Navigating the

Anti-Kickback

Statute, Sunshine Act, and Open Payments Program

What Medicaid agencies and Medicaid-participating managed care organizations need to know about new mandatory federal requirements for reporting on the core sets of quality measures.

Read this if you administer a Medicaid agency, a CHIP program, or a Medicaid-participating managed care organization. 

On August 31, 2023, the Centers for Medicare & Medicaid Services (CMS) issued its Final Rule, which establishes requirements for mandatory annual state reporting of the following Core Sets of Medicaid quality measures:

• The Core Set of Children’s Health Care Quality Measures for Medicaid and the Children’s Health Insurance Program (CHIP)
• The behavioral health measures on the Core Set of Adult Health Care Quality Measures for Medicaid
• The Core Sets of Health Home Quality Measures for Medicaid  
• The regulations associated with the Final Rule are effective January 1, 2024. The initial (2024) round of reporting must be submitted and certified by states by December 31, 2024

FAQs: Medicaid Core Sets reporting requirements  

• Do these reporting requirements apply exclusively to the 50 states? 
  No. These requirements include the 50 states, the District of Columbia, Puerto Rico, the Virgin Islands, and Guam. American Samoa and the Mariana Islands could, but would not be required to, report Child Core Set and Adult Core Set measures. 
• Do all Medicaid agencies operate health home programs?
  No. “Health homes” refers to two optional Medicaid benefits that states may elect to implement through their CMS State Plan Amendment (SPA). The Section 1945 health home benefit is for Medicaid-eligible individuals who have: a) two or more chronic conditions; b) at least one chronic condition and who are at risk of developing a second; or c) at least one serious and persistent mental health condition. The Section 1945A health home benefit is for Medicaid-eligible children with medically complex conditions. 
• If a state’s CHIP is separate from the Medicaid program, do these reporting requirements also apply to CHIP? 
  Yes. The Medicaid agency must report on the measures for standalone CHIP-enrolled beneficiaries in addition to Medicaid-enrolled beneficiaries, according to each measure’s age range specifications. 
• Are Medicaid agencies required to report on all Medicaid and CHIP beneficiaries, including those enrolled in fee-for-service and managed care?
  Yes. However, the Secretary of HHS could specify in CMS’ annual reporting guidance that a population is not required to be included. Also, the Secretary could grant a Medicaid agency an exemption from reporting on one or more measures for a specific population.
• Is there a filing deadline for a Medicaid agency to request a reporting exemption?
  Yes. A request for an exemption must be submitted by September 1 of the applicable reporting year. A Medicaid agency may request a one-year exemption from reporting for a specific population. This request must demonstrate that the Medicaid agency is unable to obtain access to data required to report the measures for a population despite making reasonable efforts to do so. The request must also document a reasonable timeline of actions underway to resolve data access problems.
• Will these requirements require a Medicaid agency to submit a change in its state plan? 
  Yes. The Medicaid agency must submit a state plan amendment, specifying that it will report on the Child Core Sets and Adult Core Sets in accordance with 42 CFR § 437.15.
  
  If the Medicaid agency offers either or both of the optional health home services, then the state plan will need to also address the health home reporting requirements in accordance with 42 CFR § 437.15. The Medicaid agency must also require health home service providers to report to the agency on all populations served by the health home provider and on the measures in the applicable Health Home Core Set as a condition of receiving payment for these services.
• Can CMS withhold federal Medicaid payments, in whole or part, from a state that is non-compliant with these reporting requirements? 
  Yes. CMS has stated that graduated enforcement mechanisms for compliance with Core Sets reporting requirements due to issues with state data systems will align with existing CMS policy regarding state corrective action plans.
• Will CMS modify the Core Sets measures on an annual basis?
  Yes. The Secretary of HHS will identify and annually update the quality measures beginning no later than January 1, 2024, and annually no later than January 1 thereafter. In issuing the annual guidance, the Secretary may consider the level of difficulty in accessing the data required for reporting and may provide that reporting will be voluntary for a specific year. 
• Will CMS establish data stratification rules for these measures? 
  Yes. In considering which measures, and by which factors (such as race, ethnicity, sex, age, rural/urban status, disability, language, or other factors) states must report stratified measures, the Secretary of HHS will consider whether stratification can be accomplished based on valid statistical methods. Other considerations include whether stratification will not risk a violation of beneficiaries’ privacy and whether the original survey instrument collects the variables necessary to stratify the measures. The rollout of stratification requirements will begin by the second year of annual reporting after the effective date of these regulations and increase yearly. By the fifth year of annual reporting after the effective date of these regulations, 100% of measures will be stratified.      
• Will CMS make the reporting information publicly available? 
  Yes. CMS will make the Core Sets information publicly available not later than September 30, 2025, and annually by September 30 thereafter. 

Centers for Medicare & Medicaid Services Core Set resources

• Centers for Medicare & Medicaid Services. Subpart A-Child, Adult, and Health Home Quality Measures. 88 Fed. Reg. 60105 (2023) (to be codified at 42 CFR Section 437 Subpart A). Accessed at Federal Register: Medicaid Program and CHIP; Mandatory Medicaid and Children's Health Insurance Program (CHIP) Core Set Reporting
• Centers for Medicare & Medicaid Services. FFP for design, development, installation or enhancement of mechanized processing and information retrieval systems. 88 Fed. Reg. 60105 (2023) (to be codified at 42 CFR Section 433.112(b)(12)). Accessed at Federal Register:
  Medicaid Program and CHIP; Mandatory Medicaid and Children's Health Insurance Program (CHIP) Core Set Reporting
• Centers for Medicare & Medicaid Services. Reporting measures on Health Care Quality Measures. 88 Fed. Reg. 60105 (2023) (to be codified at 42 CFR Section 437.20). Accessed at Federal Register: Medicaid Program and CHIP; Mandatory Medicaid and Children's Health Insurance Program (CHIP) Core Set Reporting
• Centers for Medicare & Medicaid Services. 2024 Core Set of Adult Health Quality Measures for Medicaid (Adult Core Set). 
• Centers for Medicare & Medicaid Services. 2024 Mandatory Core Set of Children’s Health Care Quality Measures for Medicaid and CHIP (Child Core Set). 
• Centers for Medicare & Medicaid Services. Proposed 2024 Core Set of Health Care Quality Measures for 1954A Health Home Programs (1945A Health Home Core Set). 

If you have questions about the Core Measure Sets for Medicaid or need guidance in complying with these reporting requirements, please contact Robyn Hoffmann or Ethan Wiley.

Highlights from the Compliance + Ethics = Integrity Podcast

In this recent podcast, BerryDunn’s Robyn Hoffmann, Senior Compliance and Credentialing Manager in BerryDunn’s Healthcare Practice Group, Denny Roberge, Senior Manager in BerryDunn’s Healthcare and Not-for-Profit Practice Groups, and Roger Rego, Revenue Cycle Manager in BerryDunn’s Healthcare Practice Group, discuss the revenue cycle implications for the end of the Public Health Emergency.

