A strategy to acquire something — a physician practice, an ambulatory surgery center or another hospital — can be desirable for improving an organization’s care for its patients, their families and their communities. Service fragmentation and duplication add cost and complexity to patient care, while integrated delivery systems promise efficiency and strength.
Frequently lost in the acquisition process, however, is the need for one additional focus in the usual due diligence: the compliance of the planned acquisition with Centers for Medicare & Medicaid Services Conditions of Participation, in addition to compliance with state regulations and national accreditation requirements.
Why is this breadth of compliance so important? What are the risks of failing to uncover any deficiencies in the physical environment, infection control, quality assurance and other frequent risk points? How can this step be included in acquisition due diligence? These are the subjects of this discussion. But first, a disheartening story:
Too little, too late
A large, flourishing Midwestern health system had been considering a small, rural hospital in its referral area as a planned acquisition. The rural facility had maintained a fierce independence for some time but, like many small, freestanding providers, had fallen into difficult financial straits. The hospital had closed unsupportable services, reduced staffing and sought seemingly prudent service additions (dialysis, ambulatory surgery), all to little avail, as margins turned increasingly negative.
Finally, when the rural hospital was on the verge of closing, the larger system saved health care for the community through a last-minute buyout. Only after assuming operational responsibility did the acquiring system discover problems in clinical quality, extensive deferred maintenance and lack of rigor in regulatory compliance.
The subsequent publicity surrounding the regulatory issues spread from the local community to the news media in the system’s urban center, besmirching a hard-won reputation for quality and compassion. The cost required to address regulatory deficiencies was financial and reputational, all because of a failure to assess regulatory compliance before the acquisition.
Be in the know
Given this cautionary tale, what should a trustee or hospital leader know about clinical regulatory compliance due diligence?
First, clinical regulatory compliance due diligence is not a usual part of the acquisition due diligence process. That process normally focuses on financial scrutiny and assessment of extant liabilities, litigation and outstanding bond or debt issues. The usual processes in a thoughtful acquisition evaluation are critical to identifying problems and barriers. They are necessary but not necessarily sufficient.
Clinical compliance with regulatory requirements usually is less examined during acquisitions. Clinical compliance means meeting or exceeding the Conditions of Participation — CoPs — set by CMS. The CoPs are simply standards for performance that institutions receiving Medicare and Medicaid funding have agreed to meet. Meeting these standards — usually assessed through state and accreditation scrutiny — means the hospital has “deemed status” — that is, it is deemed as suitable for reimbursement purposes.
Most commercial payers also rely on deemed status as a minimal standard for eligibility to participate in their programs. Failure to attain or maintain approval is a financial threat to a hospital's existence. (For more on this, see "Hospital Leaders Like to Think That 'Immediate Jeopardy Can't Happen Here' — Until It Does.")
Acquisitions frequently trigger attention from state or accreditation organizations. Transfer of ownership requires notification to regulatory bodies. These bodies usually apply some level of scrutiny to the transaction beyond the submission of paperwork, be it an on-site visit, review of historical compliance data, or even a full accreditation or CoPs-based survey.
Also, organizations in the transition process are often the target of complaints to regulators by people unhappy with the organization or uncomfortable with the pending change. Hospitals subject to acquisition may be challenged to maintain desired levels of clinical supervision and rigorous quality oversight. In short, organizations "in play” are organizations at risk.
How does an acquiring organization know what risks it is assuming? There’s a relatively simple and straightforward answer to this question: Include a clinical regulatory compliance due diligence assessment as part and parcel of the overall due diligence process.
The assessment should be conducted by a team comparable in composition to the team used by accreditors and regulators: clinicians, engineers, pharmacists and specialists reflecting the institution's services (behavioral health, ambulatory care, owned physician practices, rehab, and so forth). The survey should tightly parallel the process the external regulator would use to assess potential vulnerabilities and weak points.
