Your Guide to CMS Emergency Preparedness

The CMS Emergency Preparedness Rule Defined

The CMS Emergency Preparedness Rule requires that organizations receiving Medicare or Medicaid funding have measures to plan for natural and human disasters in coordination with federal, state, tribal, regional, and local emergency systems. The criteria for the CMS rule for emergency preparedness are as follows:

• The Rule applies to all 17 types of healthcare providers, manufacturers, and suppliers.
• Each qualifying healthcare organization must integrate a set of emergency preparedness regulations into its existing requirements and conditions.
• Each organization must comply with the CMS Emergency Preparedness Rule to participate in Medicare and Medicaid.

Components of CMS Emergency Preparedness

Preparing for any crisis involves a coordinated and comprehensive approach. To this end, your CMS emergency preparedness plan should contain these components.

Risk Assessment and Planning

Any preparedness plan should be based on a comprehensive risk assessment of hazards that could affect an organization, including:

• Care-related emergencies
• Communication disruptions
• Power or network failures
• Cybersecurity threats
• Data privacy breaches
• Supply chain interruptions
• Natural disasters and extreme weather
• Infectious disease threats

The CMS advises that this assessment incorporate an “all-hazards” approach, emphasizing an organization’s capabilities and capacities to address and mitigate all the hazards and emergencies that could threaten a facility, its patients, and its staff.

Planning also involves determining how the organization will collaborate with all levels of governmental and tribal agencies to ensure an integrated response to any disaster. While 2019 revisions to the CMS Rule for Emergency Preparedness no longer require that this integration process be in writing, critical staff should be able to describe it in detail. Another requirement is that the plan be updated every two years.

Policies and Procedures

The previous risk assessment phase informs the policies and procedures that make up the CMS emergency preparedness plan. These must address topics such as sheltering in place, evacuation plans and routes, and tracking staff and patients during emergencies. Compliance officers and other decision-makers must update these procedures and policies every two years.

Communication Plan

A communication plan allows the various organizational departments to coordinate their efforts with each other and external agencies, know the location of critical resources, share information quickly, and minimize confusion. The communication plan must comply with federal and state regulations and undergo updates every two years.

Training and Testing

Finally, proper emergency preparedness requires the compliance officer and all key personnel to receive regular training on the policies and procedures and their responsibilities in the communication infrastructure. The CMS recommends that training should occur annually and ensure that all trainees can adequately demonstrate their knowledge and application of core emergency procedures. It’s also essential to conduct drills and other tests of the plan.

Digital Tools That Support CMS Emergency Preparedness

Ensuring your healthcare organization is prepared for emergencies requires coordination and considerable time. With the help of compliance software, these responsibilities can be more manageable for any compliance officer. A comprehensive software package can help you stay informed on the latest updates to compliance regulations, offer training modules from a central location, provide easy access to emergency preparedness policies and procedures, and automate administrative tasks to allow more time for more important duties.