Skip to Main Content

insightsarticles

Debunking the myths of HIPAA: Five steps to better compliance

03.09.21

Read this if your organization has to comply with HIPAA.

We have been monitoring HHS Office for Civil Rights (OCR) settlements as part of the HIPAA Right of Access Initiative (16 settlements and counting) and want to dispel some myths about HIPAA enforcement. Myths can be scary. It would be pretty frightening to run into Bigfoot while taking a stroll through the woods, but sometimes myths have the opposite effect, and we become complacent, thinking Bigfoot will never sneak up behind us. He’s just a myth, right?

As we offer our top five HIPAA myths, we invite you to decide whether to address gaps in compliance now, or wait until you are in the middle of the woods, facing Bigfoot, and wondering what to do next.

Myth #1: OCR doesn’t target organizations like mine.

The prevailing wisdom has been that the Office for Civil Rights only pursues settlements with large organizations. As we review the types of organizations that have been targeted in the recent past, we find that they include social services/behavioral health organizations, more than one primary care practice, a psychiatric medical group practice, and a few hospital/health systems. With settlements ranging from $10,000 to $200,000 plus up to two years of monitoring by the OCR, can you really afford to take a chance?

Myth #2: I have privacy policies, procedures, and training protocols documented, so I’m all set if OCR comes calling.

Are you really all set? When did you last review your policies and procedures? Are you sure what your staff actually does is HIPAA compliant? If you don’t regularly review your policies and procedures and train your staff, can you really say you’re all set?

Myth #3: HIPAA gives me 30 days to respond to a patient request, so it’s ok to wait to respond.

Did you try to ship a package during the 2020 holiday season? If so, do you remember checking your tracking number daily to see if your gift was any closer to its destination? Now imagine it was your health records you were waiting for. Frustration builds, goodwill wanes, and you start looking for a higher authority to get involved. 

And beware: if proposed Privacy Rule changes to HIPAA are finalized, the period of time covered entities will have to fulfill patient requests will be reduced from 30 to 15 days.

Myth #4: If I ignore the problem, it will go away.

Right of Access settlement #10 dispels this myth: A medical group was approached by OCR to resolve a complaint in March 2019. Then again in April 2019. This issue was not resolved until October 2020. Now, in addition to a monetary settlement, the group’s Corrective Action Plan (CAP) will be monitored by the OCR for two years. That’s a lot of time, energy, and money that could have been better spent if they worked to resolve the complaint quickly.

Myth #5: OCR will give me a “get out of jail free” card during the pandemic.

As one of our co-workers said, “Just because they are looking aside does not mean they are looking away.” The most recent settlement we have seen to OCR’s Right of Access Initiative was announced February 10, 2021, showing that the initiative is still a priority despite the pandemic.

Are you ready to assess or improve your compliance with HIPAA Right of Access rules now? Contact me and I will help you keep OCR settlements at bay. 

Related Services

Consulting

Organizational and Governance

Related Professionals

Principals

BerryDunn experts and consultants

Read this if you are interested in grant compliance in healthcare. 

This is a companion article to the podcast, Mitigating the compliance and revenue integrity risk of grant funded healthcare programs.

The BerryDunn Healthcare Practice Group boasts professionals who have expertise all across the spectrum of healthcare, including regulatory, revenue, integrity, general compliance, and risk management issues. This article covers the very specific arena of grant compliance affecting many of BerryDunn’s healthcare, not-for-profit, and government clients.

After starting as a newly minted MBA financial analyst with an academic medical center in Northern New England, I (Markes) worked my way into the world of grants and contracts supported by my interest in federal regulations and the non-clinical revenue streams. Fascinated to navigate through waters where it seemed no one was the expert, or really had the time or patience to figure things out, I worked to stand up a grant office in finance on the hospital side, separate from the medical school which was the usual repository for grant funding. We moved this direction because hospital leadership realized grant funding was tipping toward the clinical setting and was less focused on bench or clinical research. Put another way, less NIH and more CDC, HRSA, and CMS.

BerryDunn Senior Manager Regina Alexander advises, “wherever there is complexity, there is compliance risk.” Whether from a federal agency like HHS, HRSA, NIH, or CDC, a state Medicaid program, foundation, or private source, grants always come with requirements, typically very specific requirements. Because the dollars are being ‘given’, those requirements for how the funds are used may be much more restrictive than loans.

Like other areas of regulatory compliance, it is reasonable to assume that grant programs often have compliance gaps that go unnoticed. For many of our clients, both in healthcare and not-for-profit, and in the government space, grant revenue has become a significant source of funding. Any kind of healthcare delivery organization, including academic medical centers, federally qualified health centers, community hospitals, behavioral health service organizations, home health providers, visiting nurse associations, and others can end up with significant portions of their income for the year being sourced by federal grants.

