Key Points to Consider When It Comes to Bed Rail Safety

By on June 12, 2014

In recent years, the use of bed rails has received increased scrutiny from the health care community and regulators.  There have been many reports of death and injury, such as entrapment, falls, and asphyxiation, due to bed rail use.  Between Jan. 1, 1985, and Jan. 1, 2013, the Food and Drug Administration (FDA) received 901 incident reports of patients caught, trapped, entangled, or strangled in hospital beds, including 531 deaths.

In January, the FDA, working in conjunction with the Consumer Product Safety Commission (CPSC), developed a new webpage that provides guidance about bed rail use.  The guidance addresses bed rail safety, safety concerns about bed rails, and recommendations for health care providers, consumers, and caregivers about bed rails. Among the information available is clinical guidance to assess an individual patient’s needs when using a bed rail and a bed safety entrapment kit containing information and tools that can be used to assess entrapment risk.

The Colorado Department of Public Health and Environment (CDPHE) also has information on its website to assist nursing homes with bed safety.  The CDPHE has pointed out the risks of using restraints such as bed rails.  The risk of bed rails include falls caused by climbing over the rails, becoming trapped between the bed rail and mattress, which can result in asphyxiation, and fracture from rolling into the transfer rails.

The FDA cautions that health care providers should avoid the routine use of bed rails and that bed rails should not be used as a substitute for proper monitoring, especially for people at high risk of entrapment.  Likewise, the CDPHE encourages the use of alternatives before using bed rails, such as lowered beds, futons, or waterbeds.

Nursing homes often run into conflict with family members who request bed rails.  However, nursing homes cannot use family requests to justify using bed rails.  Surveyor guidance emphasizes that the legal surrogate or representative cannot give permission to use restraints for the sake of discipline or staff convenience when the restraint is not necessary to treat the resident’s medical condition.  In other words, the facility cannot use restraints in violation of 42 C.F.R. § 483.13(a) solely based on a family member’s request or approval.

Filed under Bed Rail Safety, Colorado Department of Public Health and Environment, Consumer Product Safety Commission (CPSC), Food and Drug Administration (FDA), Nursing Home Regulations

Nursing Home Emergency Preparedness: New CMS Checklist and Proposed Regulations

By on May 14, 2014

Following recent natural and man-made disasters such as 9/11, Hurricane Katrina, and other floods and fires, the federal government has increased its focus on emergency preparedness.  Federal regulations – 42 C.F.R. § 483.75(m) – require that Medicare- and Medicaid-certified nursing homes have written emergency plans and provide employees with emergency preparedness training.

The Centers for Medicare & Medicaid Services (CMS) provided information to health care providers, including nursing homes, about emergency preparedness in Survey and Certification Letter S&C-08-01, issued on October 24, 2007.  This guidance provides answers to frequently asked questions and resources on emergency preparedness planning resources.

In a 2012 report, the Office of Inspector General (OIG) reviewed state survey data for emergency preparedness in nursing homes.  Although most long-term care facilities had emergency plans, the majority of the plans were wholly inadequate.  Half of the sampled plans contained only 50 percent of the CMS-recommended checklist items, according to the OIG’s “Gaps Continue to Exist in Nursing Home Emergency Preparedness and Response During Disasters: 2007-2010.”

On February 28, 2014, CMS issued Survey and Certification Letter S&C-14-12, a revised emergency preparedness checklist.  Some of the key items in the checklist are the following:

  • Collaborate with local emergency management agency: Work with local emergency management agencies to ensure the development of an effective emergency management plan.
  • Analyze each hazard: Analyze the specific vulnerabilities of the facility and determine actions for each identified hazard.
  • Decision criteria for executing plan: Include factors to consider when deciding whether to evacuate and shelter in place. Determine decision-maker, and chain of command.
  • Develop shelter-in-place plan: Provide for various emergency measures, such as assessing whether the facility can withstand the threat, measures to secure the building, at least seven days worth of resources such as food and power, and security plan.
  • Develop evacuation plan: Consider factors such as pre-determined evacuation locations, evacuation routes, and adequate food supply and logistical support.
  • Communication infrastructure contingency: Develop communication plan in the event of telephone failures, such as walkie-talkies and ham radios.

