Breaking Compliance News Blog

Absolutely.

In July 2019, CMS published a proposed rule that would modify the Compliance and Ethics program aspects of the Phase III Long-Term Care Facilities Requirements for Participation (the “Proposed Rule”).

Some of these proposed modifications removed requirements to assign compliance roles to nursing home personnel. For example, CMS proposes eliminating the following requirements:

• All nursing homes must designate “an appropriate compliance and ethics program contact to which individuals may report suspected violations.”
• Chains of five or more nursing homes must designate a compliance officer for whom the compliance program “is a major responsibility.”
• Chains of five or more nursing homes must designate compliance liaisons at each facility.

If made final, the changes will go into effect one year after the rule goes into effect.

CMS’ proposed removal of the compliance officer, compliance liaison, and compliance reports contact requirements might have some nursing homes jumping for joy. After all, fewer regulatory requirements likely means fewer F-tags on your state survey. While we can likely all agree that fewer F-tags are a good thing, nursing homes would be wise to designate someone as compliance officer.

Keep in mind that the Proposed Rule has not yet been made final, and, as of November 28, 2019, SNFs are expected to comply with the original Phase 3 compliance requirements at 42 CFR 483.85. But, what if the Proposed Rule becomes final?

Maybe.

How many hats does your compliance officer wear? Here are some of the additional roles compliance officers have mentioned to me:

• HR Director
• Administrator/CEO
• Nursing Home Admissions Director
• Training Manager
• Clinical Director or QAPI Director
• Assistant Administrator or VP
• CFO
• Privacy Officer and/or Security Officer
• Director of Nursing
• Marketing/PR Director

Sometimes people just laugh when I ask if they have roles in addition to Compliance Officer – because they have so many.

Give them a break

At the risk of getting some Billboard top ten 1980’s Janet Jackson lyrics stuck in your head for the rest of the day, I’d like to ask you an important question:

What has compliance done for you lately?

Phrased another way:

How has your compliance program helped your organization this year?

Did your hotline encourage employees to report potential false claims internally, so they could be self-reported? Did this hotline call possibly avoid a whistleblower situation?

Did routine compliance audits find a documentation issue – so you could correct it before it became a widespread problem?

Maybe the compliance department collaborated with the HIPAA Security Officer to run a ransomware and phishing campaign, educating employees about potentially hazardous emails and links. As a result, the Compliance Officer and Security Officer received dozens of calls from employees reporting suspicious emails and links that potentially contained ransomware or malware. Can you put a price tag on potentially avoiding a costly ransomware attack?