Ohio Admin. Code 173-39-02 - ODA provider certification: requirements for providers to become, and to remain, certified

Introduction: This rule presents requirements for every type of provider to become, and to remain, certified. For agency and assisted living providers, the requirements in this rule include requirements for each provider's employees.

(A) Requirements for every type of provider to become certified:
(1) Qualifications: The provider shall meet all of the following:
(a) Any qualification (e.g., licensure, training requirements, staffing levels) required by this chapter.
(b) Any qualification (e.g., licensure, certification, registration) required by applicable federal, state, and local laws, including the requirement under 45 C.F.R. Part 162 to have a national provider identifier (NPI), if applicable.
(2) Criminal records checks and database reviews: The provider shall comply with sections Sections 173.38 and 173.381 of the Revised Code and Chapter 173-9 of the Administrative Code establish the requirements for criminal records checks and database reviews. Rule 173-9-02 of the Administrative Code lists exceptions to the applicability of those requirements. The provider shall also comply with rule Rule 5160-1-17.8 of the Administrative Code establishes additional provider screening requirements for participation in a medicaid-funded program.
(3) Business site:
(a) The provider shall maintain a business site(s) from which to conduct business, unless the provider is a participant-directed provider.
(b) The provider's business site(s) for providing services shall meet are subject to the HCBS setting requirements in rule 5160-44-01 of the Administrative Code. A Additionally, any such business site used for providing ADS or assisted living services may be subject to federal heightened scrutiny under 42 C.F.R. 441.301(c)(5)(v) and rules 173-39-03 and 173-39-03.1 of the Administrative Code.
(c) Each business site in which the provider retains records (e.g., headquarters, regional offices) shall have a designated, locked storage space for retaining records that is accessible to ODA and its designee, HHS, the state auditor's office, and ODM.
(4) Contact information: The provider shall have a valid email address and telephone number.
(5) Insurance: The provider shall have the following, unless the provider is a participant-directed provider:
(a) A minimum of one million dollars in commercial liability insurance, which includes coverage for individuals' losses due to theft or property damage. In lieu of commercial liability insurance, a non-agency provider may have a minimum of one million dollars in professional liability insurance, which includes coverage for individuals' losses due to theft or property damage.
(b) Written instructions any individual may use to obtain payment for loss due to theft or property damage caused by the provider, or if applicable, the provider's employee.
(6) Provider agreements: The provider shall enter into, comply with, and maintain an active status with the following:
(a) A medicaid-provider medicaid provider agreement, as required by under rules 5160-1-17.2 and 5160-1-17.4 of the Administrative Code.
(b) A provider agreement with ODA's designee for the region in which the provider seeks certification to provide services pursuant to rule 173-39-03 of the Administrative Code.
(7) Incident reporting: The provider shall have a written or electronic policy on documenting incidents which complies with paragraph (B)(3)(b) of this rule.
(8) Electronic visit verification (EVV): The provider shall have an ODM-approved EVV system in place compliant with rule Rule 5160-1-40 of the Administrative Code, if that rule requires the provider to do so establishes the requirements for certain providers to have an ODM-approved EVV system in place.
(B) Requirements for every type of provider to remain certified:
(1) Continuation: The provider shall remain in compliance with all requirements under paragraph (A) of this rule.
(2) Service-related: For any service ODA certified the provider to provide furnish, the provider shall report all reportable mandatory reporting items to verify the service to ODA or its designee and comply with any rule in this chapter regulating the provision of the service. If the provider's only means to comply with service-verification requirements in those rules is to collect the individual's handwritten or electronic signature (or electronic or handwritten initials), the provider may collect the individual's handwritten or electronic signature (or electronic or handwritten initials) on a date later than the date of service. If there is any conflict between this paragraph and a rule in this chapter, this paragraph overrides the conflicting requirement in another rule of this chapter.
(3) Reporting:
(a) APS: Section 5101.63 of the Revised Code, as applicable, requires establishes a requirement for the provider to report any reasonable cause to believe an individual suffered abuse, neglect, or exploitation to the local adult protective services program. The provider shall also notify ODA or its designee within one business day after becoming aware of the reasonable cause.

(b) Incidents: The provider shall notify ODA or its designee of an incident no later than one business day after the provider is aware of the incident.

