With recent changes to the Medicare Shared Savings Program (MSSP), all accountable care organizations (ACOs) need to pay closer attention to their compliance obligations and be prepared to make changes quickly. Each time the Centers for Medicare and Medicaid Services (CMS) updates its MSSP rules, as it did in 2016, it frequently follows these changes by auditing ACOs to determine whether all its rules are being followed. As in 2016, ACOs that identified potential compliance concerns and operationally addressed these concerns limited their potential exposure.
As a longstanding MSSP obligation, ACOs must have a comprehensive compliance plan in place. This includes a “designated compliance official/individual who is not legal counsel” as a mechanism to address compliance issues; compliance training for the ACO, ACO participants, and the provider and suppliers; and methods for ACO employees or contractors to anonymously report problems to the compliance officer. ACOs must also be able to show they have executed the plan by taking steps to ensure compliance.
Every ACO must commit to a three-year participation agreement, which is subject to regulatory changes in all areas except for governance structure and management, as well as a calculation of sharing rate and beneficiary assignment. An ACO with a 2015 start date would need to have renewed its agreement by Jan. 1, 2018. However, an ACO is subject to a change in the quality performance standard. This can result in possible audits, penalties, and termination.
Given changes in MSSP regulations and their complex legal nature, it’s important that ACO groups review their internal processes, integrate into ACO operations, and provide documentation to ensure they comply with the regulations. ACOs that fail to comply with these regulations face penalties, or, in more extreme cases, termination. CMS requires that all ACO participant agreements submitted for performance years 2017 and beyond comply with the new rules. Despite this requirement, many ACOs still do not fully understand how to properly implement the rules they agreed to.
Crucial Areas of ACO Compliance
Areas of compliance include the following:
- Governance structure and management: It is essential that an ACO be provider-driven, not entrepreneur-driven, and that it gives Medicare beneficiaries agency in ACO decisions. ACOs need to show that they can self-govern in the best interest of improving the quality of care delivered; provide efficient, cost-effective care; and enhance the patient experience. This goal of placing the patient first, as dictated by an ACO’s patient-centeredness criteria, guides CMS’s regulations concerning the management and board of an ACO, including the fact that the board of directors must be comprised of 75 percent ACO participants, including a Medicare beneficiary served by the ACO.
- Restrictions against conflicts of interest on the governing board: Operational and clinical management officers must act in accordance with the regulations.
- Limits on reserved powers: An ACO’s member can’t appoint and remove the ACO board and management. They also can’t determine how shared savings are used and distributed.
- Waivers: Identification and processes for achieving waiver protection must comply with the pre-participation and/or participation waivers, the beneficiary inducement waiver, and the shared savings distribution waiver.
- Marketing: The Affordable Care Act says nothing in regard to the marketing of ACOs, but CMS requires approval for the marketing activity of ACOs before such materials can be used. CMS provides template language for marketing campaigns: ACOs must refer to participants as “beneficiaries.” In addition, CMS does not specifically endorse any ACOs and does not allow ACOs to use marketing language that reflects false endorsement.
Common Errors in ACO Compliance
The following errors can cause issues with compliance:
- Data entry and data analysis around quality metrics: In CMS’s audits of ACOs to determine whether these programs were meeting the new 2016 quality measures, CMS found that many of the problems stemmed from the same area: quality metrics. Issues such as failure to correctly file patient screenings for diseases like cancer and depression, failure to report required quality measure elements in screenings, and exclusion of elements from the denominator that calculates the shared savings of an individual ACO were among the most commonly cited. An analytics strategy focused on data capture within these areas is a key to compliance.
- Beware of box-ticking: Box-ticking refers to an ACO merely going through the motions with a compliance team to indicate the minimum level of required compliance. Often, hospitals have only a shallow understanding of the regulations they agreed to with this method, and this can lead to problems later, because compliance does not deliver any true benefit to the ACO.
- Prohibitions on beneficiary referrals: Naturally, an ACO would prefer that its beneficiaries, or patients benefiting from an ACO’s patient-centered care that is coordinated among providers, receive care within their network. This gives the ACO greater control over a patient’s cost and quality of care. CMS anticipates this preference, yet still mandates that exclusively recommending patients to members of an ACO violates a patient’s freedom to seek “high-quality care from the providers or suppliers of their choice.” For an ACO to achieve its goals within MSSP regulations, it must encourage in-network referrals to its patients without violating the CMS freedom of choice requirement. This allowable gray area, while vital to the success of an ACO, is murky and would benefit from examination by an attorney with expertise in ACO compliance.
- In-house compliance department: A hospital’s compliance department, already in place from HIPAA or the Stark Law and Anti-Kickback Statute, is not always capable of handling the specific intricacies of MSSP regulations. It’s necessary for a compliance department to be well-educated in the common problems that can arise with ACOs. Hospitals should consider outsourcing their ACO-specific compliance to a firm with expertise in these regulations.
Lumina Health Partners and the firm of Hogan Marren Babbo & Rose Ltd. have long-standing expertise in healthcare policy and are committed to helping hospitals overcome confusing legal and regulatory barriers so they can focus on providing high-quality, low-cost patient care. A careful, detail-oriented review of ACO documentation, operations, and personnel to ensure that everything complies with current MSSP regulations is essential to ensure the success of an ACO.
John P. Marren is a founding partner of Hogan Marren Babbo & Rose Ltd., and Thomas J. Babbo is partner and shareholder.