Planning eases compliance with CMS emergency preparedness rule

As of November of 2017, healthcare providers—including ambulatory surgery centers (ASCs)—receiving reimbursement from the Centers for Medicare & Medicaid Services (CMS) were expected to comply with the 2016 Emergency Preparedness Requirements. And as with most government regulations, there are multiple pages of instructions to dissect and understand to satisfy the requirements.

“Has anyone read the new CMS regulations for emergency preparedness?” Pat Ewald, RN, asked attendees at the 2018 Ambulatory Surgery Center Association (ASCA) conference. “It is like reading War and Peace, but upside down and backward.” Ewald is one of the clinical liaisons to United Surgical Partners, International, for ASCs and surgical hospitals in the Dallas/Fort Worth, Texas, region.

Congress passed the first Pandemic and All Hazards Preparedness Reauthorization Act in 2006, in the wake of Hurricane Katrina, to enable the federal government to support communities in preventing, preparing for, and responding to the adverse health effects of public health emergencies and disasters. Since that time, the programs and partnerships under the act have made significant progress in fostering a more resilient nation.

Hurricane Katrina was the landmark moment for healthcare systems across the country as they watched facilities struggle to provide care for their own patients as well as those injured from the hurricane-force winds and ensuing floods. Administrators and clinicians realized they had better be prepared if a disaster on the scale of Katrina should someday come their way too, Ewald says.

The intent of the CMS requirements is for healthcare systems to work together with community, state, and federal organizations should a disaster occur, says Andrea Bishop, RN, project manager for emergency preparedness for northeast Ohio, Center for Health Affairs, told OR Manager. This article contains a list of key requirements, all of which should be reviewed and updated at least annually.

Fortunately, ASC administrators and managers do not need to start from scratch to comply with the new CMS requirements. Ewald and Bishop suggest reaching out to other healthcare systems and organizations that most likely already have well-established emergency plans in place.

Many states are developing healthcare coalitions that ASCs can join or that can provide other states with emergency preparedness information, Bishop says.

Wisconsin, for example, has a wealth of ASC-specific information thanks to its seven healthcare emergency readiness coalition regions. According to its website, the coalitions have coordinated how public health, healthcare institutions, and first responder agencies, such as police, fire, and emergency medical services, will manage their efforts to enact a uniform and unified response to an emergency, including a mass casualty or other catastrophic event. (For a list of resources, see sidebar right).

The ASCA conference was held in Boston just days before the fifth anniversary of the Boston Marathon terrorist bombing, which tested the readiness of most of the city’s hospitals. CMS wants ASCs to be prepared should an overwhelming man-made or natural disaster occur in their community, too.

CMS requirements consist of the following key elements:

Risk assessment and emergency planning (including but not limited to)

hazards likely in geographic area
care-related emergencies
equipment and power failures
interruption in communications, including cyberattacks
loss of all/portion of facility
loss of all/portion of supplies

plan complies with federal and state laws
system contacts staff, including patients, physicians, other necessary persons
plan is well coordinated within the facility, across healthcare providers, and with state and local public health departments and emergency management agencies
ASCs do not need to provide occupancy information
ASCs are not required to develop arrangements with other ASCs and other providers to receive patients in the event of limitations or cessation of operations
ASCs are not required to include the names and contact information for other ASCs in their communication plan.

Policies and procedures must address a range of issues, including subsistence needs, evacuation plans, procedures for sheltering in place, and tracking patients and staff during an emergency.

Develop and implement policies and procedures based on the emergency plan, risk assessment, and communication plan.
System tracks on-duty staff and sheltered patients during the emergency—if an ASC is able to cancel surgeries and close, this requirement is not applicable.

Plan complies with federal and state laws.

Risk assessment and emergency planning (include but not limited to):

develop and maintain training and testing programs, including initial training in policies and procedures, and demonstrate knowledge of emergency procedures and provide training at least annually or initial training in emergency preparedness policies and procedures to all new and existing staff, individuals providing services under arrangement, and volunteers, consistent with their expected role
provide emergency preparedness training at least annually
maintain documentation of all emergency preparedness training and testing
demonstrate staff knowledge of emergency procedures
annually participate in a full-scale facility-based exercise and additional exercise of facility choice (community-based drill not required).