(c)(b) Significant changes: The provider shall notify ODA or its designee no later than one business day after the provider is aware of any significant change that may affect the individual's service needs or safety, including one or more of the following:
(i) The provider does not provide an authorized service at the time, or for the period of time, authorized by ODA's designee.
(ii) The individual moves to another address.
(iii) The individual's repeated refusal of services.
(iv) Any incident that is subject to the incident-reporting requirements in rule 5160-44-05 of the Administrative Code.
(iv)(v) There is a Any other significant change in the individual's physical, mental, or emotional status; or the individual's environment; that affects the individual's service needs or, safety.
(d)(c) Contact information: The provider shall notify ODA or its designee of any change in the provider's telephone number, mailing address, or email address within seven days after the change.
(e)(d) Last day of service: Unless the provider is an assisted living provider, the provider shall notify the individual and ODA's designee in writing at least thirty days before the last day the provider provides services to the individual, unless one or more of the following occurs:
(i) The individual has been hospitalized, placed in a long-term care facility, or is deceased.
(ii) The health or safety of the individual or provider is at serious, imminent risk.
(iii) The individual chooses to no longer receive services from the provider.
(4) Confidentiality: The provider is subject to all state and federal laws and regulations governing individual confidentiality including sections 5160.45 to 5160.481 of the Revised Code, 42 C.F.R. 431.300 to 431.307, and 45 C.F.R. parts 160, 162, and 164.
(5) Legally-responsible family members: The provider shall not provide a service to an individual if the provider is the individual's spouse, parent, step-parent, legal guardian, power of attorney, or authorized representative. During a state of emergency declared by the governor or a federal public health emergency, a provider may provide a service to an individual if the provider is the individual's spouse, parent, or step-parent. The period in which a spouse, parent, or stepparent is qualified to provide a service to an individual during a state of emergency declared by the governor or a federal public health emergency ends when the provider's medicaid provider agreement is terminated.

(6) Volunteers:

(a)(6) Volunteers: For agency and assisted living providers, the The provider shall not allow a volunteer to provide any service ODA certified the provider to provide unless the volunteer is supervised by supervise the provider's supervisory staff volunteers.

(b) For non-agency providers, the provider shall not allow a volunteer to provide any service ODA certified the provider to provide unless ODA's designee authorizes the provider to do so.

(c) For participant-directed providers, the provider shall not allow a volunteer to provide any service ODA certified the provider to provide unless ODA's designee and the individual authorize the provider to do so.

(7) Person-centered planning: The provider shall comply with is subject to the personcentered planning requirements in rule 5160-44-02 of the Administrative Code.
(8) Ethical, professional, respectful, and legal service standards: The provider shall not engage in any unethical, unprofessional, disrespectful, or illegal behavior including the following:
(a) Consuming alcohol while providing services to the individual.
(b) Consuming medicine, drugs, or other chemical substances in a way that is illegal, unprescribed, or impairs the provider from providing services to the individual.
(c) Accepting, obtaining, or attempting to obtain money, or anything of value, including gifts or tips, from the individual or his or her household or family members.
(d) Engaging the individual in sexual conduct, or in conduct a reasonable person would interpret as sexual in nature, even if the conduct is consensual.
(e) Leaving the individual's home when scheduled to provide a service for a purpose not related to providing the service without notifying the agency supervisor, the individual's emergency contact person, any identified caregiver, or ODA's designee.
(f) Failing to cooperate with or Treating treating ODA or its designee disrespectfully respectfully.
(g) Engaging in any activity while providing a service that may distract the provider from providing the service as authorized, including the following:
(i) Watching television, movies, videos, or playing games on computers, personal phones, or other electronic devices whether owned by the individual, provider, or the provider's staff.
(ii) Non-care-related socialization with a person other than the individual (e.g., a visit from a person who is not providing care to the individual; making or receiving a personal telephone call; or, sending or receiving a personal text message, email, or video).
(iii) Providing care to a person other than the individual.
(iv) Smoking tobacco or any other material in any type of smoking equipment, including cigarettes, electronic cigarettes, vaporizers, hookahs, cigars, or pipes.
(v) Sleeping.
(vi) Bringing a child, friend, relative, or anyone else, or a pet, to the individual's place of residence.
(vii) Discussing religion or politics with the individual and others.
(viii) Discussing personal issues with the individual or any other person.
(h) Engaging in behavior that causes, or may cause, physical, verbal, mental, or emotional distress or abuse to the individual including publishing photos of the individual on social media without the individual's written or electronic consent.
(i) Engaging in behavior a reasonable person would interpret as inappropriate involvement in the individual's personal relationships.
(j) Making decisions, or being designated to make decisions, for the individual in any capacity involving a declaration for mental health treatment, power of attorney, durable power of attorney, guardianship, or authorized representative.
(k) Selling to, or purchasing from, the individual products or personal items, unless the provider is the individual's family member who does so only when not providing services.
(l) Consuming the individual's food or drink, or using the individual's personal property without his or her consent.
(m) Taking the individual to the provider's business site, unless the business site is an ADS center, RCF, or (if the provider is a participant-directed provider) the individual's home.
(n) Engaging in behavior constituting a conflict of interest, or taking advantage of, or manipulating services resulting in an unintended advantage for personal gain that has detrimental results to the individual, the individual's family or caregivers, or another provider.
(9) Training: The provider shall participate in ODA's or its designee's mandatory free provider training sessions.
(10) Records and monitoring:
(a) Records retention:
(i) Service records: The provider shall retain all records necessary (including activity plans, assessments (if required), permits (if required), and all reportable information mandatory reporting items to verify an episode of service), and in such form, so as to fully disclose the extent of the services the provider provided, and significant business transactions, until all of the following periods of time have passed:
(a) Six years after the date the provider receives payment for the service.
(b) The date on which ODA, its designee, ODM, or a duly-authorized law enforcement official concludes a review of the records and any findings are resolved.
(c) The date on which the auditor of the state of Ohio, the inspector general, or a duly-authorized law enforcement official concludes an audit of the records and any findings are resolved.
(ii) Employee Qualification records: The Each provider shall retain all records regarding the provider's or an employee's background checks and qualifications to provide a service (including records on initial qualifications and successful completion of orientation and subsequent training (if required)) for the duration of the provider's certification or the duration of their the employee's employment and for six years after the provider is no longer certified or no longer retains the employee. Qualification records include records on background checks, initial qualifications, orientation, and training.
(iii) Electronic records: The provider may use an electronic system to collect or retain records.
(b) Compliance reviews: The provider shall participate in good faith, and assist ODA and its designee with scheduling, in any compliance reviews under rule 173-39-04 of the Administrative Code and assist ODA and its designee with scheduling those reviews.
(c) Access: The provider shall, upon request, immediately provide representatives of ODA, or its designee, HHS, the state auditor's office, and ODM with access to its business site(s) during the provider's normal business hours, a place to work in its business site(s), and access to policies, procedures, and records for each unit of service billed.
(11) Payment:
(a) The provider shall may bill only for a service only if the provider complies with the requirements under all applicable laws, rules, and regulations, including service-verification requirements.
(b) ODA's obligation to pay the provider for the costs of services the provider provides provided as a certified provider is subject to the hold and review process described in rule 5160-1-27.2 of the Administrative Code.
(c) The provider shall accept the payment rates established in its provider agreement with ODA's designee as payment in full for the services it provides, and not seek any additional payment for services from the individual or any other person.
(d) The provider may provide a service not authorized by the individual's person-centered services plan, but ODA (or its designee) shall only pay the pays a provider only for providing services authorized by the individual's person-centered services plan.
(12) Other laws: The provider shall comply with is subject to all applicable federal, state, and local laws, rules, and regulations and is responsible for ensuring all subcontractors comply with all applicable federal, state, and local laws, rules, and regulations.
(13) Rules updates: The provider shall subscribe to receive email updates on ODA's rules on https://aging.ohio.gov.
(C) Requirements for specific types of providers to become certified:
(1) Agency providers:

(a) Experience: On the day the provider applies to become certified by ODA, the provider shall provide records to ODA verifying the provider has at least three months of experience providing the specific service for which it seeks certification from ODA to at least two Ohio adults in a HCBS setting. The provider's experience shall include all of the following related to providing those services:

(i) The provider was a business entity with an active registration from the Ohio secretary of state.

(ii) The provider invoiced and was paid for providing the services.

(iii) Evidence that the services occurred during the twelve months preceding the day the provider applies to become certified by ODA.

(b)(a) Identifying key persons: Disclosures: The provider shall disclose the following:
(i) The name of any person with an ownership interest in the provider.
(ii) The name of any person with an ownership interest in the provider who was convicted of a felony under a state or federal law.
(iii) A table of organization clearly identifying lines of administrative, advisory, contractual, and supervisory responsibilities.
(iv) The active registration as a business entity with the Ohio secretary of state.
(c)(b) Statements: The provider shall provide ODA or its designee with statements on the following:
(i) The purpose of the provider's business.
(ii) The provider's compliance with 45 C.F.R. 80.4 regarding the provision of services.
(iii) The provider's compliance with the Equal Employment Opportunity Act of 1972, federal wage-and-hour laws, and workers' compensation laws regarding the recruitment and employment of persons.
(iv) The provider's payment of all applicable federal, state, and local income and employment taxes for the most recent year.
(d)(c) Policies: The provider shall have written policies, bylaws, or articles of incorporation ( or an electronic record of written policies, bylaws, or articles of incorporation) . Additionally, if the provider has a governing board, the provider shall have written bylaws or an electronic record of written policies; and, if the provider is incorporated, the provider shall have written articles of incorporation or an electronic record of written policies. The policies, bylaws, or articles of incorporation shall that include requirements for its employees to provide services in a manner compliant with paragraph (B)(8) of this rule.
(2) Non-agency providers: The provider shall provide a statement to ODA or its designee certifying that he or she paid all applicable federal, state, and local income and employment taxes.
(3) Participant-directed providers: A person may qualify to become a participant-directed provider only if the person meets the requirements in rule 173-39-02.4 of the Administrative Code.

