Paper planes in white and one in yellow.

Long-term Care Compliance: Where We Have Been and Where We Are Going

By Sarah Couture

October 5, 2018

While Long-Term Care (LTC) entities have had suggested compliance program guidance for almost two decades, the new Centers for Medicare and Medicaid Services (CMS) Final Rule on Reform of Requirements for Long-Term Care Facilities now requires compliance and ethics programs in LTC entities.

Meanwhile, criminal and civil enforcement actions against LTC entities have increased due to a variety of compliance failures. Development of an effective compliance and ethics program can help prevent wrong-doing and protect LTC entities from state and federal enforcement actions.


In 1991, the United States Sentencing Commission published advisory compliance program guidelines that “offer incentives to organizations to reduce and ultimately eliminate criminal conduct by providing a structural foundation from which an organization may self-police its own conduct through an effective compliance and ethics program.”

The Sentencing Guidelines set forth a “structural foundation” for organizational compliance that includes seven elements (the Seven Elements) of an effective compliance program. These include:

  1. policies and procedures to prevent and detect criminal conduct
  2. designation of specific individuals to run the program with sufficient resources and authority and direct access to the governing authority, as well as governing authority knowledge and oversight of the program
  3. effective compliance education and training programs for the governing authority, high-level leadership, employees, and agents
  4. auditing and monitoring to detect criminal conduct
  5. provision of an anonymous reporting system and prevention of retaliation
  6. consistent enforcement of standards and discipline as well as incentives for compliant behavior
  7. investigation and response to non-compliant conduct.

In addition to the Seven Elements, the Sentencing Guidelines discuss screening of personnel, regular assessment of the effectiveness of the compliance program, and regular risk assessment.

Over the past two decades, the Office of Inspector General (OIG) and CMS have published additional voluntary compliance program guidance specific to various segments of the healthcare industry. The OIG published home health, hospice, and nursing facility guidance in 1998, 1999, and 2000 respectively. Each of these guidance documents explains the reasons for, and the elements of, an effective compliance and ethics program, as well as the specific compliance risks applicable to the industry. In 2008, the OIG published supplemental nursing facility compliance program guidance that builds on the 2000 document, and details additional compliance risk areas and remediation recommendations.

In 2005, the Deficit Reduction Act mandated compliance programs for entities receiving over $5 million a year from Medicaid. In 2010, §6102 of the Affordable Care Act required skilled nursing facilities to implement compliances programs by 2013. However, CMS did not finalize the implementation regulations until the October 2016 publication of the CMS Final Rule regarding LTC facility requirements of participation. This new participation requirement will be enforced beginning in November 2019 and, in addition to the Seven Elements, requires a compliance liaison at every nursing facility for organizations that have five or more facilities.

While some LTC entities have developed compliance programs based on this guidance, these programs could lack focus and effectiveness, as the programs were not mandatory. Other LTC entities did not develop compliance programs at all. LTC facilities now have until November of 2019 to develop and implement new compliance and ethics programs, or re-work their current program to meet the requirements of the new Final Rule.


As the LTC regulatory environment evolves, related enforcement actions will evolve as well. Criminal and civil enforcement actions against LTC businesses are on the rise. New OIG reports regularly detail enforcement actions against skilled nursing facilities, rehabilitation companies, hospices, pharmacies, and home health agencies for compliance, quality, and billing issues.

Entities have seen consequences including significant civil monetary penalties, corporate integrity agreements, and even prison time related to a variety of compliance failures. These compliance failures can include hiring persons excluded from federal healthcare programs, billing for substandard quality of care, having insufficient processes for controlled substances, paying bribes and kickbacks in exchange for patient referrals, and billing for medically unnecessary therapy, hospice, and home health services.

Regulators target this area, and businesses that do not actively self-police their own conduct face the highest risk for non-compliant behavior, investigation, and ultimately enforcement penalties.


Some entities may view development and implementation of a compliance program as burdensome, costly, and tedious. However, true to the Sentencing Guidelines admonition over 25 years ago, a compliance program allows a business to self-police its own conduct, find compliance risks and errors, and correct deficiencies that lead to errors. While an entity may find issues they must disclose, compliance programs more frequently aid in the detection of processes that could, in time, lead to more costly errors. The best defense against government investigation, enforcement, and penalties is an effective compliance program that provides workforce education and auditing on high-risk issues. So, while regulators now require LTC compliance programs, they are in fact, best practice for successful LTC organizations.