Highlights from this episode:

• Collecting patient information at the time of scheduling
• How EHRs (Electronic Health Records) can help with your workflows and decrease denials
• The importance of proactively educating patients
• Working collaboratively as a revenue cycle team

Below is an edited transcript of the podcast. Listen to the full episode here. 

Robyn Hoffmann: It’s my distinct pleasure to introduce my colleagues. I'll start with Denny Roberge, who is a recognized subject matter expert on revenue cycle and patient access transformation, revenue integrity program management, and back-end revenue cycle redesign. Denny, you've been called upon to share your revenue cycle expertise with various chapters of the Healthcare Financial Management Association, and also with the mid-Atlantic region of the National Association of Healthcare Revenue Integrity. And it's my pleasure to also introduce my colleague, Roger Rego. Roger, you bring to BerryDunn over 30 years of experience from the not-for-profit healthcare sector. You've worked as a Chief Financial Officer at a Federally Qualified Health Center (FQHC). You've worked in hospital settings and you've also worked for Medicare and for TRICARE.

Denny, I saw you were the author of what was a really wonderful article for BerryDunn, which was published back in March 2020. The title of that article was “Preparing Your Revenue Cycle for the Pandemic – COVID-19.” Now the pandemic has finally ended. With the end of the Public Health Emergency and the unwinding of Medicaid continuous eligibility, can you give our listeners some examples of the impacts on what we at BerryDunn refer to as the “schedistration” segments of revenue cycle?

Denny Roberge: Certainly, a lot has changed in terms of the healthcare landscape from the payer side, provider side, all throughout it. It’s been a really challenging time. But when it comes back down to it, we think about our revenue cycle and the challenges that we had pre-, post-, and during the pandemic, we've always had issues in and continue to have the issues around making sure that we're getting the right demographic and insurance information so that we can:

• Bill correctly
• Eliminate the denials
• Eliminate patient frustration from getting bills that they don't deserve

When we talk about “schedistration,” that's really combining two processes that are often disjointed: the scheduling event and the registration event. There are plenty of different ways you can structure a revenue cycle on intake, but ideally, you really can't start a good financial clearance process unless you have the basic information you need, and the best time to do that is when you have the patient in need of a service and on the phone. So, when we talk about “schedistration” and those types of things, it's really combining that scheduled event or the earliest event possible in your revenue cycle to start getting the information you need to start processing that patient.

And by processing, I mean verifying that, in fact, the information they gave you from the insurance company is correct. From there, if there is a patient balance, making sure that they're aware of it, having those discussions, or if they qualify for charity care or other programs, assisting them in finding that. If the service requires authorization, the time to do it is as soon as you can start really working on that patient, which is the scheduling event most of the time. And again, sometimes even at an ordering event, you can start the same process.

But to your point, you know now that we're in this post-pandemic era where we've got a new challenge, right, the Medicaid eligibility criteria are rolled back now. So, it comes back to:

• You're not going to get paid if you bill the wrong insurance
• If a patient doesn't have the means to pay, you're also not going to get paid

Looking forward—or backwards, I should say, in the revenue cycle continuum to really make sure we understand that patient’s financial obligations, what they have for insurance. If they just lost their Medicaid or what is available to them, and the only thing that's available to them is charity care, then enroll them in the charity care program. That's what they're there for, right? Or in the FQHC space, the sliding fee schedule. That's what's best for the patient and it's also what's best for your revenue cycle, so you're not spending time and effort trying to find dollars that aren't there. And so again, this is where getting it right up front really makes a difference. And so, “schedistration,” as soon as you can start getting that information and clearing that patient, is essential. Right now, we've got that new challenge because a lot of insurances are changing for a really vulnerable population.

Robyn Hoffmann: I'd like to turn to Roger now, who has worked as a CFO in an FQHC. And I'm wondering, should there be any changes in the design of a healthcare organization’s internal reports due to the unwinding of the Medicaid continuous eligibility? Would there be a need to increase the frequency of generating internal reports to identify whether your organization might be heading toward some losses in reimbursement?

Roger Rego: With the unwinding of this emergency, and the Medicaid coming out, now, it's even that much more important because we've had the last two-and-a-half, three years where Medicaid was much more available to people. With that rolled back, it's going to really make a demand on the whole revenue cycle, especially in the back end. Like you said, it's very important to get all that information upfront, but we know that there are times when that doesn't happen.

Then the responsibility comes to the back end who is seeing it. Unfortunately, by the time they see it, it’s too late and, especially in the Medicaid world, if a person lost Medicaid, maybe that patient doesn't even realize it. It's important that not just one person or that your billers are the ones watching for denials, you want a team to be meeting on a regular basis. Bring a team together that has the whole revenue cycle: your patient access coding, your departments, your IT, your business office, and work through those reports as a team and take a look at what's causing your denials. There's going to possibly be more opportunity to see denials increasing on the Medicaid side, which, if you're not being proactive or not getting your patient signed up for charity care or sliding fee scales, it's going to be hard for collections and it's just going to be hard for the organization.

Robyn Hoffmann: Denny, because you are so knowledgeable about EHR systems, is there any way that the EHR can be used to help to inform patients about these imminent changes?

Denny Roberge: The good thing with the EHR technology is most of them integrate to and from the payers, you know, the 27X responses. It can bring you a lot of information about their eligibility, term dates, and so forth. Again, for me, the best practice has always been to start financially clearing the patient ahead of time, and this is where the EHR can become a tool of real value.

If you select your EHR correctly—if your EHR doesn't have the functionality, there are plenty of bolt-on companies that can assist, and the value of it is well worth any cost. You can create a workflow where, as soon as the patient is scheduled, you start verifying their benefits, and at that point you'll know if they'll be eligible or not for their upcoming visit.

You can use that response to reach back out to the patient and engage them in the charity care process, sliding fee process, and/or enroll them in an alternative plan. There are a lot of different ways you can reach out to a patient with these tools, technologies, and workflows and be assured that if you follow the right workflow, that the patient has coverage and that you're not going to have any issues on the back end. These processes can be heavily automated so that your team is only looking at the exceptions. So, if I register and I'm good, I'm green, you don't have to worry about me. And if you come back red, it tells you that no matter what you do on the back end, you're not going to pay—you're not going to get paid because that patient’s registration is incorrect, and those are the ones you should focus all your effort on. I’m a big advocate of setting up the workflows within your EHR and, to me, that is the only way you can officially and effectively create a best practice front end.

Robyn Hoffmann: Roger, do you have any thoughts about this in terms of ways that healthcare organizations can inform either their established patients or new, and are shopping for a new primary care provider, about the unwinding of Medicaid? Are there ways that you would recommend organizations take action in addition to all of the EHR opportunities that Denny has offered?

Roger Rego: Within your EHR, you can run a report that lists all your Medicaid patients. So, you could go through that report and do an eligibility check on all the people who are established patients. If you identify people who have lost Medicaid, instead of waiting for them to come in, you can actually start reaching out to them now. That way you're going to be able to change what's in their demographics and they're going to be pretty happy that you're contacting them to walk them through the process.