Concluding that current emergency preparedness regulatory requirements are not comprehensive enough to address the complexities of actual emergencies, CMS issued a proposed rule that 17 different providers and suppliers must meet to participate in the Medicare and Medicaid programs.  “Medicare and Medicaid Programs; Emergency Preparedness Requirements for Medicare and Medicaid Participating Providers and Suppliers,” 78 Fed. Reg. 79081 (Dec. 27, 2013).  The proposed rule addresses the following gaps that CMS believes exist in the current regulations: (1) communication to coordinate with other systems of care with local jurisdictions; (2) contingency planning; and (3) personnel training.

Because long-term care facilities are unique among other health care providers as many of the residents can be expected to have long-term or extended stays, the proposed rule also requires these facilities to develop an emergency preparedness communication plan.  The emergency preparedness communication plan would include a means of providing information about the general condition and location of residents under the facility’s care.

Finally, the proposed rule for long-term care facilities also requires emergency plans to utilize an “all-hazards” approach, which, in an emergency situation, would include a directive to account for missing residents.

In light of the new checklist and CMS’ recent focus on emergency preparedness, health care providers, including nursing homes, should evaluate their emergency preparedness plans.  In addition, facilities should look out for new emergency preparedness regulations.

Filed under Emergency Preparedness, Medicaid, Medicare, Nursing Home Regulations

HHS Releases Risk Assessment Tool to Assist With HIPAA Compliance Efforts

By on April 29, 2014

The Department of Health and Human Services (HHS) announced a new tool to help health care providers in small to medium-size offices with compliance efforts under the Health Insurance Portability and Accountability Act (HIPAA).

HIPAA requires organizations to conduct self-assessments to identify potential weaknesses and address vulnerabilities in the systems used to protect the security of patient health information.  This new tool will guide health care providers in conducting risk assessments.

A downloadable application and a tutorial video are available here.  Health care providers can also give feedback on the tool until June 2, 2014.

Filed under HIPAA, Patient Health Information, Risk Assessments

Geriatric Emergency Rooms — Marketing Ploy or Better Outcomes?

By on April 4, 2014

Recent newspaper articles have reported on the development of emergency rooms dedicated to seniors.  The Denver Post describes how Exempla Lutheran opened a senior emergency room two years ago, with two more area hospitals adding senior-focused emergency room space.

Denver is joining the rest of the country in opening geriatric emergency rooms.  According to The New York Times, Holy Cross Hospital in Silver Spring, Md., was one of the first emergency rooms dedicated to caring for seniors when it opened in 2008.  Since then, geriatric emergency rooms have opened in New York City, New Jersey, Missouri, Kansas, and Texas, among other locations.HC BLOG_emergency

Geriatric emergency rooms are specifically designed for an elderly patient with features such as softer lights, a nonskid floor, and handrails lining the walls. The noises found in usual emergency rooms are muted.  Many senior emergency rooms are staffed with health care providers who specialize in geriatrics.

While it may seem like geriatric emergency rooms are merely a marketing tool, Drs. Ula Hwang and R. Sean Morrison stated in a 2007 paper that a traditional emergency room is not aligned with the care needs of a geriatric patient.  The traditional emergency room’s focus on rapid triage and diagnosis may be impossible in a geriatric patient with multiple and complex medical conditions, who takes many medications, and may have dementia.  Hwang believes that the use of geriatric emergency rooms may address an elderly patient’s special care needs better than traditional emergency rooms.  Dr. Mark Rosenberg, chair of emergency medicine at St. Joseph’s Regional Medical Center in Paterson, N.J., reported last December that since his hospital opened a geriatric emergency room, the rate of unscheduled geriatric readmissions for the same illness or injury within 30 days dropped from 20 percent to less than 1 percent.

Decreased readmissions help geriatric patients who visit the emergency room as well as help a hospital’s Medicare reimbursement.  One provision of the Affordable Care Act provides a financial incentive for hospitals to reduce preventable readmissions.  Hospitals with excess Medicare readmissions receive a financial penalty.  A readmission is defined as a Medicare patient who is readmitted to the same or another acute care hospital within 30 days of discharge.  Certain readmissions, such as transfers to another hospital and planned readmissions, are excluded.  For now, the program applies only to readmissions of Medicare patients 65 and older with diagnoses of acute myocardial infarction, heart failure, or pneumonia.  42 U.S.C. § 1395ww(q).

