Compliance Requirements in the ACA Remain as Dismantling Talks Continue

With Republicans and the White House on the same page for repealing and replacing the Patient Protection and Affordable Care Act (PPACA), can you ignore all the compliance requirements of the healthcare act?

I don’t think so. 

First, repealing this legislation seems to be a much bigger and more involved issue than some seem to think. Most people did not (and still do not) understand what was in the PPACA, and radical surgery with little planning seems unwise. There are over 20 million people enrolled in PPACA insurance plans, and many more in Accountable Care Organizations (ACOs). A lot of people have their 20-something children enrolled in their insurance plans, as allowed by the PPACA.  An immediate repeal of all these provisions could cause a huge backlash. I think the that the movement to repeal and replace will most likely turn into “overhaul,” and that the compliance provisions will remain after the overhaul.

Second, even without the PPACA requirement, the U.S. Department of Health and Human Services (HHS) Office of Inspector General (OIG) has been recommending that all healthcare providers have compliance plans, having provided specific guidance prior to the signing of the PPACA. 

Finally, the OIG recommends compliance plans the same way you recommend a skydiver pack a parachute. You could jump out of the plane without one, but the sudden stop at the bottom could be painful.  

Here are some of the reasons to have a robust compliance plan: 

• It reduces the risk of facing penalties under the False Claims Act in the event that you are investigated by the OIG or regulatory agencies.
• It reduces your business risk from litigation and actual losses.
• It reduces the risk that compliance-related issues occur and damage your reputation.

Let’s look at a specific compliance requirement. If you are part of a skilled nursing facility (SNF), can you throw out your compliance plan that was required by the PPACA? If you have a plan, does it still need to meet the eight objectives of the PPACA?

Section 6102 of the legislation required skilled nursing facilities to design and implement compliance and ethics programs by March 23, 2013. CMS has yet to release a final regulation, but many SNF providers began the process of designing and implementing effective compliance and ethics programs quite a long time ago. I helped write some of these plans. 

Here are some reasons to finish or update that compliance plan and take the PPACA requirements into account when you do.

The eight objectives of the PPACA are in harmony with prior guidance. Let’s look at the requirements for SNFs. Even without the final regulations being published, Section 6102 laid out eight objectives that compliance plans of SNFs must meet. These objectives are:

• The organization must have established compliance standards and procedures that reduce criminal, civil, and administrative violations;
• Specific high-level personnel within the organization must have overall responsibility;
• The organization must use due diligence to ensure that employees have not been excluded from working in the Medicare or Medicaid program;
• The organization must effectively communicate and train employees on the standards and procedures outlined in the compliance and ethics program;
• The organization must have effective auditing and monitoring systems in place to detect criminal, civil, or administrative violations;
• The standards and procedures must be consistently enforced;
• After a violation is detected, the organization must take reasonable steps to respond to any violations; and
• The organization must periodically evaluate its compliance and ethics program.

Sources of guidance for SNFs published on the OIG website predating the PPACA include:

• Federal Register / Vol. 65, No. 52 / Thursday, March 16, 2000: “Developing Compliance Program Guidance for Nursing Facilities.”

• Federal Register / Vol. 73, No. 190 / Tuesday, Sept. 30, 2008: “OIG Supplemental Compliance Program Guidance for Nursing Facilities.” 

Here is a compilation of the guidance provided to SNFs from these two sources that predate the PPACA. Specifically, SNFs must: 

• Implement written policies, procedures, and standards of conduct;
• Designate a compliance officer and compliance committee, conducting effective training and education;
• Develop effective lines of communication;
• Enforce standards through well-publicized disciplinary guidelines;
• Conduct internal monitoring and auditing; and
• Respond promptly to detected offenses and developing corrective action.
• Complete Regular Reimbursement Overviews including:
  • A. Medicare
  • B. Medicaid III

• Review of Fraud Abuse Risk Areas
  • A. Quality of Care
    • 1. Sufficient Staffing
    • 2. Comprehensive Resident Care Plans
    • 3. Medication Management
    • 4. Appropriate Use of Psychotropic Medications
    • 5. Resident Safety
      • (a) Promoting Resident Safety
      • (b) Resident Interactions
      • (c) Staff Screening
• B. Ensure the Submission of Accurate Claims
  • 1. Proper Reporting of Resident Case Mix by SNFs
  • 2. Therapy Services
  • 3. Screening for Excluded Individuals and Entities
  • 4. Restorative and Personal Care Services
• C. Ensure Compliance With The Federal Anti-Kickback Statute
  • 1. Free Goods and Services
  • 2. Service Contracts
    • (a) Non-Physician Services
    • (b) Physician Services
    • 3. Discounts
      • (a) Price Reductions
      • (b) Swapping
    • 4. Hospices
    • 5. Reserved Bed Payments
• D. Review Other Risk Areas
  • 1. Physician Self-Referrals
  • 2. Anti-Supplementation
  • 3. Medicare Part D E. HIPAA Privacy and Security Rules

In looking at the eight objectives of the PPACA for SNF compliance plans, we can see that the objectives integrate well with existing guidance. 

In conclusion, if you do not have an updated compliance plan, you can help yourself by creating one. The eight objectives for SNFs in the PPACA are sound principals to incorporate into your plan. Look to other sources of guidance and keep on top of compliance issues.

Prevention is always safer and cheaper than finding cures.