You want staff to be educated on Medicaid, what this all means, and the changes that are happening and be able to explain that to the people ahead of time. It’s really critical to be doing that for new patients. What if they're out there looking for a new provider? You can let them know about the end of the COVID emergency and changes in Medicaid enrollment using your website, using Facebook, using Twitter, and any other means that you have to reach out to patients. I would recommend that for any changes within your organization that impact patients. Even your established patients are going to look at your website. Sometimes they're going to make an appointment there. Sometimes they're looking to see what specialists there are, so I mean, it's a great way to educate patients on the different changes.

Denny Roberge: That's great, Roger. And I know Robyn was asking for our final thoughts about the end of the pandemic and what we think organizations should be looking at and doing. There's been a lot of change since the pandemic began, and those changes are things that we learned to adapt to quickly. We learn to respond to things. And those skills we learned, I think we have to make sure we keep them sharp and continue to focus on the commercial and the government regulations because the commercial payers are probably going to start pulling back on a lot of different things that they allowed around telehealth and coverage.

You really want to make sure you're monitoring your commercial payers, monitoring Medicare, because we're in a new period. I think rapid change and the kind of change we've seen in the past is here to stay. It's going to be on us, as providers, to stay on top of things and we have to be proactive and not reactive if we really want to make sure that our revenue cycles are healthy. Those would be my parting words: just keep up the nimbleness and willingness to change. Those are going to be the guiding strengths that help you and your organization succeed and remain strong in the future months.

Roger Rego: That's great information, Denny and to follow up on that, the important thing is to be really working as a team. Because if one department identifies something, and they're not talking to anybody else, it's just not going to work. It's really important that you're working together as a revenue cycle team: front end, middle, back end, it's all the same. The key piece is to just keep working together, stay on top of it, and watch for changes. When you identify changes, get it out to everybody in the organization and make sure they're aware of it.

Robyn Hoffmann: Denny and Roger, thanks again for sharing your insights. We've reached the conclusion of our discussion about the impacts of the close of the COVID-19 Public Health Emergency on revenue cycle operations and the unwinding of the Medicaid continuous eligibility provision. We welcome your questions and feedback about the ideas we discussed, as well as suggestions for topics that we should consider developing for future episodes.

Disclaimer: The content we discussed is based on our professional experience advising healthcare providers, facilities, and other organizations that engage BerryDunn for compliance and other services. While we may reference specific government programs, Medicare and Medicaid policies, and regulatory guidance, we do not speak for any government agency or contractor, nor do we have the authority to do so. Nothing in this podcast should be considered legal advice. Anyone seeking legal advice on the subjects we discuss should consult their own attorney.

What every free-standing Skilled Nursing Facility (SNF) and chains with five or more facilities needs to know to avoid civil money penalties and regulatory compliance survey F895, F867, and F946 findings. 

The US Department of Health and Human Services, Office of the Inspector General (OIG) released its Compliance Program Guidance for Nursing Facilities in 2000. Additional Program Guidance was introduced in 2008, to reflect the OIG’s continued focus on quality of care and address specific risk areas related to quality of care, claims submissions, the federal anti-kickback statute, and other emerging areas.

Section 11281(b) of the Patient Protection and Affordable Care Act (PPACA, also known as Obamacare) amended regulations pertaining to the Medicare and Medicaid programs, requiring long-term care facilities to implement a compliance and ethics program to effectively prevent and detect criminal, civil, and administrative violations, and to promote quality of care as of November 28, 2019.

As defined in the 42 CFR §483.85, a facility’s compliance and ethics program, at a minimum, must have eight required components: 

1. Written compliance and ethics standards, policies, and procedures
2. Assigned specific high-level personnel within the organization (such as the chief executive officer, members of the board of directors, or directors of major divisions) to oversee the compliance program
3. Sufficient resources and authority to the specific individuals, designated above in Item 2, to assure compliance with such standards, policies, and procedures
4. Due care to not delegate substantial authority to individuals who had a propensity to engage in criminal, civil, and administrative violations under the Social Security Act.
5. Procedures for effective communication of the compliance and ethics program elements to the entire staff, contractors, and volunteers
6. Reasonable steps to achieve compliance with the program's elements, such as:
   •    Monitoring and auditing systems designed to detect violations 
   •    A reporting system to report violations anonymously
   •    A process in place for ensuring the integrity of any reported data
7. Consistent enforcement of the program through appropriate disciplinary mechanisms, including discipline for the failure to detect and report a violation
8. Steps to respond to the reported violations and to prevent further violations, such as modification to the organization's program to prevent and detect criminal, civil, and administrative violations under the Act

Additional compliance and ethics program requirements for skilled nursing facility (SNF) chains with five or more facilities

Organizations operating five or more nursing facilities must also include, at a minimum, the following components in their compliance and ethics program:

1. A designated compliance officer for whom the organization’s compliance and ethics program is a major responsibility. This individual must report directly to the operating organization’s governing body and not be subordinate to the general counsel, chief financial officer, or chief operating officer.
2. Designated compliance liaisons located at each of the organization’s facilities        
3. A mandatory annual training on the organization’s compliance and ethics program, meeting the requirements of 42 CFR §483.95: 

• Effective communications—mandatory training for direct care staff 
• The rights of the facility’s residents and the responsibilities of the facility to properly care for its residents, per 42 CFR §483.10
• Freedom from abuse, neglect, and exploitation, per 42 CFR §483.12
• The elements and goals of the facility’s quality assurance and performance improvement (QAPI) program, per 42 CFR §483.75
• The written standards, policies, and procedures for the facility’s infection prevention and control program, per 42 CFR §483.80(a)(2)
• Explanation of the compliance and ethics program standards, policies, and procedures
• Minimum annual 12-hour in-service training for nurse aides, including dementia management and resident abuse prevention training, as well as training in any areas of weakness as determined by the nurse aides’ performance reviews and assessments of the facility, per 42 CFR §483.70
• Completion of a state-approved paid feeding assistant training program, per 42 CFR §483.160
• Behavioral health training consistent with 42 CFR §483.40 and as determined by the facility’s assessment based on 42 CFR Section 483.70(e)

Evaluation of a corporate compliance program

Each facility must review its compliance and ethics program annually and revise its program as needed to reflect changes in all applicable laws or regulations. If you are not sure how to approach your review, the US Department of Justice sets forth three fundamental questions to ask when assessing the effectiveness of a corporate compliance program:  

1. Is the corporation’s program well-designed?
2. Is the program being applied earnestly and in good faith?
3. Does the corporation’s compliance program work in practice?

Need help assessing your compliance program? BerryDunn can help. 

BerryDunn’s SNF operations and compliance experts can answer your questions regarding compliance and ethics program requirements and provide an external review. Please contact Robyn Hoffmann or Olga Gross-Balzano.

Resource
US Department of Health and Human Services, Center for Clinical Standards and Quality/Quality, Safety & Oversight Group. Ref: QSO-22-19-NH (June 29, 2022). Revised Long-Term Care Surveyor Guidance | CMS

Read this if you work for a healthcare organization that serves uninsured or self-pay patients.

