The Office of Inspector General (OIG) released an updated Nursing Facility Industry Compliance Program Guidance (ICPG) in November 2024 to assist nursing facilities in navigating the complex regulatory landscape and mitigating compliance risks. This article provides an in-depth overview of the key compliance risk areas and recommendations outlined in the ICPG, emphasizing the importance of a proactive approach to compliance and quality assurance. The ICPG was issued after creating the GCPC, a general compliance reference guide for healthcare stakeholders.
Using the ICPG to Maintain an Effective Compliance Program
The Centers for Medicare & Medicaid Services (CMS) has issued participation requirements for nursing facilities in the Medicare and Medicaid programs (Requirements of Participation or ROPs). Nursing facilities must operate a compliance and ethics program that effectively prevents and detects criminal, civil, and administrative violations and promotes quality of care (the Compliance Program ROPs). The ICPG provides voluntary, nonbinding guidance) that is intended to complement the Compliance Program ROPs (mandatory for nursing facilities to participate in the Medicare and Medicaid programs). The ICP covers the areas listed below.
Quality of Care and Quality of Life
The ICPG underscores that providing high-quality care and ensuring a good quality of life for residents are paramount. Staffing shortages, inadequate care plans, medication errors, and resident safety are all significant risk areas. To mitigate these risks, nursing facilities should prioritize:
- Sufficient Staffing and Competency: Maintaining adequate staffing levels with appropriate skills and competencies is crucial for resident safety and well-being. Regular training, competency assessments, and proactive strategies to address staffing shortages are essential.
- Individualized Care Plans and Resident Activities: Developing and implementing comprehensive, person-centered care plans that address residents’ medical, nursing, mental, and psychosocial needs is mandatory. Additionally, providing engaging and meaningful activities promotes residents’ quality of life.
- Medication Management and Safety: Ensuring proper medication management, including minimizing medication errors and the appropriate use of medications, is critical to resident safety.
- Resident Safety: Implementing robust measures to prevent resident abuse and neglect, ensuring emergency preparedness, and maintaining effective infection control protocols are vital components of a safe environment.
Medicare and Medicaid Billing Requirements
Accurate and compliant billing practices are essential for nursing facilities participating in Medicare and Medicaid programs. The ICPG highlights risks associated with the SNF Prospective Payment System (PPS), value-based payment models, and Medicare Advantage plans. Nursing facilities should:
- Conduct Regular Reviews and Audits: Regular reviews and audits of billing and coding practices help ensure compliance with Medicare and Medicaid program rules and prevent overpayments or fraudulent claims. As the ICP notes, even a single, isolated billing error resulting in an overpayment must be repaid to avoid potential False Claims Act (FCA) liability.
- Stay Informed About Regulatory Changes: It is crucial to stay informed about changes in Medicare and Medicaid billing requirements and adapt billing practices accordingly.
Federal Anti-Kickback Statute
The Federal Anti-Kickback Statute (AKS) prohibits exchanging anything of value to induce referrals of Federal health care program business. Nursing facilities should be vigilant in their relationships with referral sources and ensure that any remuneration exchanged is compliant with the law.
- Scrutinize Arrangements: Any arrangements with referral sources, such as hospitals, physicians, or long-term care pharmacies, should be carefully reviewed to ensure they do not violate the Anti-Kickback Statute.
- Implement Safeguards: Structuring arrangements to meet safe harbor provisions or ensuring they comply with the statute’s requirements is essential.
Related-Party Transactions
CMS requires nursing facilities to identify related parties and report all payments made to those related parties on the facility’s Medicare cost report. The cost of services, facilities, and supplies furnished to a provider by an organization related to the provider by common ownership or control may be included in the allowable cost of the provider in an amount equal to the related organization’s cost. However, such cost must not exceed the price of comparable services, facilities, and supplies that could be purchased elsewhere. Medicare requires that a reported amount be the lower of either the actual cost to the related organization or the market price for comparable services, facilities, or supplies, thereby removing any incentive to realize profits through these transactions.