Grant compliance categories

We all can’t be experts in every domain of regulatory compliance, and grant compliance has a lot of breadth. Thankfully, at BerryDunn, we have a team of grant experts who work collaboratively across practice groups. When I was working on setting up the grant office and establishing a proprietary clinical FTE reporting process and system earlier in my career, I would have greatly benefited from the perspectives of other experts at the table.

When we think about grant compliance, four categories are helpful to keep in mind:

  1. Restricted funding
  2. Single audit
  3. Indirect rate
  4. Time and effort

Restricted funding

Firstly, and most universally understood and applied is that grant monies are, pretty much by definition, restricted. Aside from very specific and rare instances of monies being granted to beneficiaries who have no responsibility, all grant funding is awarded with the expectation that the funds will be expended in a specific way. 

Any funder, from the federal government to your local community organization like the Lions Club or the VFW, will likely require individuals and entities awarded a grant must promise to use the funds only for the purpose laid out in the award and proposal. Compliance with grant terms typically includes following the requested reporting requirements of that funder as well. Though this category may sound obvious, it's actually pretty far-reaching, as it usually affects sub-recipients (those entities who are partnered with the direct recipient to accomplish the grant purpose). For example, where the money goes after the initial awardee receives it, or rules about who can do the work, what type of organization, how you choose a vendor, etc.—all sorts of categories.

It should be noted that many of these grant award requirements are not dissimilar from work we already do in the healthcare compliance space to assist our clients in avoiding anti-kickback statutes and Stark risks. This is because grant compliance is grounded in the same basic concepts—no favoritism, no bribes or shady deals, and avoiding fraud, waste, and abuse. Especially if you're spending federal monies, you need to prove that you choose the vendor based on verifiable best practices, and consideration was afforded to organizations owned by women, veterans, and minorities.

Single audit 

The second category, Single Audit, is applicable to all federal funding of $750,000 or more annually. My colleague from BerryDunn’s Not-for-Profit practice group, Katie Balukas, explains: 

"The federal Single Audit Act is a requirement for entities to undergo an independent financial and compliance audit when the entity has expended over $750,000 in federal awards. These audits are conducted following guidance issued through the Governmental Auditing Standards and the United States Office of Management and Budgets' Uniform Guidance. The main focus of the compliance audit is to assess the entity's compliance with the requirements set forth by the federal agency that administered the grant funds. That includes, but is not limited to determining if the funds were utilized for allowable costs and activities and expanded within the proper grant period and that the reporting and performance objectives were met."

It is important to note that adequate, appropriately scaled internal resources are essential for any organization receiving grants and even more so with larger grants. Though the phrase has been overused, it really does “take a village”. Grant management isn't something an organization should do on the side, assigning grant accounting to someone who already has a full-time role, but unfortunately this is common and also unfortunate because under resourcing tends to lead to compliance concerns, as well as just plain old poor funding management. 

Indirect rate

Speaking of funding, the third type of grant compliance is very focused on a component of the grant world that really has a life of its own: The indirect rate. Though there is an accounting definition of ‘indirect’, the way it is defined regarding grant funding is pretty specific, and there is an entire body of work organizations undertake to get a federally approved indirect rate.

There's an awful lot to think about with the indirect rate. On the one hand, you could say it's pretty simple. For example, a lot of foundation funders and even some federal funders will offer you a 5% or 10% indirect rate without any need to make a calculation. That's because they know that if you take time to do the math, you'll come up with a number much higher than 5% or 10%. When it comes to federal grants and healthcare services organizations, the indirect rate is dependent on how an organization measures costs. For hospitals, of course, the method of measurement is driven by the Medicare cost report, and that's where we would do the fancy math to derive the indirect rate. But the reality is far from simple or straightforward. 

Time and effort

The fourth and final area of grant compliance, time and effort, is also the one I'm actually most passionate about and is probably the most minimized, or at the very least, misapplied. 

In one way, “time & effort” is exactly what it sounds like. Much of granted dollars, especially from the federal government, get appropriately spent on program staff. The challenge is to match time and effort to those dollars, but that isn't as clear as it sounds, because the standard way of measuring staff time is usually in a payroll system of some sort, which can't prove how time was spent.

Most payroll systems can be programmed to account for FTE (full-time equivalent) allocations; however, there is often a breakdown between theory and practice. Putting allocations into payroll, usually done without employee interaction, may show how an employee “should” spend their time, but it is really no guarantee that that's actually how they're spending their time.

So how does the organization typically go about assuring that? Now, I don't want to speak for everyone, but let's just say I happen to know that there's a place for two or three (or maybe 10,000) that basically put allocations into payroll, and then, unfortunately, often well after the fact and/or more than once, send that allocation to the employee to sign off on without really any option to disagree, or even to modify. We all know that is not compliant…but in the organization's defense, there really haven't been very good alternatives to that kind of woeful and frustrating process, at least none that have been widely shared or understood.

