1. INTRODUCTION

On October 29, 1999, the Office of Inspector General ("OIG") of the Department of Health and Human Services ("HHS") published its "Draft OIG Compliance Guidance For Nursing Facilities" ("Draft NF Guidance"). 64 Fed. Reg. 58,419. In addition to setting forth the OIG’s general views on the value and fundamental principles of nursing facility ("NF") (fn1) compliance programs, the document also discusses the specific elements that NFs should consider when developing and implementing an effective compliance program. In particular, the Draft NF Guidance identifies specific compliance risk areas for NFs, including quality of care, residents’ rights, employee screening, vendor relationships, billing and cost reporting, and record keeping and documentation. Comments on the Draft NF Guidance must be received by the OIG by November 29, 1999.

The Draft NF Guidance is part of the OIG’s continuing effort to encourage the health care industry to police itself. It is the seventh compliance program guidance document issued by the OIG to date, (fn2) and the OIG invites interested parties to comment on the draft.

In a press release announcing the document, the OIG notes that it "recognizes the complexities of the nursing home industry and is sensitive to the differences among large national chains, regional multi-facility operators and small independent homes." To mitigate the impact on small and independent nursing homes, the OIG includes suggestions throughout the document on how small NFs can design effective voluntary compliance programs. Nevertheless, the OIG intends that the Draft NF Guidance be used by "all nursing facilities whether for-profit or nonprofit, large or small, urban or rural, with the expectation that each nursing facility will tailor a compliance program to meet its particular needs." In particular, the OIG expects every facility to have a compliance officer or compliance liaison with a corporate compliance officer. While the OIG recognizes this individual may have other duties, the OIG believes an effective compliance program requires having a facility level compliance officer responsible for compliance issues, including training, coordinating employee/contractor screening, auditing, responding to compliance inquiries, and the like. We note that this and some of the OIG’s other suggestions might be difficult for small, independent NFs to institute.

In this latest guidance document, the OIG appears to have responded to criticisms of earlier compliance program guidances by being less prescriptive regarding how providers should meet OIG expectations. On the other hand, facilities still may take issue with the OIG’s insistence that quality of care concerns be addressed through compliance programs, rather than through the normal survey and certification process, and the OIG’s expansive view of a facility’s reporting and self-disclosure obligations.

In view of the length and complexity of the Draft NF Guidance, this memorandum will focus only on selected features of the document that we believe will be of greatest interest to our clients. Please feel free to contact us, however, if you would like additional information about any aspect of the Draft NF Guidance.

2. BACKGROUND

As in previous compliance guidance documents, the OIG bases its recommendations on the Federal Sentencing Guidelines. (fn3) The OIG states that it also considered comments made in response to a December 18, 1998 solicitation notice seeking information and recommendations for developing guidance for the NH industry. (fn4) In addition, the OIG has drawn upon previous OIG publications, such as Special Fraud Alerts, the experience of federal fraud investigations, and the advice of the Health Care Financing Administration ("HCFA"). The OIG notes that the Draft NH Guidance could be revised based on comments submitted by the public. (fn5)

The Draft NH Guidance provides the OIG’s views on the fundamental elements of NF compliance programs, as well as the principles that each NF should consider when developing and implementing an effective compliance program. While this document presents basic procedural and structural guidance for designing a compliance program, the OIG stresses that it is not in and of itself a compliance program. Rather, it is a set of guidelines that NFs should consider when developing and implementing a compliance program.

According to the OIG, "superficial efforts or programs that are hastily constructed and implemented without a long-term commitment to a culture of compliance will likely be ineffective and may expose the NF to greater liability than if it had no program at all." Nevertheless, despite the resources involved, the OIG believes that "the long term benefits of establishing a compliance program significantly outweigh the initial costs." Among the most important benefits to adopting a compliance plan, according to the OIG, is that through early detection and reporting, a provider can minimize loss to the government from false claims, and thereby reduce the NF’s exposure to civil damages and penalties, criminal sanctions, and administrative remedies. To that end, the OIG will consider the existence of an effective compliance program that pre-dated any governmental investigation when addressing the appropriateness of administrative sanctions. (fn6)

The OIG stresses that "[g]iven the diversity within the long term care industry, there is no single ‘best’ NF compliance program." Yet the OIG believes that elements of this guidance can be used by all NFs to establish a compliance program. The OIG has offered suggestions throughout the document to assist smaller NF providers in implementing the principles expressed in the draft guidance, so that regardless of size, structure or available resources, every NF should strive to accomplish the objectives and principles underlying all of the compliance polices and procedures in this guidance. Moreover, the OIG notes that a corporation that provides long term care as part of an integrated health care delivery system (i.e., providers that own hospitals, SNFs, long-term care facilities, and hospices) may incorporate these elements into its structure.

