Reports and guidance documents; availability, etc.: Nursing facilities; compliance program guidance,
[Federal Register: October 29, 1999 (Volume 64, Number 209)]
[Notices]
[Page 58419-58435]
From the Federal Register Online via GPO Access [wais.access.gpo.gov]
[DOCID:fr29oc99-96]
DEPARTMENT OF HEALTH AND HUMAN SERVICES
Office of Inspector General
Draft OIG Compliance Program Guidance for Nursing Facilities
AGENCY: Office of Inspector General (OIG), HHS.
ACTION: Notice and comment period.
SUMMARY: This Federal Register notice seeks the comments of interested parties on draft compliance guidance developed by the Office of Inspector General (OIG) for nursing facilities. Through this notice, the OIG is setting forth its general views on the value and fundamental principles of nursing facilities' compliance programs, and the specific elements that nursing facilities should consider when developing and implementing an effective compliance program.
DATE: To assure consideration, comments must be delivered to the
[[Page 58420]]
address provided below by no later than 5 p.m. on November 29, 1999.
ADDRESSES: Please mail or deliver written comments to the following address: Office of Inspector General, Department of Health and Human Services, Attention: OIG-5P-CPG, Room 5246, Cohen Building, 330 Independence Avenue, SW, Washington, DC 20201.
We do not accept comments by facsimile (FAX) transmissions. In commenting, please refer to file code OIG-5P-CPG. Comments received timely will be available for public inspection as they are received, generally beginning approximately 2 weeks after publication a document, in Room 5541 of the Office of Inspector General at 330 Independence Avenue SW., Washington, DC 20201 on Monday through Friday of each week from 8:00 a.m. to 4:30 p.m.
FOR FURTHER INFORMATION CONTACT: Lewis Morris, Office of Counsel to the Inspector General, (202) 619-2078.
SUPPLEMENTARY INFORMATION:
Background
The creation of compliance program guidance is a major initiative of the OIG in its effort to engage the private health care community in combating fraud and abuse. In the last several years, the OIG has developed and issued compliance program guidance directed at the following segments of the health care industry: the hospital industry; home health agencies; clinical laboratories; third-party medical billing companies; the durable medical equipment, prosthetics, orthotics and supply industry; and hospices. The development of these types of compliance program guidance is based on our belief that a health care provider can use internal controls to more efficiently monitor adherence to applicable statutes, regulations and program requirements.
Copies of these compliance program guidances can be found on the OIG website at http://www.hhs.gov/oig.
Developing Draft Compliance Program Guidance for Nursing Facilities
On December 18, 1998, the OIG published a solicitation notice seeking information and recommendations for developing formal guidance for nursing facilities (63 FR 70137). In response to that solicitation notice, the OIG received 16 comments from various outside sources. In developing this notice for formal public comment, we have considered those comments, as well as previous OIG publications, such as other compliance program guidances and Special Fraud Alerts. In addition, we have also taken into account past and recent fraud investigations conducted by the OIG's Office of Investigations and the Department of Justice, and have consulted with the Health Care Financing Administration.
This draft guidance for nursing facilities contains seven elements that the OIG has determined are fundamental to an effective compliance program:
‹bullet› Implementing written policies;
‹bullet› Designating a compliance officer and compliance committee;
‹bullet› Conducting effective training and education;
‹bullet› Developing effective lines of communication;
‹bullet› Conducting internal monitoring and auditing;
‹bullet› Enforcing standards through well-publicized disciplinary guidelines; and
‹bullet› Responding promptly to detected offenses and developing corrective action.
These elements are contained in previous guidances issued by the OIG. As with previously issued guidances, this draft compliance program guidance represents the OIG's suggestions on how nursing facilities can best establish internal controls and prevent fraudulent activities. The contents of this guidance should not be viewed as mandatory or as an exclusive discussion of the advisable elements of a compliance program; the document is intended to present voluntary guidance to the industry and not represent binding standards for nursing facilities.
Public Input and Comment in Developing Final Guidance
In an effort to ensure that all parties have an opportunity to provide input into the OIG's guidance, we are publishing this guidance in draft form. We welcome any comments from interested parties regarding this document. The OIG will consider all comments that are received within the above-cited time frame, incorporate any specific recommendations as appropriate, and prepare a final version of the guidance thereafter for publication in the Federal Register.
Draft Compliance Program Guidance for Nursing Facilities
-
INTRODUCTION
The Office of Inspector General (OIG) of the Department of Health and Human Services (DHHS) continues in its efforts to promote voluntarily implemented compliance programs for the health care industry.\1\ This compliance guidance is intended to assist nursing facilities \2\ develop and implement internal controls and procedures that promote adherence to applicable statutes and regulations of the Federal health care programs \3\ and private insurance program requirements. Compliance programs strengthen Government efforts to prevent and reduce fraud and abuse, as well as further the mission of all nursing facilities to provide quality care to their residents.
\1\ Currently, the Office of Inspector General has issued compliance program guidances for the following six industry sectors: hospitals, clinical laboratories, home health agencies, durable medical equipment suppliers, third-party medical billing companies and hospices. Over the next year, the OIG plans to issue compliance guidances for Medicare+Choice organizations offering coordinated care plans, ambulance companies and small group physician practices.
\2\ For the purpose of this guidance, the term ``nursing facility'' includes a skilled nursing facility (SNF) and a nursing facility (NF) organization that meet the requirements of sections 1819 and 1919 of the Social Security Act (Act), respectively, 42 U.S.C. 1395i-3 and 42 U.S.C. 1396r. Where appropriate we distinguish between SNFs and other facilities.
\3\ The term ``Federal health care programs,'' as defined in 42 U.S.C. 1320a-7b(f), includes any plan or program that provides health benefits, whether directly, through insurance, or otherwise, which is funded directly, in whole or in part, by the United States Government (i.e., via programs such as Medicare, Federal Employees Health Benefits Act, Federal Employees' Compensation Act, Black Lung, or the Longshore and Harbor Worker's Compensation Act) or any State health plan (e.g., Medicaid, or a program receiving funds from block grants for social services or child health services). In this document, the term ``Federal health care program requirements'' refers to the statutes, regulations and other rules governing Medicare, Medicaid, and all other Federal health care programs.
Through this document, the OIG provides its views on the fundamental elements of nursing facility compliance programs, as well as the principles that each nursing facility should consider when developing and implementing an effective compliance program. While this document presents basic procedural and structural guidance for designing a compliance program, it is not in and of itself a compliance program. Rather, it is a set of guidelines that nursing facilities should consider when developing and implementing a compliance program.
Implementing an effective compliance program in a nursing facility may require a significant commitment of time and resources by all parts of the organization. However, superficial efforts or programs that are hastily constructed and implemented without a long-term commitment to a culture of compliance will likely be ineffective and may expose the nursing facility to greater liability than if it had no
[[Page 58421]]
program at all.\4\ Although an effective compliance program may require a reallocation of existing resources, the long-term benefits of establishing a compliance program significantly outweigh the initial costs. In short, compliance measures are an investment that advances the goals of the nursing facility, the solvency of the Federal health care programs, and the quality of care provided to the nursing home resident.
\4\ Recent case law suggests that the failure of a corporate director to attempt in good faith to institute a compliance program in certain situations may be a breach of a director's fiduciary obligation. See, e.g., In re Caremark International Inc. Derivative Litigation, 698 A.2d 959 (Ct. Chanc. Del. 1996).
In a continuing effort to collaborate closely with health care providers and the private sector, the OIG placed a notice in the Federal Register soliciting comments and recommendations on what should be included in this compliance program guidance.\5\ In addition to considering these comments in drafting this guidance, we reviewed previous OIG publications, including OIG Special Fraud Alerts and OIG Medicare Advisory Bulletins, as well as reports issued by OIG's Office of Audit Services (OAS) and Office of Evaluation and Inspections (OEI) affecting the nursing home industry.\6\ In addition, we relied on the experience gained from fraud investigations of nursing home operators conducted by OIG's Office of Investigations, the Department of Justice, and the Medicaid Fraud Control Units.
\5\ See 63 FR 70137 (December 12, 1998) ``Notice for Solicitation of Information and Recommendations for Developing OIG Compliance Program Guidance for the Nursing Home Industry.''
\6\ The OIG periodically issues advisory opinions responding to specific inquiries concerning the application of the OIG's authorities and Special Fraud Alerts setting forth activities that raise legal and enforcement issues. These documents, as well as reports from OAS and OEI can be obtained on the Internet at: http:// www.hhs.gov/oig. We also recommend that nursing home providers regularly review the Health Care Financing Administration (HCFA) website on the Internet at: http://www.hcfa.gov, for up-to-date regulations, manuals, and program memoranda related to the Medicare and Medicaid programs.
-
Benefits of a Compliance Program
The OIG believes a comprehensive compliance program provides a mechanism that brings the public and private sectors together to reach mutual goals of reducing fraud and abuse, improving operational functions, improving the quality of health care services, and reducing the cost of health care. Attaining these goals provides positive results to the nursing facility, the Government, and individual citizens alike. In addition to fulfilling its legal duty to ensure that it is not submitting false or inaccurate claims to Government and private payers, a nursing facility may gain numerous additional benefits by voluntarily implementing a compliance program. The benefits may include:
‹bullet› The formulation of effective internal controls to assure compliance with statutes, regulations and rules;
‹bullet› A concrete demonstration to employees and the community at large of the nursing facility's commitment to responsible corporate conduct;
‹bullet› The ability to obtain an accurate assessment of employee and contractor behavior;
‹bullet› An increased likelihood of identifying and preventing unlawful and unethical behavior;
‹bullet› The ability to quickly react to employees' operational compliance concerns and effectively target resources to address those concerns;
‹bullet› Improvement of the quality, efficiency, and consistency of providing services;
‹bullet› A mechanism to encourage employees to report potential problems and allow for appropriate internal inquiry and corrective action;
‹bullet› A centralized source for distributing information on health care statutes, regulations and other program directives;\7\
\7\ Counsel to the nursing facility should be consulted as appropriate regarding interpretation and legal analysis of laws related to the Federal health care programs and laws related to fraud, abuse and other legal requirements.
‹bullet› A mechanism to improve internal communications;
‹bullet› Procedures that allow the prompt, thorough investigation of alleged misconduct; and
‹bullet› Through early detection and reporting, minimizing loss to the Government from false claims, and thereby reducing the nursing facility's exposure to civil damages and penalties, criminal sanctions, and administrative remedies.\8\
\8\ The OIG, for example, will consider the existence of an effective compliance program that pre-dated any governmental investigation when addressing the appropriateness of administrative sanctions. However, the burden is on the nursing facility to demonstrate the operational effectiveness of the compliance program. Further, the False Claims Act, 31 U.S.C. 3729-3733, provides that a person who has violated the Act, but who voluntarily discloses the violation to the Government within 30 days of detection, in certain circumstances will be subject to not less than double, as opposed to treble, damages. See 31 U.S.C. 3729(a). In addition, criminal sanctions may be mitigated by an effective compliance program that was in place at the time of the criminal offense. See note 11.
The OIG recognizes that the implementation of a compliance program may not entirely eliminate fraud and abuse from the operations of a nursing facility. However, a sincere effort by the nursing facility to comply with applicable statutes and regulations as well as Government and private payer health care program requirements, through the establishment of a compliance program, significantly reduces the risk of unlawful or improper conduct.
-
Application of Compliance Program Guidance
Given the diversity within the long-term care industry, there is no single ``best'' nursing facility compliance program. The OIG recognizes the complexities of this industry and is sensitive to the differences among large national chains, regional multi-facility operators, and small independent homes. However, the elements of this guidance can be used by all nursing facilities to establish a compliance program, regardless of size (in terms of employees and gross revenue), number of locations, or corporate structure. Similarly, a corporation that provides long term care as part of an integrated health care delivery system may incorporate these elements into its structure.\9\
\9\ For example, this would include providers that own hospitals, skilled nursing facilities, long-term care facilities and hospices.
We recognize that some nursing facilities may not be able to adopt certain elements to the same degree that others with more extensive resources may achieve. At the end of several sections of this document, the OIG has offered suggestions to assist these smaller nursing facility providers in implementing the principles expressed in this guidance. Regardless of size, structure or available resources, the OIG recommends that every nursing facility should strive to accomplish the objectives and principles underlying all of the compliance polices and procedures in this guidance.
