This article was written by Paul Mayer and Heather Brownson.
The past two years have been very eventful for Compliance Professionals, starting with changes to the Office of Medicaid Inspector General’s (OMIG) Title 18 NYCRR Part 521 regulations.
18 NYCRR Part 521 was first made effective in 2009 and the requirements remained the same until recently. More than two and half years after the 2020 Laws of New York amended the 363-D Compliance Program requirements, the OMIG amended the 18 NYCRR Part 521 regulations. The updated regulations were finalized on December 28, 2022 and made effective as of March 28, 2023. Some of the key changes in the updated regulations included but were not limited to the following:
- Required Providers – Increased Medicaid revenue threshold for “Substantial portion of business operations” to $1,000,000 (from $500,000) and designated providers required to establish and maintain an effective Compliance Program regardless of Medicaid dollars
- Added a Compliance Program documentation retention period
- Increased Compliance Program applicability to specific risk areas to be addressed
- Addressed Compliance Officer reporting requirements
- Required adequate resources be devoted to the Compliance Program
- Allowed for the Compliance Officer to be a non-employee
- Required a Compliance Committee and Committee Charter
- Required an Annual Work Plan, Training Plan, and Audit Plan
- Further defined training requirements
- Required an annual effectiveness review of Compliance Program, Policies & Procedures, and Standards of Conduct
- Required Exclusion Screening to be completed at least every 30 days
- Revised Self-Disclosure Protocols – to be followed for ANY identified overpayment
What should you be doing now?
Now is the time to determine how these changes have affected you, your roles and responsibilities, and your agency. When reviewing the regulations, consider what additional resources, if any, you need to have to maintain an effective Compliance Program and remain compliant. Educate your Senior Leadership and Board on these regulations and the impact on them and the organization. Be diligent in reviewing the Organization’s current Compliance Program. Compare your Compliance Program to the current regulations, develop a plan to make any necessary changes, and implement them ASAP. As a part of your review, consider the following:
- Determine if your organization is a required provider. Keep in mind that recent changes and/or growth may change your status as a required provider and you should continue to evaluate this regularly.
- Put a plan in place for an annual Compliance Program Effectiveness Review and consider what data needs to be gathered to determine the effectiveness of your Compliance Program.
- Conduct an annual Effectiveness Review and distribute the findings appropriately.
- Complete an organizational risk assessment.
- Review and update your organization’s Annual Work Plan, Audit Plan, and Training Plan.
- Review and assess Compliance Policies and Procedures and the Standard of Conduct for effectiveness and make revisions as appropriate.
- Review and the test the exclusion screening process.
- Ensure that the Self-Disclosure Process is occurring per regulatory requirement and that you are receiving regular communication regarding all overpayments (i.e., voids, adjustments, etc.)
- Review Training process and update annual training
- Assure quarterly compliance reports are completed and distributed appropriately
How can we help?
FoxPointe Solutions, a division of The Bonadio Group, has a team of highly skilled Compliance Professionals with over 50 years of combined Compliance experience. Reach out today to find out how our team can assist with navigating the recent changes.