Part 521 of Title 18 of the New York State Codes, Rules, and Regulations (NYCRR)

Details on the regulations governing Compliance Programs in New York State.

Part 521 of Title 18 NYCRR outlines the regulatory components for provider compliance programs in New York State. Here are the key elements:

Scope and Applicability

The regulations apply to "Required Providers," which include

  • Organizations subject to Articles 28 or 36 of the Public Health Law
  • Organizations subject to Articles 16 or 31 of the Mental Hygiene Law
  • Providers who receive or claim at least $1,000,000 in Medicaid revenue in a 12-month period
  • Medicaid Managed Care Organizations

Core Components of Compliance Programs

Required Providers must implement compliance programs with the following elements

Written Policies and Procedures

  • Articulate commitment to comply with federal and state standards
  • Describe compliance expectations and standards of conduct
  • Document structure and operation of the compliance program
  • Provide guidance on dealing with potential compliance issues
  • Outline disciplinary policies and non-retaliation protections

Compliance Officer and Committee

  • Designate a compliance officer responsible for day-to-day operations
  • Establish a compliance committee comprised of senior managers
  • Committee must meet at least quarterly and have a written charter

Training and Education

  • Implement annual compliance training for all "Affected Individuals"
  • Training must cover risk areas, policies, reporting procedures, etc.
  • Develop and maintain a Training Work Plan

Lines of Communication

  • Establish systems to receive compliance reports, including anonymous reports
  • Publicize reporting methods to all Affected Individuals and Medicaid recipients

Disciplinary Policies

  • Implement policies to encourage compliance program participation
  • Outline sanctions for non-compliant behavior or failure to report issues

Auditing and Monitoring

  • Conduct routine audits and monitoring of compliance risks
  • Perform annual review of compliance program effectiveness
  • Develop annual compliance work plan

Response and Prevention

  • Implement systems to investigate potential compliance problems
  • Respond to compliance issues and implement corrective action
  • Report issues to OMIG and refund overpayments as required

Additional Requirements

  • Conduct exclusion screening checks at least every 30 days
  • Retain compliance program records for at least 6 years
  • Submit annual compliance program certification to the Department of Health
  • Ensure compliance program addresses specific risk areas outlined in regulations

The regulations provide detailed expectations for each of these components to guide providers in developing and maintaining effective compliance programs. Enforcement of these updated regulations began on March 28, 2023.

____________________________

Need help? Visit www.waivergroup.com or call 302.888.9172