As often is the case in the compliance world, rules are not followed because there is no perceived risk, but that is not a winning strategy.

Though many people involved in grant management do not have any experience or even knowledge of time and effort violations meeting with any consequences, organization interest and grant compliance have more implications than just preventing front page news. What I find in the conversations with organizations, both large and small, is that loose time and effort management costs the organization in two major ways. 

Firstly, it is inefficient to scramble around at the close of each federal grant to fix time and effort allocations. The extra time spent by grant staff, project coordinators, managers, and the finance team to sort things out because they didn't get them right the first time is the worst kind of inefficient—poor use of time with an equally poor outcome. 

Secondly, loose time and effort is costly in direct salary dollars. Most grant staff are not dedicated to one project, so we need to consider the value of their other work. Whether that is on other grants or, for example, seeing patients in the clinic as many principal investigators in healthcare do, having inaccurate or fluctuating understandings of their ability costs the organization directly in wasted salary dollars or indirectly as the opportunity cost of those providers (or other roles in other organizations). 

Digging in and fixing these issues is the work I really enjoy. It's relatively simple to build a compliant model, whether that requires very little payroll redo and is just a simple recurring attestation process in built in Excel, or more complex integrated models with triggered attestations in PDF format in a database that manages the overall FTE of principal investigators. It might even drive the available clinical provider time. It can all be done. We just need to know what the goal is. 

Working in this space so rewarding, because like so much of compliance, it's about doing something better—not just being compliant—but setting organizations up to better meet their goals and fulfill their mission.

The compliance or accounting professional might still ask, “But why aren’t payroll allocations sufficient for meeting Uniform Guidance?” The truth is, when UG came into effect and superseded the A-110, 122, 133, and others, the bar was effectively lowered. Historically, organizations abiding by the old OMB circulars had to make an attestation at least twice a year, which doesn’t really seem helpful, as who can accurately allocate their time from 5 or 6 months ago? So UG did away with the timeframe reference, relying on the idea that the payroll allocations and distributions would be all that would be needed, and in the absence of those, a monthly ‘look back’ by professional staff would be in order.

I say all this, because as a result, the interpretation of ‘payroll allocations’ then becomes the standard and we have forgotten about the other elements spoken of in the regulation. Remember, for anyone salaried (the vast majority of physicians and most of the higher level grant personnel), the ‘payroll allocation’ doesn’t pass muster. It is a static allocation that has no mooring in actual activity. This is why UG calls for monthly “current and reasonable estimates” of time and effort.

So what can organizations do in response? They need to seek a solution, a process, and a method that will both pass audit muster, as well as help the organization properly manage their resources. Almost every organization manages their productivity and finances on a regular basis: monthly! That’s why the same standard should apply to grant time and effort management. It's much more reasonable to ask you how you spent your effort this month, asking you to make a reasonable estimate of your time allocations to the different efforts you worked on.

So to summarize, the four key areas of grant compliance are (1) grants are restricted funding, (2) single audit requirement for federal funding over $750,000 annually, (3) the indirect rate and related agreement, and (4) time and effort.

Of course, I would be remiss to not point out that undergirding all this is the organization’s approach to policy. Any organization that considers grant funding a regular piece of their annual income needs to have dedicated grant management policies, covering all of the above topics, with particular focus on those arenas that are unique to the world of federal funding, and being mindful to follow or otherwise update for changes in processes and/or regulations.

Final takeaways: 

  • First, what grant focused infrastructure do you have in place? If you are subject to a single audit, there should be dedicated administrative grant staff. And I don’t mean the programmatic people actually working on the grant, but people outside the grant funding—also why you have an indirect rate. 
  • Second, how are you handling time and effort? If the process relies on any long after-the-fact attestations or payroll-generated reporting, it is unlikely to be truly following the spirit…or the letter…of Uniform Guidance. 
  • Third, review your policies regarding grants. You may not actually have policies focused on grant activities, leaving them under ‘general finance’. That isn’t sufficient to cover federal funding requirements. Many have grant policies in place, but are they actually being followed through the lifecycle of your grant programs? 
  • Lastly, the grant world is a whole ball game unto itself. BerryDunn has some great resources internally to offer assistance in all phases of grant management and administration. 
Article
Mitigating risk of grant funded healthcare programs

Read this if you are subject to Medicaid DSH audits.

The Medicaid DSH program, created in 1981, provides funding to hospitals in the form of DSH payments. Federal law requires that state Medicaid programs make DSH payments to hospitals that serve a disproportionately high number of Medicaid beneficiaries and uninsured low-income patients, to help offset uncompensated care costs (UCC). With healthcare costs steadily outpacing income growth and inflation, these DSH payments serve as an important and sometimes necessary reimbursement mechanism. 