Finally, the OIG notes that "[b]y no means should the contents of this guidance be viewed as an exclusive or complete discussion of the advisable elements of a compliance program." Instead, NFs should develop and implement compliance elements that uniquely address the areas of potential problems, common concerns, or high risk areas that apply to their own facilities. The OIG also cautions that this guidance could be modified as more information is obtained by the OIG, and to reflect changes in health plan requirements. New compliance practices also may be incorporated if the OIG discovers enhancements that promote effective compliance.

3. COMPLIANCE PROGRAM ELEMENTS
1. Seven Basic Compliance Elements

As in previous compliance program guidances, the Draft NF Guidance identifies seven elements as fundamental to an effective compliance program, based on the seven steps of the Federal Sentencing Guidelines. At a minimum, the OIG expects a comprehensive compliance program to include:

(1) Written standards of conduct, as well as written policies, procedures and protocols that promote the NF’s commitment to compliance and address specific areas of potential fraud and abuse (e.g., claims development and submission, quality of care issues, and financial arrangements with physicians and outside contractors that may affect the health care provided to beneficiaries);

(2) A compliance officer and other appropriate bodies (e.g., a corporate compliance committee), to develop, operate and monitor the compliance program, and who report directly to the owner(s), governing body and/or CEO;

(3) Regular, effective education and training programs for all affected employees;

(4) An effective line of communication between the compliance officer and all employees, including a process to receive complaints, procedures to protect the anonymity of complainants, and anti-retaliation policies;

(5) Audits and/or other techniques to monitor compliance, identify problem areas, and assist in the reduction of identified problems; (fn7)

(6) Policies and procedures on non-employment or retention of excluded individuals or entities, appropriate disciplinary action for violations of corporate or compliance policies and procedures, applicable law, or private payor requirements; and

(7) Policies and procedures to investigate systemic problems, including the prompt and proper response to detected offenses (e.g., appropriate corrective action, repayments and preventive measures.)

2. Written Policies And Procedures

According to the OIG, every compliance program should develop and distribute written compliance standards, procedures, and practices that guide the NF and its employees throughout day-to-day operations. The OIG suggests that these policies and procedures be provided to all affected employees, as well as to physicians, suppliers, NF agents, and contractors who may affect or be affected by the NF’s billing and care functions.

1. Code Of Conduct

The OIG recommends that NFs develop a code of conduct (1) detailing the fundamental principles, values, and framework for action within an organization; (2) articulating the organization’s expectations of employees; and (3) summarizing the basic legal principles under which the organization must operate. The code of conduct should be distributed to, and comprehensible by, all affected employees. In addition, the OIG suggests that the code be distributed, or at least available, to the residents and their families, as well as the physicians and contractors associated with the facility. Moreover, the OIG recommends that employees certify that they have received and read the organization’s code of conduct.

2. Specific Risk Areas

The OIG recommends that NFs prepare a comprehensive set of written policies and procedures to prevent fraud and abuse in facility operations and to ensure the appropriate care of their residents. The policies and procedures should alert affected managers and employees regarding federal health care program requirements, the consequences of noncompliance, and the specific procedures that NF employees should follow to report problems, ensure compliance, and rectify any prior noncompliance.

According to the Draft NH Guidance, the OIG recognizes that most facilities have established policies to prevent fraud and abuse, and these providers may not need new policies as part of their compliance program if existing policies encompass the provider’s operations and relevant rules. The OIG notes, however, that since the numerous federal and state statutes, rules, regulations, and manual instructions are frequently modified, all NFs should evaluate their current compliance policies and procedures by conducting a baseline assessment of risk areas, as well as regular reevaluations.

