Measuring the effectiveness of your skilled nursing facility's compliance and ethics program: Let the requirements of participation show you the way

Joseph F. Zielinski

Joseph F. Zielinski

Joseph F. Zielinski (jzielinski@cardon.us, linkedin.com/in/josephzielinskichc/) is Director of Legal Affairs at CarDon & Associates Inc., Fishers, IN.
Michelle R. Adams

Michelle R. Adams

Michelle R. Adams (adamsm@lanepowell.com, linkedin.com/in/michelle-renee-adams/) is Counsel to the Firm, Lane Powell, Portland, OR.

by Joseph Zielinski, JD, CHC, CHRC, and Michelle Adams, BSN, JD

In recent years, skilled nursing facilities (SNFs) have increasingly become a target for government enforcement—particularly since the onset of the COVID-19 pandemic. Traditionally, SNFs have faced scrutiny through annual and compliant surveys, as well as round billing for therapy; however, this is changing, and SNFs are being targeted by surveyors more frequently and for an ever-widening range of issues.

Where are we going?

The purpose of this article is to provide a format a SNF may use to evaluate the effectiveness of its compliance and ethics program. The technique discussed in this article will not only provide a way to evaluate the effectiveness of a SNF’s compliance and ethics program but also offer a way to create efficiencies—while performing one task, you will simultaneously touch multiple areas. This article can be of immense help beyond learning something new; you will also walk away with an outline to help you combine resources and efforts to achieve multiple goals simultaneously.

We begin by discussing how to analyze the Centers for Medicare & Medicaid Services (CMS) requirements of participation in a SNF’s compliance and ethics program (42 C.F.R. § 483.85). Next, we unpack how to assess the effectiveness of a SNF’s compliance and ethics program utilizing CMS’s requirements of participation and explain why effectiveness is so crucial. Finally, we will review a tool that will assist a SNF’s evaluation and provide a way to display the results of a SNF’s review to internal stakeholders and outside regulators.

Why is this important

SNFs face more scrutiny than ever, and enforcement priorities often change along with administrations. For example, in 2020, the Trump administration announced enhanced enforcement for violations of infection control practices.[1] The Biden administration then rolled back a previous limit on nursing home fines.[2] , [3] , [4] Specifically, “CMS has determined that the agency should retain the discretion at this time to impose a per-day penalty where appropriate to address specific circumstances of prior noncompliance.”[5] The allowance or disallowance of arbitration in SNFs has also changed with each administration. Understanding the how and why of enforcement is imperative because you will use this information in your risk assessment.

It is essential for a SNF to know where the government is active with its enforcement actions to have an effective compliance and ethics program. For example, in 2021, the U.S. Department of Health & Human Services Office of Inspector General (OIG), through its Office of Audit Services, conducted five audits involving SNFs under OIG’s Work Plan.[6] , [7] Additionally, there are 29 active items related to SNFs on OIG’s Work Plan.[8]Finally, OIG has launched “Operation Care”—an initiative around seniors—due to a rise in concerns related to “a spike in the number of reports of elder harm and neglect.”[9]

To appreciate why it is important to understand government enforcement and how to utilize it as part of a SNF’s compliance and ethics program, consider antipsychotics. The usage of antipsychotics is a quality measure under a SNF’s five-star rating. [10]Additionally, in 2021, OIG also performed an evaluation titled CMS Could Improve the Data it Uses to Monitor Antipsychotic Drugs in Nursing Homes.[11]As such, if a SNF has overutilization of antipsychotics for its residents, this is something a compliance and ethics program should include in its work plan and consider auditing.

Finally, on April 24, 2023, Inspector General Christi A. Grimm announced that her office would be releasing new Compliance Program Guidances (CPGs) in 2024.[12] Of the first two guidances to be published, one will be on nursing homes.[13]The fact that nursing homes will be one of the first two areas updated for the first time in over 10 years shows you that skilled nursing is clearly on the minds of regulators and subject to close scrutiny.

How to utilize CMS’s requirements of participation to measure the effectiveness of a SNF’s compliance and ethics program

To effectively utilize CMS’s requirements of participation, we must first understand them. The requirements are set out at 42 C.F.R. § 483.85(1)–(8). For organizations with more than five communities, there are three additional requirements in 42 C.F.R. § 483.85(d)(1)–(d)(3).[14]

Element One: Written compliance and ethics standards, policies, and procedures

To start, we need to know what is expected as part of standards, policies, and procedures. Under the guidance, there are 11 components that must be satisfied to meet this requirement. The written compliance and ethics standards, policies, and procedures should:

  1. Be reasonably capable of reducing the prospect of criminal, civil, and administrative violations.

  2. Promote quality of care.

  3. Designate an appropriate compliance and ethics program contact for individuals to report suspected violations.

  4. Identify an alternate method to report suspected violation(s) anonymously without fear of retribution.

  5. Include a nonretaliation/nonretribution policy.

  6. Identify disciplinary standards that set out the consequences for committing violations for the operating organization’s entire staff.