In most states, hospitals that receive Medicaid DSH payments are subject to an annual DSH audit, to determine the DSH UCC limit and to compare it against DSH payments received from the Medicaid state agencies. The DSH UCC limit uses information from the Medicare cost report, as well as Medicaid and uninsured patient detail, to calculate the UCC. 

Upon completion of the DSH audit, the Medicaid state agency or its contractor will compare the UCC to the DSH payments issued during the state fiscal year to determine if a hospital is in a shortfall, where DSH payments were less than the UCC, or a "longfall", where DSH payments were greater than the UCC. If it is determined that a hospital is in a longfall, the state’s Medicaid plan may require hospitals to pay some or all of the DSH funds back. With potentially significant financial implications, it is in the hospital’s best interest to understand the requirements and to complete the audit in a timely and accurate fashion. 

Completion of the DSH audit can be a daunting task. For some, the mere mention of the words “DSH audit” is enough to send chills down one’s spine. It is best assigned to those with solid reimbursement, revenue cycle, hospital operations, and information management system (IT) knowledge. 

It is not uncommon for hospitals to have a consulting firm, such as BerryDunn, complete the DSH audit on their behalf. While the DSH audit may seem like a heavy lift, we hope the following tips will assist you in tackling the audit and getting through the process smoothly and efficiently. 

  1. Allow enough time for completion of the DSH audit. A considerable amount of time and effort is needed to collect, reconcile and summarize the internal claims data and to enter information into the required schedules. The time needed to complete the audit will depend on your organization’s available resources and complexity of the IT and financial systems. Typically, this process takes one to two weeks to complete, sometimes longer. Creating the patient data support files themselves is arguably the most time-consuming aspect of the process. 
  2. Review the minimum federal requirements for DSH payment eligibility and document your organization’s qualifications. To receive DSH payments, hospitals must have a low-income inpatient utilization rate (LIUR) greater than 25 percent, or the hospital must have a Medicaid utilization rate (MIUR) that is at least one standard deviation above the mean rate of all hospitals in the state that receive Medicaid payments. States may distribute DSH payments to other hospitals provided they have a MIUR of at least one percent, and if they offer obstetric services that they have at least two OB/GYN on staff.
  3. Take time to understand how DSH payments are calculated in your state and if any recent state Medicaid plan changes may affect your organization’s eligibility and amount of qualifying payments. 
  4. Carefully review any audit instructions provided, paying particular attention to types of claims, service dates, and required supporting information. 
  5. Gather all the data files needed for completion of the DSH audit before diving in, including the cost report(s) for the period under audit, patient data support files that support the Medicaid and uninsured populations, and audited hospital financial statements (if applicable). Remember: bad data in, bad data out!
  6. Reconcile the state claims data. If the state claims data is used by the state Medicaid agency or its contractor to complete a portion of the audit, we strongly recommend a reconciliation of the state claims data to internal records, to help ensure all eligible claims, inpatient days, and charges are included.
  7. Identify and capture all Medicaid and uninsured patients. When completing schedules, hospitals should ensure they are identifying and capturing all Medicaid and uninsured patients, and accurately report the charges and payments for these patients for the DSH audit. Certain data elements are required, including patient demographic data and hospital charge and payment information. 
  8. Review insured patients' claims with no insurance payment. For uninsured patient charge capture, hospitals may benefit from reviewing insured patients’ claims with no insurance payment. Some claims, meeting state Medicaid plan coverage requirements, could be included as “uninsured” if they meet one of the three exclusion requirements: (1) service was not covered by insurance, but is covered by a Medicaid state plan; (2) patient’s benefits were exhausted prior to the admission/service date, and (3) patient reached the lifetime insurance limit. Some accounts that appear to be insured on the surface may in fact be eligible for inclusion in the calculation of the UCC. Remember, claims denied by insurance, such as untimely filing, lack of pre-authorization, or medically unnecessary services, should not be reported. In many cases, the only way to know for sure if an account can be included is through research of patient notes and financial information. Leave no stone unturned! It could be the difference between a longfall and a shortfall in your UCC.
  9. Review your work prior to submission. Many states will provide a checklist with the audit package, to ensure all data elements have been included with the submission. Even if the hospital has resources to complete the audit, consider arranging for a third-party review of the DSH audit and other submission items to help ensure the accuracy and completeness of the data. 
  10. Schedule time to review audit adjustments. The Medicaid state agency or its contractor will likely provide an adjustment report for your review. Plan your time for review of the audit adjustments, as the window for response or amendments may be very narrow. Take note of the adjustments, especially the high dollar ones, and either confirm that they are accurate or make revisions as necessary. This is another opportunity to bring in an advisor for a second review. 

Should you have any questions about or during the DSH reporting process, please do not hesitate to reach out to Andrew Berube and Olga Gross-Balzano at BerryDunn. We’d be pleased to serve as a second set of eyes to your process or alleviate the time requirements on your finance team. 

