Compliance and Ethics Program NASVH – CFO Forum July 11, 2012 Presented By: Donna R. Burn Medicare Compliance Louisiana Department of Veterans Affairs

Compliance Programs for Nursing Facilities required by March 2013 The requirement is in the Affordable Care Act – Health Care Reform Act. Affordable Care Act (ACA) _ Nursing Home (NH) Transparency Requirements {Section 6101} _ Accountability - Compliance Programs for NF {Section 6102} _ Changes to Federal Sentencing Guidelines and the OIG’s seven elements of an Effective Compliance Program {Section 6102} The OIG issued: LTC Compliance Program Guidance in Federal Register / Vol. 65, No. 52 / Thursday, March 16, 2000 Supplemental Compliance Program Guidance for Nursing Facilities in Federal Register / Vol. 73, No. 190 / Tuesday, September 30, 2008

ACCOUNTABILTY REQUIREMENTS FOR FACILITIES Thirty six months from March 23, 2010, the operating organization (i.e., the entity that operates the facility) of each Medicare and/or Medicaid certified nursing facility must have in operation a compliance and ethics program that is effective in preventing and detecting criminal, civil, and administrative violations and in promoting quality of care. ACA Section 6102

MAY 2000 SHOULD 2008 MUST 2013

Per OIG Guidelines a Compliance and Ethics Programs should at a minimum include the following seven elements: (1) The development and distribution of written standards of conduct, as well as written policies, procedures and protocols that promote the nursing facility’s commitment to compliance, including adherence to the compliance program as an element in evaluating managers and employees, and address specific areas of potential fraud and abuse, such as claims development and submission processes, quality of care issues, and financial arrangements with physicians and outside contractors;

(2) The designation of a compliance officer and other appropriate bodies (e.g., a corporate compliance committee) charged with the responsibility for developing, operating and monitoring the compliance program, and who reports directly to the owner(s), governing body and/or CEO;

(3) The development and implementation of regular, effective education and training programs for all affected employees; Training and educational programs for nursing facilities should be detailed, comprehensive and at the same time targeted to address the needs of specific employees based on their responsibilities within the facility. Existing in-service training programs can be expanded to address general compliance issues, as well as the risk areas identified in that part of nursing home operations.

(4) The creation and maintenance of an effective line of communication between the compliance officer and all employees, including a process, such as a hotline or other reporting system, to receive complaints, and the adoption of procedures to protect the anonymity of complainants and to protect whistle blowers from retaliation;

(5) The use of audits and/or other risk evaluation techniques to monitor compliance, identify problem areas, and assist in the reduction of identified problems; For example, periodically spot-checking the work of coding and billing personnel should be part of a compliance program. In addition, procedures to regularly monitor the care provided to nursing facility residents and to ensure that deficiencies identified by surveyors are corrected should be incorporated into the compliance program’s evaluation and monitoring functions.

(6) The development of policies and procedures addressing the non-employment or retention of excluded individuals or entities and the enforcement of appropriate disciplinary action against employees or contractors who have violated corporate or compliance policies and procedures, applicable statutes, regulations, or Federal, State, or private payor health care program requirements; and

(7) The development of policies and procedures with respect to the investigation of identified systemic problems, which include direction regarding the prompt and proper response to detected offenses, such as the initiation of appropriate corrective action, repayments, and preventive measures. While those are the OIG Guidelines – PPACA adds another one – The organization must periodically undertake reassessment of its compliance program to identify changes necessary to reflect changes within the organization and its facilities.

So how do we do this and what does all this mean?

Policies and Procedures: Regularly review and update with department managers and Compliance Committee. Assess whether they are tailored to the intended audience and their job functions. Ensure they are written clearly. Include “real-life” examples.

Measuring Effectiveness: Develop compliance program with benchmarks and measurable goals. Set up a system to measure how well you are meeting those goals. Involve the Board in creating the program and regularly update the Board regarding compliance risks, audits, and investigations. If one or more goals are not met, investigate why and how to improve in the future. Assess whether the compliance program has sufficient funding and support.

Training:  Regularly review and update training programs. Try different approaches. Use “real-life” examples.  Make training completion a job requirement.  Test employees’ understanding of training topics.  Maintain documentation to show which employees received training.  Train the Board.  Train yourself and your compliance staff. Attend conferences and webinars, subscribe to publications and OIG’s list, monitor OIG’s website, and network with peers to stay up-to-date and get ideas.

