Nursing facility compliance programs should include a records system that will ensure complete, thorough, and accurate record generation, documentation, maintenance, and destruction (when appropriate), with regard to both resident medical records and facility business records. The facility also must consider regulatory and privacy requirements in designing its record keeping system. In order to achieve an appropriate records system, the OIG recommends establishment of the following policies and procedures:
- Record creation, distribution, retention, and destruction; and
- Assurance of appropriate and timely documentation of nursing, therapy, and other services, as well as MDS information.
The OIG further recommends that each records system include specific types of clinical and non-clinical documentation, including:
- Billing and claims records per health care program participation requirements, such as a resident assessment instrument, comprehensive care plan, and plans of correction or other documentation of response to surveys;
- Audit data in support and explanation of cost reports, other financial activity, and compliance monitoring, both internal and external;
- Documentation of the facility’s compliance process that demonstrates its integrity and effectiveness;
- Documentation of the facility’s efforts towards regulatory compliance, such as copies of the facility’s requests for and responses to requests for advice from fiscal intermediaries, carriers, or other governmental entities; and
- Maintenance of a log of oral inquiries to governmental entities or others with regard to regulatory compliance.
To maintain privacy and security of the information contained in clinical and non-clinical records, the OIG recommends that a nursing facility:
- Maintain records and information in a secure, safe place;
- Maintain hard copies of electronic documentation; and
- Limit access to records to prevent their fabrication or destruction; and
- Develop document retention and destruction policies and ensure that these policies are consistent with applicable law.
The OIG also encourages facilities to aim towards development and use of functional, secured electronic information systems that are capable of accessing Federal and State databases.
By way of example, following is a sample policy on compliance filing systems with certain designated types of files the facility will maintain, which a facility may wish to consider using. However, providers should develop filing systems that work for them and are consistent with the advice of their compliance officer and legal counsel.