  7. Include applicable policies and procedures.

  8. Understandable and accessible policies/procedures.

  9. Include a compliance plan.

  10. Identify volunteer expectations and roles.

  11. Include attestation(s) to compliance.

Many of these elements should look familiar and overlap with processes you already have in place. What is unique here, however, is the reference to quality of care, which is often not included in compliance guidance. Finally, you need to remember that while policies and procedures are a start, they are not enough on their own to meet regulatory requirements.

Element Two: High-level personnel oversight

Under this element, there are five components that must be addressed:

  1. Assignment of specific high-level personnel in the operating organization.

  2. Incorporation of compliance into job descriptions.

  3. Responsibility of identified high-level personnel to oversee compliance with the program’s standards, policies, and procedures.

  4. Incorporation of compliance into performance evaluations.

  5. Formation and maintenance of a compliance committee.

You need to pay attention here to what is required for a compliance and ethics program for an organization with less than five facilities versus what is required if an organization has five or more facilities. Additionally, you want to ensure your program focuses on being actively involved, structured, and engaged with appropriate leaders. Finally, it is vital that your organization has incorporated compliance into job descriptions and performance evaluations. If not, this should be completed as soon as possible.

Element Three: Sufficient resources and authority to individual(s) overseeing the program

Under this element, six areas must be addressed:

  1. Reasonable assurance of compliance with such standards, policies, and procedures.

  2. Establishment of a compliance budget.

  3. Preparation and use of risk assessment(s).

  4. Involvement of and access to the board of directors.

  5. Procedures for the escalation of investigations.

  6. The utilization of facility assessments as part of designing your program.

This element overlaps with the second question under the U.S. Department of Justice’s (DOJ) Evaluation of Corporate Compliance Programs[15] —Is the corporation’s compliance program adequately resourced and empowered to function effectively?—and, thus, is an area where you can cover multiple compliance program requirements while taking one action. Pay attention to your budget and look for ways to benchmark it. Next, risk assessments are essential to any compliance program. Additionally, companies are encouraged to utilize the facility assessment under this element. Finally, this is an area you may want to look at using benchmarking to other similarly situated entities.

Element Four: Delegation of substantial discretionary authority

Under this element, 10 areas must be addressed:

  1. Due care not to delegate substantial discretionary authority to appropriate individual.

  2. Accountability for screening of employees/contractors/volunteers.

  3. Employee accountability.

  4. Employee disclosure.

  5. Employee/contractor/volunteer screening.

  6. High-risk screening.

  7. Ensuring employees and facilities have and maintain appropriate licensure.

  8. Performance of legally required background checks.

  9. Identify responses to screening.

  10. Identify responses to exclusion from participation in federal programs.

This element really focuses on your program’s screening and checking of employees. It also looks to see how you utilize the information received and take appropriate actions based on the screening results. Given the requirements of this element, it is critical to work closely with your organization’s human resources (HR) department to ensure compliance with this requirement of participation.

Element Five: Effectively communicating program standards, policies, and procedures

Under this element, eight areas must be addressed:

  1. Establishment of and education on the organization’s reporting system for compliance issues.

  2. Communication with employees about the compliance program.

  3. Assessment of the communication provided to employees.

  4. Establishment of and education on the monitoring and auditing communication plan.

  5. Establishment of and education on corrective action plans.

  6. Education of employees on nonretaliation.

  7. Appropriate oversight of organization vendors.

  8. Appropriate oversight of organization volunteers.

This element looks at how your organization promotes and educates your employees about your program. Additionally, it touches on addressing problems and how to correct them. Finally, this section involves oversight of third parties in your facility.

Element Six: Reasonable steps to achieve compliance with program’s standards, policies, and procedures

Under this element, nine areas must be addressed:

  1. Consistency with the organization’s compliance program standards, policies, and procedures.

  2. Ensuring employee awareness of the compliance program standards, policies, and procedures.

  3. Appropriate documentation.

  4. Promotion criteria for the compliance program.

  5. Performance of risk assessments.

  6. Monitoring and auditing the work plan.

  7. Utilizing an audit process to detect employee criminal, civil, and administrative violations.

  8. Utilizing auditors to ensure compliance.

  9. Utilization of corrective action plans.

This element confirms that your policies and procedures are working as intended. You need to monitor your systems appropriately and implement corrective actions as needed. Finally, you must perform risk assessments and generate appropriate work plans based on your findings.

Element Seven: Consistent enforcement through disciplinary mechanisms

Under this element, eight areas must be addressed:

  1. Establishment and effective communication to employees of disciplinary action for failure to detect or report criminal, civil, or administrative violations.

