Despite significant delays due to COVID, Phase 3 requirements of the “mega rule” are now in effect and one of the most unique elements for SNFs is the Ethics and Compliance requirement – 483.25. A good primer on the requirement is attached here. I have highlighted some key points relative to this post. SNF Compliance and Ethics
Aside from a bit of a title misnomer (ethics), the requirement is really about compliance with applicable Medicare and Medicaid law. Ethics refers to “business ethics” versus bioethics and providers need to understand that the core requirements of care and service delivery contained within the Conditions of Participation are in many ways, separate from this requirement, save the billing contexts.
I know confusion arises at this point but in reality, it is quite simple. Ethics and Compliance for SNFs focuses on how providers “operate” or “conduct business” versus how care is delivered. There are dozens of COPs related to how residents are supposed to be cared for and the same, assessed and documented. This condition ties the business aspects and in particular, the payment aspects with the care delivery.
The key for providers to note with this requirement is that the documentation, delivery of care, and billing must be in harmony. It is against federal law for a provider to bill for services not rendered, care not required (by definition) or care that is substandard. This is where RAC audits and auditors come in.
RAC auditors are responsible for assuring that care provided is properly substantiated and billed. They conduct their work on a post-payment review basis. CMS continually updates their (contractor’s) charge by identifying audit conditions that should be reviewed. While CMS states that RACs are charged with identifying overpayments and underpayments, the overpayments are the focus. Overpayments typically relate to billing for services unsubstantiated by payment in relation to actual care provided or required (upcoding, excess service utilization). The current approved RAC audit list for all provider types is attached here. I highlighted the conditions impacting SNFs. RAC approved_issues_list_04_12_2023
What RACs and compliance requirements mean for SNFs is simple but difficult in application. SNFs in the new Ethics and Compliance requirements are obligated to monitor their billing practice and to do so via an audit process. The best audit processes incorporate an independent dimension meaning, using an outside source/contractor. This is different than engaging an accounting firm to audit financial statements and records and produce GAAP statements. The process is basically, assuring that the claim sent to CMS or Medicaid, is accurate and supported by records and assessments; services rendered. The best audits also incorporate a dimension of patient/resident satisfaction.
For proper compliance, how frequent the audits are completed/conducted would really depend on the volume of Medicare/Medicaid claims a facility submits. For most SNFs, bi-annual is more than adequate with periodic topical checks of common RAC results/pitfall areas. In other words, there are patient types and diagnostic codes that are flagged or targeted more often than others for billing impropriety (e.g., IV, infections, wounds, etc.). Lengths of stay are also an issue (long and short). Good compliance audits also detect care/documentation deficiencies. In looking at how care was documented/assessed versus what was billed, the audit can detect sloppy documentation or perhaps, knowledge gap problems necessitating training. For many facilities, it is not uncommon that a good audit will detect opportunities for additional reimbursement as facilities commonly underbill rather than overbill.
For the SNF, the goal is not to avoid a RAC audit (can’t) but to be able to withstand claim scrutiny by having systems and processes in-place, to assure compliance. This is the purpose of the Ethics and Compliance requirement. Being vigil and consistently testing the process of care provided, documented and then billed, assuring accuracy and integrity, is a best practice. For organizations that I ran and consulted for, using this type of an audit process was a requirement and best practice, well before CMS made it a Condition of Participation.