The No Surprises Act was passed in 2020 as part of a COVID relief package, with the goal of reducing surprise bills for patients who received medical or surgical services. One part of the act requires healthcare facilities and providers to give Good Faith Estimates (GFEs) to uninsured and self-pay patients starting on January 1, 2022. Read on for frequently asked questions about this topic, an update for 2023, and resources where you can find more information.

Frequently asked questions about good faith estimates for healthcare

What is a good faith estimate?

A Good Faith Estimate (GFE) is a document provided to a patient that details the expected charges for healthcare services provided. It is not a bill.

Who needs to provide GFEs, and to whom?

At this time, GFEs need to be provided to uninsured and self-pay patients. 

The following healthcare facilities must comply:

• Federally Qualified Health Centers (FQHCs)
• FQHC Look-Alikes
• Tribal/Urban Indian Health Centers
• Rural Health Clinics (RHCs)
• Hospitals
• Hospital outpatient departments
• Critical access hospitals
• Title X Family Planning Clinics
• Health care providers who serve uninsured and self-pay patients

How should information about the GFE process be communicated to uninsured and self-pay individuals?

Information about the availability of GFEs for uninsured or self-pay individuals must be:

• Written in a clear and understandable manner and prominently displayed:
• On the facility’s website and easily searchable from a public search engine
• In the office (such as in the patient waiting room), and
• Onsite where scheduling or questions about the cost of items or services occur, such as at the registration or check-out areas
• Explained verbally when scheduling an item or service or when questions about the cost of items or services occur
• Made available in accessible formats, and in the languages spoken by individuals considering or scheduling items or services

How does the US Department of Health and Human Services (HHS) define uninsured and self-pay individuals?

HHS has a two-fold definition:

• Individuals who have no health insurance coverage
• Individuals who do have health insurance coverage, but do not want to have a claim submitted to their insurer

Both of these groups of individuals must receive a GFE.

What content is required in a GFE?

A GFE must include the following:

Patient information

• The patient’s name and date of birth

Services estimated

• A description of the primary item or service in clear and understandable language and, if applicable, the date the primary item or service is scheduled
• A list of items or services reasonably expected to be furnished for the primary item or service

Information about services, providers, and estimated charges

• Applicable diagnosis codes, expected service codes, and expected charges associated with each listed item or service
• The name, National Provider Identifier, and Tax Identification Number of each provider or facility represented in the GFE, and the State and office of the facility’s location where the items are services are expected to be provided
• Lists of items or services that the provider or facility anticipates will require separate scheduling and that are expected to occur before or following the expected period of care for the primary item or service. (A disclaimer should state that separate GFEs will be issued upon scheduling or upon request of the listed items or services.)

Disclaimers

• A disclaimer that there may be additional items or services that the provider or facility recommends as part of the course of care that must be scheduled or requested separately and are not included in the GFE
• A disclaimer that the information provided in the GFE is only an estimate and that actual items, services, or charges may differ from the GFE
• A disclaimer that the individual has a right to initiate the patient-provider dispute resolution process if the actual billed charges are substantially in excess of the expected charges included in the GFE.
• “Substantially in excess” is defined as at least $400 more than the total amount of expected charges.
• This disclaimer must include instructions about where an uninsured or self-pay individual can find information about how to initiate the patient-provider dispute resolution process and state that the initiation of the patient-provider dispute resolution process will not adversely affect the quality of health care services that are furnished.
• HHS strongly encourages providers and facilities to include an email address and telephone number for someone within the provider’s or facility’s office that has the authority to represent the provider or facility in a billing dispute.
• A disclaimer that a GFE is not a contract and does not require the uninsured or self-pay individual to obtain the items or services identified in the GFE.

HHS encourages sliding fee discount providers and facilities to include information about the provider’s or facility’s sliding fee schedule and any other financial protections that it offers. Sliding fee discount providers and facilities have flexibility to determine how best to demonstrate the expected charges associated with each listed item or service, and to determine what additional information to include, if any.

What are the required methods for providing a GFE?

A GFE must be provided in written form either on paper or electronically, based on the individual’s requested method of delivery and within the required time frames. GFEs that are provided electronically must be provided in a manner that the individual can both save and print. A GFE must be written using clear and understandable language that can be understood by the average uninsured or self-pay individual.

If the individual requests a GFE in a method other than on paper or electronically (such as by telephone or verbally in person), the provider or facility may verbally inform the individual of the information contained in the GFE. However, the provider or facility must also issue the GFE in written form.

What is the timeline for providing a GFE?

When providing a GFE to an uninsured or self-pay patient, the following time frames must be followed.

Please note, when a GFE is requested by an uninsured or self-pay patient, a GFE must be provided not later than 3 business days after the date of the request.

How long should a provider or facility retain a copy of GFEs?

A GFE is considered part of the patient’s medical record and must be maintained in the same manner. At the request of an uninsured or self-pay individual, the provider or facility must provide a copy of any previously issued GFE within the last six years.

Update for 2023

• As of the start of 2023, all of the preceding requirements remain in place.
• As of January 1, 2023, HHS has paused enforcement on the next phase of GFE implementation

The next phase of GFE implementation, which began on January 1, 2023, requires that GFEs for uninsured and self-pay patients include expected charges from co-providers or co-facilities that are part of an episode of care for a patient coordinated by a provider or facility. However, on December 2, 2022, HHS paused its enforcement of this requirement based on comments it received during the rulemaking process indicating that compliance with this provision was likely not possible by January 1, 2023.

HHS is extending enforcement discretion, pending future rulemaking, for situations where GFEs for uninsured or self-pay individuals do not include expected charges from co-providers or co-facilities. We will provide an update when HHS issues any communication about changes to GFE-related enforcement.

Helpful resources for FQHC, RHCs, and other healthcare facilities

• Code of Federal Regulations: Requirements for provision of good faith estimates of expected charges for uninsured (or self-pay) individuals.
• Code of Federal Regulations: Requirements for the patient-provider dispute resolution process.
• CMS Good Faith Estimates FAQ December 2021 (PDF)
• CMS Good Faith Estimates FAQ April 2022 (PDF)
• CMS Good Faith Estimates FAQ December 2, 2022 (PDF)
• CMS Good Faith Estimates FAQ December 27, 2022 (PDF)

If you have questions about the information provided in this article or are interested in an external review of your healthcare facility’s compliance with current GFE requirements, please contact Robyn Hoffmann or Mary Dowes.

Read this if you are at a senior living organization or Skilled Nursing Facility (SNF).

On September 1, 2023, the Centers for Medicare and Medicaid (CMS) released a much-anticipated proposed minimum staffing rule. The proposed rule would require nursing homes participating in Medicare and Medicaid to meet specific nurse staffing levels that promote safe, high-quality care for residents. The proposed rule represents the first time the federal government has proposed comprehensive nationwide nursing home staffing requirements. Various states have already enacted their own staffing requirements.

