and values to the heart and blood to use a medical analogy. How do you think about that in light of all that you've accomplished and how do you balance the two in your program? 

Dana McMahon: I think you're right that the values are the heart and blood. I almost think about rules as sort of sitting in the middle and then the principles are values sitting above that, that really set the direction of where we're going. And then I think more critical than the rules that in the middle is the practical guidance that sits below the rules. So we have the principles that provide that vision for how we act and how we move forward, and then the practical guidance that really helps us navigate the rules of the road. And I think both of those things are much more critically important than the rules themselves. 

Susan Divers: Yeah, I think that's a very good answer. And I know in your code of conduct, your new code, I think you've done an excellent job of really illustrating what you mean by that. And it also, again, ties back to your respect for employees and assuming that if you help them put values in action, then they will do that. So this has obviously been a big accomplishment and a whole sort of refresh and reorientation of your program. Looking at other people who were thinking about beginning this journey in the ENC area, particularly those in highly regulated industries like the medical device industry, what are your list of be sure to do this and maybe don't do that, or what's your best advice for them as they contemplate this type of journey? 

Dana McMahon: I think the best advice is to really know your organization and what's going to work. So we did a ton of stakeholder interviews and had discussions at the leadership level, at the manufacturing floor level, all the way in between to really get it right. We wanted to create something that was going to be useful to all employees, wherever they sit within the world, wherever they sit within the organization. And having that touchpoint and engagement with employees to really understand what was going to work was critical, and then bringing folks along on the journey. So we had close to a 100 subject matter experts and individuals providing input, but then we had almost 200 change champions who really supported the, I would say, marketing communications campaign around the launch of the code of conduct and getting the excitement and engagement and interaction around it. So I think that was the most critical piece in terms of success, because otherwise, regardless of how much work you put into it, you're just still left with words on paper. 

And in addition to that, we really wanted it to look and feel like Stryker, and we went the distance there. We were able to use a lot of images of our actual employees, and we pushed that because it made it a little bit more complicated to get the releases and so on and so forth. But at the end of the day, we have a product that sounds like Stryker, looks like Stryker, feels like Stryker is embraced by Stryker. So that's been really exciting. And I think those were the biggest learnings for us in terms of how to go about this. 

And then I think it's a level of patience. So what not to do. Don't get too easily discouraged. It's a big project. It was a bigger project than I anticipated it would be. For it to be done right. It takes time and a level of thoughtfulness. And so in the end, it's really been worth it. The feedback, the reception has been wonderful. So just going the distance and not getting discouraged and really treating it like a product launch. That's what our CEO said when I just saw him at a recent sales meeting and we had great signage and excitement and photo booths, and his feedback to me was like, wow, this really feels like a product launch. It's exciting. 

Susan Divers: That is exciting. And what's so impressive to me is how the company treated an ethics and compliance initiative as important and put significant effort and resources into it the same way they would a product launch. I mean, that's really operationalizing your program and obviously it was very successful. Dana, thank you for that very inspiring description of the shifts you've made in your program and how you've oriented it very strongly towards values. Clearly, this is a conversation we could be having all day, but we're out of time for today. Dana, thank you so much for joining me on this episode. 

Dana McMahon: Thanks for having me. I was excited to join. 

Susan Divers: My name is Susan Frank Divers, and I want to thank you all for listening to the Principled Podcast by LRN. 

Outro: We hope you enjoyed this episode. The Principled podcast is brought to you by LRN. At LRN, our mission is to inspire principled performance and global organizations by helping them foster winning ethical cultures rooted in sustainable values. Please visit us at lrn.com to learn more. And if you enjoyed this episode, subscribe to our podcast on Apple Podcasts, Stitcher, Google Podcasts, or wherever you listen. And don't forget to leave us a review.

Be sure to subscribe to the Principled Podcast wherever you get your podcasts.

Listen on Apple Pocasts Listen on Spotify Listen on Stitcher Listen on Audible Listen on Google Podcasts Listen on TuneIn

Listen on Amazon Music Listen on iHeart Radio Listen on Podyssey Listen on Listen notes Listen on PlayerFM