Kusserow on Compliance: GAO reports CMS gaps in nursing home oversight

CMS needs to address gaps in federal oversight of nursing home abuse investigations

The Government Accountability Office (GAO) reviewed CMS oversight of nursing home abuse in response to a request from the Congress. As part of its review, the GAO interviewed officials from survey agencies about how they investigate complaints and facility-reported incidents of resident abuse in nursing homes in five selected states.

The GAO noted, there are approximately 15,600 nursing homes providing care to about 1.4 million nursing home residents, a population of elderly and disabled individuals. CMS defines the standards nursing homes must meet to participate in the Medicare and Medicaid programs, including standards for resident care and safety. To monitor compliance with these standards, CMS enters into agreements with state survey agencies to conduct standard surveys or evaluations of the state’s nursing homes. Those surveys and evaluations investigate both complaints from the public and facility-reported incidents regarding resident care or safety, such as abuse. Investigations of nursing homes based on public complaints and facility-reported incidents offer a unique opportunity for the state survey agencies to identify potential abuse, as these can provide a timely alert of acute issues that otherwise might not be addressed until the standard survey.  Federal nursing home surveys and investigations of complaints and facility-reported incidents can be cited and tracked by CMS. Where deficiencies are found, CMS can impose federal sanctions to prompt the correction of deficiencies.

The review focused on Oregon, a state with 135 nursing homes caring for approximately 7,000 residents. The GAO found failure to follow federal requirements that the survey agency investigate all complaints and facility-reported incidents. Additionally, the GAO found CMS failed to address gaps in federal oversight in Oregon for at least 15 years. The GAO suggested to CMS that these problems may extend to other states and that CMS needs to take corrective action.

GAO recommendations to the administrator of CMS included: (1) evaluating state survey agency processes in all states to ensure all state survey agencies are meeting federal requirements that state survey agencies are responsible for; (2) investigating complaints and facility-reported incidents alleging abuse in nursing homes; and (3) that the results of those investigations are being shared with CMS.

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2019 Strategic Management Services, LLC. Published with permission.

Kusserow on Compliance: Preparing for compliance investigations

Most compliance officers are not professionally trained investigators and are unsure how to decide whether an issue warrants a formal investigation. Also, the great majority of issues presented to compliance officers can be resolved relatively easily without need of an investigation.  However, when situations arise warranting an investigation, it is important to know what needs to be done and how. At every step in an investigation, there are rules that must be followed regarding how things must be done—working with other internal or external parties, determining how to manage the records of investigations, and so on. It is important for anyone who may be called upon to investigate, to take time to learn some of the fundamentals of the process. The first step for any investigation is taking time to analyze all known facts upon receipt of a complaint, allegation, or information suggesting a potential wrongdoing. After this, the next step is to decide upon a course of action, such as:

  1. Closing the matter without the need of further action
  2. Having enough information to take adverse or corrective action on the issue
  3. Need to investigate to clarify issues
  4. Referring the matter to legal counsel
  5. Disclosing a violation to a duly authorized governmental authority

The following should be considered when the decision is to investigate:

  • Knowing who the deciding authority is and what they will need to make a decision
  • Development of the investigative plan
  • Establishing the scope of the investigation
  • Who is the person best qualified to conduct the investigation?
  • Whether the investigation should be under direction of legal counsel

Time is a major enemy and is a force with which to contend in any internal investigation. There is a lot involved in even a simple investigation.  It includes two key elements: documentary evidence and conducting interviews. Knowing what documents are needed is important but knowing how to properly conduct interviews requires some training and skill to produce optimum results and reduce the risks of losing valuable information and time. Writing reports of interviews and the final Investigations Report is also very important. There is both a right and wrong way to do these things.

Conducting successful compliance investigations requires professional competence and friendly persuasion, not upon the authority and power of a government agency backed by the courts. One of the most common and costly mistakes is for individual to conduct investigations without having proper training and experience. It is advisable to engage an expert to teach basic investigation fundamentals on how to: (a) conduct interviews, (b) gather evidence, and  (c) file and store documents and evidence. A few hours of training will not create a professional investigator but may provide enough guidance to ensure that proper steps are followed to avoid costly mistakes. It is also advisable to have protocols in place and in advance of being confronted with an investigation to provide guidance on how to proceed.

 

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2019 Strategic Management Services, LLC. Published with permission.

Kusserow on Compliance: OIG’s planned work for home health agencies

Home Health Agencies (HHAs) remain one of the top enforcement priorities for the DOJ and HHS Office of Inspector General (OIG). Considerable OIG investigative resources are devoted to HHA fraud. However, the OIG auditors and evaluators are also focusing on HHA waste and abuse. For example, in May 2019, the OIG released several audit reports related to HHAs, including those for EHS Home Health, Excella Home Care, Great Lakes Home Health, and Metropolitan Jewish Home Care. The OIG found a number of deficiencies, including beneficiaries who were not homebound that were able to ambulate without assistance and perform home exercises, or had only a partial episode (wound healed). In addition, in many cases, documentation was not provided or did not support services. To continue its efforts in this area, the OIG has added several planned audits and evaluations related to HHAs, including the following:

  1. OIG will review supporting documentation to determine whether home health claims with 5 to 10 skilled visits in a payment episode, in which the beneficiary was discharged home, met the conditions for coverage and were adequately supported as required by federal guidance.

 

  1. Recent OIG reports disclosed high error rates at individual HHAs, consisting primarily of beneficiaries who were not homebound or who did not require skilled services. So, the OIG will continue its efforts regarding whether home health claims were paid in accordance with federal requirements.

 

  1. Using data from the CMS’s Comprehensive Error Rate Testing (CERT), the OIG plans to identify the common characteristics of “at risk” HHA providers that could be used to target pre- and post-payment review of claims.

 

  1. The OIG will review Medicare Part A payments to HHAs to determine whether claims billed to Medicare Part B for items and services were allowable and in accord with federal regulations. Generally, certain items, supplies, and services furnished to patients are covered under Part A and should not be separately billable to Part B. the OIG has previously found noncompliance with these Medicare billing requirements.

 

  1. The OIG will compare HHA survey documents to Medicare claims data to look for evidence of patients omitted from HHA-supplied patient information from select recertification surveys using Medicare claims data.

 

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2019 Strategic Management Services, LLC. Published with permission.

Kusserow on Compliance: New OCR Guidelines

The HHS Office for Civil Rights (OCR) issued a new guidance which points out a list of 10 violations where Business Associates (BAs) can be held directly liable. The guidance points out that where BAs may not be liable, the covered entity (CE) may be still on the hook for violations of those violations. As such CEs should carefully review their BA Agreements (BAAs) to ensure that they cover requirements that don’t directly apply to BAs but are still enforceable against CEs.

The OCR also notes that large data breaches also continue to dominate the press. The OCR recently cited among recent notable breaches that an EMR and software services provider allowed hackers access to 3.5 million patient records. Touchstone Medical Imaging (TMI), agreed to pay $3 million for a breach involving one of its FTP servers that contained PHI for over 300,000 patients. LabCorp received notice from American Medical Collection Agency (AMCA), a collection firm working on its behalf, regarding unauthorized access of 7.7 million patients’ PHI stored by AMCA. This announcement followed a similar one from Quest Diagnostics, in which they reported that AMCA’s breach affected 11.9 million of its patients.

Updates on OCR enforcement actions can be found at https://www.hhs.gov/hipaa/for-professionals/compliance-enforcement/data/enforcement-highlights/index.html

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2019 Strategic Management Services, LLC. Published with permission.