In fiscal year 2015, the program will also include readmissions after elective total hip and knee arthoplasty and chronic obstructive pulmonary disease, according to the final rule.  78 Fed. Reg. 50494-51040 (Aug. 19, 2013).  It would not be surprising to see the program expanded to additional diagnoses, so improving a hospital’s readmission rate through the use of geriatric emergency rooms can make financial sense.

Image courtesy of Flickr by Taber Andrew Bain

Filed under Geriatric Emergency Rooms

Mandatory Elder Abuse and Exploitation Reporting in Colorado Begins July 1

By on March 20, 2014

Colorado became the 48th state to require many professionals to report abuse and exploitation of adults 70 years and older.  Senate Bill 13-111, to be codified at C.R.S. § 18-6.5-108, becomes effective on July 1, 2014.  Mandatory reporters are required to report elder abuse and exploitation to law enforcement within 24 hours.  Failure to report can result in a Class 3 misdemeanor.  Except for the perpetrator, anyone who makes a good-faith report is immune from liability for damages in any civil action or criminal prosecution.

Who are the mandatory reporters?

The following professionals, whether paid or unpaid, must report abuse and exploitation of adults 70 years and older (referred to as an at-risk elder):

  • physicians, surgeons, physicians’ assistants, osteopaths, physicians in training, podiatrists, occupational therapists, and physical therapists;
  • medical examiners and coroners;
  • registered nurses, licensed practical nurses, and nurse practitioners;
  • emergency medical service providers;
  • hospital and long-term care facility personnel engaged in the admission, care, or treatment of patients;
  • chiropractors;
  • psychologists and other mental health professionals;
  • social work practitioners;
  • clergy members, unless the information was learned during a privileged communication;
  • dentists;
  • law enforcement officials and personnel;
  • court-appointed guardians and conservators;
  • fire protection personnel;
  • pharmacists;
  • community-centered board staff;
  • personnel of banks, savings and loan associations, credit unions, and other lending or financial institutions;
  • a caretaker, staff member, employee of, or a consultant for a licensed or certified care facility, agency, home, or governing board, including but not limited to home health providers; and
  • a caretaker, staff member, employee of, or a consultant for a home care placement agency.

When must a report be made?

Mandatory reporters are required to report to law enforcement within 24 hours when the reporter (1)  has observed the abuse or exploitation of an adult 70 years or older or (2)  has reasonable cause to believe that an adult 70 years or older has been abused or exploited or is at imminent risk of abuse or exploitation.

What should be in a report?

To the extent possible, the following information should be contained in the report:

  • name, age, address, and contact information of the at-risk elder;
  • name, age, address, and contact information of the reporter;
  • name, age, address, and contact information of the at-risk elder’s caretaker, if any;
  • name of the alleged perpetrator;
  • nature and extent of the at-risk elder’s injury, whether physical or financial, if any;
  • nature and extent of the condition that required the report; and
  • any other pertinent information.

What is abuse?

The law defines abuse as any of the following acts or omissions:

  • the non-accidental infliction of bodily injury, serious, bodily injury or death;
  • confinement or restraint that is unreasonable under generally accepted caretaking standards;
  • unlawful sexual conduct or contact; and
  • caretaker neglect.

What is caretaker neglect?

Caretaker neglect is neglect that occurs when adequate food, clothing, shelter, psychological care, physical care, medical care, or supervision is not provided by a caretaker in a timely manner and with the degree of care that a reasonable person in the same situation would exercise.  However, caretaker neglect does not include withholding, withdrawing, or refusing any medication, medical procedure or device, or treatment in accordance with a valid medical directive or order or as described in a palliative plan of care.

What is exploitation?

Exploitation is an act or omission committed by a person who (1)  uses deception, harassment, intimidation, or undue influence to permanently deprive an at-risk elder of the use, benefit, or possession of his or her money, assets or property; (2)  without legal authority, employs the services of a third party for the profit or advantage of the person or another person to the detriment of the at-risk elder or forces, compels, coerces, or entices an at-risk elder to perform services for the profit or advantage of the person or another person against the will of the at-risk elder; or (3)  misuses the property of an at-risk elder in a manner that adversely affects the at-risk elder’s ability to receive health care, health care benefits, or to pay a bill for basic needs or obligations.