By no means should the contents of this guidance be viewed as an exclusive or complete discussion of the advisable elements of a compliance program. On the contrary, the OIG strongly encourages nursing facilities to develop and implement compliance elements that uniquely address the areas of potential problems, common concerns, or high risk areas that apply to their own facilities. Furthermore, this guidance may be modified and expanded as more information and knowledge is obtained by the OIG, and as changes in the statutes, regulations and rules of the Federal, State, and private health plans occur. New
[[Page 58422]]
compliance practices also may be incorporated into this guidance if the OIG discovers enhancements that promote effective compliance.
-
-
Compliance Program Elements
-
The Seven Basic Compliance Elements
The OIG believes that every effective compliance program must begin with a formal commitment‹SUP›10‹/SUP› by the nursing facility's governing body to address all of the applicable elements listed below, which are based on the seven steps of the Federal Sentencing Guidelines.‹SUP›11‹/SUP› The OIG recognizes that full implementation of all elements may not be immediately feasible for all nursing facilities. However, as a first step, a good faith and meaningful commitment on the part of nursing facility management will substantially contribute to the program's successful implementation. As the compliance program is effectuated, that commitment should cascade down through management to every employee and contractor of the nursing facility.
\10\ A formal commitment may include a resolution by the board of directors, owner(s), or president, where applicable. Evidence of that commitment should include the allocation of adequate resources, a timetable, and the identification of an individual to serve as a compliance officer or coordinator to ensure that each of the recommended and adopted elements is addressed. Once a commitment has been established, a compliance officer should immediately be chosen to oversee the implementation of the compliance program.
\11\ See United States Sentencing Commission Guidelines, Guidelines Manual, 8 A1.2, Application Note 3(k). The Federal Sentencing Guidelines are detailed policies and practices for the Federal criminal justice system that prescribe the appropriate sanctions for offenders convicted of Federal crimes.
At a minimum, a comprehensive compliance program should include the following seven elements:
(1) The development and distribution of written standards of conduct, as well as written policies, procedures and protocols that promote the nursing facility's commitment to compliance (e.g., by including adherence to the compliance program as an element in evaluating managers and employees) and address specific areas of potential fraud and abuse, such as claims development and submission processes, quality of care issues facing residents, and financial arrangements with physicians and outside contractors that may affect the health care provided to beneficiaries;
(2) The designation of a compliance officer and other appropriate bodies (e.g., a corporate compliance committee), charged with the responsibility for developing, operating and monitoring the compliance program, and who reports directly to the owner(s), governing body and/ or CEO; ‹SUP›12‹/SUP›
\12\ The roles of the compliance officer and the corporate compliance committee in implementing an effective compliance program are discussed throughout this guidance. However, the OIG recognizes that the differences in the sizes and structures of nursing facilities may result in differences in the way in which compliance programs function.
(3) The development and implementation of regular, effective education and training programs for all affected employees; ‹SUP›13‹/SUP›
\13\ Training and educational programs for nursing facilities should be detailed, comprehensive and at the same time targeted to address the needs of specific employees based on their responsibilities within the facility. Existing in-service training programs can be expanded to address general compliance issues, as well as the risk areas identified in that part of nursing home operations.
(4) The creation and maintenance of an effective line of communication between the compliance officer and all employees, including a process, such as a hotline or other reporting system, to receive complaints, and the adoption of procedures to protect the anonymity of complainants and to protect whistle blowers from retaliation;
(5) The use of audits and/or other risk evaluation techniques to monitor compliance, identify problem areas, and assist in the reduction of identified problems; ‹SUP›14‹/SUP›
\14\ For example, periodically spot-checking the work of coding and billing personnel should be part of a compliance program. In addition, procedures to regularly monitor the care provided nursing facility residents and to ensure that deficiencies identified by surveyors are corrected should be incorporated into the compliance program's evaluation and monitoring functions.
(6) The development of policies and procedures addressing the non- employment or retention of excluded individuals or entities; and the enforcement of appropriate disciplinary action against employees or contractors who have violated corporate or compliance policies and procedures, applicable statutes, regulations, or Federal, State, or private payor health care program requirements; and
(7) The development of policies and procedures with respect to the investigation of identified systemic problems, which include direction regarding the prompt and proper response to detected offenses, such as the initiation of appropriate corrective action, repayments and preventive measures.
-
Written Policies and Procedures
Every compliance program should develop and distribute written compliance standards, procedures and practices that guide the nursing facility and the conduct of its employees throughout day-to-day operations. These policies and procedures should be developed under the direction and supervision of the compliance officer, the compliance committee, and operational managers. At a minimum, they should be provided to all employees who are affected by these policies, as well as physicians, suppliers, nursing facility agents, and contractors who may affect or be affected by the nursing facility's billing and care functions.‹SUP›15‹/SUP› In addition to general corporate policies and procedures, an effective compliance program should include specific policies and procedures for the different clinical, financial, and administrative functions of a nursing facility.
\15\ According to the Federal Sentencing Guidelines, an organization must have established compliance standards and procedures to be followed by its employees and other agents in order to receive sentencing credit for an ``effective'' compliance program. The Federal Sentencing Guidelines define ``agent'' as ``any individual, including a director, an officer, an employee, or an independent contractor, authorized to act on behalf of the organization.'' See United States Commission Guidelines, Guidelines Manual, 8A1.2, Application Note 3(d).
-
Code of Conduct
While a clear statement of policies and procedures is at the core of a compliance program, the OIG recommends that nursing facilities start the process with the development of a corporate statement of principles that will guide the operations of the provider. One common expression of this statement of principles is the code of conduct.‹SUP›16‹/SUP›
\16\ The OIG strongly encourages the participation and involvement of the nursing facility's owner(s), governing board, CEO, as well as other personnel from various levels of the organizational structure in the development of all aspects of the compliance program, especially the standards of conduct. Management and employee involvement in this process communicates a strong and explicit commitment to all employees of the need to comply with the organization's standards of conduct.
The code should function in the same fashion as a constitution, i.e., as a foundational document that details the fundamental principles, values, and framework for action within an organization. The code of conduct for a nursing facility should articulate the organization's expectations of employees, as well as summarize the basic legal principles under which the organization must operate. Unlike the more detailed policies and procedures, the code of conduct should be brief, easily readable and cover general principles applicable to all employees.
The code of conduct should be distributed to, and comprehensible by, all affected employees.‹SUP›17‹/SUP› Depending on
[[Page 58423]]
the facility's work force, this may mean that the code should be translated into other languages when necessary and written at appropriate reading levels. Further, any employee handbook delineating the standards of conduct should be regularly updated to reflect developments in applicable Government and private health care program requirements. Finally, the OIG recommends that current employees, as well as those newly hired, should certify that they have received and read the organization's code of conduct. These certifications should be updated on a regular basis, possibly as part of an annual training program, retained in the employee's personnel file and made available for review.‹SUP›18‹/SUP›
\17\ The code also should be distributed, or at least available, to the residents and their families, as well as the physicians and contractors associated with the facility.
\18\ Documentation of employee training and other compliance efforts is important in conducting internal assessments of the compliance program, as well as during any third-party evaluation of facility's efforts to comply with Federal health care program requirements. See section II.F.
The OIG believes that all nursing facilities should operate under the guidance of a code of conduct. While the OIG recognizes that some nursing facilities may not have the resources to establish a comprehensive compliance program, we believe that every nursing facility can design a program that addresses the seven elements set out in this guidance, albeit at different levels of sophistication and complexity. In its most fundamental form, a facility's code of conduct is a basic set of standards that articulate the organization's philosophy, summarizes basic legal principles, and teaches employees how to respond to practices that may violate the code of conduct and standards. These standards should be posted and distributed to every employee. Further, even a small nursing facility should obtain written attestation from its employees to confirm their understanding and commitment to the nursing facility's code of conduct. 2. Specific Risk Areas
As part of their commitment to a compliance program, nursing facilities should prepare a comprehensive set of written policies and procedures that are in place to prevent fraud and abuse in facility operations and to ensure the appropriate care of their residents. These policies and procedures should educate and alert all affected managers and employees of the Federal health care program requirements, the consequences of noncompliance, and the specific procedures that nursing facility employees should follow to report problems, to ensure compliance, and to rectify any prior noncompliance.
The OIG recognizes that most facilities have in place policies and procedures to prevent fraud and abuse in their institutions. These providers may not need to develop a new, comprehensive set of policies as part of their compliance program if existing policies encompass the provider's operations and relevant rules. However, the nursing home industry is subject to numerous Federal and State statutes, rules, regulations and manual instructions.‹SUP›19‹/SUP› Because these program requirements are frequently modified, the OIG recommends that all nursing facilities evaluate their current compliance policies and procedures by conducting a baseline assessment of risk areas, as well as subsequent reevaluations.‹SUP›20‹/SUP› The OIG also recommends that these internal compliance reviews be undertaken on a regular basis to ensure compliance with current program requirements.
\19\ See http://www.hcfa.gov for a set of all Medicare and Medicaid manuals.
\20\ In addition, all providers should be aware of the enforcement priorities of Federal and State regulators and law enforcement agencies. OIG periodically issues Special Fraud Alerts and Special Advisory Bulletins that identify activities believed to raise enforcement concerns. These documents and other materials that provide insight into the nursing home enforcement priorities of the OIG are referenced throughout this guidance.
To assist nursing facilities in performing this internal assessment, the OIG has developed a list of potential risk areas affecting nursing facility providers. These risk areas include quality of care and residents' rights, employee screening, vendor relationships, billing and cost reporting, and recordkeeping and documentation. This list of risk areas is not exhaustive, nor all encompassing. Rather, it should be viewed as a starting point for an internal review of potential vulnerabilities within the nursing facility.‹SUP›21‹/SUP› The objective of this assessment should be to ensure that the employees, managers and directors are aware of these risk areas and that steps are taken to minimize, to the extent possible, the types of billing and quality of care problems identified. While there are many ways to accomplish this objective, the OIG has observed that comprehensive, clear written standards, policies and procedures that are communicated to all appropriate employees and contractors are the first step in an effective compliance program.
\21\ The OIG recommends that, in addition to the list set forth below, the provider review the OIG's Work Plan to identify vulnerabilities and risk areas on which the OIG will focus during the following year. In addition, it is recommended that the nursing facility routinely review the OIG's semiannual reports, which identify program vulnerabilities and risk areas that the OIG has targeted during the preceding six months. All of these documents are available on the OIG's webpage at http://www.hhs.gov/oig.
The OIG believes that sound operating compliance policies are essential to all nursing facilities, regardless of size and capability. If a lack of resources to develop such policies is genuinely an issue, the OIG recommends that those nursing facilities focus first on those risk areas most likely to arise in their business operations. At a minimum, resources should be directed to analyze the results of annual surveys,‹SUP›22‹/SUP› and to verify that the facility has effectively addressed any deficiencies cited by the surveyors. An effective and low-cost means to accomplish this is through the use of the facility's Quality Assessment and Assurance Committee. The committee should consist of facility staff members, including the Director of Nursing and the facility physician. On a periodic basis, the committee should meet to identify compliance issues affecting the quality of care provided to the residents and to develop and implement appropriate corrective actions. The time commitment required for this collaborative effort will vary according to the magnitude of the facility's quality assessment and assurance issues.
\22\ State and local agencies enter into agreements with DHHS under which they survey and make recommendations regarding whether providers meet the Medicare conditions of participation or other requirements for SNFs and NFs (See 42 CFR 488.10).
Creating a resource manual from publicly available information may be a cost-effective approach for developing policies and procedures to improve the quality of each resident's life. For example, a simple binder that contains a facility's written policies and procedures, the most recent survey findings and plan of correction, relevant HCFA instructions and bulletins, and summaries of key OIG documents (e.g., Special Fraud Alerts, Advisory Bulletins, inspection and audit reports) can be regularly updated and made accessible to all employees. Particularly in the case of more technical materials, it may be advisable to provide summaries in the handbook and make the source documents available upon request. If individualized copies of this handbook are not made available to all employees, then a reference copy should be available in a readily accessible location, as well as from the designated compliance officer.
-
Quality of Care. The OIG believes that a nursing facility's compliance policies should start with a statement that affirms the facility's commitment to
[[Page 58424]]
providing the care necessary to attain or maintain the resident's ``highest practicable physical, mental and psychosocial well-being.'' \23\ To achieve the goal of providing quality care, nursing facilities should continually measure their performance against comprehensive standards, which at a minimum should include the Medicare conditions of participation.\24\ In addition to these regulations, a facility should develop its own standards of quality care and the mechanisms for evaluating its performance.