Andrew Berube
aberube@berrydunn.com
207-239-9893

Olga Gross-Balzano
OGross-Balzano@berrydunn.com
207-842-8025

Article
Medicaid Disproportionate Share Hospital (DSH) audits: 10 tips for a successful audit

Read this if you want to understand the new lease accounting standard.

What is ASC 842?

ASC 842, Leases, is the new lease accounting standard issued by the Financial Accounting Standards Board (FASB). This new standard supersedes ASC 840. For entities that have not yet adopted the guidance from ASC 842, it is effective for non-public companies and private not-for-profit entities for reporting periods beginning after December 15, 2021.

ASC 842 (sometimes referred to as Topic 842 or the new lease standard) contains guidance on the accounting and financial reporting for agreements meeting the standard’s definition of a lease. The goal of the new standard is to:

  • Streamline the accounting for leases under US GAAP and better align with International Accounting Standards lease standards 
  • Enhance transparency into liabilities resulting from leasing arrangements (particularly operating lease contracts)
  • Reduce off-balance-sheet activities

What is the definition of a lease under the new standard?

ASC 842 defines a lease as “A contract, or part of a contract, that conveys the right to control the use of identified property, plant, or equipment (an identified asset) for a period of time in exchange for consideration.” 

This definition outlines four primary characteristics to consider: 1) an identified asset, 2) the right to control the use of that asset, 3) a period of time, and 4) consideration.

(For a deeper dive into what constitutes a lease, you can download the BerryDunn lease accounting guide here.) 

How will this affect your organization?

  • Lease arrangements have to be classified as finance, operating, or short-term leases. In general accounting for the lease asset and liability is as follows:

    • For finance leases, use the effective interest method to amortize the liability, and amortize the asset on a straight-line basis over the lease term. Note that this has the effect of “front-loading” the expense into the early years of the lease.

    • For operating leases (e.g., equipment and some property leases), the lease asset and liability would be amortized to achieve a straight-line expense impact for each year of the lease term. ASC topic 842 establishes the right-of-use asset model, which shifts from the risk-and-reward approach to a control-based approach. 
  • Lessees will recognize a lease liability of the present value of the future minimum lease payments on the balance sheet and a corresponding right of use asset representing their right to use the leased asset over the lease term. 
  • The present value of the lease payments is required to be measured using the discount rate implicit in the lease if its readily determinable. More likely than not it will not be readily determinable, and you would use a discount rate that equals the lessee’s current borrowing rate (i.e., what it could borrow a comparable amount for, at a comparable term, using a comparable asset as collateral).
  • It will be critical to consider the effect of the new rules on your organization’s debt covenants. All things being equal, debt to equity ratios will increase as a result of adding lease liabilities to the balance sheet. Lenders and borrowers may need to consider whether to change required debt to equity ratios as they negotiate the terms of loan agreements.

Time to implement: What do you need to do next?

The starting place for implementation is ensuring you have a complete listing of all known lease contracts for real estate property, plant, and equipment. However, since leases can be in contracts that you would not expect to have leases, such as service contracts for storage space, long-term supply agreements, and delivery service contracts, you will also need to broaden your review to more than your organization’s current lease expense accounts. 


We recommend reviewing all expense accounts to look for recurring payments, because these often have the potential to have contracts that contain a lease. Once you have a list of recurring payments, review the contracts for these payments to identify leases. If the contract meets the elements of a lease—a contract, or part of a contract, that conveys the right to control the use of identified property, plant, or equipment (an identified asset) for a period of time in exchange for consideration—your organization has a lease that should be added to your listing.

Additionally, your organization is required to consider the materiality of leases for recognition of ASC 842. There are no explicit requirements (that, of course, would make things too easy!). One approach to developing a capitalization threshold for leases (e.g., the dollar amount that determines the proper financial reporting of the asset) is to use the lesser of the following: 

  • A capitalization threshold for PP&E, including ROU assets (i.e., the threshold takes into account the effect of leased assets determined in accordance with ASC 842) 
  • A recognition threshold for liabilities that considers the effect of lease liabilities determined in accordance with ASC 842

Under this approach, if a right-of-use asset is below the established capitalization threshold, it would immediately be recognized as an expense. 

It's important to keep in mind the overall disclosure objective of 842 "which is to enable users of financial statements to assess the amount, timing, and uncertainty of cash flows arising from leases". It's up to the organization to determine the level of details and emphasis needed on various disclosure requirements to satisfy the disclosure objective. With that objective in mind, significant judgment will be required to determine the level of disclosures necessary for an entity. However, simply put, the more extensive the organization's leasing activities, the more comprehensive the disclosures are expected to be. 

Don't wait, download our lease implementation organizer (Excel file) to get started today! 