Does a mandatory reporter have to make a report if another person already has done so?

A mandatory reporter is not required to report the abuse or exploitation of an at-risk elder if the person knows that another person has already reported the same abuse or exploitation to a law enforcement agency that would have been the basis of the person’s own report.

The Colorado Department of Human Services has posted a list of frequently asked questions that can assist in education and compliance efforts.

Filed under Elder Abuse

Text Messaging and HIPAA Compliance Risks

By on February 10, 2014

Like everyone else, health care workers have become accustomed to the convenience of communicating by text message.  Although using text messages can make communications more efficient in the health care setting, transmitting protected health information (PHI), including photographs, in text messages raises Health Insurance Portability and Accountability Act compliance risks.  Some of the compliance risks include the following:

  • Many people do not password-protect a mobile device, making it easy for another user to access PHI stored in texts.  This access can occur when the device is shared, lost, or stolen.
  • Text messages often are not encrypted, unlike e-mail.
  • The use of personal mobile devices to send texts or photographs is common, unlike email, which most often is sent on work-issued computers or tablets.
  • Text messages can remain on a mobile device indefinitely.

HC BLOG_textingThe U.S. Department of Health & Human Services (HHS) and the Office of the National Coordinator for Health Information Technology (ONC) have gathered tips to safeguard PHI when using mobile devices.  They make the following suggestions about how to protect and secure information on mobile devices, which applies to developing a policy on transmitting PHI by text message.

  • Use a password or other user authentication.
  • Install and enable encryption.
  • Install and activate remote wiping and/or remote disabling.
  • Maintain physical control of the mobile device.
  • Delete all stored health information before discarding or reusing the mobile device.

HHS and ONC have resources to assist in updating or developing policies for mobile device use.  They recommend the following five steps for policy planning.  These steps can assist health care organizations in developing a policy on using text messages to transmit PHI.

1.   Decide whether mobile devices will be used to access, receive, transmit or store PHI.

2.   Conduct a risk analysis to identify risks and perform a risk analysis periodically whenever there is a new mobile device, a lost or stolen device, or suspicion of compromised health information.  After conducting a risk analysis, document:

  • which mobile devices are used to communicate with your organization’s internal networks or system; and
  • what information is accessed, received, stored, and transmitted by or with the mobile device.

In addition, organizations should review HHS “HIPAA Security Series: Basics of Risk Analysis and Risk Management” for guidance on conducting a risk analysis.

3.   Identify your organization’s mobile device risk management strategy, including privacy and security safeguards.   The risk management strategy should include evaluation and maintenance of the mobile device safeguards you put in place.

4.   Develop, document, and implement your policy.  HHS and ONC suggest that the organization consider the following.

  • mobile device management, including identifying and tracking devices;
  • whether personal mobile devices can be used and whether they can be used to connect to the organization’s internal network or system;
  •  whether the device can be used away from the organization;
  • whether the device can be used to text;
    • security/configuration settings on mobile devices;
    • restrictions on information that can be stored on mobile devices;
  • procedures for addressing misuse of mobile devices; and
  • recovery and deactivation to wipe or disable lost or stolen devices or devices of employees who leave the organization.

5.   Provide training on mobile device use.

Image courtesy of Flickr by Jhaymesisviphotography

Filed under HIPAA

Video Surveillance in Nursing Homes – Consider the Risks

By on January 29, 2014

Easy access to video technology and media reports of abuse and neglect in nursing homes may lead family members to place surveillance cameras in the rooms of their loved ones.  Only Oklahoma, pursuant to Okla. Stat. § 63-1-1953.6, New Mexico, and Texas explicitly permit a nursing home resident or the resident’s legal representative to place surveillance cameras in a resident’s room. These statutes allow monitoring only if certain requirements are met, such as obtaining consent from the resident or the resident’s representative, and from the resident’s roommate.  The majority of states (and the federal government) do not have laws explicitly permitting or forbidding resident monitoring.