\23\ 42 CFR 483.25. See OIG report OEI-02-98-00331 ``Quality of Care in Nursing Homes: An Overview,'' in which the OIG found that, although the overall number of deficiencies identified through the survey and certification process was decreasing, the number of ``quality of care'' and other serious deficiencies was increasing.
\24\ See 42 CFR part 483, which establishes requirements for long-term care facilities. HCFA's regulations establish conditions that must be met for a nursing facility to qualify to participate in the Medicare and Medicaid programs. State licensure laws may impose additional requirements for the establishment and certification of a nursing facility.
As noted above, current and past surveys are a good place to begin to identify specific risk areas and regulatory vulnerabilities at the individual facility. Any deficiencies discovered by annual State agency or Federal validation surveys may reflect noncompliance with the program regulations and can be the basis for enforcement actions.\25\ Those deficiencies identified by the State health agency survey instrument should be addressed and, where appropriate, the corrective action should be incorporated into the facility's policies and procedures as well as reflected in its training and educational programs. In addition to responding promptly to deficiencies identified through the survey and certification process, nursing facilities should take proactive measures to identify, anticipate and respond to quality of care risk areas identified by the nursing home ombudsman or other sources.
\25\ See 42 CFR part 488, subparts A, B, C, E, and F. The survey instrument is used to identify deficiencies, such as: failure to notify residents of their rights; improper use of restraints for discipline purposes; lack of a clean and safe environment; failure to provide care for basic living activities, including failing to prevent and/or treat pressure sores, urinary incontinence, hydration; and failing to properly feed residents.
As noted throughout this guidance, each provider must assess its vulnerability to particular abusive practices in light of its unique circumstances. However, the OIG, HCFA, the Department of Justice, and State enforcement agencies have substantial experience in identifying quality of care risk areas. Some of the special areas of concern include:
‹bullet› Absence of a comprehensive, accurate assessment of each resident's functional capacity and a comprehensive care plan that includes measurable objectives to meet the resident's medical, mental and psychosocial needs;\26\
\26\ As stated above, each resident must receive the necessary care and services to attain or maintain the highest practicable physical, mental, and psychosocial well-being, in accordance with the resident's assessment and plan of care (see 42 CFR 483.25). The OIG recognizes that this standard does not always lend itself to easy, objective evaluation. The matter is further complicated by the right of the resident, or his or her legal representative, to decide on a course of treatment that may be contra-in-di-cated. The Patient Self-Determination Act (P.L. 103-413) requires health care institutions to educate patients about advance directives and to document their decision on life-sustaining treatments.
‹bullet› Inappropriate or insufficient treatment and services to address residents' clinical conditions, including pressure ulcers, dehydration, malnutrition, incontinence of the bladder, and mental or psychosocial problems; \27\
\27\ HCFA has created a repository of best practice guidelines for the care of residents at risk of pressure ulcers, dehydration and malnutrition. In addition, the Food and Nutrition Board of the National Research Council, National Academy of Sciences, has established recommended dietary allowances.
‹bullet› Failure to properly prescribe, administer and monitor drug medication usage, including psychotropic and anti-depressant medications; \28\
\28\ The OIG has conducted a series of reviews that focused on prescription drug use in nursing homes. See OIG reports OEI-06-96- 00080, OEI-06-96-0008, OEI-06-96-00082, ``Prescription Drug Use in Nursing Homes.'' The OIG found that patients experienced adverse reactions to various drugs as a result of inappropriate prescribing and inadequate monitoring of medication usage. The reviews revealed serious concerns, including residents receiving drugs for which their medical records lacked evidence of a prescription; and the prescription of drugs judged inappropriate for use by elderly persons. The studies also found that medication records were often incomplete and not readily accessible, making it difficult for a pharmacist to identify or confirm drug regimens or problems.
‹bullet› Inadequate or insufficiently trained staff to provide medical, nursing, and related services; \29\
\29\ For example, Federal regulations require that the medical care of each resident should be supervised by a physician, who must see the resident at least once every 30 days for the first 90 days after admission and at least once every 60 days thereafter (see 42 CFR 483 40(c)). The facility also must retain the services of a registered nurse, 42 CFR 483.30, as well as a qualified dietitian. 42 CFR 483.35. In addition to these basic Federal requirements, the OIG strongly believes that the facility should conform to State- mandated staffing levels where they exist and adopt its own minimum ``hours per patient'' staffing standards in any case. At the heart of many quality of care deficiencies is a lack of adequate staff needed to provide basic nursing services.
‹bullet› Failure to provide appropriate therapy services; \30\
\30\ See OIG report OEI-09-97-00120 ``Medical Necessity of Physical and Occupational Therapy in Skilled Nursing Facilities,'' which found a high rate of medically unnecessary therapies in a number of nursing facilities; such unnecessary services lead to inappropriate care. With the introduction of the prospective payment system, nursing facilities should ensure that financial pressures do not create incentives to underutilize medically necessary therapeutic services.
‹bullet› Failure to provide appropriate services to assist residents with activities of daily living (e.g., feeding, dressing, bathing, etc.); and
‹bullet› Failure to report incidents of mistreatment, neglect, or abuse to the administrator of the facility and other officials as required by law.\31\
\31\ In addition to providing the facility's management important information about the state of care in the facility, the self-reporting of resident abuse, including injuries of unknown sources, is a condition of participation (See 42 CFR 483.13(c)(2)). Although State surveyors conduct complaint surveys when they receive a complaint, these surveys can only occur if the surveyors are aware of the problem.
As noted previously, a nursing facility that has a history of serious deficiencies should use those survey results as a starting point for implementing a comprehensive plan to improve its quality of care. Effectively addressing these risk areas with written policies and procedures, which are then implemented through effective training programs, can most directly improve the quality of the nursing home residents's life.
-
Residents' Rights. The Budget Reconciliation Act (OBRA) of 1987, Public Law 100-203, established a number of requirements to protect and promote the rights of each resident.\32\ In addition, many States have adopted specific lists of residents' rights.\33\ The nursing facility's policies should address the residents' right to a dignified existence that promotes freedom of choice, self-determination, and reasonable accommodation of individual needs. To protect the rights of each resident, the OIG recommends that a provider address the following risk areas as part of its compliance policies:
\32\ See generally, 42 U.S.C. 1395i-3 and 42 CFR part 483.
\33\ In OIG report OEI-02-98-00350 ``Long Term Ombudsman Program: Complaint Trends,'' the OIG points out that complaints about resident care and resident rights have been increasing. Resident care concerns included complaints about personal care, such as a pressure and hygiene, lack of rehabilitation, the inappropriate use of restraints, abuse and neglect, problems with admissions and eviction, and the exercise of personal rights.
‹bullet› Discriminatory admission or improper denial of access to care; \34\
\34\ Nursing facilities should offer care to all patients who are eligible in accordance with Federal and State laws governing admissions (See 42 CFR 483.12(d)). The provider also should maintain identical policies regarding ``transfer, discharge, and provision of services under the State plan'' for all residents, regardless of payment source (See 42 CFR 483.12(c)). See also OIG report OEI-02- 99-00400 ``Early Effects of the Prospective Payment System on Access to Skilled Nursing Facilities.''
[[Page 58425]]
‹bullet› Verbal, mental or physical abuse, corporal punishment and involuntary seclusion; \35\
\35\ See California Nursing Homes: Care Problems Persist Despite Federal and State Oversight (GAO/HEHS-98-202, July, 1998). As noted previously, the facility must establish a process by which the facility administrator is informed of incidents of abuse and an investigation is conducted within 5 days of the incident (See 42 CFR 483.13(c)(4)).
‹bullet› Inappropriate use of physical or chemical restraints; \36\
\36\ See OIG Report OEI-01-91-00840 ``Minimizing Restraints in Nursing Homes: A Guide to Action.''
‹bullet› Failure to ensure that residents have access to their personal records upon request and that the privacy and confidentiality of those records are protected; \37\
\37\ It is a violation of the Medicare conditions of participation to make unauthorized disclosures from the resident's medical records (See 42 CFR 483.10(e)). The facility should also establish policies that respect each resident's right to privacy in personal communications, including the right to receive mail that is unopened and to the use of a telephone where calls can be made in privacy.
‹bullet› Denial of a resident's right to participate in his or her care and treatment; \38\
\38\ The right of self-determination includes the resident's right to choose a personal physician, to be fully informed of his or her health status, and participate in treatment decisions, including the right to refuse treatment, unless adjudged incompetent or incapacitated (See 42 CFR 483.10(d)).
‹bullet› Failure to safeguard residents' financial affairs.\39\
\39\ This includes preserving the resident's right to manage his or her financial affairs or permit the facility to hold and manage personal funds. The resident should receive a full and complete accounting of personal funds held by the facility (See 42 CFR 483.10 (c)). If a misappropriation of a resident's property is uncovered, the facility administrator should be notified immediately and an investigation conducted. Finally, the provider should take measures to ensure that personal funds have not been used to pay for items or services paid for by Medicare or Medicaid.
-
Billing and Cost Reporting. Abusive and fraudulent billing practices in the Federal health care programs drain the public fisc of the funds needed to provide program beneficiaries medically necessary items and services. Over the last twenty years, the OIG has identified patterns of improper and fraudulent activities that cover the spectrum of health care services and have cost taxpayers billions of dollars.\40\ These fraudulent billing practices, as well as abuses in other risk areas that are described in these compliance program guidances, have resulted in criminal, civil and administrative enforcement actions. Because the consequences of these enforcement actions can have a profound adverse impact on a provider, the identification of risk areas associated with billing and cost reporting should be a major part of a nursing facility's compliance program.
\40\ See OIG Report A-17-99-00099 ``Improper Fiscal Year 1998 Fee-for-Service Payments'' in which the OIG estimated that improper Medicare benefit payments made during FY 1998 totaled $12.6 billion in processed fee-for-service payments. SNF payment errors were a result of claims for services lacking medical necessity and represented 7 percent of the total estimated improper payments. The OIG could not and did not quantify what percentage of the improper payments was the result of fraud. Significantly, it was only through a review of medical records that the majority of these billing errors were detected, since when the claims were submitted to the Medicare contractor, they contained no visible errors.
The introduction of a prospective payments system (PPS) for Medicare SNFs and implementation of consolidated billing create additional issues to be addressed when designing billing and cost reporting compliance policies and procedures.\41\ In the following discussion of billing risk areas, the OIG has attempted to identify issues that pose concerns under the current systems of reimbursement, the transition period to consolidated billing, as well as anticipate potential compliance issues stemming from these program changes. As is the case with all aspects of compliance, the nursing facility must continually reassess its billing procedures and policies to ensure that unanticipated problems are promptly identified and corrected. Listed below are some of the reimbursement risk areas a nursing facility should consider addressing as part of its written compliance policies and procedures:
\41\ The Balanced Budget Act of 1997 (BBA), Public Law 105-33, established PPS for SNFs. Under PPS, all costs (routine, ancillary, and capital) related to services furnished to beneficiaries covered under Part A, including certain Part B services, are paid a predetermined amount based on the medical condition and needs of the resident, as reflected in the Resource Utilization Group (RUG) code assigned to that resident. Other Part B services will continue to be reimbursed separately to the providers of such services pending implementation of a new consolidated billing system.
‹bullet› Billing for items or services not rendered or provided as claimed; \42\
\42\ For example, the OIG has investigated suppliers of ancillary services that improperly bill for an hour of therapy when only a few minutes were provided. Similarly, vendors that knowingly submit a claim for an expensive prosthetic device when the resident only received non-covered adult diapers have been the subject of enforcement actions. When consolidated billing is implemented, vendors will not submit bills directly to Medicare for such services. As the entity submitting the claim, the nursing facility will need to have any certifications or orders necessary to provide the service, as well as supporting documentation required, to receive payment.
‹bullet› Submitting claims for equipment, medical supplies and services that are medically unnecessary; \43\
\43\ Billing for medically unnecessary services, supplies and equipment involves seeking reimbursement for a service that is not warranted by a resident's documented medical condition. See 42 U.S.C. 1395i(a)(1)(A) (``no payment may be made under part A or part B [of Medicare] for any expenses incurred for items or services which * * * are not reasonable and necessary for the diagnosis or treatment of illness or injury or to improve the functioning of the malformed body member''). In the Special Fraud Alert ``Fraud and Abuse in the Provision of Services in Nursing Facilities'' (June 1996), the OIG identified several types of fraudulent arrangements through which health care providers inappropriately billed Medicare and Medicaid for unnecessary or non-rendered items and services.