Key takeaways and next steps:

  •  ASC 842 is effective for reporting periods beginning after December 15, 2021
  • Establish policies and procedures for lease accounting, including a materiality threshold for assessing leases
  • Develop a system to capture data related to lease terms, estimated lease payments, and other components of lease agreements that could affect the liability and asset being reported
  • Evaluate if bond covenants or debt limits need to be modified due to implementation of this standard
  • Determine if there are below market leases/gifts-in-kind of leased assets

If you have questions about finance or operating leases, or need help with the new standard, BerryDunn has numerous resources available below and please don’t hesitate to contact the lease accounting team. We’re here to help. 

Lease accounting resources 

Article
ASC 842 lease accounting—get started today before it's too late

Read this if you are at a not-for-profit hospital.

With the 990 filing deadline of August 15 firmly in the rearview mirror, and with our NFP tax team getting to take some well-deserved late summer paid time off, I have a small window of time for some reflection on the filing season. Some of us choose to wind down with a good book, maybe mull over what to do with the last remaining weeks of summer before the inevitability of Labor Day, or perhaps you’re deliberating what to get the kiddos as the new school year approaches (mine is still a wee pup so still rather light in that department). I myself have been reflecting on some of the issues I’ve seen on our last round of Form 990s, the vast majority of which are hospital clients with September 30 year ends, which I felt compelled to share. Here is my top five list of observations of this year's Form 990 filings.

  1. 501(r) & hospital websites
    By now, most are familiar with the nuts and bolts of 501(r), but something to be mindful of is the interplay between 501(r) and requirements of what needs to be posted on your hospital’s website. Community health needs assessments and implementation strategies (both the most recent set and two subsequent sets) should be posted online at all times.

    Financial assistance policies (FAP), applications, and plain language summaries need to be online too. Those web addresses are provided on Schedule H for the IRS and general public alike.

    Further, items such as Amounts Generally Billed (AGB) calculations, and the list of providers not covered under your hospital’s FAP should be updated and reviewed at least annually. The IRS, despite their skeleton crew and shoestring budget, can and do vigilantly check and scour hospital websites and send out correspondence for any observed irregularities.
  2. Conflicts of interest
    It’s considered a best practice for all NFPs to check for any conflicts of interest (specifically with members of governance and management) at least annually. While most organizations do this diligently and far more often than once a year, I want to point out that the 990 has an entire schedule devoted to reporting of “interested persons”—that being Schedule L. Interested persons go beyond just corporate officers and members of the board; they also can be family members as well as business entities that are more than 35% owned or controlled by any of the above. Your hospital may want to review your procedures as to how you identify potential conflicts to make sure you are also capturing these sorts of relationships.

    Reporting thresholds for Schedule L disclosure can vary. If, for example, a board member’s child works for the hospital and is paid more than $10,000, they are required to be disclosed and the board member is not considered to be independent by the IRS. Transactions with a business entity owned or controlled by an interested person has reporting thresholds of $10,000 for a single transaction, or $100,000 over the course of the year.

    We offer a detailed conflict of interest survey that addresses these questions and more. If interested to learn more about this, please speak to your engagement principal.
  3. Compensation to unrelated organizations
    It seems more and more each year we hear some variation of the following: “Dr. X sits on our board and works here at the hospital, but we don’t pay him/her directly—we pay their company.”

    It’s important to know the IRS closed up this reporting loophole long ago and requires the hospital to report the amounts paid to an unrelated organization for services they render as if you paid the individual directly. A narrative is also required on Schedule J explaining the arrangement. We find in most cases the hospital may not be aware of what exactly Dr. X receives for compensation, which is perfectly fine. The narrative on Schedule J can explain this and that what’s being reported as compensation to Dr. X is the amount paid to the unrelated organization, and not necessarily what Dr. X’s compensation is. In any event, it is not appropriate to say that Dr. X receives nothing.
  4. Fundraising events
    COVID-19 certainly put a damper on most, if not all fundraising events over the past few years, but we’ve started to see some of events come back on the calendar recently, which is a great sign! Just a friendly reminder that if the price of admission to the event is $75 or more, it is necessary to note what items of value a participant is receiving in exchange for the amount of money they pay to attend so they can determine what amount, if any, of their entrance fee is tax deductible.

    For example: A hospital hosts a golf tournament and charges $100 per person to play. In exchange, the person gets use of a golf cart, a round of golf, and some food/drink on hole 19. The fair market value of everything per person totals $85. In this case, only $15 is tax deductible as a charitable contribution ($100 paid minus $85 value received) and the $85 of value received must be relayed to the attendee.