The products of this process should be a written assessment report coupled with a written corrective action plan. The assessment report outlines areas of noncompliance, and the CAP provides a road map for the efforts and costs associated with remediation.
The clinical regulatory compliance assessment rarely ruptures a planned acquisition unless the risks and remediation prove insurmountable (for example, an inadequate surgical staff when there is no means of supplementing it or augmenting its professional capacities). More frequently, the assessment yields a more “eyes wide open” acquisition process and permits better planning for the assumption of operational responsibility. The assessment also frequently yields information useful to finalizing the terms of the transaction by demonstrating additional post-acquisition mandatory investments and associated costs.
The assessment may yield extensive evidence of deferred physical plant maintenance, showing increased vulnerabilities to power availability, disaster recovery and the environment of care. For example, if the humidity and heat in surgical suites are consistently out of the required range, the investment required to prevent an environment of risk for surgical fires (i.e., low humidity) or postoperative infections (i.e., high humidity) can be calculated in the hundreds of thousands of dollars.
Yet, failure to maintain safe and efficient surgical services, or closing the surgical suite, is a potential financial liability. Know and plan for investments in advance and be able to negotiate pricing with such required expenditures in mind.
Another typical issue identified in assesment is the care and management of behavioral health patients in emergency departments. Behavioral health patients require management in a suicide-preventive environment with staff competent to manage care and security. Planning for this cost, as well as for appropriate holding rooms, sitters, and nurse and security personnel, can be challenging for some community hospitals.
The increase in the number of behavioral health patients presenting for care either on their own or accompanied by police is a national issue. The situation is compounded by the decrease in resources for transferring behavioral patients. Many mental health hospitals have closed or shrunk in capacity, so behavioral health patients often are in emergency departments while awaiting transfer — sometimes for hours, frequently for days.
The risks of improperly providing care are great, including risks for self-harm, suicide, or staff or community impact. But the costs of staffing and hardening emergency departments to cope with this need are also great. Therefore, be sure to identify both potential gaps in care and potential demand before the acquisition so you can plan accordingly.
An assessment for clinical regulatory compliance due diligence is a brief event in the life cycle of an acquisition — a focused week for an on-site team, followed by the compilation of a comprehensive assessment report and corrective action plan. Compared with the unknown costs of a post-acquisition regulatory surprise, it isn’t a particularly expensive proposition.
The risks of not knowing potential points of failure far outweigh the burdens of knowing and planning to address them. It is a prudent exercise of governance to answer regulatory risk questions before ownership.
Mark Reifsteck, M.H.A., FACHE (email@example.com), is managing director of Compass Clinical Consulting in Cincinnati. Kate Fenner, R.N., Ph.D. (firstname.lastname@example.org), is managing director and CEO of Compass Clinical Consulting.
Frequent clinical risk points
Health system acquisitions can trip up on clinical compliance in a number of areas:
1. Physical environment: All of the areas where patients receive care, including ambulatory services, physician offices, the surgical suite, the emergency department and inpatient units, must meet the standards for safe care delivery.
2. Infection control: There must be systems in place for patients, staff and visitors to prevent and control the spread of infections from inpatient care through surgical services — this can be something as seemingly simple as good handwashing practices.
3. Quality assurance and performance improvement: Organizations must uphold rigorous standards for collecting data, analyzing performance and making improvements in patient care.
4. Medication management: Acquiring, dispensing, controlling and tracking medications in a safe and effective manner are assuming greater significance as more communities deal with superbugs, antibiotic stewardship, opioid epidemics and the cost of pharmaceuticals.
5. Medical staff governance: Concerns about credentialing, rules and regulations, clinical outcomes and the quality of contracted medical services (laboratory, radiology, emergency department coverage) are all high-cost and high-risk areas for oversight.
6. Nursing: Adequacy of staffing, staff practice within licensing parameters and competency of staff all receive significant regulatory scrutiny during compliance surveys. – Mark Reifsteck and Kate Fenner