Jeannine LeCompte, Publishing and Research Coordinator
Medicare- and Medicaid-approved skilled nursing facilities (SNFs) are legally obligated to adhere to a strict set of rules in order to maintain financial integrity. These rules are imposed by the Centers for Medicare & Medicaid Services (CMS), which in turn operates under rules laid down in US Codes.
CMS contracts with companies to administer the Medicare program under the Social Security Act and the Medicare Prescription Drug, Improvement, and Modernization Act of 2003 (MMA). MMA legally obligates contractors to administer the Medicare program “efficiently and economically” and to use specified internal controls which serve as “the first line of defense in safeguarding assets and preventing and detecting errors and/or fraud.”
In addition, the Federal Managers’ Financial Integrity Act of 1982 (FMFIA) establishes internal control requirements that should be met by CMS. Compliance with FMFIA guidelines is therefore the basis of all compliance regulations.
Under various provisions of the Social Security Act and MMA, contractors are continually evaluated by CMS on administrative service performance.
The internal controls must provide “reasonable assurance” that the following objectives are being achieved:
- Effectiveness and efficiency of operations
- Reliability of reporting
- Compliance with applicable laws and regulations
There are three fundamental concepts which provide the underlying framework for designing and applying the internal control standards.
First, there must be a continuous built-in component of operations which “includes measures and practices that are used to mitigate risks and exposures that could potentially prevent an organization from achieving its goals and objectives.”
Second, an organization’s management must ensure that direct internal controls are carried out by the people within that organization.
Third, the concept of “reasonable assurance”—which is not the same as “absolute assurance”—means that an internal control system, no matter how well conceived and operated, can provide only reasonable, not absolute, assurance regarding achievement of an entity’s objectives.
On a practical level, a financial integrity management plan must consist of the following components: billing management, cost reporting, and credit balances and overpayments monitoring.