Under PPS, the provision of unnecessary services may take a different form. As discussed below, manipulation of the Minimum Data Set (MDS) to fit a resident into a higher RUG can result in the provision of medically unnecessary services. In addition, a nursing facility may not enter into arrangements with providers of ancillary services through which the facility overutilizes services reimbursed under Part B in return for an offset in the cost of items or services covered under Part A.
‹bullet› Submitting claims to Medicare Part A for residents who are not eligible for Part A coverage; \44\
\44\ Medicare Part A benefits in skilled nursing facilities are limited to beneficiaries who require services rendered by technical or professional personnel in a skilled nursing setting (See 42 CFR 409.30). Knowingly misrepresenting the nature or level of services provided to a Medicare beneficiary to circumvent the program's limitation is fraudulent.
‹bullet› Duplicate billing; \45\
\45\ Duplicate billing occurs when the nursing facility bills for the same item or service more than once or when a vendor bills the Federal health care program for an item or service also billed by the facility. Although duplicate billing can occur due to simple error, the knowing submission of duplicate claims--which is sometimes evidenced by systematic or repeated double billing--can create liability under criminal, civil, or administrative law. When Medicare Part B implements consolidated billing, facilities should modify all agreements with vendors to require that the vendor bill the facility for those services covered under consolidated billing requirements and not submit bills directly to Medicare for such services.
‹bullet› Failing to identify and refund credit balances; \46\
\46\ A credit balance is an excess payment made to a health care provider as a result of patient billing or claims processing error. Nursing facilities should institute procedures to provide for the timely identification, accurate reporting and repayment of credit balances. In addition, the provider should promptly repay if a resident is also entitled to a credit. See OIG report OEI-07-09- 00910 ``Medicare Credit Balances in Skilled Nursing Facility Patient Accounts'' and OEI-07-09-00911 ``Medicaid Credit Balances in Skilled Nursing Facility Patient Accounts,'' in which the OIG found that skilled nursing facilities were not accurately or completely adjusting and reporting credit balance amounts due to the Medicare and Medicaid programs. Significantly, the intentional concealment of a known overpayment may expose a provider to criminal sanctions (See 42 U.S.C. 1320a-7b(a)(3)), and civil liability under the False Claims Act.
[[Page 58426]]
‹bullet› Submitting claims for items or services not ordered;\47\
\47\ Billing for services or items not ordered involves seeking reimbursement for services provided but not ordered by the treating physician or other authorized person.
‹bullet› Knowingly billing for inadequate or substandard care;\48\
\48\ See discussion on quality of care standards in nursing facilities in section II.B.2.a above and the accompanying notes. Knowingly billing for inadequate or substandard care may create liability under administrative, civil and criminal law.
‹bullet› Providing misleading information about a resident's medical condition on the MDS or otherwise providing inaccurate information used to determine the RUG assigned to the resident;
‹bullet› Upcoding the level of service provided; \49\
\49\ Upcoding involves the selection of a Billing code that is not the most appropriate descriptor of the service or condition, in order to maximize reimbursement. Under PPS, upcoding may take the form of ``RUG creep.'' RUG creep occurs when a provider falsely or fraudulently completes the MDS, which results in assigning a resident to a higher RUG category.
‹bullet› Billing for individual items or services when they either are included in the facility's per diem rate or are of the type of item or service that must be billed as a unit and may not be unbundled;\50\
\50\ A related risk area involves bill splitting schemes. This billing abuse usually takes the form of manipulating the billing for procedures to create the appearance that the services were rendered over a period of days when all treatment occurred during one visit.
‹bullet› Billing residents for items or services that are included in the per diem rate or otherwise covered by the third-party payor;
‹bullet› Forging physician or beneficiary signatures on documents used to verify that services were ordered and/or provided;\51\
\51\ The OIG has investigated a number of cases where signatures were forged, either to fabricate evidence that a physician ordered equipment or services or to create a paper trail in support of items or services that were never provided.
‹bullet› Failing to maintain sufficient documentation to establish that the services were ordered and/or performed; and
‹bullet› False cost reports.\52\
\52\ Nursing homes are required to submit various reports to Federal and State agencies in connection with facility operations and to receive reimbursement for the care provided to program beneficiaries. Because program payments are in part based on self- reported operating costs, providers must implement procedures to ensure that these reports are prepared as accurately as possible. This should include measures to ensure that adequate documentation exists to support information provided in the report, non-allowable costs are appropriately identified and removed, and related party transactions are treated consistent with program requirements (See 42 CFR part 413). If the provider intends to claim costs in non- conformity with program rules, those items should be flagged in a letter accompanying the cost report. Prior enforcement actions involving nursing home cost reports have focused on nursing facilities that claimed salary expenses for employees who do not exist, inflated the number of residents served, included non- reimbursable costs with nursing home-related expenses, inappropriately shifted costs to cost centers that are below the reimbursement cap, and shifted non-Medicare related costs to Medicare cost centers.
The OIG recommends that a nursing facility, through its policies and procedures, take all reasonable steps to ensure compliance with the Federal health care programs when submitting information that affects reimbursement decisions. The risk areas associated with billing and cost reporting have been among the most frequent subjects of investigations and audits by the OIG. In addition to facing criminal sanctions and significant monetary penalties, providers that have failed to adequately ensure the accuracy of their claims and cost report submissions can be excluded from program participation, or in lieu of exclusion, be required by the OIG to execute a corporate integrity agreement (CIA).\53\
\53\ The CIA imposes reporting requirements, independent audits, and other procedures on providers who have demonstrated an inability or unwillingness to independently adopt these measures. It is clearly in a provider's best interest to avoid the implementation of a CIA by instituting its own prevention, detection, and disclosure mechanisms.
-
Employee Screening. Nursing facilities are required by Federal, and in some cases State, law to investigate the background of certain employees. Nursing facilities should conduct a reasonable and prudent background investigation and reference check before hiring those employees who have access to patients or their possessions, or who have discretionary authority to make decisions that may involve compliance with the law. The employment application should specifically require the applicant to disclose any criminal conviction, as defined by 42 U.S.C. 1320a-7; or exclusion from participation in the Federal health care programs.
This pre-employment screening is critical to ensuring the integrity of the facility's work force and safeguarding the welfare of its residents. Because providers of nursing care have frequent, relatively unsupervised access to vulnerable people and their property, a nursing facility also should seriously consider whether to employ individuals who have been convicted of crimes of neglect, violence, theft or dishonesty, or financial misconduct.\54\
\54\ In OIG report A-12-97-0003 ``Safeguarding Long Term Care Residents,'' it was noted that although no Federal requirement exists for criminal background checks on nursing home staff, 33 States currently require that such checks occur. However, there appears to be great diversity in the way States identify, investigate, and report suspected abuse of nursing home residents.
Nursing facility policies should prohibit the continued employment of individuals who have been convicted of a criminal offense related to health care or who are debarred, excluded, or otherwise become ineligible for participation in Federal health care programs.\55\ In addition, if the facility has notice that an employee or contractor is charged with a criminal offense related to any Federal health care program, or is proposed for exclusion during his or her employment or contract, the facility shall take all appropriate actions to ensure that the responsibilities of that employee or contractor do not adversely affect the quality of care rendered to any patient or resident, or the accuracy of any claims submitted to any Federal health care program.\56\ If resolution of the matter results in conviction, debarment, or exclusion, the nursing facility should terminate its employment or other contract arrangement with the individual.
\55\ The effect of an OIG exclusion from Federal health care programs is that no Federal health care program payment may be made for any items or services: (1) furnished by an excluded individual or entity; or (2) directed or prescribed by an excluded physician (See 42 CFR 1001.1901). An excluded individual or entity that submits a claim for reimbursement to a Federal health care program, or causes such a claim to be submitted, may be subject to a civil money penalty of $10,000 for each item or service furnished during the period that the person or entity was excluded (See 42 U.S.C. 1320a-7a(a)(1)(D)). The individual or entity may also be subject to treble damages for the amount claimed for each item or service (See 42 U.S.C. 1320a-7a(a)). Also see OIG Special Advisory Bulletin ``The Effect of Exclusion From Participation in Federal Health Care Programs'' (September 1999).
\56\ Likewise, the facility should establish standards prohibiting the execution of contracts with companies that have been recently convicted of a criminal offense related to health care or that are listed by a Federal agency as debarred, excluded, or otherwise ineligible for participation in Federal health care programs. Prospective employees or contractors that have been officially reinstated into the Medicare and Medicaid programs by the OIG may be considered for employment upon proof of such reinstatement.
In order to ensure that nursing facilities undertake background checks of all employees to the extent required by law, the OIG recommends that the following measures be incorporated into the compliance program's policies and procedures:
‹bullet› Investigate the background of employees by checking with all
[[Page 58427]]
applicable licensing and certification authorities to verify that requisite licenses and certifications are in order;\57\
\57\ Among the sources of information on prospective employees are the State registry of nurse's aides, which provides a list of nurse aides that have successfully completed training and competency evaluations and the National Practitioner Data Bank. The Data Bank is a data base that contains information about medical malpractice payments, sanctions by boards of medical examiners or State licensing boards, adverse clinical privilege actions, and adverse professional society membership actions. Health care entities can have access to this data base to seek information about their own medical or clinical staff, as well as prospective employees or physician contractors.
‹bullet› Require all potential employees to certify that they have not been convicted of an offense that would preclude employment in a nursing facility and that they are not excluded from participation in the Federal health care programs;
‹bullet› Check available public sources, including the OIG's List of Excluded Individuals/Entities and the GSA's list of debarred contractors, to verify that employees are not excluded from participating in the Federal health care programs;\58\ and
\58\ The OIG ``List of Excluded Individuals/Entities'' provides information to health care providers, patients, and others regarding individuals and entities that are excluded from participation in Medicare and Medicaid, and other Federal health care programs. This report, in both an on-line searchable and downloadable database, can be located on the Internet at www.hhs.gov/oig. In addition, the General Services Administration maintains a monthly listing of debarred contractors, ``List of Parties Excluded From Federal Procurement and Nonprocurement Programs,'' at www.arnet.gov/epls.
The OIG sanction information is readily available to users in two formats on over 15,000 individuals and entities currently excluded from program participation through action taken by the OIG. The on-line searchable database allows users to obtain information regarding excluded individuals and entities sorted by: (1) the legal bases for exclusions; (2) the types of individuals and entities excluded by the OIG; and (3) the States where excluded individuals reside or entities do business.
‹bullet› Periodically check the OIG and GSA web sites to verify the participation/exclusion status of independent contractors and retain on file the results of that query.\59\
\59\ The introduction of PPS and consolidated billing for Medicare Part B services means that vendors and their subcontractors no longer submit bills directly to Medicare for their services. Instead, the nursing facility will be submitting consolidated bills for certain services provided to residents. Because of the new responsibilities that are imposed on nursing facilities under these reimbursement schemes, the facility may be held responsible if it claims reimbursement for items or services provided by a contractor that has been excluded.
Regardless of the size or resources of the nursing facility, employee screening is a critical component of compliance policies and procedures. Nursing facilities, like all corporations, must act through their employees and are held accountable for their actions. One of the best ways to ensure that the organization will act in conformance with the law is to hire employees and contractors who can be trusted to embrace a culture of compliance. While the resources required to check the OIG List of Excluded Individuals/Entities are minimal, the absence of an accessible centralized site for criminal background checks may result in inefficiencies and expense. While large providers may elect to outsource the screening process, this may not be a realistic option for smaller nursing facilities. Nevertheless, the OIG recommends that all nursing facilities implement a policy to undertake background checks of all employees.
