Board of directors oversight of skilled nursing facility compliance programs

By Todd Selby and Sean Fahey

Todd J. Selby (tselby@hallrender.com) is a Shareholder and Sean Fahey (sfahey@hallrender.com) is an Attorney in the Indianapolis, Indiana, office of Hall Render.

Skilled nursing facilities (SNFs) are now required to implement a compliance and ethics program pursuant to the federal Requirements of Participation (RoPs) found in 42 C.F.R. § 483.85. It remains unclear how a compliance program should be designed due to proposed regulations and lack of guidance from the Centers for Medicare & Medicaid Services (CMS). One thing is certain, CMS will expect substantial oversight of the compliance program by the SNF’s board of directors.

Oversight by board of directors

For a compliance program to be successful, board oversight is critical. In order to create a culture of compliance, the board needs to establish real commitment to the compliance program. For example, the RoPs state that “sufficient resources and authority” must be given to “specific individuals…to reasonably assure compliance with such standards, policies and procedures.”[1] If circumstances warrant an investigation of an alleged compliance violation, it is incumbent on the board to allocate sufficient resources in order for the compliance investigation to proceed. Failure to do so not only violates the RoPs but also puts the SNF in jeopardy of more serious violations if the alleged compliance violation is not thoroughly investigated. Simply put, if the board does not take compliance seriously, neither will the SNF’s employees.

The board also has a duty of care that requires them to exercise due care when making decisions affecting the SNF, which extends to oversight of the compliance program. Federal case law, which has been interpreted as applying to all healthcare organizations, states that the board has a duty to assure that (1) a corporate information and reporting program exists, and (2) this reporting system is adequate as to assure the board that appropriate information as to compliance with applicable laws will come to its attention in a timely manner as a matter of ordinary operations.[2]

Background

Affordable Care Act

SNFs were first required to create and maintain compliance programs under Section 6102 of the Affordable Care Act (ACA).[3] The ACA required compliance programs to be reasonably designed, implemented, and enforced so they would be effective in preventing and detecting criminal, civil, and administrative violations under the ACA and in promoting quality of care. Although the compliance program requirement of the ACA was passed in 2010, it was not enforced until November 28, 2019.

CMS regulations in 2016 and 2019

In 2016, CMS issued the final RoPs, which were implemented over three phases. The Compliance Program was to be put into effect in the third phase, on November 28, 2019. The RoPs are not very detailed and do not make specific references to board oversight. They require “high-level personnel” of the SNF, which members of the board of directors are considered to be, to oversee and implement the compliance program. The board is also responsible for “…establishing and implementing policies regarding the management and operation…” of the SNF.[4] This would include implementation of the SNF’s compliance program.

On July 18, 2019, CMS published proposed revisions (Proposed Regulations) to the RoPs. CMS identified several existing SNF requirements that could reduce unnecessary burdens on SNFs if they were simplified or eliminated. The Proposed Regulations included revisions to the RoPs.

The Proposed Regulations would delay implementation to some of the RoPs until one year following their effective date. However, since the Proposed Regulations were not final on the effective date of the RoPs, SNFs are required to implement a compliance program. On November 22, 2019, the Quality, Safety & Oversight Group at CMS issued a memorandum called the Updates and Initiatives to Ensure Safety and Quality in Nursing Homes. The memo confirmed that, despite the lack of interpretive guidance to surveyors in the Medicare State Operations Manual,[5] the November 28, 2019, requirements in the RoPs remain effective. In it, CMS also stated that its ability to survey for compliance with these requirements will be limited until the updated State Operations Manual is released in the second quarter of 2020.

The OIG guidance on compliance programs and board oversight

The Office of Inspector General (OIG) in 2000 and 2008 published voluntary guidance for SNFs to consider when developing a compliance program. The OIG guidance was set forth in 2000 in a memo titled the Publication of the OIG Compliance Program Guidance for Nursing Facilities.[6] In 2008, the OIG issued a second memo titled the OIG Supplemental Compliance Program Guidance for Nursing Facilities,[7] which set forth additional Compliance Program guidance for SNFs.

Although the OIG Guidance was published long before the RoPs, CMS used the OIG guidance when developing the RoPs. CMS will likely rely on the OIG guidance when it publishes compliance program interpretive guidelines in the State Operations Manual. The OIG guidance serves as an excellent starting point for both SNFs developing a new compliance program and those evaluating an existing one.

The OIG guidance also noted that compliance programs are not a one-size-fits-all proposition due to the size and resources available to an SNF. Instead, the OIG strongly encourages SNFs to focus their compliance efforts on areas of risk that affect their organizations the most. The areas of focus could change from year to year or month to month, which further indicates a compliance program is an evolving document and should be tailored to the SNF’s own unique circumstances.

The OIG guidance reiterated the importance of board oversight of a compliance program. More specifically, the OIG stated that all effective compliance programs begin with a formal commitment by the board. The OIG guidance further suggests this “formal commitment” may include such things as a board resolution demonstrating its commitment to compliance. Like the RoPs, the OIG guidance suggests the board provide adequate resources to demonstrate the SNF’s commitment to compliance. This would include the board having a direct role in development of the compliance program.

This document is only available to members. Please log in or become a member.
Become a Member Login
 


Would you like to read this entire article?

If you already subscribe to this publication, just log in. If not, let us send you an email with a link that will allow you to read the entire article for free. Just complete the following form.

* required field

First name field cannot be blank!
Last name field cannot be blank!
We will send you an email that will give you access to this entire article.
Email field cannot be blank!
Enter a valid email!
Company field cannot be blank!
Enter a valid company!
Title field cannot be blank!

We're committed to your privacy. The Society of Corporate Compliance and Ethics (SCCE) & Health Care Compliance Association (HCCA) uses the information you provide us to contact you about our relevant content, products, and services. For more information, check out our Privacy Policy.


About SCCE

The Society of Corporate Compliance and Ethics (SCCE) is a non-profit, member-based professional association. SCCE supports our members' work with education, news, and discussion forums. We are a community of leaders, defining and shaping the corporate compliance environment across a wide range of industries and geographic regions. In developing and maintaining effective ethics and compliance programs, our members strengthen and protect their companies.

952.933.4977

About HCCA

The Health Care Compliance Association (HCCA), is a 501(c)6 non-profit, member-based professional association. HCCA was established in 1996 and is headquartered in Minneapolis, MN. We provide training, certification, and other resources to over 10,000 members. Our members include compliance officers and staff from a wide range of organizations, including hospitals, research facilities, clinics and technology service providers.

952.988.0141

Facebook Twitter LinkedIn
Copyright © 2024 by Society of Corporate Compliance and Ethics (SCCE) & Health Care Compliance Association (HCCA). No claim to original US Government works. All rights reserved. All information provided through this site, including without limitation all information such as the “look and feel” of the site, data files, graphics, text, photographs, drawings, logos, images, sounds, music, video or audio files on this site, is owned and/or licensed by SCCE & HCCA or its suppliers and is subject to United States and international copyright, trademark and other intellectual property laws. Any third party logos and/or content provided herein is owned by such third parties and is used by permission herein. Your use of this site to is subject to our Terms Of Use and Privacy Statement.
Cookie settings