To assist NFs in their internal assessments, the OIG has developed a list of potential risk areas affecting NF providers. These risk areas include quality of care and residents’ rights, employee screening, vendor relationships, billing and cost reporting, and recordkeeping and documentation. The OIG notes that the list is not exhaustive, but serves as a starting point for an internal review of potential vulnerabilities within the NF. The OIG also recommends that providers review the OIG’s annual work plans and semi-annual reports to identify vulnerabilities. We note that it might be unrealistic to expect smaller nursing homes to have easy access to these OIG publications and the staff necessary to review them.

The OIG adds that sound operating compliance policies are essential to all NFs, regardless of size and capability. If a lack of resources is genuinely an issue, however, the OIG recommends that such NFs focus first on risk areas most applicable to their business operations. At a minimum, the OIG states that resources should be directed to analyze the results of annual surveys and to verify that the facility has effectively addressed any deficiencies, such as through the facility’s Quality Assessment and Assurance Committee.

The OIG also offers that creating a resource manual from publicly available information may be a cost-effective approach for developing policies to improve quality of care. If individualized copies of this handbook are not made available to all employees, the OIG believes a reference copy should be available in a readily accessible location, as well as from the designated compliance officer.

1. Quality Of Care

The Draft NH Guidance reflects OIG’s continuing concern about the quality of care provided by NFs, and its belief that quality of care issues are a legitimate focus of compliance plans. This view is in keeping with the OIG’s controversial assertion in recent years that substandard quality can trigger False Claims Act liability.

The OIG believes that a NF’s compliance policies should start with a statement that affirms the facility’s commitment to providing the care necessary to attain or maintain the resident’s "highest practicable physical, mental and psychosocial well-being," as required by current Medicare and Medicaid regulations. As noted above, the OIG believes that current and past surveys are a good place to begin to identify specific risk areas, since deficiencies "may reflect noncompliance with the program regulations and can be the basis for enforcement actions."

While each NF must assess its vulnerability to particular abusive practices, the Draft NF Guidance identifies the following quality of care risk areas:

• Absence of a comprehensive, accurate assessment of each resident’s functional capacity and a comprehensive care plan that includes measurable objectives to meet the resident’s medical, mental and psychosocial needs; (fn8)
• Inappropriate or insufficient treatment and services to address residents’ clinical conditions, including pressure ulcers, dehydration, malnutrition, incontinence of the bladder, and mental or psychosocial problems; (fn9)
• Failure to properly prescribe, administer and monitor drug medication usage, including psychotropic and anti-depressant medications;
• Inadequate or insufficiently trained staff to provide medical, nursing, and related services; (fn10)
• Failure to provide appropriate therapy services; (fn11)
• Failure to provide appropriate services to assist residents with activities of daily living (e.g., feeding, dressing, bathing, etc.); and
• Failure to report incidents of mistreatment, neglect, or abuse to the administrator of the facility and other officials as required by law.

1. Residents’ Rights

According to the OIG, NF’s compliance policies should address the residents’ right to a dignified existence that promotes freedom of choice, self-determination, and reasonable accommodation of individual needs, particularly with regard to the following risk areas:

• Discriminatory admission or improper denial of access to care; (fn12)
• Verbal, mental or physical abuse, corporal punishment and involuntary seclusion; (fn13)
• Use of physical or chemical restraints;
• Failure to ensure that residents have access to their personal records upon request and that the privacy and confidentiality of those records are protected;
• Denial of a resident’s right to participate in his or her care and treatment; and
• Failure to safeguard residents’ financial affairs.

1. Billing And Cost Reporting

Billing and cost reporting policies should be a major part of a NF’s compliance program. In particular, the introduction of the SNF PPS and implementation of consolidated billing create additional issues to be addressed in billing and cost reporting compliance policies. Listed below are some of the reimbursement risk areas a NF should consider addressing in its written compliance policies and procedures. As with all aspects of compliance, the NF must continually reassess its billing procedures and policies to ensure that unanticipated problems are promptly identified and corrected.