-
Kickbacks, Inducements and Self-Referrals. A nursing facility should have policies and procedures to ensure compliance with the anti- kickback statute,\60\ the Stark physician self-referral law \61\ and other relevant Federal and State laws by providing guidance in situations that could lead to a violation of these laws.\62\ In particular, arrangements with hospitals, hospices, physicians and vendors are vulnerable to abuse. For example, in the case of hospitals, physicians and hospital staff exert influence over the patient and can influence the choice of a nursing facility. In addition, his or her roles as medical director and/or attending physician, a physician frequently can influence the utilization of ancillary services.\63\ Moreover, by contrast, a nursing facility operator can influence the selection of which hospices will provide hospice services and which vendors will deliver equipment and services to the facility's residents. In addition to developing policies to address arrangements with other health care providers and suppliers, nursing facilities also should implement measures to avoid offering inappropriate inducements to residents. Possible risk areas that should be addressed in the policies and procedures include:
\60\ The anti-kickback statute provides criminal penalties for individuals and entities that knowingly offer, pay, solicit or receive bribes or kickbacks or other remuneration in order to induce business reimbursable by Federal health care programs (See 42 U.S.C. 1320a-7b(b)). Civil penalties and exclusion from participation in the Federal health care programs may also result from a violation of the prohibition (See 42 U.S.C. 1320a-7a(a)(5) and 1320a-7(b)(7)).
\61\ The Stark physician self-referral law, 42 U.S.C. 1395nn, prohibits a physician from making a referral to an entity with which the physician or any member of the physician's immediate family has a financial relationship, if the referral is for the furnishing of designated health services.
\62\ The OIG has issued several advisory opinions applying the Federal statutes to arrangements that affect nursing facilities. The opinions are available on the Internet at http://www.hhs.gov/oig.
\63\ Contracts between the facility and any entity in which the facility's medical director has a financial interest may be subject to the Stark law and should be reviewed and approved by legal counsel.
‹bullet› Routinely waiving coinsurance or deductible amounts without a good faith determination that the resident is in financial need, or absent reasonable efforts to collect the cost-sharing amount;\64\
\64\ In the OIG Special Fraud Alert ``Routine Waiver of Part B Co-payments/Deductibles'' (May 1991), the OIG describes several reasons why routine waivers of these cost-sharing amounts pose abuse concerns. The Alert sets forth the circumstances under which it may be appropriate to waive these amounts.
‹bullet› Agreements between the facility and a hospital, home health agency, or hospice that involve the referral or transfer of any resident to or by the nursing home;\65\
\65\ In the Special Fraud Alert ``Fraud and Abuse in Nursing Home Arrangements With Hospices'' (March 1998), the OIG sets out the vulnerabilities in nursing home arrangements with hospices. The Alert provides several examples of questionable arrangements between hospices and nursing homes that could inappropriately influence the referral of patients. Examples include the offering of free goods or goods at below fair market value to induce a nursing home to refer patients to the hospice. Other examples demonstrating vulnerability to fraud and abuse include: (1) a hospice paying for room and board in excess of the amounts the nursing home would normally charge or receive from Medicaid; (2) a hospice paying for additional services that should be already included in the room and board payment; (3) a hospice referring patients to the nursing home in return for the nursing home's referral to the hospice. While the Special Fraud Alert focused on arrangements with hospices, nursing facilities should adopt policies that prohibit similar questionable arrangements with all health care providers.
‹bullet› Soliciting, accepting or offering any gift or gratuity of more than nominal value to or from residents, potential referral sources, and other individuals and entities with which the nursing facility has a business relationship; ‹SUP›66‹/SUP›
\66\ Providers should establish clear policies governing gift- giving, because such exchanges may be viewed as inducements to influence business decisions. Offering or providing any gift of more than nominal value to any beneficiary may be done with the intent to inappropriately influence health care decisions of the beneficiary or his or her family. Similarly, accepting gifts, hospitality, or entertainment from a source that is in a position to benefit from the referral of business, raises concerns that the gift may influence the employee's independent judgment. If the provider decides to allow employees to accept gifts or other gratuities below a certain nominal value or in an aggregate amount below an established amount per year, the provider should consider requiring employees to report those gifts.
‹bullet› Conditioning admission or continued stay at a facility on a third-party guarantee of payment, or soliciting payment for services covered by Medicaid, in addition to any amount
[[Page 58428]]
required to be paid under the State Medicaid plan; ‹SUP›67‹/SUP›
\67\ See 42 U.S.C. 1320a-7b(d)(2) which prescribes criminal penalties for knowingly and willfully charging for services provided to a Medicaid patient in excess of the rates established by the State; see also 42 CFR 483.12(d).
‹bullet› Arrangements between a nursing facility and a hospital under which the facility will only accept a Medicare beneficiary on the condition that the hospital pays the facility an amount over and above what the facility would receive through PPS; ‹SUP›68‹/SUP›
\68\ Under PPS, the payment rates represent payment in full, subject to applicable coinsurance. This includes payment for all costs associated with furnishing covered SNF services to Medicare beneficiaries. It is impermissible for a hospital to pay for SNF services if it were to do so only for those residents who are Medicare beneficiaries discharged from that hospital. However, it would be permissible for a hospital to provide or pay for items or services that are furnished to SNF residents generally, if such payments are made without regard to the payment source for the individual resident. In addition, a hospital and a SNF can enter into a permissible bed reservation agreement (See HCFA Provider Reimbursement Manual, Part I, section 2105.3).
‹bullet› Financial arrangements with physicians, including the facility's medical director; ‹SUP›69‹/SUP›
\69\ All physician contracts and agreements should be reviewed to avoid violation of the anti-kickback, self-referral, and other relevant Federal and State laws. The OIG has published safe harbors that define practices not subject to the anti-kickback statute, because such arrangements would be unlikely to result in fraud or abuse. Failure to comply with a safe harbor provision does not make an arrangement per se illegal. Rather, the safe harbors set forth specific conditions that, if fully met, would assure the entities involved of not being prosecuted or sanctioned for the arrangement qualifying for the safe harbor. One such safe harbor applies to personal services contracts (See 42 CFR 1001.952(d)).
‹bullet› Arrangements with vendors that result in the nursing facility receiving non-covered items (such as disposable adult diapers) at below market prices or no charge, provided the facility orders Medicare-reimbursed products; ‹SUP›70‹/SUP›
\70\ See OIG Special Fraud Alert ``Fraud and Abuse in the Provision of Medical Supplies to Nursing Facilities'' (August 1995). As well as violating the anti-kickback statute, both the supplier and the nursing facility may be liable for false claims if the medically unnecessary items are billed to Federal health care programs. See also OIG Advisory Opinion No.99-2 (February 1999).
‹bullet› Soliciting or receiving items of value in exchange for providing the supplier access to residents' medical records and other information needed to bill Medicare; ‹SUP›71‹/SUP›
\77\ In addition to raising concerns related to the anti- kickback statute, the unauthorized disclosure of confidential records violates the resident's rights (See 42 CFR 10(e)).
‹bullet› Joint ventures with entities supplying goods or services; ‹SUP›72‹/SUP› and
\72\ See OIG Special Fraud Alert ``Joint Venture Arrangements'' (August 1989); OIG Special Fraud Alert ``Fraud and Abuse in the Provision of Services in Nursing Facilities'' (May 1996).
‹bullet› Swapping.‹SUP›73‹/SUP›
\73\ ``Swapping'' occurs when a supplier gives a nursing facility discounts on Medicare Part A items and services in return for the referrals of Medicare Part B business. With swapping, there is a risk that suppliers may offer a SNF an excessively low price for items or services reimbursed under PPS in return for the ability to service and bill nursing facility residents with Part B coverage. See OIG Advisory Opinion 99-2 (March 1999).
In order to keep current with this area of the law, a nursing facility should obtain copies of all relevant OIG and HCFA regulations, Special Fraud Alerts, and Advisory Opinions that address the application of the anti-kickback and Stark self-referral laws to ensure that the policies reflect current positions and opinions. Further, nursing facility policies should provide that all nursing facility contracts and arrangements with actual or potential sources of referrals are reviewed by counsel and comply with applicable statutes and requirements. 3. Retention of Records
Nursing facilities that implement a compliance program should provide for the development and implementation of a records retention system. This system should establish policies and procedures regarding the creation, distribution, retention, and destruction of documents. In designing a records systems, privacy concerns and regulatory requirements should be taken into consideration. In addition to maintaining appropriate and thorough medical records on each resident, the OIG recommends that the system should include the following types of documents:
‹bullet› All records and documentation (e.g., billing and claims documentation) required for participation in Federal State, and private health care programs, including the resident assessment instrument, the comprehensive plan of care and all corrective actions taken in response to surveys;
‹bullet› All records and documentation required by private payors and other governmental institutions;
‹bullet› All records, documentation, and audit data that support and explain cost reports and other financial activity, including any internal or external compliance monitoring activities; and
‹bullet› All records necessary to demonstrate the integrity of the nursing facility compliance process and to confirm the effectiveness of the program.‹SUP›74‹/SUP›
\74\ Among the materials useful in documenting the compliance program are employee certifications relating to training and other compliance initiatives, copies of compliance training materials, and hotline logs and any corresponding reports of investigation, outcomes, and employee disciplinary actions. In addition, the facility should keep all relevant correspondence between carriers, fiscal intermediaries, private payor insurers, HCFA, and State survey and certification agencies.
While conducting its compliance activities, as well as its daily operations, a nursing facility should document its efforts to comply with applicable statutes, regulations, and Federal health care program requirements. For example, where a nursing facility requests advice from a Government agency (including a Medicare fiscal intermediary or carrier) charged with administering a Federal health care program, the nursing facility should document and retain a record of the request and any written or oral response. This step is extremely important if the nursing facility intends to rely on that response to guide it in future decisions, actions, or claim reimbursement requests or appeals. A log of oral inquiries between the nursing facility and third parties will help the organization document its attempts at compliance. In addition, these records may become relevant in a subsequent investigation to the issue of whether the facility's reliance was ``reasonable'' and whether it exercised due diligence in developing procedures and practices to implement the advice.
In short, all nursing facilities, regardless of size, must retain appropriate documentation. Further, the OIG recommends that the nursing facility:
‹bullet› Secure this information in a safe place;
‹bullet› Maintain hard copies of all electronic or database documentation; and
‹bullet› Limit access to such documentation to avoid accidental or intentional fabrication or destruction of records.‹SUP›75‹/SUP›
\75\ In addition to prohibiting the falsification and backdating of records, the provider should have clear guidelines, consistent with applicable professional and legal standards, that set out the circumstances when late entries may be made in a record.
As the Government increases its reliance on electronic data interchange to conduct business and gather information more quickly and efficiently, it is important that the nursing facility develops the capacity to ensure that all informational systems maintained by the facility are in working order, secured, and capable of accessing Federal and State databases. 4. Compliance as an Element of Employee Performance
Compliance programs should require that the promotion of, and adherence to, the elements of the compliance program be a factor in evaluating the performance of all employees.
[[Page 58429]]
Employees should be periodically trained in new compliance policies and procedures. In addition, policies should require that managers, especially those involved in the direct care of residents and in claims development and submission:
‹bullet› Discuss with all supervised employees and relevant contractors the compliance policies and legal requirements applicable to their function;
‹bullet› Inform all supervised personnel that strict compliance with these policies and procedures is a condition of employment; and
‹bullet› Disclose to all supervised personnel that the nursing facility will take disciplinary action up to and including termination for violation of these policies or requirements.
Managers and supervisors should be disciplined for failing to adequately instruct their subordinates or for failing to detect noncompliance with applicable policies and legal requirements, where reasonable diligence would have led to the discovery of any problems or violations and given the nursing facility the opportunity to correct them earlier. Conversely, those supervisors who have demonstrated leadership in the advancement of the company's code of conduct and compliance objectives should be singled out for recognition.
The OIG believes that all nursing facilities, regardless of resources or size, should ensure that its employees understand the importance of compliance with program requirements and the value the company places on its compliance program. If the small nursing facility does not have a formal employee evaluation system, it should informally convey to employees their compliance responsibilities whenever the opportunity arises. Positive reenforcement is generally more effective than sanctions in conditioning behavior and managers should be given mechanisms to reward employees who promote compliance.
-
-
Designation of a Compliance Officer and a Compliance Committee
-
Compliance Officer
Every nursing home provider should designate a compliance officer to serve as the focal point for compliance activities. This responsibility may be the individual's sole duty or added to other management responsibilities, depending upon the size and resources of the nursing facility and the complexity of the task. Designating a compliance officer with the appropriate authority is critical to the success of the program, necessitating the appointment of a high-level official with direct access to the nursing facility's president or CEO, governing body, all other senior management, and legal counsel.‹SUP›76‹/SUP› The officer should have sufficient funding and staff to perform his or her responsibilities fully.
