Effective Feb. 1 st, 2019, CMS issued the following Memorandum Summary:
Emergency Preparedness Requirements for Medicare and Medicaid Participating Providers and Suppliers:
On Sept. 16 th , 2016, the Emergency Preparedness Requirements for Medicare and Medicaid Participating Providers and Suppliers (Emergency Preparedness Rule) final rule was published in the Federal Register (81 Fed. Reg. 63860).
Healthcare providers and suppliers affected by the rule were required to comply and implement all regulations by November 15 th , 2017.
We are updating Appendix Z of the SOM to reflect changes to add emerging infectious diseases to the definition of an All-Hazards approach, new Home Health Agency (HHA) citations and clarifications under alternate source power and emergency standby systems.
The Emergency Preparedness Rule is a Condition of Participation/Condition for Coverage which covers the requirement for facilities to have an emergency preparedness program which covers the following:
- Emergency Plans
- Policies & Procedures
- Communications and Staff Training.
Requirements in Appendix Z are focused on three key essentials: Safeguarding human resources; Maintaining business continuity and Protecting physical resources.
Questions for Participants
- Do you have an Emergency Operations Committee? Who is on the committee? How
often does it meet?
- Do you have an Emergency Operations Plan? Is it reviewed and updated annually?
- Do you have a Risk Assessment or Hazard Vulnerability Assessment? Is it reviewed and
updated annually? Does it answer these core questions:
- What are the threats and hazards that the organization faces?
- What are the characteristics of the threats and hazards (how may the threat and hazard
affect the organization)?
- What is the likelihood of occurrence for the threat or hazard?
- What would be the overall risk value for the threat or hazard
- Do you have a Business Continuity Plan (BCP)? Is it reviewed and updated annually?
- Does it contain a Business Impact Analysis (BIA)?
- Does it contain a Business Process Analysis (BPA)?
- Does it have a Succession Plan? Have Key Employees been identified?
- Have Mission Essential Functions been identified?
- Do you have an IT Disaster Recovery Plan? Is it reviewed and updated annually?
- a. Do you have any Cloud applications? How are those applications backed up in case of a disaster?
- Do you have critical data being stored onsite? Do you have offsite backup for your data? How is it being backed up in case of an emergency?
- If your facility is damaged, do you have a location identified as an alternate location to work from? What access do you have?
- Do you have a Communications Plan? Is it reviewed and updated annually?
- What are your Primary methods of communication with your employees and patients/clients?
- What is your Secondary/Backup method of communication?
- Do you have a Tertiary method of communication?
- Do you have a Training and Testing Plan? How often is it reviewed and updated?
- Do you have training records for your employees?
- Do you conduct drills or exercises on an annual basis? You are required to hold at least two exercises annually to meet the CoP; one of those being a Community-wide event? Have you participated in one?
- Do you have a Continuity of Operations Plan (COOP) for long-term recovery? Is it reviewed and updated annually? Does it cover these core functions:
- What are the Mission Essential Functions (MEF’s)?
- Are there Orders of Succession?
- Are there Delegations of Authority?
- Are there Continuity Facilities identified?
- Is there Continuity of Communications?
- How will Vital Records be maintained?
- Has Key Human Capital been identified?
- Have there been Tests, Training and Exercises for validation?
- Has Devolution of Control and Direction been identified?
- Has Reconstitution been identified?