There are three major requirements under the proposed rule:

1. Nursing homes would need to provide residents with a minimum of 0.55 registered nurse (RN) hours per resident per day
2. An RN is required to be on-site 24 hours per day, seven days per week
3. Each resident must receive 2.45 hours of care from a nursing aide per day, exceeding existing standards in nearly all states

In addition, the proposed rule includes additional reporting requirements regarding Medicaid payments for institutional long-term care support services and $75 million for nurse aide training.

CMS proposed minimum staffing rule challenges

The proposed rule is extremely problematic and seems impossible to implement. Here are just some of the issues of the proposed rule.

Lack of clarity

There is a lack of clarity in the rule as to what positions can be included in the nurse aide count and the rule does not include Licensed Practical Nurses (LPNs), of which there are approximately 120,000 nationwide.

Current staffing levels are insufficient

Based on Payroll Based Journal (PBJ) data through the first quarter of 2023, the American Health Care Association (AHCA) estimates that approximately 37% of all nursing facilities are currently unable to meet any of the three staffing requirements mentioned above and less than 7% of facilities nationwide are currently meeting all three of the requirements. 

Nursing employment shortage

The rule would require the industry to employ an additional 85,000 nursing assistants and 28,000 registered nurses. Where will these additional nurses come from given the post-COVID-19 pandemic workforce shortages?

Lack of funding for providers to implement this proposed rule

CMS estimates the proposed rule will cost $4 billion annually to implement, while the AHCA estimates $6.8 billion annually. We believe that some of the discrepancy in estimated costs to implement is the increased utilization of contract nursing. The AHCA estimate of nurses needed and cost to implement include the contract nursing that existed in the Q1 2023 PBJ data. 

Impact to states’ Medicaid budgets

AHCA estimates annual costs to states range from $6 million in states such as Maine and North Dakota to as high as $700 million in Texas, Florida, and New York. States that are already strapped by Medicaid budgets will likely not be able to increase reimbursement rates enough to pay for this proposed rule, which may ultimately lead to nursing home closures and lack of access to care for seniors.  

The proposed rule has phased-in implementation and hardship exemptions that take into consideration rural and underserved communities. However, many believe the phased implementation is not enough to compensate for the workforce shortage and the onerous exemption process will not benefit the rural providers it is intended to benefit.

There is strong opposition to this proposed rule as it could have a devastating impact on nursing facilities. On September 28, 2023, the US House of Representatives majority introduced House Bill 5796, which would prevent the Secretary of Health and Human Services from implementing and enforcing this proposed rule. AHCA has a grass-roots outreach campaign in which it seeks to have 10,000 individual comments sent to CMS by November 6, 2023.

Read more about the proposed rule: HHS Proposes Minimum Staffing Standards to Enhance Safety and Quality in Nursing Homes | CMS.

To submit a comment on CMS’ proposed minimum staffing, contact the AHCA: regulatory@ahca.org.

If you have any questions about the proposed rule, please contact our Senior Living team. We’re here to help.

What happens when you put a group of healthcare experts in a room and let them talk? A lot of information coming at you fast! At our recent Healthcare Leadership Event, BerryDunn’s experts and guests covered a wide range of challenges and solutions for healthcare leaders. Here are just a few of the takeaways. View all the session recordings.

Revenue cycle optimization: Manage and minimize denials from all angles

In the revenue cycle roundtable, our diverse group of experts each had a different perspective on how to decrease, manage, and prevent denials.

• On the front end, patient access teams should focus on being proactive about the collection of patient guarantor and insurance information in order to qualify patients for services ahead of time.
• On the back end, you need a dedicated person or team focused on tracking and managing denials, with regular meetings with your revenue cycle team.
• Both the end of the PHE as well as the influx of Medicare Advantage plans are causing a major uptick in denials. Many patients who were covered by Medicaid during the PHE are no longer covered (and may not even realize it). The diversity of Medicare Advantage plans can cause confusion over what services are covered due to the differences between each plan.
• On the Home Health side, optimize technology to meet regulatory and billing requirements for Medicaid and other insurers, which would include Electronic Visit Verification. The right technology can help agencies gain efficiencies and decrease denials.

Get your credentialing and enrollment house in order to minimize risks

Credentialing and enrollment are critical areas within the revenue cycle. When it’s not done correctly, it can cost an organization hundreds of thousands of dollars in denials, non-compliance, and provider dissatisfaction (think recruitment costs).

Healthcare organizations should recognize that credentialing and enrollment requirements are variable by state, payer, accrediting bodies, and organizational standards. Understanding these varying requirements is key in staying compliant and maximizing revenue, particularly for multi-state organizations.

Involving representatives from legal, compliance, and risk can help you manage these challenges, as can a periodic outside review of an organization’s credentials verification, enrollment, and onboarding processes, particularly for newly-onboarded physicians.

Navigate labor market shifts in healthcare finance

Like nearly all industries, the healthcare field is losing leaders and experienced staff due to higher-than-normal attrition, aging out, and consolidations. Here are some tips to focus on for improving the culture of finance teams to help retain finance leaders and staff members, as well as minimize the disruption from a leadership departure.

• Create an environment that incentivizes leaders to stay.
• Keep the lines of communication open. Frequent communication between staff and management will allow everyone in the department to stay connected and build trust amongst each other. Answer emails in a timely fashion. Walk through the department weekly to say hello. During departmental meetings, ask staff to share and actively lead the agenda. Management should welcome questions from the staff and intentionally solve problems together. Employees want to feel appreciated and integral to the department, and if they do, they will have more reason to stay.
• Provide education and training on a regular basis. Meet with your team monthly to review operational results and how the various metrics such as patient bed volumes and payor reimbursement mix correlate to the financial results. Encourage high-performing employees to participate in industry-specific associations and community events. Share knowledge and build relationships through formal mentoring and meetings with a trusted advisor. Healthcare organizations that provide valuable training will better retain their high-achieving finance leaders.

For business planning, focus on what is in your control

For organizations that may be thinking of acquiring or selling their business, be aware that in the current economic climate with rising interest rates, there may be a significant impact on your organization’s value. Did you know that every 1% rise in interest rates can equal a 10% decrease in value? In turbulent economies, it’s important to focus on what is in your control to add and protect business value, including:

• Assess the maturity of your business systems. Improving your technology systems, for example, can help you get information quicker, which helps you make better decisions and be more efficient. This can positively impact your bottom line.
• Examine your financing models. If you’re relying on lines of credit, higher interest rates are costing you. You may want to tighten up your expenses and lessen your reliance on lines of credit or generate cash to pay off higher-rate loans.
• Readjust your staffing models. Is there a way to readjust staffing to reduce high expenses, such as the cost of travelers?
• Be aware of the impact of interest rates on all of your operations.

Be proactive about patient communication as the PHE unwinds

As the public health emergency comes to an end, there will be a large impact on patient coverage. With Medicaid redeterminations underway, as many as 15 million people may lose coverage. It’s more important than ever to have processes around obtaining patient information, as well as educating patients on alternative options. For example, do your patients realize that there is a special enrollment period available for marketplace health insurance? For Medicare Disproportionate Share Hospitals (DSH), be prepared for a potential drop in Medicaid days and reimbursement. Be sure to monitor this closely to stay in compliance.

