Kusserow on Compliance: CMS ‘guts’ SNF/LTC compliance program mandates

– CMS “bows” to industry pressure

– Objective standards replaced by subjective ones

– Designated compliance officer not to be required

– No contact person to whom “people may report suspected violations”


A new CMS proposed rule—“Medicare & Medicaid Programs; Requirements for Long-Term Care Facilities: Regulatory Provisions to Promote Efficiency and Transparency”—proposes to roll back and remove many compliance program related requirements for long term care facilities (LTC) participating in Medicare/Medicaid. The Proposed modifications include removing many of the compliance program requirements adopted in 2016 on the basis that they are not expressly required by statute. The stated purpose of the proposed changes is to reduce administrative burdens. This flies in the face of increased identification by CMS, OIG, GAO, DOJ, and Congress of legal and regulatory compliance violations by LTC facilities.

Enhanced compliance programs were a way of addressing these ongoing problems. Among the requirements removed were (1) designation of a compliance officer; (2) designation of a compliance liaison for operating organizations with five or more facilities; (3) annual reviews of the compliance program; (4) having an identified person to whom individuals may report suspected violations.

CMS now proposes that a LTC organization develop, implement, and maintain an effective compliance and ethics program most appropriate for size and type of the organization. This should include written compliance standards, policies, and procedures that are reasonably capable of reducing the prospect of criminal, civil, and administrative violations. The new standards are far less objective and rely more on subjective concepts that are vague and difficult to substantiate, using terms like “reasonable” and “sufficient.”  Other CMS expectations for facilities include:

  1. Providing sufficient resources for operation of the compliance program.
  2. Designating a high-level person for overall compliance program responsibility with appropriate authority to assure compliance with the regulations.
  3. Taking reasonable steps to achieve compliance with program’s standards, policies, procedures, including monitoring and auditing that is reasonably designed to detect criminal, civil, and administrative violations.
  4. Having in place and publicizing a reporting system whereby anyone could report violations by others within the organization without fear of retribution.
  5. Ensuring consistent enforcement and discipline of standards, policies, and procedures.
  6. Effectively communicating compliance standards, policies, and procedures in compliance mandatory training.
  7. Taking reasonable steps to respond detected violations and to prevent similar violations in the future.

The new CMS proposed compliance program standards are significantly different from standards issued by the U.S. Department of Justice in April 2019—new DOJ evaluation of corporate compliance program guidelineswhich are designed to be used in making prosecutorial decisions and in determining penalty guidelines. Before CMS proposed to rescind many of its previously published standards for compliance programs, the DOJ and CMS standards were consistent.



Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2019 Strategic Management Services, LLC. Published with permission.