    Should you have any questions as you begin to plan your next round of events, please do not hesitate to reach out to us.
  5. Alternative Investments and Unrelated Business Income (UBI)
    What top five list would be complete without at least a mention of UBI? During the pandemic, we saw many clients get more creative in terms of generating revenue sources, particularly in terms of alternative investments that typically come in the form of a partnership interest and can carry with them significant tax consequences which are not always brought to the forefront at the time the investment is made. More than a few clients have been more than surprised (and less than impressed) to receive a Schedule K-1 at the end of year which not only contains UBI, but UBI that is spread over six different states, some or all of which may require you to file tax returns. If the alternative investment happens to be domiciled overseas, that can bring with it its own set of obligations. You can read more about this here

    It is vital for all organizations to be engaged in open and frequent communication with their investment managers and advisors (both within and outside the organization) to help ensure a full understanding of what sorts of obligations may stem from an investment. Organizations are strongly encouraged to review and share all relevant investment documentation and subsequent information (i.e., prospectus and any other offering materials) with its finance/accounting department, as well as its tax advisors prior to making the investment.

Just some things for you to think about as the next 990 filing deadline will be here before you know it, like the fall colors that will be joining us soon. I hope you all enjoy the last few gasps of what’s been a tremendous summer and you all find some time to do whatever it is that brings you joy and peace. As for me, I think it’s time to get a hobby! 

If you have any questions about your specific situation, please feel free to contact our not-for-profit tax team.

Article
990 filing: Five post-deadline considerations for hospitals

Read this if you are working on a well-being program at your organization. 

When looking to develop or enhance well-being programs at work, many organizations don’t know where to start. A well-being survey is a smart first step to solidify your organization’s approach to supporting a thriving workforce. An effectively designed well-being survey will not only provide valuable insights to the needs of your workforce, it will also be repeatable so you can measure the success of your well-being efforts over time. Here are five tips to help you create a successful well-being survey.  

  1. Include questions about organizational culture. It is unlikely you will engage every single employee with well-being programs and benefits. Some people just like to do their own thing. However, organizational culture is something that influences everyone and is the ultimate source of empowerment for employee well-being. Including at least a couple of questions that assess how effectively your workplace culture promotes well-being will give you the broadest sense of whether you are on the right track with your well-being efforts. 
  2. Carefully consider wording. There is a big difference between the question “How well does our organization support your well-being?” and “How satisfied are you with our organization’s support for your well-being?” For instance, an organization may invest heavily in mental health, but that support may not be resonating with employees. The second question will provide clear insights into how well the organization’s well-being efforts are connecting with employee needs. 
  3. Have a strategy to promote engagement. Your survey response rate can be influenced by who sends the survey and who sends the survey reminder. While it may be logical for the survey to come from Human Resources, we suggest having the survey come from either the Chief Executive Officer or Chief Operations Officer (or equivalent). This signifies that your organization views well-being as a business strategy. Survey reminders tend to be most effective when sent from department managers. This reinforces the messaging about well-being being a business strategy and signifies commitment at all levels of leadership. 
  4. Include space for open comments. Multiple choice and basic ranking questions can help keep a survey direct and are easy to respond to. They also provide data that is easier to analyze and compare year over year. However, it’s not possible to anticipate every need with multiple choice questions, and some of the best suggestions and ideas, as well as some of the most constructive remarks, will come in the form of open commentary. 
  5. Keep it anonymous but collect some demographic data. An anonymous survey will not only result in more candid feedback, but it will also avoid inadvertently collecting personal health information that may be disclosed (particularly in open comments). Having optional questions to self-identify department, office, or work arrangement (hybrid, remote, in person) can help identify high-risk groups ('high risk' meaning those who have a low perception of their well-being and the organizational culture). Making these questions optional reduces the risk that an employee will abandon the survey due to fear of being identified based on demographic responses (e.g., an employee who is the only remote employee in their department). 

A well-designed well-being survey can serve as a launchpad for a transformational well-being initiative, especially if your organization is prepared to report and act on results. For more information on how your organization can create and deliver a well-being survey, or if you have other well-being program questions specific to your organization, please contact our Well-being consulting team. We’re here to help.

Article
Five tips for employee well-being surveys that work

Release Date: July 27, 2022 
Federal Register Publication Date: August 1, 2022 
Effective Date: October 1, 2022  

The Centers for Medicare & Medicaid Services (CMS) issued a final rule that would update Medicare payment rates and policies for Inpatient Rehabilitation (IRF) Prospective Payment System (PPS) and IRF Quality Reporting Program (QRP) for the fiscal year 2023, as well as other provisions. Following is a summary of the major provisions of this final rule. 