\76\ The OIG believes it is not advisable for the compliance function to be subordinate to the nursing facility's general counsel, or comptroller or similar financial officer. Free standing compliance functions help to ensure independent and objective legal reviews and financial analysis of the institution's compliance efforts and activities. By separating the compliance function from the key management positions of general counsel or chief financial officer (where the size and structure of the nursing facility make this a feasible option), a system of checks and balances is established to more effectively achieve the goals of the compliance program.
Coordination and communication are the key functions of the compliance officer with regard to planning, implementing, and monitoring the compliance program.
The compliance officer's primary responsibilities should include:
‹bullet› Overseeing and monitoring implementation of the compliance program; ‹SUP›77‹/SUP›
\77\ For multi-facility organizations, the OIG encourages coordination with each facility owned by the corporation through the use of a headquarter's compliance officer, communicating with parallel positions or compliance liaison in each facility or regional office, as appropriate.
‹bullet› Reporting on a regular basis to the nursing facility's governing body, CEO, and compliance committee (if applicable) on the progress of implementation, and assisting these components in establishing methods to improve the nursing facility's efficiency and quality of services, and to reduce the facility's vulnerability to fraud, abuse, and waste;
‹bullet› Periodically revising the program in light of changes in the organization's needs, and in the law and policies of Government and private payor health plans;
‹bullet› Developing, coordinating, and participating in a multifaceted educational and training program that focuses on the elements of the compliance program, and seeking to ensure that all relevant employees and management understand and comply with pertinent Federal and State standards;
‹bullet› Ensuring that independent contractors and agents who furnish physician, nursing, or other health care services to the residents of the nursing facility are aware of the requirements of the nursing facility's compliance program with respect to residents' rights, billing, and marketing, among other things;
‹bullet› Coordinating personnel issues with the nursing facility's Human Resources/Personnel office (or its equivalent) to ensure that (i) the National Practitioner Data Bank ‹SUP›78‹/SUP› has been checked with respect to all medical staff and independent contractors (as appropriate) and (ii) the List of Excluded Individuals/Entities ‹SUP›79‹/SUP› has been checked with respect to all employees, medical staff, and independent contractors; ‹SUP›80‹/SUP›
\78\ See note 60.
\79\ See note 61.
\80\ The compliance officer may also have to ensure that the criminal backgrounds of employees have been checked depending upon State requirements or nursing facility policy.
‹bullet› Assisting the nursing facility's financial management in coordinating internal compliance review and monitoring activities, including annual or periodic reviews of departments;
‹bullet› Independently investigating and acting on matters related to compliance, including the flexibility to design and coordinate internal investigations (e.g., responding to reports of problems or suspected violations) and any resulting corrective action (e.g., making necessary improvements to nursing facility policies and practices, taking appropriate disciplinary action, etc.) with all nursing facility departments, subcontracted providers, and health care professionals under the nursing facility's control;
‹bullet› Participating with facility's counsel in the appropriate reporting of self-discovered violations of program requirements; and
‹bullet› Continuing the momentum of the compliance program after the initial years of implementation.‹SUP›81‹/SUP›
\81\ There are many approaches the compliance officer may enlist to maintain the vitality of the compliance program. Periodic on-site visits of nursing facility operations, bulletins with compliance updates and reminders, distribution of audiotapes or videotapes on different risk areas, lectures at management and employee meetings, and circulation of recent health care articles covering fraud and abuse are some examples of approaches the compliance officer can employ.
The compliance officer must have the authority to review all documents and other information that are relevant to compliance activities, including, but not limited to, medical and billing records, and documents concerning the marketing efforts of the nursing facility and its arrangements with other health care providers, including physicians and independent contractors. This review authority enables the compliance officer to examine contracts and obligations (seeking the advice of legal counsel, where appropriate) that may contain referral and payment provisions that could violate the anti-kickback statute or regulatory requirements.
[[Page 58430]]
A small nursing facility may not have the resources to hire or appoint a full time compliance officer. Multi-facility providers also may consider appointing one compliance officer at the corporate level and creating compliance liaisons officers at each facility. In any event, each facility should have a person in its organization (this person may have other functional responsibilities) who can oversee the nursing facility's compliance with applicable statutes, rules, regulations, and policies. The structure and comprehensiveness of the facility's compliance program will help determine the responsibilities of each individual compliance officer. 2. Compliance Committee
The OIG recommends that a compliance committee be established to advise the compliance officer and assist in the implementation of the compliance program.‹SUP›82‹/SUP› When developing an appropriate team of people to serve as the nursing facility's compliance committee, a facility should consider a variety of skills and personality traits that are expected from those in such positions.‹SUP›83‹/SUP› Once a nursing facility chooses the people that will accept the responsibilities vested in members of the compliance committee, the nursing facility needs to train these individuals on the policies and procedures of the compliance program, as well as how to discharge their duties.
\82\ The compliance committee benefits from having the perspectives of individuals with varying responsibilities in the organization, such as operations, finance, audit, human resources, and clinical management (e.g., the nursing facility physician), as well as employees and managers of key operating units. The compliance officer should be an integral member of the committee as well. All committee members should have the requisite seniority and comprehensive experience within their respective departments to implement any necessary changes to policies and procedures as recommended by the committee.
\83\ A health care provider should expect its compliance committee members and compliance officer to demonstrate high integrity, good judgment, assertiveness, and an approachable demeanor, while eliciting the respect and trust of employees of the nursing facility. These interpersonal skills are as important as the professional experience of each member of the compliance committee.
The committee's functions should include:
‹bullet› Analyzing the legal requirements with which the nursing facility must comply, and specific risk areas;
‹bullet› Assessing existing policies and procedures that address these risk areas for possible incorporation into the compliance program;
‹bullet› Working with appropriate departments to develop standards of conduct, and policies and procedures to promote compliance with legal and ethical requirements;
‹bullet› Recommending and monitoring, in conjunction with the relevant departments, the development of internal systems and controls to carry out the organization's policies;
‹bullet› Determining the appropriate strategies and approaches to promote compliance with program requirements and detection of any potential violations, such as through hotlines and other fraud reporting mechanisms;
‹bullet› Developing a system to solicit, evaluate, and respond to complaints and problems; and
‹bullet› Monitoring internal and external audits and investigations for the purpose of identifying deficiencies, and implementing corrective action.
The committee may also undertake other functions as the compliance concept becomes part of the overall nursing facility operating structure and daily routine. The compliance committee is an extension of the compliance officer and provides the organization with increased oversight. The OIG recognizes that some nursing facilities may not have the resources or the need to establish a compliance committee. However, when potential problems are identified, the OIG recommends these nursing facilities create a ``task force,'' to address the particular problem. The members of the task force may vary depending upon the issue. For example, if problems are identified as a result of a State or Federal survey, the OIG recommends that a task force be created to examine the deficiencies identified by the survey and to develop plans of actions to correct the underlying causes of the deficiency.
-
-
Conducting Effective Training and Education
The proper education and training of corporate officers, managers and health care professionals, and the continual retraining of current personnel at all levels are critical elements of an effective compliance program. These training programs should include sessions summarizing the organization?s compliance program, fraud and abuse laws and Federal and private payor health care program requirements. More specific training on issues such as claims development and submission processes, resident rights, and marketing practices should be targeted at those employees and contractors whose job requirements make the information relevant.‹SUP›84‹/SUP›
\84\ Specific compliance training should complement any ``in- service'' training sessions that a nursing facility may regularly schedule to provide an ongoing program for the training of employees as required by its conditions of participation.
The organization must take steps to communicate effectively its standards and procedures to all affected employees, physicians, independent contractors, and other significant agents by requiring participation in such training programs and by other means, such as disseminating publications that explain specific requirements in a practical manner.‹SUP›85‹/SUP›
\85\ Some publications, such as OIG's Special Fraud Alerts, audit and inspection reports, and advisory opinions are readily available from the OIG and can provide a basis for educational courses and programs for appropriate nursing facility employees.
Managers of specific departments or groups can assist in identifying areas that require training and in carrying out such training.‹SUP›86‹/SUP› Training instructors may come from outside or inside the organization, but must be qualified to present the subject matter involved and sufficiently experienced in the issues presented to adequately field questions and coordinate discussions among those being trained.
\86\ Significant variations in the functions and responsibilities of different departments or groups may create the need for training materials that are tailored to compliance concerns associated with particular operations and duties.
The nursing facility should train new employees soon after they have started working.‹SUP›87‹/SUP› Training programs and materials should be designed to take into account the skills, experience, and knowledge of the individual trainees. The compliance officer should document any formal training undertaken by the nursing facility as part of the compliance program.
\87\ Certain positions, such as those that involve billing, coding and the submission of reimbursement data, create greater organizational legal exposure, and therefore require specialized training. Those hired to treat residents should undergo specialized training in residents' rights and survey and certification procedures.
A variety of teaching methods, such as interactive training, and where a nursing facility has a culturally diverse staff, training in different languages, should be implemented so that all affected employees understand the institution's standards of conduct and procedures for alerting senior management to problems and concerns.‹SUP›88‹/SUP›
\88\ Post-training tests can be used to assess the success of training provided and employee comprehension of the nursing facility's policies and procedures.
In addition to specific training in the risk areas identified in section II.B.2, primary training for appropriate corporate officers, managers, and facility staff should include such topics as:
‹bullet› Compliance with Medicare conditions of participation;
[[Page 58431]]
‹bullet› Appropriate and sufficient documentation;
‹bullet› Prohibitions on paying or receiving remuneration to induce referrals;
‹bullet› Improper alterations to clinical or financial records;
‹bullet› Resident rights; and
‹bullet› The duty to report misconduct.
The OIG suggests that all relevant personnel participate in the various educational and training programs of the nursing facility.‹SUP›89‹/SUP› Employees should be required to have a minimum number of educational hours per year, as appropriate, as part of their employment responsibilities.‹SUP›90‹/SUP› For example, for certain employees involved in the nursing facility admission functions, periodic training in applicable reimbursement coverage and eligibility requirements should be required. In nursing facilities with high employee turnover, periodic training updates are critical.
\89\ In addition, where feasible, the OIG recommends that a nursing facility give vendors and outside contractors the opportunity to participate in the nursing facility's compliance training and educational programs. Such training is particularly important for facilities that rely on agencies to provide temporary direct care staff. The introduction of consolidated billing gives added importance to educating vendors about the facility's compliance policies and procedures.
\90\ Currently, the OIG is monitoring a significant number of corporate integrity agreements that require many of these training elements. The OIG usually requires a minimum of one to three hours annually for basic training in compliance areas. Additional training is required for specialty fields such as claims development and billing.
The OIG recognizes that the format of the training program will vary depending upon the resources of the nursing facility. For example, a nursing facility with limited resources may want to create a videotape for each type of training session so new employees can receive training in a timely manner. If videos are used for compliance training, the OIG suggests that a nursing facility make an individual available to field questions from video trainees.
The OIG recommends that participation in training programs be made a condition of continued employment and that failure to comply with training requirements should result in disciplinary action, when such failure is serious. Adherence to the training requirements as well as other provisions of the compliance program should be a factor in the annual evaluation of each employee. The nursing facility should retain adequate records of its training of employees, including attendance logs and material distributed at training sessions.
-
Developing Effective Lines of Communication
-
Access to the Compliance Officer
In order for a compliance program to work, employees must be able to ask questions and report problems. The first line supervisors play a key role in responding to employee concerns and it is appropriate that they serve as a first line of communications. In order to encourage communications, confidentiality and non-retaliation policies should be developed and distributed to all employees.\91\
\91\ In some cases, employees sue their employers under the False Claims Act's qui tam provisions out of frustration because of the company's failure to take action when the employee brought a questionable, fraudulent, or abusive situation to the attention of senior corporate officials. Whistle blowers must be protected against retaliation, a concept embodied in the provisions of the False Claims Act (See 31 U.S.C. 3730(h)).
Open lines of communication between the compliance officer and nursing facility employees is equally important to the successful implementation of a compliance program and the reduction of any potential for fraud and abuse. In addition to serving as a contact point for reporting problems, the compliance officer should be viewed as someone to whom personnel can go to get clarification on the facility's policies. Questions and responses should be documented and dated and, if appropriate, shared with other staff so that standards can be updated and improved to reflect any necessary changes or clarifications.\92\
\92\ Nursing facilities can also consider rewarding employees for appropriate use of established reporting systems. After all, the employee who identifies and helps stop an abusive practice can benefit the corporation as much as one who identifies cost-savings measures or increases corporate revenues.