The CMS-required all-hazards approach for assessment and planning means predicting anything that can happen outside of the facility over which there is no control, as well as for the events that can happen inside, such as a loss of power or fire, over which there is more control, Ewald says.

The planning for natural or man-made disasters is done by performing a hazard vulnerability analysis (HVA) of the possible natural and man-made disasters that could possibly occur to an ASC based on a variety of factors, such as geography, physical location, and past history of disasters.

A plan of mitigation then needs to be tailored for each disaster identified by the HVA. Possible disasters include:

pandemic flu (eg, H1N1 influenza virus)
hurricanes
tornadoes
fires
earthquakes
power outages
chemical spills
nuclear or biological terrorist attack.

“Ask yourself, what is pertinent to my location? What disasters have occurred in previous years and decades? What is the probability of something happening again? And if it happens again, how bad could it be?” Ewald says.

The possible events must then be ranked according to the potential threat to life or health, disruption of services, financial impact, failure possibilities, and legal issues. The emergency preparedness plan should focus on those disasters most likely to occur in and around your ASC.

For example, tidal waves could not occur in the Midwest, so such events do not need to be in the disaster plans for Illinois, Indiana, and other Midwest states. On the Pacific Coast, tsunamis are a rare but distinct possibility and, in the West, wildfires are a common phenomenon.

The goal of a response plan is to reduce the loss of life and property by lessening the impact of future disasters. If your ASC already has an emergency plan, assess whether you need a new one or if it needs to be revised. Planning should include how your ASC will continue to operate during an emergency or if it even should.

Ewald says points to consider include:

what business functions are necessary during an emergency
a staffing strategy accounting for whether the ASC needs more staff or less, depending on the situation
a plan to contact staff when needed
any services your ASC would be able to provide for the local community
how you will continue documentation if computers are not working.

ASCs must determine what would happen if the center’s key people are not available during an emergency, Ewald says. Alternates must be selected and designated through written authorization and be made part of the plan.

Communication is the foundation upon which every type of emergency response is built, Ewald says. During the Boston Marathon bombing, for example, staff at the city’s hospitals learned the value of texting to communicate quickly with key members of their disaster response teams, along with the use of social media, to find out what was happening at the terrorist site and other areas even before the media.

Communication includes coordinating patient care within the facility, across healthcare providers, and with state and local public health departments and emergency management systems.

Two reliable forms of communication must be available so that you can communicate internally and outside the facility if you need support. This type of planning requires old-school thinking, Ewald says, such as using walkie talkies or finding any ham radio enthusiasts in your area. Don’t rely solely on the most advanced technology available to record this vital information. Have paper lists of staff contacts available and other pertinent information in your plan.

Consider how you will share medical records and patient information if patients are discharged or remain at the ASC, Ewald says. HIPAA Privacy Rule considerations are still required. The HIPAA-At-A Glance Disclosure Decision Flowchart is available on the CMS website.

Policies and procedures for each ASC must be based on the risk assessment and align with identified hazards, Ewald says. They can be incorporated into the plan or compiled in a separate document.

Training should be done for each new hire and continue through the year, Bishop says. ASC employees must be able to demonstrate knowledge of emergency procedures.

Both Ewald and Bishop say training and testing need to be cyclical, and CMS requires two testing exercises each year:

a full-scale, facility-based exercise that simulates an emergency or disaster
a tabletop exercise that includes a group discussion led by a facilitator, using a narrated, clinically relevant emergency scenario, and a set of problem statements, directed messages, or prepared questions designed to challenge an emergency plan.

Full compliance with emergency requirements may seem daunting, but CMS offers one reprieve: An ASC that responds to a significant disaster need not conduct training for 1 full year following the event, Ewald says.

“If you think about the regulations with a collective groan, then you will never do it well,” Ewald says. “Think about your neighbors instead. It’s about doing the right thing at the right time.” ✥

Reference
Ewald P. An All-Hazards Approach to CMS Emergency Preparedness. Presented at ASCA 2018.