Get more insights, presentations, and recordings from our Healthcare Leadership Event 2023. 

Healthcare system conversions are risky endeavors. But what is the alternative? Stay with a system you’ve outgrown and no longer meets your organizational needs? At BerryDunn, our healthcare consulting teams have worked with a substantial number of organizations as they’ve transitioned to new enterprise systems such as Electronic Health Records (EHR) systems and Enterprise Resource Planning (ERP) systems. Based on our experience, there are 10 key areas to focus on in order to have a successful conversion.   

1. Start preparing early 

If you know you’ll be bringing in a success partner like BerryDunn to help you through the conversion, bring them early in the planning as possible. The success of the entire project depends on how well you’ve planned and if you've brought in a strong methodology to approach the implementation.   

2. Assess your needs before you make a decision to change systems 

Before you even decide that you need a new EHR or ERP system, the first step is to conduct a thorough assessment of your current system and determine if you actually need a new system.  It’s possible that your current system could and will meet your needs if set up correctly.  

If you determine that you do need a new system, the next step is to conduct a thorough needs assessment that details exactly what your organization needs out of the system. It’s important not to think in terms of what your old system was capable of, but to focus on the problems that you want the new system to solve. Talking to other organizations or consultants like BerryDunn, who are solely focused on and have experience in this work, can help you determine what best-in-class systems can do.  

3. Understand and mitigate the risks 

There are risks at every stage of the process, from not identifying your needs correctly, not assessing the facility’s readiness for change, choosing a subpar vendor, having an incomplete contract, not monitoring the implementation very closely to meet the deadlines, and not addressing the risks as they appear. It’s important to manage the steps correctly at each phase, beginning with: 

• Documenting detailed requirements for the EHR or ERP system 
• Initiating a formal RFP process to include the system requirements in writing 
• Thoroughly vetting and evaluating vendors consistently 
• Negotiating a solid contract that holds the vendor accountable for support and a timeline 
• Assessing what staffing changes and training are needed 
• Providing sufficient time for testing pre- and post-go-live 
• Understanding and planning for the impacts to your revenue cycle 

4. Manage the vendor 

The vendor may be managing the project, but who is managing the vendor? Whether you hire a consultant like BerryDunn or have in-house resources, managing the vendor can be a full-time job. In our experience, the vendor wants to have a successful implementation as much as you do, and they also want to go live on time so they can move on to their next project. You will need to advocate for your organization and be able to hold the vendor accountable to what was agreed on, even if that means taking more time. If your contract was thorough, you should have enough leverage to do so. The bottom line: Don’t feel rushed to go live until you know you are ready. 

Insist on a detailed implementation plan from the vendor that shows realistic timelines for the tasks needed to be accomplished to meet the go-live date. The project should include weekly communication meetings with the vendor to ensure any problems and delays identified can be addressed quickly. 

5. Make sure your internal project team is ready 

Just as it’s important to ensure your vendor is well-staffed, prepared, and held accountable, these factors are equally important for your internal project team. Take the time at the beginning of the project to create a plan for success that takes into account roles, communication, and contingency plans. A good plan will include:  

• Establishing a project charter to formalize governance, teams, and roles and responsibilities 
• Communicating and reinforcing the project as a mission-critical effort 
• Establishing regular project meetings to follow up on and manage risks, actions, issues, and decisions 
• Monitoring competing priorities and alleviating non-project efforts for staff where possible  
• Anticipating project team turnover and having a plan for backfilling team members in advance 

6. Help your staff adopt the new system 

Even if you implement the best system in the world, if your nurses, doctors, and billing staff don’t use it (or don’t use it correctly), it won’t be effective. You need to be able to manage the people side of change, starting with building the case for why you are switching systems and how it will benefit the working staff. Having a thorough training plan and making sure people are ready for the conversion is a key step that shouldn’t be neglected. 

7. Allocate enough time and the right resources for testing 

Before you go live, you need to know the system is going to work for specific scenarios in every department that uses it. For EHR systems, that is every department that touches a patient. A solid testing plan begins with identifying the key, critical scenarios in each area and assigning the right people to be involved in testing – ideally, those who will be using the new system and have a firm grasp on the typical workflows. The plan should “follow” a patient from the point of registration to treatment, discharge, billing, and patient follow-up. A good testing plan will confirm if the system functions as intended and will drive issue resolution and any needed configuration changes. Ultimately, the result of testing will be to determine if you’re ready for go-live.  

8. Get your accounting systems in order  

Many healthcare organizations implement new accounting ERP systems at the same time they convert their EHR. It is important to determine concurrently how the operational and financial data from the EHR will be integrated into the general ledger and reporting dashboards. A study will need to be made on the ease with which the payroll information from the outside software application can be accurately uploaded. Your chart of accounts likely will need to be revamped.  Electronic invoice routing and approvals have become very sophisticated and can improve efficiency with the proper setups. Your new accounting ERP system should not be a “last minute thought” but carefully selected and planned as the EHR is being implemented to ensure accurate and state-of-the-art reporting to deliver to your internal and external audiences.   

9. Don’t neglect your revenue cycle 

Launching a new system is not business as usual. Most new EHRs introduce new complexity to the clinically driven revenue cycle. This requires different management skills and tighter coordination across the organization. Success requires advance planning around charge master structure changes, patient access, and other workflows that will heavily change. Attention needs to be paid to leveraging clearinghouse functionality, and testing plans should incorporate all charging and payor scenarios.  

In addition, no matter how prepared you thought you were, your clinicians are just not going to be able to do things as fast as usual when using a new tool. It takes time to build proficiency in any new system. When launching a new EHR, you’ll need to schedule lighter patient loads in the weeks after your go-live, allowing flexibility for fixing problems and for taking into account learning curves.  

Because of this lighter load, your revenue cycle will be impacted. Fewer patients will be cared for, and fewer patients will be billed. You need to consider these cash flow impacts and plan around legacy receivables well before launch day (ideally as much as two years prior) so you can plan for it and ensure that you’re accounting for, and finding ways around, any shortfalls.  

10. Manage the post-go-live transition 

So you went live with your new system. Congratulations! But this isn’t the end. The two weeks after your go-live date are very important. Are you meeting with the vendor to track defects? Are you getting everything out of the system that you dreamed of? Do you have a plan for addressing deficiencies and adding more functionality? Most vendors have a two-week window to help you post-go-live. You need to take advantage of that while you still have their attention. Once you transition to help desk support, you’re just not going to get the attention that you were before. Having a plan and a system in place for these post-go-live weeks is crucial.  

Is it time to bring in a success partner?  

To be successful, you need a partner who can address all of your needs and be your advocate, and expert, providing the support – and the answers – to questions you might not even know to ask. BerryDunn’s Healthcare team works with healthcare organizations every day, all year long, guiding them through EHR and ERP selection, vendor management, system implementation, testing, and beyond to mitigate risks and help ensure your investment pays off. We’re happy to discuss how we can help you with project and change management, interim or project staffing assistance, system report creation and dashboarding, and revenue cycle optimization. Contact a member of our team.                                                              

Read this if you participate in onboarding healthcare providers. 