-
Hotlines and Other Forms of Communication
The OIG encourages the use of hotlines,\93\ e-mails, newsletters, suggestion boxes, and other forms of information exchange to maintain open lines of communication.\94\ If the nursing facility establishes a hotline, the telephone number should be made readily available to all employees, independent contractors, residents, and family members by circulating the number on wallet cards or conspicuously posting the telephone number in common work areas.\95\ Employees should be permitted to report matters on an anonymous basis. Matters reported through the hotline or other communication sources that suggest substantial violations of compliance policies or Federal health care program statutes and regulations should be documented and investigated promptly to determine their veracity. The compliance officer should maintain a log that records such calls, including the nature of any investigation and its results.\96\ Such information, redacted of individual identifiers, should be included in reports to the governing body, the CEO, and compliance committee.\97\ While the nursing facility should always strive to maintain the confidentiality of an employee's identity, it should also make clear that there may be a point where the individual's identity may become known or may have to be revealed in certain instances. The OIG recognizes that protecting anonymity may be infeasible for small nursing facilities. However, the OIG believes all facility employees, when seeking answers to questions or reporting potential instances of fraud and abuse, should know to whom to turn for attention and should be able to do so without fear of retribution.
\93\ The OIG recognizes that it may not be financially feasible for a smaller nursing facility to maintain a telephone hotline dedicated to receiving calls about compliance issues. These companies may want to explore alternative methods, e.g., outsourcing the hotline or establishing a written method of confidential disclosure.
\94\ In addition, an effective employee exit interview program could be designed to solicit information from departing employees regarding potential misconduct and suspected violations of nursing facility policy and procedures.
\95\ Nursing facilities should also post in a prominent area the HHS-OIG Hotline telephone number, 1-800-447-8477 (1-800-HHS-TIPS).
\96\ To efficiently and accurately fulfill such an obligation, the nursing facility should create an intake form for all compliance issues identified through reporting mechanisms. The form could include information concerning the date that the potential problem was reported, the results of the internal investigation, and, as appropriate, the corrective action implemented, the disciplinary measures imposed, and/or any identified overpayments returned.
\97\ Information obtained over the hotline may provide valuable insight into management practices and operations, whether reported problems are actual or perceived.
-
-
Auditing and Monitoring
The OIG believes that an effective program should incorporate thorough monitoring of its implementation and an ongoing evaluation process. The compliance officer should document this ongoing monitoring, including reports of suspected noncompliance, and share these assessments with the nursing facility's senior management and the compliance committee. The extent and frequency of the compliance audits may vary depending on variables such as the nursing facility's available resources, prior history of
[[Page 58432]]
noncompliance, and the risk factors particular to the facility.\98\
\98\ Even when a nursing facility or group of facilities is owned by a larger corporate entity, the regular auditing and monitoring of the compliance activities of an individual facility must be a key feature in any annual review. Appropriate reports on audit findings should be periodically provided and explained to a parent organization's senior staff and officers.
Although many assessment techniques are available, one effective tool is the performance of regular, periodic compliance audits by internal or external evaluators who have expertise in Federal and State health care statutes, regulations, and program requirements, as well as private payor rules. These assessments should focus both on the nursing facility's day-to-day operations, as well as its adherence to the rules governing claims development, billing and cost reports, and relationships with third parties. The reviews also should address the nursing facility's compliance with the Medicare conditions of participation and the specific rules and policies that have been the focus of particular attention by the Medicare fiscal intermediaries or carriers, survey agencies, and law enforcement.\99\
\99\ See also section II.B.2.
Monitoring techniques may include sampling protocols that permit the compliance officer to identify and review variations from an established performance baseline.\100\ Significant variations from the baseline should trigger an inquiry to determine the cause of the deviation. If the inquiry determines that the deviation occurred for legitimate reasons, the compliance officer and nursing facility management may want to take no action. If it is determined that the deviation was caused by a departure from or misunderstanding of the facility's policies, the nursing facility should take prompt steps to correct the problem. Any overpayments discovered as a result of such deviations should be returned promptly to the affected payor,\101\ with appropriate documentation and a sufficiently detailed explanation of the reason for the refund.\102\
\100\ The OIG recommends that when a compliance program is established in a nursing facility, the compliance officer, with the assistance of department managers, should take a ``snapshot'' of their operations from a compliance perspective. This assessment can be undertaken by outside consultants or internal staff, provided they have knowledge of health care program requirements. This ``snapshot'' can serve as a baseline for the compliance officer and other managers to judge the nursing facility's progress in reducing potential areas of vulnerability.
\101\ See Provider Reimbursement Manual 1, Sec. 2836(D)(3), which sets out the MDS correction policy.
\102\ In addition, when appropriate, as referenced in section H.2, below, reports of fraud or systemic problems should also be made to the appropriate governmental authority.
In addition to evaluating the facility's conformance with program rules, an effective compliance program should also incorporate periodic (at least annual) reviews of whether the program's compliance elements have been satisfied, e.g., whether there has been appropriate dissemination of the program's standards, ongoing educational programs, and internal investigations of alleged non-compliance. This process will assess actual conformance by all departments with the compliance program and may identify areas for improvements in the program, as well as the nursing facility's general operations.
The OIG requires a provider operating under a CIA to conduct an annual assessment of its compliance with the elements of the CIA. A compliance officer may want to review several CIAs in designing the facility's self-audit protocol.\103\
\103\ Examples of CIA audit protocols can be obtained from the OIG by submitting a request pursuant to the Freedom of Information Act. In addition, the American Institute of Certified Public Accountants (AICPA) has issued a detailed guide for conducting an independent assessment of a health care provider's conformance to a CIA. See AICPA Statement of Position 99-1, ``Guidance to Practitioners in Conducting and Reporting on an Agreed-Upon Procedures Engagement to Assist in Evaluating Compliance with a Corporate Integrity Agreement'' ( May 1999).
As part of the review process, the compliance officer or reviewers should consider techniques such as:
‹bullet› On-site visits to all facilities owned and/or operated by the nursing home owner;
‹bullet› Testing the billing and claims reimbursement staff on its knowledge of applicable program requirements and claims and billing criteria;
‹bullet› Unannounced mock surveys and audits;
‹bullet› Examination of the organization's complaint logs and investigative files;
‹bullet› Legal assessment of all contractual relationships with contractors, consultants and potential referral sources;
‹bullet› Reevaluation of deficiencies cited in past surveys for State requirements and Medicare conditions of participation;
‹bullet› Checking personnel records to determine whether individuals who previously have been reprimanded for compliance issues are now conforming to facility policies;
‹bullet› Questionnaires developed to solicit impressions of a broad cross-section of the nursing facility's employees and staff;
‹bullet› Validation of qualifications of nursing facility physicians and other staff, including verification of applicable State license renewals;
‹bullet› Trend analysis, or longitudinal studies, that uncover deviations in specific areas over a given period;
‹bullet› Analyzing past survey reports for patterns of deficiencies to determine if the proposed corrective plan of action identified the underlying problem and was undertaken within the assigned time limits.
The reviewers should:
‹bullet› Have the qualifications and experience necessary to adequately identify potential issues with the subject matter that is reviewed;
‹bullet› Be objective and independent of line management to the extent reasonably possible;\104\
\104\ The OIG recognizes that nursing facilities that have limited resources may not be able to use internal reviewers who are not part of line management or hire outside reviewers.
‹bullet› Have access to existing audit and health care resources, relevant personnel, and all relevant areas of operation;
‹bullet› Present written evaluative reports on compliance activities to the CEO, governing body, and members of the compliance committee on a regular basis, but no less often than annually; and
‹bullet› Specifically identify areas where corrective actions are needed.
The extent and scope of a nursing facility's compliance self-audits will depend on the facility's identified risk areas, past history of deficiencies and enforcement actions, and resources. If the facility comes under Government scrutiny in the future, the Government will assess whether the facility developed a reasonable audit plan based upon identified risk areas and resources. If the Government determines that the nursing facility failed to develop an adequate audit program, the Government will be less likely to afford the nursing facility favorable treatment under the Federal Sentencing Guidelines.
-
Enforcing Standards Through Well-Publicized Disciplinary Guidelines
-
Disciplinary Policy and Enforcement
An effective compliance program should include disciplinary policies that set out the consequences of violating the nursing facility's standards of conduct, policies and procedures. Intentional noncompliance should subject transgressors to significant sanctions. Such sanctions could range
[[Page 58433]]
from oral warnings to suspension, termination, or financial penalties, as appropriate. Disciplinary action may be appropriate where a responsible employee's failure to detect a violation is attributable to his or her negligence or reckless conduct. Each situation must be considered on a case-by-case basis to determine the appropriate response.
The written standards of conduct should elaborate on the procedures for handling disciplinary problems and those who will be responsible for taking appropriate action. Some disciplinary actions can be handled by department or agency managers, while others may have to be resolved by a senior administrator. The nursing facility should advise personnel that disciplinary action will be taken on a fair and equitable basis. Managers and supervisors should be made aware that they have a responsibility to discipline employees in an appropriate and consistent manner.
It is vital to publish and disseminate the range of disciplinary standards for improper conduct and to educate employees regarding these standards. The consequences of noncompliance should be consistently applied and enforced, in order for the disciplinary policy to have the required deterrent effect. All levels of employees should be potentially subject to the same types of disciplinary action for the commission of similar offenses, because the commitment to compliance applies to all personnel within a nursing facility. This means that corporate officers, managers, and supervisors should be held accountable for failing to comply with, or for the foreseeable failure of their subordinates to adhere to, the applicable standards, laws, and procedures.
-
-
Responding to Detected Offenses and Developing Corrective Action Initiatives
Violations of a nursing facility's compliance program, failures to comply with applicable Federal or State law, and other types of misconduct threaten a facility's status as a reliable, honest and trustworthy provider of health care. Detected but uncorrected misconduct can seriously endanger the reputation and legal status of the nursing facility. Consequently, upon receipt of reports or reasonable indications of suspected noncompliance, it is important that the compliance officer or other management officials immediately investigate the allegations to determine whether a material violation of applicable law or the requirements of the compliance program has occurred, and if so, take decisive steps to correct the problem.\105\ As appropriate, such steps may include a corrective action plan,\106\ the return of any overpayments, a report to the Government,\107\ and/or a referral to criminal and/or civil law enforcement authorities.
\105\ Instances of noncompliance must be determined on a case- by-case basis. The existence or amount of a monetary loss to a health care program is not solely determinative of whether the conduct should be investigated and reported to governmental authorities. In fact, there may be instances where there is no readily identifiable monetary loss, but corrective actions are still necessary to protect the integrity of the applicable program and its beneficiaries, e.g., where services required by a plan of care are not provided.
\106\ The nursing facility may seek advice from its in-house counsel or an outside law firm to determine the extent of the facility's liability and to plan the appropriate course of action.
\107\ Nursing facilities are required to immediately report all alleged incidents of mistreatment, neglect, abuse and misappropriation of resident property to both the facility administrator and other officials in accordance with State law (See 42 CFR 483.13(c)(2)). The OIG also has established a provider self- disclosure protocol that encourages providers voluntarily to report suspected fraud. The concept of voluntary self-disclosure is premised on a recognition that the Government alone cannot protect the integrity of the Medicare and other Federal health care programs. Health care providers must be willing to police themselves, correct underlying problems, and work with the Government to resolve these matters. The self-disclosure protocol can be located on the OIG's web site at: http://www.hhs.gov/oig.
Where potential fraud is not involved, the OIG recommends that the nursing facility use normal repayment channels to return overpayments as they are discovered. However, even if the nursing facility's billing department is effectively using the overpayment detection and return process, the OIG believes that the facility needs to alert the compliance officer to those overpayments that may reveal trends or patterns indicative of a systemic problem.
Depending upon the nature of the alleged violations, an internal investigation will probably include interviews and a review of relevant documents. Under some circumstances, the facility may need to consider engaging outside counsel, auditors, or health care experts to assist in an investigation. Records of the investigation should contain documentation of the alleged violation, a description of the investigative process (including the objectivity of the investigators and methodologies utilized), copies of interview notes and key documents, a log of the witnesses interviewed and the documents reviewed, the results of the investigation, e.g., any disciplinary action taken, and the corrective action implemented. While any action taken as the result of an investigation will necessarily vary depending upon the situation, nursing facilities should strive for some consistency by using sound practices and disciplinary protocols.\108\ Further, the compliance officer should review the circumstances that formed the basis for the investigation to determine whether similar problems have been uncovered or modifications of the compliance program are necessary to prevent and detect other inappropriate conduct or violations.