  2. Provide incentives to employees for compliance.

  3. Consistency with disciplinary mechanisms.

  4. Ensure employee awareness of disciplinary mechanisms.

  5. Documentation of discipline.

  6. Promotion criteria.

  7. Identification and education of disciplinary standards for violations.

  8. Collaboration with the organization’s HR department.

This element deals with how you handle individuals who do not follow program standards, policies, and procedures. Under this element, you want to ensure you have consistent application of discipline for violations. Additionally, the compliance department should collaborate with HR on this element to ensure consistency in application. Finally, consistent enforcement is also referenced in DOJ’s compliance guidance making this another element where you can address compliance with multiple guidances at one time.

Element Eight: Response to detected violations

Under this element, seven areas must be addressed:

  1. Appropriate response to violation.

  2. Consistency in responses.

  3. Appropriate documentation responses.

  4. Response to poor audit results.

  5. Incorporation of root cause analysis.

  6. Use of corrective action plans.

  7. Annual review of, and if necessary, modification to the compliance plan

This element also deals with how you handle a violation. You want to ensure that you have proper documentation and utilize root cause analysis in identifying the underlying cause. Additionally, you should confirm that the response is proportionate to the incident and that you are documenting your response. Finally, ensure that you review your plan at least annually and make changes as necessary.

The following three elements only apply if an organization has five or more facilities.[16]

Element Nine: Mandatory annual training

Under this element, four areas must be addressed:

  1. Provision of annual training.

  2. Annual review of training materials.

  3. Updating annual training materials as necessary.

  4. Additional specialized training for high-risk positions.

This element deals with the training requirements for organizations with more than five facilities (exact requirements can be found at 42 C.F.R. § 483.95(f)). This element sets out the expectations around training and the timing of it. Finally, it is crucial that your organization is doing appropriate specialized training for those high-risk positions identified in your risk assessment.

Element 10: Designated compliance officer

Under this element, three areas must be addressed:

  1. Designation of an appropriate compliance officer.

  2. Reporting directly to the operating organization’s governing body by the compliance officer.

  3. Such compliance officers should not be subordinate to the organization’s general counsel, CFO, or chief operating officer.

This element outlines the requirements for selecting a compliance officer and how the position should be structured. Areas two and three in this element should be familiar as these are OIG expectations for an effective compliance program.

Element 11: Designated compliance liaison

Under this element, four areas must be addressed:

  1. Designate a compliance liaison at each facility.

  2. Identify job expectations for the compliance liaisons.

  3. Appropriate education from the compliance officer.

  4. Ensure communication with the compliance officer.

This element requires a couple of different actions to be taken. First, you must determine who the compliance liaison will be at each facility. Then, you will need to train them and ensure an appropriate communication channel with the compliance officer.

This document is only available to members. Please log in or become a member.
Become a Member Login
 

What to read next...

Top risks for pharmacists


Would you like to read this entire article?

If you already subscribe to this publication, just log in. If not, let us send you an email with a link that will allow you to read the entire article for free. Just complete the following form.

* required field

First name field cannot be blank!
Last name field cannot be blank!
We will send you an email that will give you access to this entire article.
Email field cannot be blank!
Enter a valid email!
Company field cannot be blank!
Enter a valid company!
Title field cannot be blank!

We're committed to your privacy. The Society of Corporate Compliance and Ethics (SCCE) & Health Care Compliance Association (HCCA) uses the information you provide us to contact you about our relevant content, products, and services. For more information, check out our Privacy Policy.


About SCCE

The Society of Corporate Compliance and Ethics (SCCE) is a non-profit, member-based professional association. SCCE supports our members' work with education, news, and discussion forums. We are a community of leaders, defining and shaping the corporate compliance environment across a wide range of industries and geographic regions. In developing and maintaining effective ethics and compliance programs, our members strengthen and protect their companies.

952.933.4977

About HCCA

The Health Care Compliance Association (HCCA), is a 501(c)6 non-profit, member-based professional association. HCCA was established in 1996 and is headquartered in Minneapolis, MN. We provide training, certification, and other resources to over 10,000 members. Our members include compliance officers and staff from a wide range of organizations, including hospitals, research facilities, clinics and technology service providers.

952.988.0141

Facebook X LinkedIn
Copyright © 2024 by Society of Corporate Compliance and Ethics (SCCE) & Health Care Compliance Association (HCCA). No claim to original US Government works. All rights reserved. All information provided through this site, including without limitation all information such as the “look and feel” of the site, data files, graphics, text, photographs, drawings, logos, images, sounds, music, video or audio files on this site, is owned and/or licensed by SCCE & HCCA or its suppliers and is subject to United States and international copyright, trademark and other intellectual property laws. Any third party logos and/or content provided herein is owned by such third parties and is used by permission herein. Your use of this site to is subject to our Terms Of Use and Privacy Statement.
Cookie settings