IRF PPS Final Changes to Payment Rates: 

CMS finalized a 3.9% net increase in FY 2023 Medicare IRF PPS rates and a 0.6% decrease in outlier payments to maintain outlier payments at 3% of total payments. Net overall IRF payments will increase by 3.2%, or an estimated $275 million (note: the net overall increase is 3.2% due to rounding). Components of the increase are broken down as follows: Table of IRF PPS Final changes to Payment Rates

Major Final Provisions: 

  • Apply a 5% cap on any decrease in IPF’s wage index to mitigate negative effects of year-to-year variation in wage index 
  • IRF teaching payment adjustment to reflect higher costs similar to the IPPS indirect medical education (IME) adjustment.  
  • IRF QRP expands quality data reporting requirements to include all IRF patients, regardless of payor, beginning on October 1, 2024 
  • Outlier threshold amount increased from $9,491 to $12,526 for FY2023.  
  • Labor-Related Share remains the same as FY2022 at 72.9%. 
  • Standard Payment Conversion factor is $17,878 for FY2023 
  • Update to IRF Cost-to-Charge Ratio (CCR) ceiling and urban/rural averages for FY2023.  
    • Estimated national average CCR of 0.466 for rural IRFs. 
    • Estimate national average CCR of 0.392 for urban IRFs. 
    • National Ceiling of 1.41 for FY2023 

Sources:  

CMS-1767-F Medicare Program; Inpatient Rehabilitation Facility Prospective Payment System for Federal Fiscal Year 2023 and Updates to the IRF Quality Reporting Program. 

Article
Medicare Final Rule for FY 2023 Inpatient Rehabilitation Facility Prospective Payment System

Release Date: July 27, 2022
Federal Register Publication Date: July 29, 2022
Effective Date: October 1, 2022

The Centers for Medicare & Medicaid Services (CMS) issued a final rule that would update Medicare payment rates and policies for Inpatient Psychiatric Facility (IPF) Prospective Payment System (PPS) for the fiscal year 2023, as well as other provisions. Following is a summary of the major provisions of this final rule.

IPF PPS Final Changes to Payment Rates:

CMS finalized a 3.8% net increase in FY 2023 Medicare IPF PPS rate and a 1.2% decrease to the outlier payments to maintain outlier payments at 2% of total payments. Net overall IPF payments will increase by 2.5%, or an estimated $90 million increase (note: the net overall increase is 2.5% due to rounding). Components of the increase are broken down as follows:

Table of IPF PPS Final Changes to Payment Rates

*Market based update for FY23 would be the highest implemented due to recent high inflationary trends impacting the outlook for price growth over the next several quarters.

Major Final Provisions:

  • Apply a 5% cap on any decrease in IPF’s wage index to mitigate negative effects of year-to-year variation in wage index
  • IPF Federal per diem base rate from $832.94 to $865.63
  • IPF Labor-Related Share from 77.2 percent to 77.4 percent.
  • Update to IPF Cost-to-Charge Ratio (CCR) ceiling and urban/rural averages for FY2023.
    • National Median CCR of .05720 for rural IPFs.
    • National Median CCR of .4200 for urban IPFs.
    • Rural ceiling of 2.0412
    • Urban ceiling of 1.7437

Sources:

CMS-1769-F Medicare Program; FY 2023 Inpatient Psychiatric Facilities Prospective Payment System-Rate Update and Quality Reporting-Request for Information.

Article
Medicare Final Rule for FY 2023 Inpatient Psychiatric Facility Prospective Payment System

Read this if you are a New Hampshire resident or do business across state lines.

On June 17, 2022, New Hampshire’s Governor, Chris Sununu, signed House Bill 1097 (HB1097) into law. This new legislation asserts that income earned and received by residents of the State of New Hampshire for services entirely performed within the state may not be subject to income taxation in any other state.

The signing of this bill was in response to the US Supreme Court declining to hear a case in which the state of New Hampshire sued the Commonwealth of Massachusetts. This case stemmed from the Commonwealth issuing temporary and early guidance as the pandemic forced New Hampshire workers who would normally commute to Massachusetts to work from home. The early guidance directed employers to maintain the status quo: Keep withholding income tax on your employees in the same manner that you were, even if the workers may not be physically coming into the Commonwealth.

Even though the Massachusetts Department of Revenue lifted the emergency telecommuting rules effective September 2021, New Hampshire lawmakers wanted to prevent any future personal income taxation of its residents who work remotely for a company in another state. For more context, read the July 2021 article from our state and local tax team about the dispute between Massachusetts and New Hampshire.

New Hampshire’s recently passed legislation was an example of its desire to protect its favorable business climate, defined in part by its lack of personal income tax, from the perceived overreach of its neighboring states. Although the telecommuting rules imposed by Massachusetts are no longer effective, House Bill 1097 was introduced to discourage any subsequent taxation of New Hampshire residents who are performing work solely in the Granite State.

This issue of interstate taxation is not unique to New Hampshire and Massachusetts, as dozens of other states have issued temporary regulations and requested guidance from the Supreme Court. As these issues rise in prominence, it will be important for both employee and employer taxpayers to review the guidance issued by each state to confirm the applicable tax treatment is proper.

If you have questions about how the tax law changes may affect you, please contact a member of our state and local tax team.

Article
New Hampshire says no to income taxation by neighboring states