\108\ The parameters of a claims review subject to an internal investigation will depend on the circumstances surrounding the issues identified. By limiting the scope of an internal audit to current billing, a nursing facility may fail to discover major problems and deficiencies in operations, and it may be subject to certain liability.
If the nursing facility undertakes an investigation of an alleged violation and the compliance officer believes the integrity of the investigation may be at stake because of the presence of employees under investigation, the facility should remove those individuals from their current responsibilities until the investigation is completed (unless there is an ongoing internal or Government-led undercover operation known to the nursing facility). In addition, the compliance officer should take appropriate steps to secure or prevent the destruction of documents or other evidence relevant to the investigation. If the nursing facility determines that disciplinary action is warranted, it should be promptly imposed in accordance with the facility's written standards of disciplinary action. Reporting
Where the compliance officer, compliance committee, or a management official discovers credible evidence of misconduct from any source and, after a reasonable inquiry, has reason to believe that the misconduct may violate criminal, civil or administrative law, the facility should promptly report the existence of misconduct to the appropriate Federal and State authorities\109\ within a reasonable period, but not more than 60 days\110\ after determining that there is
[[Page 58434]]
credible evidence of a violation.\111\ Prompt voluntary reporting will demonstrate the nursing facility's good faith and willingness to work with governmental authorities to correct and remedy the problem. In addition, reporting such conduct will be considered a mitigating factor by the OIG in determining administrative sanctions (e.g., penalties, assessments, and exclusion), if the reporting provider becomes the target of an OIG investigation.\112\
\109\ Appropriate Federal and State authorities include the OIG, the Criminal and Civil Divisions of the Department of Justice, the U.S. Attorney in relevant districts, the Federal Bureau of Investigation, and the other investigative arms for the agencies administering the affected Federal or State health care programs, such as the State Medicaid Fraud Control Unit, the Defense Criminal Investigative Service, the Department of Veterans Affairs, and the Office of Personnel Management (which administers the Federal Employee Health Benefits Program). See note 107.
\110\ In contrast, to qualify for the ``not less than double damages'' provision of the False Claims Act, the provider must provide the report to the Government within 30 days after the date when the provider first obtained the information. 31 U.S.C. 3729(a).
\111\ Some violations may be so serious that they warrant immediate notification to governmental authorities prior to, or simultaneous with, commencing an internal investigation. By way of example, the OIG believes a provider should report misconduct that: (1) is a clear violation of OIG administrative authorities, civil fraud, or criminal laws; (2) has a significant adverse effect on the quality of care provided to residents (in addition to any other legal obligations regarding quality of care); or (3) indicates evidence of a systemic failure to comply with applicable laws or an existing corporate integrity agreement, regardless of the financial impact on Federal health care programs.
\112\ The OIG has published criteria setting forth those factors that the OIG takes into consideration in determining whether it is appropriate to exclude a health care provider from program participation pursuant to 42 U.S.C. 1 320a-7(b)(7) for violations of various fraud and abuse laws. See 62 FR 67392 (December 24, 1997).
When reporting to the Government, a nursing facility should provide all evidence relevant to the alleged violation of applicable Federal or State law(s) and potential cost impact. The compliance officer, under advice of counsel and with guidance from the governmental authorities, could be requested to continue to investigate the reported violation. Once the investigation is completed, the compliance officer should notify the appropriate governmental authority of the outcome of the investigation, including a description of the impact of the alleged violation on the operation of the applicable health care programs or their beneficiaries. If the investigation ultimately reveals that criminal, civil or OIG violations have occurred, the nursing facility should immediately notify appropriate Federal and State authorities.
As previously stated, the nursing facility should take appropriate corrective action, including prompt identification of any overpayment to the affected payor. If potential fraud is involved, the nursing facility should return any overpayment during the course of its disclosure to the Government. Otherwise, the nursing facility should use normal repayment channels for reimbursing identified overpayments.\113\ A knowing and willful failure to disclose overpayments within a reasonable period of time could be interpreted as an attempt to conceal the overpayment from the Government, thereby establishing an independent basis for a criminal violation with respect to the nursing facility, as well as any individual who may have been involved.\114\ For this reason, nursing facility compliance programs should emphasize that overpayments should be promptly disclosed and returned to the entity that made the erroneous payment.
\113\ A nursing facility should consult with its Medicare fiscal intermediary (FI) and the appropriate sections of the PRM for additional guidance regarding refunds under Medicare Part A. See note 101. The FI may require certain information (e.g., alleged violation or issue causing overpayment, description of the internal investigative process with methodologies used to determine any overpayments, and corrective actions taken, etc.) to be submitted with return of any overpayments, and that such repayment information be submitted to a specific department or individual. When appropriate, interest may be assessed on the overpayment. See 42 CFR 405.376.
\114\See 42 U.S.C. 1320a-7b(a)(3) and 18 U.S.C. 669.
-
-
Assessing the Effectiveness of a Compliance Program
Considering the financial and human resources needed to establish an effective compliance program, sound business principles dictate that the nursing home's management evaluate the return on that investment. In addition, a compliance program must be ``effective'' for the Government to view its existence as a mitigating factor when assessing culpability. How a nursing facility assesses its compliance program performance is therefore integral to its success. The attributes of each individual element of a compliance program must be evaluated in order to assess the program's ``effectiveness'' as a whole. Examining the comprehensiveness of policies and procedures implemented to satisfy these elements is merely the first step. Evaluating how a compliance program performs during the provider's day-to-day operations becomes the critical indicator.\115\
\115\ Evaluation may be accomplished through techniques such as employee surveys, management assessments, and periodic review of benchmarks established for audits, investigations, disciplinary action, overpayments, and employee feedback. The nursing facility should evaluate all elements of its compliance program, including policies, training, practices, and compliance personnel.
As previously stated, a compliance program should require the development and distribution of written compliance policies, standards, and practices that identify specific areas of risk and vulnerability. One way to judge whether these policies, standards, and practices measure up is to observe how an organization's employees react to them. Do employees experience recurring pitfalls because the guidance on certain issues is not adequately covered in company policies? Do employees flagrantly disobey an organization's standards of conduct because they observe no sincere buy-in from senior management? Do employees have trouble understanding policies and procedures because they are written in legalese or at difficult reading levels? Does an organization routinely experience systematic billing failures because of poor instructions to employees on how to implement written policies and practices? Written compliance policies, standards, and practices are only as good as an organization's commitment to apply them in practice.
Every nursing facility needs to seriously consider whoever fills the integral roles of compliance officer and compliance committee members, and periodically monitor how the individuals chosen satisfy their responsibilities. Does a compliance officer have sufficient professional experience working with billing, clinical records, documentation, and auditing principles to perform assigned responsibilities fully? Has a compliance officer or compliance committee been unsuccessful in fulfilling their duties because of inadequate funding, staff, and authority necessary to carry out their jobs? Did the addition of the compliance officer function to a key management position with other significant duties compromise the goals of the compliance program (e.g., chief financial officer who discounts certain overpayments identified to improve the company's bottom line profits)? Since a compliance officer and a compliance committee can have a significant impact on how effectively a compliance program is implemented, those functions should not be taken for granted.
As evidenced throughout this guidance, the proper education and training of corporate officers, managers, health care professionals, and other applicable employees of a provider, and the continual retraining of current personnel at all levels, are significant elements of an effective compliance program. Accordingly, such efforts should be routinely evaluated. Are employees trained frequently enough? Do employees fail post-training tests that evaluate knowledge of compliance? Do training sessions and materials adequately summarize important aspects of the organization's compliance program, such as fraud and abuse laws,
[[Page 58435]]
Federal health care program and private payor requirements, and claims development and submission processes? Are training instructors qualified to present the subject matter and experienced enough to field questions? When thorough compliance training is periodically conducted, employees receive the reinforcement they need to ensure an effective compliance program.
An open line of communication between the compliance officer and a provider's employees is equally important to the success of a compliance program. In today's intensive regulatory environment, the OIG believes that a provider cannot possibly have an effective compliance program if it receives minimal feedback from its employees regarding compliance matters. For instance, if a compliance officer does not receive appropriate inquiries from employees: Do policies and procedures fail to adequately guide employees to whom and when they should be communicating compliance matters? Do employees fear retaliation if they report misconduct? Are employees reporting issues not related to compliance through the wrong channels? Do employees have bad-faith, ulterior motives for reporting? Regardless of the means that a provider uses, whether it be telephone hotline, email, or suggestion boxes, employees should seek clarification from compliance staff in the event of any confusion or question dealing with compliance policies, practices, or procedures.
An effective compliance program should include guidance regarding disciplinary action for corporate officers, managers, health care professionals, and other employees who have failed to adhere to an organization's standards of conduct, Federal health care program requirements, or Federal or State laws. The number and caliber of disciplinary actions taken by an organization can be insightful. Have appropriate sanctions been applied to compliance misconduct? Are sanctions applied to all employees consistently, regardless of an employee's level in the corporate hierarchy? Have double-standards in discipline bred cynicism among employees? When disciplinary action is not taken seriously or applied haphazardly, such practices reflect poorly on senior management's commitment to foster compliance as well as the effectiveness of an organization's compliance program in general.
Another critical component of a successful compliance program is an ongoing monitoring and auditing process. The extent and frequency of the audit function may vary depending on factors such as the size and available resources, prior history of noncompliance, and risk factors of a particular nursing facility. The hallmark of effective monitoring and auditing efforts is how an organization determines the parameters of its reviews. Do audits focus on all pertinent departments of an organization? Does an audit cover compliance with all applicable laws, as well as Federal and private payor requirements? Are results of past audits, pre-established baselines, or prior deficiencies reevaluated? Are the elements of the compliance program monitored? Are auditing techniques valid and conducted by objective reviewers? The extent and sincerity of an organization's efforts to confirm its compliance often proves to be a revealing determinant of a compliance program's effectiveness.
It is essential that the compliance officer or other management officials immediately investigate reports or reasonable indications of suspected noncompliance. If a material violation of applicable law or compliance program requirements has occurred, a provider must take decisive steps to correct the problem. Nursing facilities that do not thoroughly investigate misconduct leave themselves open to undiscovered problems. When a provider learns of certain issues, does it knowingly disregard associated legal exposure? Is there a correlation between deficiency identified and the corrective action necessary to remedy? Are isolated overpayment matters properly resolved through normal repayment channels? Is credible evidence of misconduct that may violate criminal, civil or administrative law promptly reported to the appropriate Federal and State authorities? If the process of responding to detected offenses is circumvented, such conduct would indicate an ineffective compliance program.
Documentation is the key to demonstrating the effectiveness of a nursing facility's compliance program. For example, documentation of the following should be maintained: audit results; logs of hotline calls and their resolution; corrective action plans; due diligence efforts regarding business transactions; records of employee training, including the number of training hours; disciplinary action; and modification and distribution of policies and procedures. Because the OIG encourages self-disclosure of overpayments and billing irregularities, maintaining a record of disclosures and refunds to the health care programs is strongly endorsed. A documented practice of refunding of overpayments and self-disclosing incidents of non- compliance with Federal and private payor health care program requirements is powerful evidence of a meaningful compliance effort.
-
Conclusion
Through this document, the OIG has attempted to provide a foundation for the process necessary to develop an effective and cost- efficient nursing facility compliance program. However, each program must be tailored to fit the needs and resources of a particular facility, depending upon its unique corporate structure, mission, and employee composition. The statutes, regulations, and guidelines of the Federal and State health insurance programs, as well as the policies and procedures of the private health plans, should be integrated into every nursing facility's compliance program.
The OIG recognizes that the health care industry in this country, which reaches millions of beneficiaries and expends about a trillion dollars annually, is constantly evolving. The time is right for nursing facilities to implement a strong voluntary health care compliance program. Compliance is a dynamic process that helps to ensure that nursing facilities and other health care providers are better able to fulfill their commitment to ethical behavior, as well as meet the changes and challenges being placed upon them by Congress and private insurers. Ultimately, it is the OIG's hope that a voluntarily created compliance program will enable nursing facilities to meet their goals, improve the quality of resident care, and substantially reduce fraud, waste, and abuse, as well as the cost of health care to Federal, State, and private health insurers.
Dated: October 22, 1999. June Gibbs Brown, Inspector General.
[FR Doc. 99-28094Filed10-28-99; 8:45 am]
BILLING CODE 4150-04-P