In the absence of state statutory guidance, if a nursing home decides to allow a family member to video-record a resident, the HC BLOG_security cameranursing home should consider the following issues to ensure the recording does not violate a resident’s privacy and rights under the Health Insurance Portability and Accountability Act (HIPAA), or violate any state laws, such as invasion of privacy, eavesdropping, or wiretapping.

Consent:  Has the resident, if competent, consented to the recording?  If the resident is not competent, has the resident’s medical power of attorney or guardian consented?  Nursing homes should consider how to document consent, such as in the resident’s chart or on a consent form.  Failure to obtain consent could result in violation of the resident’s privacy and HIPAA rights.

Roommate:  If the resident has a roommate, the roommate likely will end up on the video.  Facilities should consider whether to obtain proper consent from the roommate, as discussed above, or only allow video-recording in the absence of any roommate.

Visitors:  Facilities should consider whether visitors should be notified that video-recording is occurring to avoid violating the privacy rights of visitors, who could include other facility residents.  For example, the facility could post a sign on the resident’s door indicating that recording is in progress.

Other residents:  Facilities should consider how the video-recording device is aimed and whether it records sound or images from the hallway or resident care areas.  Again, recording video of the hallway or other resident care areas could violate the privacy and HIPAA rights of other residents.  While it is easier to aim the video-recording device into the room to avoid hallway images, it is difficult to ensure that hallway conversations are not recorded.  Thus, facilities should consider whether to forbid any audio on the video.

Violation of specific state statutes:  Depending upon the state, video-recording could result in criminal invasion of privacy or a violation of eavesdropping or wiretapping statutes.  For example, in Colorado a person commits criminal invasion of privacy under C.R.S. § 18-7-801 if that person knowingly observes or takes a photograph (including video) of another person’s “intimate parts” without consent where the person photographed has a reasonable expectation of privacy. Also in Colorado, a violation of C.R.S. § 18-9-304, the eavesdropping statute, can occur if a person not visibly present during a conversation or discussion knowingly overhears or records the conversation or discussion without the consent of at least one of the principal parties to the conversation. Thus, if the resident does not consent or if another resident is picked up on the audio portion of the video without consent, this could constitute illegal eavesdropping. Nursing homes should examine specific state statutes relating to invasion of privacy, eavesdropping, and wiretapping.

Facility administrators should carefully consider the risks of video-recording and address the concerns listed above before allowing it to occur.  While this discussion focused on nursing homes, it applies equally to other health care facilities such as assisted living facilities and hospitals.

Image courtesy of Flickr by Frédéric Bisson

Filed under Nursing Home Regulations

CMS Nursing Home Regulatory Guidance — 2013 Developments

By on January 15, 2014

The Centers for Medicare & Medicaid Services (CMS) periodically issues guidance on federal nursing home regulations in the form of a memorandum to state survey agency directors.  The survey and certification memos can assist nursing homes in survey preparation and other regulatory compliance efforts.  Some of the important 2013 CMS guidance is summarized below. 

HC BLOG_nursing homeCardiopulmonary Resuscitation (CPR): Nursing homes should examine their CPR policy for compliance with recent CMS guidance.  S&C Memorandum, No. 14-01-NH.  According to CMS, nursing homes cannot implement facilitywide no-CPR policies.  Facility policy should specifically direct staff to initiate CPR when cardiac arrest occurs for residents who have requested CPR in their advance directives; who have not formulated an advance directive; who do not have a valid do not resuscitate (DNR) order; or who do not show American Heart Association (AHA) signs of clinical death as defined in the AHA Guidelines for CPR and Emergency Cardiovascular Care.  In addition, facility policy should not limit staff to calling 911 when cardiac arrest occurs.  Before emergency medical services arrive, nursing homes must provide basic life support, including CPR, to a resident experiencing cardiac arrest in accordance with an advance directive, or if there is no advance directive or DNR order.

Although CMS acknowledges that CPR is ineffective in the elderly nursing home population, CMS notes the changing demographics in nursing homes.  In 2011, approximately one in seven nursing home residents were under age 65, many of whom were short-stay residents.  In addition, nursing home residents have become more ethnically diverse, which emphasizes the need for full implementation of advance directives and individualized care, CMS says.