The last several years have certainly been challenging for healthcare. Fueled by the COVID pandemic, increased provider burnout is a huge issue that has organizations grasping to keep staffing levels high enough to provide exceptional patient care. Physician turnover (per physician) has been estimated to cost an organization between $400,000 and $1,000,000 when factoring in recruiting costs and lost patient billing revenue. For smaller organizations, that can be a major challenge. 

The US Department of Labor Statistics estimates that by 2030 the healthcare industry will grow more than 16%, adding over 2.6 million new jobs. With 5% of physicians turning over each year (this number doubles when including physician assistants and physical therapists) and 61% reporting burnout, organizations should take steps now to minimize attrition and ensure a stable clinical workforce. 

Provider onboarding as a retention strategy

Provider onboarding is a window into an organization’s culture and is the foundation of the provider experience. During this period, action and inaction, both real or perceived, will set a new hire’s impressions of the organization. A positive experience can ensure early buy-in from new providers, helping employers improve retention rates and provider satisfaction. 

For many organizations, onboarding and orientation are the same. However, there are differences. Orientation is a one-time event for tasks (i.e., completing an I-9 form, new-hire paperwork, discussing benefits). Onboarding is an experience that begins once a provider has accepted the position and will last at least 90 to 120 days. The provider will have contact with human resources, IT, the medical staff office, and finance/revenue cycle departments to gather much of the same data (e.g., licensure, CV, NPI, and other demographic information).

A well-organized and coordinated organization can reduce the number of times a provider is asked for the same information or documents. Clear communication and centralized points of contact and processes are critical to a smooth process. To help organize onboarding, you can download our Provider Onboarding Checklist.

Ensuring you have all the information and documents your organization will need from the provider for privileging, third-party payer enrollments, HR, and IT has additional benefits beyond provider experience. Preparing new providers to participate on a payer panel linked to the organization can be an exceptionally lengthy process, often exceeding 90 to 120 business days. Additionally, if your organization participates with a large volume of managed Medicare and Medicaid payers, gathering the information and beginning the process early through an efficient onboarding can ensure you decrease write-offs of billable services to the dreaded ‘provider not credentialed’ denial code.

Provider onboarding and timely, quality patient care

Equally important is the connection to delivering timely and quality patient care, as the third-party payer process directly impacts these activities. An unenrolled provider lacks the ability to order, prescribe, and refer. This necessitates additional touches, resulting in breakdowns in the workflow that can lead to unnecessary expense and provider dissatisfaction. The provider enrollment process must be initiated early, and frequent communication with all involved parties can alleviate any issues. 

Organizations should offer providers robust revenue cycle-related clinical systems training as part of the onboarding process and create a mechanism to identify potential errors that may lead to write-offs and compliance risks. Provider entry errors can result in a claim ending up in a work queue, never to be identified, submitted, or paid. You can mitigate revenue loss by monitoring entry errors and providing additional training. Wasteful workforce expenditures are created through revenue cycle teams chasing information to be corrected, causing rework. Education for providers and everyone supporting them in operations will also go a long way toward reducing errors, increasing satisfaction, and minimizing barriers to care and collection challenges. 

If you would like more information or have questions about your specific situation, please reach out to our credentialing consulting team. We’re here to help. 
 

Read this if you are interested in grant compliance in healthcare. 

This is a companion article to the podcast, Mitigating the compliance and revenue integrity risk of grant funded healthcare programs.

The BerryDunn Healthcare Practice Group boasts professionals who have expertise all across the spectrum of healthcare, including regulatory, revenue, integrity, general compliance, and risk management issues. This article covers the very specific arena of grant compliance affecting many of BerryDunn’s healthcare, not-for-profit, and government clients.

After starting as a newly minted MBA financial analyst with an academic medical center in Northern New England, I (Markes) worked my way into the world of grants and contracts supported by my interest in federal regulations and the non-clinical revenue streams. Fascinated to navigate through waters where it seemed no one was the expert, or really had the time or patience to figure things out, I worked to stand up a grant office in finance on the hospital side, separate from the medical school which was the usual repository for grant funding. We moved this direction because hospital leadership realized grant funding was tipping toward the clinical setting and was less focused on bench or clinical research. Put another way, less NIH and more CDC, HRSA, and CMS.

BerryDunn Senior Manager Regina Mathieson advises, “wherever there is complexity, there is compliance risk.” Whether from a federal agency like HHS, HRSA, NIH, or CDC, a state Medicaid program, foundation, or private source, grants always come with requirements, typically very specific requirements. Because the dollars are being ‘given’, those requirements for how the funds are used may be much more restrictive than loans.

Like other areas of regulatory compliance, it is reasonable to assume that grant programs often have compliance gaps that go unnoticed. For many of our clients, both in healthcare and not-for-profit, and in the government space, grant revenue has become a significant source of funding. Any kind of healthcare delivery organization, including academic medical centers, federally qualified health centers, community hospitals, behavioral health service organizations, home health providers, visiting nurse associations, and others can end up with significant portions of their income for the year being sourced by federal grants.

Grant compliance categories

We all can’t be experts in every domain of regulatory compliance, and grant compliance has a lot of breadth. Thankfully, at BerryDunn, we have a team of grant experts who work collaboratively across practice groups. When I was working on setting up the grant office and establishing a proprietary clinical FTE reporting process and system earlier in my career, I would have greatly benefited from the perspectives of other experts at the table.

When we think about grant compliance, four categories are helpful to keep in mind:

1. Restricted funding
2. Single audit
3. Indirect rate
4. Time and effort

Restricted funding

Firstly, and most universally understood and applied is that grant monies are, pretty much by definition, restricted. Aside from very specific and rare instances of monies being granted to beneficiaries who have no responsibility, all grant funding is awarded with the expectation that the funds will be expended in a specific way. 

Any funder, from the federal government to your local community organization like the Lions Club or the VFW, will likely require individuals and entities awarded a grant must promise to use the funds only for the purpose laid out in the award and proposal. Compliance with grant terms typically includes following the requested reporting requirements of that funder as well. Though this category may sound obvious, it's actually pretty far-reaching, as it usually affects sub-recipients (those entities who are partnered with the direct recipient to accomplish the grant purpose). For example, where the money goes after the initial awardee receives it, or rules about who can do the work, what type of organization, how you choose a vendor, etc.—all sorts of categories.

It should be noted that many of these grant award requirements are not dissimilar from work we already do in the healthcare compliance space to assist our clients in avoiding anti-kickback statutes and Stark risks. This is because grant compliance is grounded in the same basic concepts—no favoritism, no bribes or shady deals, and avoiding fraud, waste, and abuse. Especially if you're spending federal monies, you need to prove that you choose the vendor based on verifiable best practices, and consideration was afforded to organizations owned by women, veterans, and minorities.

