Compliance Considerations for Accountable Care Organizations (ACOs)
Meeting CMS Requirements on the Way to Value-Based Care
As ACOs chart a path toward a value-based healthcare model, there are rules of the road established by the Centers for Medicare and Medicaid Services (CMS) that require strict compliance. These requirements were highlighted at a recent meeting of the American Health Lawyers Association and focused on the responsibility of ACOs for adherence to all compliance terms on behalf of their participants, providers, suppliers and any other entities associated with the ACO.
These assumed responsibilities include the establishment of a compliance plan as well as a “compliance official” (separate from legal counsel) who will report directly to the ACO’s governing body. This official will be called upon to identify and address compliance problems and establish methods that allow all those within, or associated with the ACO, to anonymously report suspected compliance problems.
These compliance officials will also be tasked with training all ACO employees and associated entities on compliance protocols and how to appropriately report compliance violations to the appropriate law enforcement agency.
The Medicare Shared Savings Program (MSSP) has regulations of its own that can affect ACOs. For example, MSSP requires that 75 percent of any ACO board must consist of representatives from that ACO’s participant organizations. Also, there are other Medicare requirements that impact ACO compliance, such as the Stark law, Anti-Kickback Statute, Gainsharing Civil Monetary Penalties (CMP) law, Patient Inducement CMP law and the False Claims Act. Those who are not up to speed on the subtleties of these and other requirements can find themselves on the wrong side of the law.
There are a variety of other ACO compliance issues that we strongly recommend our clients to consider carefully. They include, for example: accuracy of marketing materials; complying with patient notification rules; ensuring patient freedom of choice (limits on mandatory referrals within an ACO); ensuring patient access to all covered services; record retention; and protecting the privacy and security of patient data.
10 Tips for Effective ACO Compliance
- Culture is key
- Messaging is crucial
- Governance integrity is essential
- Get it right up front – focus on underlying conditions
- Build a certification trail
- Coordinate among participants
- Leverage existing efforts
- Integrate quality and compliance
- Don’t forget about privacy and security
- Proactively audit new and existing issues and address identified problems
Source: Manatt, Phelps, & Phillips, LLP