Recommendations to Mitigate Risks of Related-Party Transactions
- Routinely audit financial data to ensure the nursing facility is reporting related-party costs in accordance with Federal regulations.
- Ensure that related-party transactions are:
- at fair market value;
- of quality comparable to or greater than competing services provided by entities that are not commonly owned or controlled; and
- chosen based primarily on the well-being of residents and not solely on the profit interests of owners, operators, and investors.
Physician Self-Referral Law (Stark Law)
The Federal physician self-referral law (PSL), often referred to as the “Stark law,” is described in the GCPG. Skilled nursing facility (SNF) services covered by the Medicare Part A prospective payment system (PPS) payments are not designated health services (DHS) for purposes of the PSL (Generally, the Stark law prohibits a physician from referring a patient for DHS if the physician has a financial relationship with the provider of these services).
Nursing facilities, however, may perform or bill for services other than SNF services covered by the Medicare Part A PPS payment—such as, services covered by Medicare Part B furnished to enrollees who are in a non-covered Part A stay or who reside in a nursing facility (or part thereof) that is not certified as a SNF by Medicare. When the services are DHS for purposes of the PSL (e.g., laboratory services; physical therapy, occupational therapy, and outpatient speech-language pathology services), the nursing facility is considered an entity that
Nursing facilities that are DHS entities can mitigate risk by reviewing all financial relationships with:
- Physicians who may refer or order DHS furnished by the nursing facility, such as attending physicians and physicians who are nursing facility owners, investors, medical directors, or consultants; and
- Immediate family members of such referring physicians
Facilities should ensure that these financial relationships satisfy all requirements of an applicable PSL exception. If they do not, then DHS referrals from the physicians to the facility.
HIPAA Privacy, Security, and Breach Notification Rules
The HIPAA Privacy, Security, and Breach Notification Rules are described in the GCPG. Most nursing facilities are “covered entities” under HIPAA because they are health care providers that conduct certain health care transactions electronically. Nursing facilities also routinely have arrangements with “business associates” under HIPAA and may themselves be business associates to other covered entities.
With increasing numbers of cybersecurity attacks aimed at HIPAA-regulated entities of all sizes, compliance with Privacy, Security, and Breach Notification Rule requirements should be a top compliance priority for nursing facilities and skilled nursing facilities.
Civil Rights Laws
Nursing facilities must comply with applicable civil rights laws, which prohibit discrimination and require that nursing facilities provide each individual an equal opportunity to participate in Federal health care program activities regardless of certain protected characteristics.
For example:
- Individuals with disabilities have the right to receive services in the most integrated setting appropriate to their needs.
- The unnecessary segregation of people with disabilities, which may include requiring them to live in a nursing facility, is a form of unlawful discrimination. As part of the standardized assessment of a nursing home resident’s health and functional abilities (minimized data set, or MDS), nursing facilities are obligated to ask residents at least on a quarterly basis if they want to live in the community and to make referrals to appropriate community agencies to help individuals transition successfully into the community.
- An individual receiving medication to treat substance use disorder is protected under Federal civil rights laws that protect persons with disabilities in active treatment and recovery.
- These laws prohibit nursing facilities from discriminating against individuals in active treatment and recovery in their admissions policies.
- Nursing facilities must take reasonable steps to provide meaningful access to limited English proficiency individuals in federally funded health programs and activities. Meaningful access may require the provision of services and translated materials.
- Nursing facilities that receive financial assistance from HHS must take appropriate steps to ensure that communications with people with disabilities are as effective as communications with others. This may include furnishing appropriate auxiliary aids and services, such as sign language interpreters.
Ensuring Effective Compliance for Nursing Facilities
The Nursing Facility ICPG provides valuable guidance to help nursing facilities develop and maintain effective compliance programs. By proactively addressing the risk areas identified in the guidance and implementing the recommended mitigation strategies, nursing facilities can enhance the quality of care, protect resident safety, and ensure compliance with applicable laws and regulations.