Single audit 

The second category, Single Audit, is applicable to all federal funding of $750,000 or more annually. My colleague from BerryDunn’s Not-for-Profit practice group, Katie Balukas, explains: 

"The federal Single Audit Act is a requirement for entities to undergo an independent financial and compliance audit when the entity has expended over $750,000 in federal awards. These audits are conducted following guidance issued through the Governmental Auditing Standards and the United States Office of Management and Budgets' Uniform Guidance. The main focus of the compliance audit is to assess the entity's compliance with the requirements set forth by the federal agency that administered the grant funds. That includes, but is not limited to determining if the funds were utilized for allowable costs and activities and expanded within the proper grant period and that the reporting and performance objectives were met."

It is important to note that adequate, appropriately scaled internal resources are essential for any organization receiving grants and even more so with larger grants. Though the phrase has been overused, it really does “take a village”. Grant management isn't something an organization should do on the side, assigning grant accounting to someone who already has a full-time role, but unfortunately this is common and also unfortunate because under resourcing tends to lead to compliance concerns, as well as just plain old poor funding management. 

Indirect rate

Speaking of funding, the third type of grant compliance is very focused on a component of the grant world that really has a life of its own: The indirect rate. Though there is an accounting definition of ‘indirect’, the way it is defined regarding grant funding is pretty specific, and there is an entire body of work organizations undertake to get a federally approved indirect rate.

There's an awful lot to think about with the indirect rate. On the one hand, you could say it's pretty simple. For example, a lot of foundation funders and even some federal funders will offer you a 5% or 10% indirect rate without any need to make a calculation. That's because they know that if you take time to do the math, you'll come up with a number much higher than 5% or 10%. When it comes to federal grants and healthcare services organizations, the indirect rate is dependent on how an organization measures costs. For hospitals, of course, the method of measurement is driven by the Medicare cost report, and that's where we would do the fancy math to derive the indirect rate. But the reality is far from simple or straightforward. 

Time and effort

The fourth and final area of grant compliance, time and effort, is also the one I'm actually most passionate about and is probably the most minimized, or at the very least, misapplied. 

In one way, “time & effort” is exactly what it sounds like. Much of granted dollars, especially from the federal government, get appropriately spent on program staff. The challenge is to match time and effort to those dollars, but that isn't as clear as it sounds, because the standard way of measuring staff time is usually in a payroll system of some sort, which can't prove how time was spent.

Most payroll systems can be programmed to account for FTE (full-time equivalent) allocations; however, there is often a breakdown between theory and practice. Putting allocations into payroll, usually done without employee interaction, may show how an employee “should” spend their time, but it is really no guarantee that that's actually how they're spending their time.

So how does the organization typically go about assuring that? Now, I don't want to speak for everyone, but let's just say I happen to know that there's a place for two or three (or maybe 10,000) that basically put allocations into payroll, and then, unfortunately, often well after the fact and/or more than once, send that allocation to the employee to sign off on without really any option to disagree, or even to modify. We all know that is not compliant…but in the organization's defense, there really haven't been very good alternatives to that kind of woeful and frustrating process, at least none that have been widely shared or understood.

As often is the case in the compliance world, rules are not followed because there is no perceived risk, but that is not a winning strategy.

Though many people involved in grant management do not have any experience or even knowledge of time and effort violations meeting with any consequences, organization interest and grant compliance have more implications than just preventing front page news. What I find in the conversations with organizations, both large and small, is that loose time and effort management costs the organization in two major ways. 

Firstly, it is inefficient to scramble around at the close of each federal grant to fix time and effort allocations. The extra time spent by grant staff, project coordinators, managers, and the finance team to sort things out because they didn't get them right the first time is the worst kind of inefficient—poor use of time with an equally poor outcome. 

Secondly, loose time and effort is costly in direct salary dollars. Most grant staff are not dedicated to one project, so we need to consider the value of their other work. Whether that is on other grants or, for example, seeing patients in the clinic as many principal investigators in healthcare do, having inaccurate or fluctuating understandings of their ability costs the organization directly in wasted salary dollars or indirectly as the opportunity cost of those providers (or other roles in other organizations). 

Digging in and fixing these issues is the work I really enjoy. It's relatively simple to build a compliant model, whether that requires very little payroll redo and is just a simple recurring attestation process in built in Excel, or more complex integrated models with triggered attestations in PDF format in a database that manages the overall FTE of principal investigators. It might even drive the available clinical provider time. It can all be done. We just need to know what the goal is. 

Working in this space so rewarding, because like so much of compliance, it's about doing something better—not just being compliant—but setting organizations up to better meet their goals and fulfill their mission.

The compliance or accounting professional might still ask, “But why aren’t payroll allocations sufficient for meeting Uniform Guidance?” The truth is, when UG came into effect and superseded the A-110, 122, 133, and others, the bar was effectively lowered. Historically, organizations abiding by the old OMB circulars had to make an attestation at least twice a year, which doesn’t really seem helpful, as who can accurately allocate their time from 5 or 6 months ago? So UG did away with the timeframe reference, relying on the idea that the payroll allocations and distributions would be all that would be needed, and in the absence of those, a monthly ‘look back’ by professional staff would be in order.

I say all this, because as a result, the interpretation of ‘payroll allocations’ then becomes the standard and we have forgotten about the other elements spoken of in the regulation. Remember, for anyone salaried (the vast majority of physicians and most of the higher level grant personnel), the ‘payroll allocation’ doesn’t pass muster. It is a static allocation that has no mooring in actual activity. This is why UG calls for monthly “current and reasonable estimates” of time and effort.

So what can organizations do in response? They need to seek a solution, a process, and a method that will both pass audit muster, as well as help the organization properly manage their resources. Almost every organization manages their productivity and finances on a regular basis: monthly! That’s why the same standard should apply to grant time and effort management. It's much more reasonable to ask you how you spent your effort this month, asking you to make a reasonable estimate of your time allocations to the different efforts you worked on.

So to summarize, the four key areas of grant compliance are (1) grants are restricted funding, (2) single audit requirement for federal funding over $750,000 annually, (3) the indirect rate and related agreement, and (4) time and effort.

Of course, I would be remiss to not point out that undergirding all this is the organization’s approach to policy. Any organization that considers grant funding a regular piece of their annual income needs to have dedicated grant management policies, covering all of the above topics, with particular focus on those arenas that are unique to the world of federal funding, and being mindful to follow or otherwise update for changes in processes and/or regulations.

Final takeaways: 

• First, what grant focused infrastructure do you have in place? If you are subject to a single audit, there should be dedicated administrative grant staff. And I don’t mean the programmatic people actually working on the grant, but people outside the grant funding—also why you have an indirect rate. 
• Second, how are you handling time and effort? If the process relies on any long after-the-fact attestations or payroll-generated reporting, it is unlikely to be truly following the spirit…or the letter…of Uniform Guidance. 
• Third, review your policies regarding grants. You may not actually have policies focused on grant activities, leaving them under ‘general finance’. That isn’t sufficient to cover federal funding requirements. Many have grant policies in place, but are they actually being followed through the lifecycle of your grant programs? 
• Lastly, the grant world is a whole ball game unto itself. BerryDunn has some great resources internally to offer assistance in all phases of grant management and administration.