Lines of Communication:  Have open lines of communication between you and employees.  Maintain an anonymous “hotline” to report issues to you.  Enforce a non-retaliation policy for employees who report potential problems.  Establish a direct line of communication between you and the Board.  Use surveys or other tools to get feedback on training and on the compliance program.  Use newsletters or internal websites to maintain visibility with employees.  Regularly meet with the Board and brief them on the compliance program.

Internal Auditing:  Perform proactive reviews in coding, contracts, and quality of care.  Create an audit plan and re-evaluate it regularly.  Identify your organization’s risk areas. Use your networking and compliance resources to get ideas and see what others are doing.  Don’t only focus on the money – also evaluate what caused the problem.  Create corrective action plans to fix the problem.  Refer to sampling techniques in OIG’s Self Disclosure Protocol and in the Corporate Integrity Agreements (CIAs) to get ideas.

Enforcement and Response:  Delegate and empower teams closest to the issues to perform reviews, but be careful of possible conflicts or personal relationships that may interfere with getting an objective review.  Act promptly, and take appropriate corrective action.  Create a system or process to track resolution of complaints.  Enforce your policies consistently through appropriate disciplinary action.

So how do we develop a Compliance and Ethics Plan for our specific home?

Perform Perform billing and operational audits to determine areas of deficiencies in your facility. Your open windows to investigation are your claim submission and your annual survey. By reviewing timeliness and correctness of billing as well as how staff performs patient care, you can determine potential problem areas and develop action plans to resolve issues

Prioritize Prioritize deficiencies based on how they affect your facilities ability to meet state and federal guidelines. As a VA home, we must also incorporate additional VA regulations in our plan development. It may also be necessary to includes plans to meet city ordinances as well.

Develop Develop an action plan that addresses the findings of your audits If it is determined that accurate diagnosis codes are not being used on the claim submitted, develop a prebilling mechanism to coordinate between clinical and fiscal departments. If it is determined that residents are not receiving baths on a regular basis, implement a plan where aides sign in on daily baths and explanations for when baths are not provided.

Follow Follow the OIG guidelines for LTC facilities THE OIG has several recommendations for compliance for several areas of health care Following their guide for compliance will guarantee any plan that meets the appropriate standards for a compliance plan

Combine Combine the recommendations from OIG with the action plan from the on-site audits to create a list of policies and procedures for your LTC facility. This step ensures that the plan you develop meets the global standards for the LTC facilities as well as particular problems that exist at your particular home.

Find Find an existing compliance plan and use it as a template for formatting the compliance plan. No need to reinvent the wheel, customization has already occurred with the findings from your audits. Using a template ensures your plan will have the look and feel of a compliance plan. Remember if it is copyrighted material do not use it word for word, only as a guide

Write Write your individual compliance plan using your action plan, OIG guidelines and recommendations and the compliance template you have created. Perfection is not the object of this step, this is a first draft. Make sure the main focus, compliance, is communicated throughout the plan.

Review Ask other respected individuals in the LTC industries to review and edit your plan. Ask if your plan is clear and concise on it’s purpose, compliance. Have them give you specifics of plan shortfalls, inconsistences and areas open to various interpretations. Review their comments and suggestions and then incorporate in new draft. Repeat process. Follow the same process with a healthcare attorney

OIG WANTS YOU TO ASK: 1.What are the goals of the program and benchmarks used? How is management accountable? 2. How is quality measured and by whom? 3. How is quality integrated into policies and operations, and how are they enforced? What controls are in place? 4. Is there an education program on quality for Board members, and do any members have quality expertise? 5. What is the essential information on quality, and how frequently is it received?

6. How do quality and compliance coordinate, and how are they addressed in the risk assessment and action plans? 7. What are the processes for reporting quality issues and preventing retaliation? What are the guidelines for Board reporting? 8. Are human and other resources adequate to support quality? Are systems in place to account for different patient needs? 9. Do competencies, training, credentialing and peer review adequately focus on quality? 10. How are adverse events identified, analyzed and reported and incorporated into performance improvement?

These questions are all self- regulating questions. Ask these questions to protect your facility because these are the questions OIG will ask when/if you have a problem.

Without Compliance- Providers Face Enforcement Risks Fraud and abuse enforcement authorities: – False Claims Act, 31 U.S.C. §§ – Exclusion, 42 U.S.C. § 1320a-7 – Civil Monetary Penalties Law, 42 U.S.C. §1320a-7a – Criminal, 18 U.S.C. §§ 287, 1001, 1035, 1347

QUESTIONS?