Skilled nursing facilities (SNFs) are now required to implement a compliance and ethics program pursuant to the federal Requirements of Participation (RoPs) found in 42 C.F.R. § 483.85. It remains unclear how a compliance program should be designed due to proposed regulations and lack of guidance from the Centers for Medicare & Medicaid Services (CMS). One thing is certain, CMS will expect substantial oversight of the compliance program by the SNF’s board of directors.
Oversight by board of directors
For a compliance program to be successful, board oversight is critical. In order to create a culture of compliance, the board needs to establish real commitment to the compliance program. For example, the RoPs state that “sufficient resources and authority” must be given to “specific individuals…to reasonably assure compliance with such standards, policies and procedures.” If circumstances warrant an investigation of an alleged compliance violation, it is incumbent on the board to allocate sufficient resources in order for the compliance investigation to proceed. Failure to do so not only violates the RoPs but also puts the SNF in jeopardy of more serious violations if the alleged compliance violation is not thoroughly investigated. Simply put, if the board does not take compliance seriously, neither will the SNF’s employees.
The board also has a duty of care that requires them to exercise due care when making decisions affecting the SNF, which extends to oversight of the compliance program. Federal case law, which has been interpreted as applying to all healthcare organizations, states that the board has a duty to assure that (1) a corporate information and reporting program exists, and (2) this reporting system is adequate as to assure the board that appropriate information as to compliance with applicable laws will come to its attention in a timely manner as a matter of ordinary operations.
Affordable Care Act
SNFs were first required to create and maintain compliance programs under Section 6102 of the Affordable Care Act (ACA). The ACA required compliance programs to be reasonably designed, implemented, and enforced so they would be effective in preventing and detecting criminal, civil, and administrative violations under the ACA and in promoting quality of care. Although the compliance program requirement of the ACA was passed in 2010, it was not enforced until November 28, 2019.
CMS regulations in 2016 and 2019
In 2016, CMS issued the final RoPs, which were implemented over three phases. The Compliance Program was to be put into effect in the third phase, on November 28, 2019. The RoPs are not very detailed and do not make specific references to board oversight. They require “high-level personnel” of the SNF, which members of the board of directors are considered to be, to oversee and implement the compliance program. The board is also responsible for “…establishing and implementing policies regarding the management and operation…” of the SNF. This would include implementation of the SNF’s compliance program.
On July 18, 2019, CMS published proposed revisions (Proposed Regulations) to the RoPs. CMS identified several existing SNF requirements that could reduce unnecessary burdens on SNFs if they were simplified or eliminated. The Proposed Regulations included revisions to the RoPs.
The Proposed Regulations would delay implementation to some of the RoPs until one year following their effective date. However, since the Proposed Regulations were not final on the effective date of the RoPs, SNFs are required to implement a compliance program. On November 22, 2019, the Quality, Safety & Oversight Group at CMS issued a memorandum called the Updates and Initiatives to Ensure Safety and Quality in Nursing Homes. The memo confirmed that, despite the lack of interpretive guidance to surveyors in the Medicare State Operations Manual, the November 28, 2019, requirements in the RoPs remain effective. In it, CMS also stated that its ability to survey for compliance with these requirements will be limited until the updated State Operations Manual is released in the second quarter of 2020.
The OIG guidance on compliance programs and board oversight
The Office of Inspector General (OIG) in 2000 and 2008 published voluntary guidance for SNFs to consider when developing a compliance program. The OIG guidance was set forth in 2000 in a memo titled the Publication of the OIG Compliance Program Guidance for Nursing Facilities. In 2008, the OIG issued a second memo titled the OIG Supplemental Compliance Program Guidance for Nursing Facilities, which set forth additional Compliance Program guidance for SNFs.
Although the OIG Guidance was published long before the RoPs, CMS used the OIG guidance when developing the RoPs. CMS will likely rely on the OIG guidance when it publishes compliance program interpretive guidelines in the State Operations Manual. The OIG guidance serves as an excellent starting point for both SNFs developing a new compliance program and those evaluating an existing one.
The OIG guidance also noted that compliance programs are not a one-size-fits-all proposition due to the size and resources available to an SNF. Instead, the OIG strongly encourages SNFs to focus their compliance efforts on areas of risk that affect their organizations the most. The areas of focus could change from year to year or month to month, which further indicates a compliance program is an evolving document and should be tailored to the SNF’s own unique circumstances.
The OIG guidance reiterated the importance of board oversight of a compliance program. More specifically, the OIG stated that all effective compliance programs begin with a formal commitment by the board. The OIG guidance further suggests this “formal commitment” may include such things as a board resolution demonstrating its commitment to compliance. Like the RoPs, the OIG guidance suggests the board provide adequate resources to demonstrate the SNF’s commitment to compliance. This would include the board having a direct role in development of the compliance program.