The guidance states that nursing homes must ensure that CPR-certified staff is available at all times to provide CPR when needed.  However, CMS does not address which agencies can certify nursing home staff in CPR.  Because CMS refers to the AHA’s standards, it is likely that CMS would deem AHA CPR certification acceptable.

Access and Visitation Rights: CMS has issued a reminder concerning the right of nursing home residents to receive visitors.  S&C Memorandum No. 13-42-NH.  Nursing homes must provide 24-hour access to all individuals visiting with the resident’s consent.  However, certain visitors can be subject to reasonable restrictions designed to protect the security of all residents in the facility, such as denying access to individuals who engage in disruptive behavior.  Because CMS is reminding surveyors to ask during resident and family interviews if they understand that visitors are allowed 24 hours per day, nursing homes should review their visitation policies, as well as the implementation of these policies, to ensure that visits are not being limited or restricted against residents’ wishes, unless there is a reasonable restriction.

Naso-Gastric Tubes: CMS has revised surveyor guidance relating to naso-gastric tubes by expanding and clarifying the definition of naso-gastric tubes.  S&C Memorandum No. 13-17-NH.  Since CMS issued the regulation relating to naso-gastric tubes, found at 42 C.F.R. § 483.25(g), their use has become extremely rare, while the use of other types of enteral feeding tubes has become prominent.  The surveyor guidance expands the definition of naso-gastric tubes to include any feeding tube used to provide enteral nutrition to a resident by bypassing oral intake, such as a gastrostomy tube, jejunostomy tube, and a transgastric jejunal feeding tube.  Nursing homes should review their policies and procedures to ensure compliance with 42 C.F.R. § 483.25(g) for all residents who receive nutrition other than through oral intake.

Dementia Care: CMS has issued surveyor guidance relating to nursing home residents with dementia.  S&C Memorandum No. 13-35-NH.  The guidance expresses concern about the practice of using psychopharmacological medications to try to address behaviors without first determining whether there is a medical, physical, functional, psychological, emotional, psychiatric, social, or environmental cause.  CMS has created surveyor training about behavioral health and dementia care and updated the interpretative guidance in Appendix PP.  Based on the increased scrutiny of residents with dementia and the use of medications, nursing homes should review dementia care practices, including ensuring that medications, such as antipsychotics, are being used with adequate rationale.

Apparently nursing homes are doing a good job decreasing the use of antipsychotic drugs.  Several months after CMS issued its surveyor guidance on dementia care and drug use, it issued a press release stating that new data show that antipsychotic drug use is down in nursing homes nationwide.  The data show that nursing homes are using antipsychotic drugs less and pursuing more patient-centered treatment for residents with dementia and other behavioral health issues.

Image courtesy of Flickr by Sima Dimitric

Filed under Medicaid, Medicare, Nursing Home Regulations

OIG Report Criticizes OCR’s HIPAA Enforcement Efforts

By on December 31, 2013

The Office of Inspector General for the U.S. Department of Health & Human Services (OIG) issued a Nov. 21, 2013, report criticizing the HIPAA enforcement efforts of the Department of Health & Human Services Office for Civil Rights (OCR).  The report’s title nicely summarizes the OIG’s findings:  “The Office for Civil Rights Did Not Meet All Federal Requirements in its Oversight and Enforcement of the Health Insurance Portability and Accountability Act Security Rule.” 

Examining oversight and compliance efforts in Washington, D.C., and Atlanta between July 2009 and May 2011, the OIG found that OCR did not meet federal requirements for the oversight and enforcement of the HIPAA security rule.  According to the OIG’s report, OCR continued to follow a complaint-driven approach to its compliance efforts and did not provide for periodic audits.  In addition, the OIG found that OCR’s investigation files did not contain required documentation supporting key decisions. 

Notably, when the OIG examined OCR’s computer systems in May 2011, the OIG found that OCR had not fully complied with federal cybersecurity requirements for its information systems used to process and store investigation data. 

The OIG made several recommendations to OCR, including that it provide for periodic audits of covered entities to ensure compliance with HIPAA’s security rule.  It is possible that the report will result in increased audits of covered entities.  Thus, covered entities should assess their HIPAA compliance efforts, including conducting a risk analysis.

Filed under HIPAA

Newer posts