• Billing for items or services not rendered or provided as claimed; (fn14)
• Submitting claims for equipment, medical supplies and services that are medically unnecessary; (fn15)
• Submitting claims to Medicare Part A for residents who are not eligible for Part A coverage;
• Duplicate billing; (fn16)
• Failing to identify and refund credit balances; (fn17)
• Submitting claims for items or services not ordered;
• Knowingly billing for inadequate or substandard care; (fn18)
• Providing misleading information about a resident’s medical condition on the MDS or otherwise providing inaccurate information used to determine the RUG assigned to the resident;
• Upcoding the level of service provided; (fn19)
• Billing for individual items or services when they either are included in the facility’s per diem rate or are of the type of item or service that must be billed as a unit and may not be unbundled; (fn20)
• Billing residents for items or services that are included in the per diem rate or otherwise covered by the third-party payor;
• Forging physician or beneficiary signatures on documents used to verify that services were ordered and/or provided;
• Failing to maintain sufficient documentation to establish that the services were ordered and/or performed; and
• Filing false cost reports. (fn21)

The OIG observes billing and cost reporting risk areas have been among the most frequent subjects of OIG investigations and audits. In addition to facing criminal sanctions and significant monetary penalties, providers that have failed to adequately ensure the accuracy of their claims and cost report submissions can be excluded from program participation or be required by the OIG to execute a corporate integrity agreement.

1. Employee Screening

As required by federal and state law, NFs should conduct a "reasonable and prudent background investigation and reference check" before hiring employees who have access to patients or their possessions, or who have discretionary authority to make decisions that may involve compliance with the law. The employment application should specifically require the applicant to disclose any criminal conviction or exclusion. The OIG points out that because providers of nursing care have frequent, relatively unsupervised access to vulnerable people and their property, a NF also should seriously consider whether to employ individuals who have been convicted of crimes of neglect, violence, theft or dishonesty, or financial misconduct.

Likewise, NF policies should prohibit the continued employment of individuals who have been convicted of a criminal health care offense or who are debarred, excluded, or otherwise ineligible for participation in federal health care programs. If the facility is notified that an employee or contractor is charged with a criminal offense related to any federal health care program, or is proposed for exclusion, the facility should take all appropriate actions to ensure that the employee or contractor does not adversely affect the quality of care rendered to any patient or resident, or the accuracy of any federal health care claims. The OIG also believes that NFs should establish standards prohibiting the execution of contracts with companies that have been recently convicted of a criminal health care offense or that are listed by a federal agency as debarred, excluded, or otherwise ineligible for participation.

In order to ensure that NFs undertake background checks of all employees to the extent required by law, the OIG recommends that the following measures be incorporated into the compliance program’s policies and procedures:

• Investigate the background of employees by checking with all applicable licensing and certification authorities to verify that requisite licenses and certifications are in order;
• Require all potential employees to certify that they have not been convicted of an offense that would preclude employment in a NF and that they are not excluded from participation in the federal health care programs;
• Check available public sources, including the OIG’s List of Excluded Individuals/Entities and the GSA’s list of debarred contractors, to verify that employees are not excluded from participating in the federal health care programs; and
• Periodically check the OIG and GSA web sites to verify the participation/exclusion status of independent contractors and retain on file the results of that query. (fn22)

The OIG maintains that employee screening is a critical component of compliance policies and procedures, regardless of the NF’s size or resources. While the OIG believes that the resources required to check the OIG List of Excluded Individuals/Entities are minimal, the agency concedes that absence of an accessible centralized site for criminal background checks may result in inefficiencies and expense. While large providers may elect to outsource the screening process, the OIG recognizes that this may not be a realistic option for smaller NFs. Nevertheless, the OIG recommends that all NFs implement a policy to undertake background checks of all employees.

1. Kickbacks, Inducements, And Self-Referrals

According to the Draft NH Guidance, a NF should have policies and procedures to ensure compliance with the anti-kickback statute, the Stark physician self-referral law, and other relevant federal and state laws by providing guidance in situations that could lead to a violation of these laws. In particular, the OIG believes that arrangements with hospitals, hospices, physicians, and vendors are vulnerable to abuse. NFs also should implement measures to avoid offering inappropriate inducements to residents. Possible risk areas to be addressed include:

• Routinely waiving coinsurance or deductibles without a good faith determination that the resident is in financial need, or absent reasonable efforts to collect the cost-sharing amount;
• Agreements between the facility and a hospital, HHA, or hospice that involve the referral or transfer of any resident to or by the nursing home;
• Soliciting, accepting or offering any gift or gratuity of more than nominal value to or from residents, potential referral sources, and other individuals and entities with which the NF has a business relationship; (fn23)
• Conditioning admission or continued stay at a facility on a third-party guarantee of payment, or soliciting payment for services covered by Medicaid, in addition to any amount required to be paid under the state Medicaid plan;
• Arrangements between a NF and a hospital under which the facility will only accept a Medicare beneficiary on the condition that the hospital pays the facility an amount over and above what the facility would receive through PPS; (fn24)
• Financial arrangements with physicians, including the facility’s medical director; (FN25)
• Arrangements with vendors that result in the NF receiving non-covered items at below market prices or no charge, provided the facility orders Medicare-reimbursed products;
• Soliciting or receiving items of value in exchange for providing the supplier access to residents’ medical records and other information needed to bill Medicare;
• Joint ventures with entities supplying goods or services; and
• "Swapping" (the practice of a supplier giving a NF discounts on Medicare Part A items and services in return for referrals of Medicare Part B business).

The OIG recommends that NFs obtain copies of all relevant OIG and HCFA regulations, Special Fraud Alerts, and Advisory Opinions that address the application of the anti-kickback and Stark self-referral laws to ensure that the policies reflect current positions and opinions. NFs also should ensure that all contracts and arrangements with actual or potential sources of referrals are reviewed by counsel and comply with applicable statutes and requirements.

1. Retention Of Records

The OIG expects NFs, regardless of size, to establish policies and procedures regarding the creation, distribution, retention, and destruction of documents, taking into account privacy concerns and regulatory requirements. In addition to maintaining appropriate and thorough medical records on each resident, the OIG recommends documents covered under this record retention system should include:

• All records and documentation (e.g., billing and claims documentation) required for participation in federal, state, and private health care programs, including the resident assessment instrument, the comprehensive plan of care and all corrective actions taken in response to surveys;
• All records and documentation required by private payors and other governmental institutions;
• All records, documentation, and audit data that support and explain cost reports and other financial activity, including any internal or external compliance monitoring activities; and
• All records necessary to demonstrate the integrity of the NF compliance process and to confirm the effectiveness of the program.

The OIG suggests that NFs should document their efforts to comply with applicable statutes, regulations, and federal health care program requirements. For example, if a NF requests advice from a government agency, such as a Medicare fiscal intermediary or carrier, the NF should retain a record of the request and any written or oral response, particularly if the NF intends to rely on that response to guide it in future decisions, actions, or claim reimbursement requests or appeals. The OIG notes that in a subsequent investigation, such records also may be relevant to the issue of whether the facility’s reliance was "reasonable" and whether it exercised due diligence in developing procedures and practices to implement the advice. We agree with this recommendation.

As part of the record retention policy, the OIG recommends that the NF:

• Secure information in a safe place;
• Maintain hard copies of all electronic or database documentation (which we observe could impose an unwieldy paperwork burden on facilities); and
• Limit access to such documentation to avoid accidental or intentional fabrication or destruction of records.

The OIG adds that as the government increases its reliance on electronic data interchange, NFs should ensure that all of the facility’s informational systems are in working order, secured, and capable of accessing federal and state databases.

1. Compliance As An Element Of Employee Performance

The promotion of, and adherence to, the elements of the compliance program should be a factor in evaluating the performance of all employees, according to the OIG. To that end, employees should be periodically trained in new compliance policies and procedures. In addition, managers, especially those involved in the direct care of residents and in claims development and submission, should be required to:

• Discuss with all supervised employees and relevant contractors the compliance policies and legal requirements applicable to their function;
• Inform all supervised personnel that strict compliance with these policies and procedures is a condition of employment; and
• Disclose to all supervised personnel that the NF will take disciplinary action up to and including termination for violation of these policies or requirements.

Managers and supervisors should be disciplined for failing to adequately instruct their subordinates or for failing to detect noncompliance with applicable policies and legal requirements, where reasonable diligence would have led to the discovery of any violations and allowed the NF to correct them earlier. Conversely, the OIG believes that supervisors who have demonstrated leadership in the advancement of the company’s compliance objectives should be singled out for recognition.

The OIG notes that each NF, regardless of resources or size, should ensure that its employees understand the importance of compliance with program re