(a) Age: The provider shall be at least eighteen years of age.

(b) Identification: The provider shall have a valid social security number and at least one of the following current, valid, government-issued, photographic identification cards:

(i) Driver's license.

(ii) State of Ohio identification card.

(iii) United States of America permanent resident card.

(c) Communication:

(i) The provider shall read, write, and understand English at a level that enables the provider to comply with this rule and any rule in this chapter to which the provider is subject.

(ii) The provider shall be able to effectively communicate with the individual.

(4) Assisted living providers:
(a) Preemption: The provider shall acknowledge that any statute governing, or rule regulating, the assisted living program supersedes any clause in the RCF's resident agreement.
(b) License: The provider shall have an RCF license issued under Chapter 3701-16 of the Administrative Code and comply with section 3721.121 of the Revised Code.
(c) Identifying key persons: The provider shall disclose the following:
(i) The name of any person with an ownership interest in the provider.
(ii) The name of any person with an ownership interest in the provider who was convicted of a felony under a state or federal law.
(iii) A table of organization clearly identifying lines of administrative, advisory, contractual, and supervisory responsibilities.
(d) Statements: The provider shall provide ODA or its designee with statements on the following:
(i) The provider's compliance with 45 C.F.R. 80.4 regarding the provision of services.
(ii) The provider's compliance with the Equal Employment Opportunity Act of 1972, federal wage-and-hour laws, and workers' compensation laws regarding the recruitment and employment of persons.
(e) Policies: The provider shall have written policies, bylaws, or articles of incorporation ( or an electronic record of policies, bylaws, or articles of incorporation) . Additionally, if the provider has a governing board, the provider shall have written bylaws or an electronic record of bylaws; and, if the provider is incorporated, the provider shall have written articles of incorporation or an electronic record of articles of incorporation. The policies, bylaws, or articles of incorporation shall that include the following:
(i) Ethical, professional, respectful, and legal service provision: In A requirement for the residents' rights policy that the provider adopts to comply with under section 3721.12 of the Revised Code, the provider shall require its employees to comply with to apply the prohibition against unethical, unprofessional, disrespectful, or illegal behavior under paragraph (B)(8) of this rule to its employees.
(ii) Abuse, neglect, and exploitation: To comply with paragraph (B)(3)(a) of this rule, in A requirement for the policy that the provider adopts under rule 3701-64-02 of the Administrative Code on reporting abuse, neglect, or exploitation to ODH, the provider shall also require reporting to apply the requirement under paragraph (B)(3)(a) of this rule to report abuse, neglect, or exploitation to ODA or its designee to its employees.
(iii) Incident reporting: To comply with paragraph (A)(7) of this rule, in A requirement for the policy that the provider adopts under paragraph (B) of rule 3701-16-12 of the Administrative Code, the provider shall also require reporting to apply the requirement under paragraph (B)(3)(b) of this rule to report incidents to ODA or its designee according to paragraph (B)(3)(b) of this rule to its employees.
(D) Requirements for specific types of providers to remain an ODA-certified provider:
(1) Agency providers: The provider shall remain in compliance with all requirements under paragraphs (B) and (C)(1) of this rule.
(2) Non-agency providers: The provider shall remain in compliance with all requirements under paragraphs (B) and (C)(2) of this rule.
(3) Participant-directed providers:
(a) Continuation: The provider shall remain in compliance with all requirements under paragraphs (B) and (C)(3) of this rule.
(b) Records retention: In addition to the records-retention requirements under paragraph (B)(10)(a) of this rule, the provider shall store the individual's records in the home of the individual in a physical location or an electronic device that is accessible to the provider, individual, and ODA or its designee.
(4) Assisted living providers:
(a) Continuation: The provider shall remain in compliance with all requirements under paragraphs (B) and (C)(4) of this rule.
(b) Payment:
(i) The assisted living program shall does not pay for any service the provider provides to an individual before ODA's designee enrolls the individual into the program and before ODA's designee authorizes the service in the individual's person-centered services plan.
(ii) If an individual is absent from the RCF, the provider shall not accept a payment for the service under rules 173-39-02.16 and 5160-33-07 of the Administrative Code or charge the individual an additional fee for the service or to hold the unit during the individual's absence.
(c) Transfers/discharges: The provider shall transfer or discharge an individual under the terms of section Section 3721.16 of the Revised Code establishes the terms for transferring or discharging an individual.
(d) Last day of service: If the provider terminates its medicaid-provider agreement, pursuant to section 3721.19 of the Revised Code, it shall provide written notification to the individual and to ODA's designee at least ninety days before terminating the provision of services to the individual.

(E) ODA may certify a provider that was previously certified by ODA, but voluntarily withdrew its certification, but shall not certify a provider if ODA previously revoked the provider's certification with ODA.

Notes

Ohio Admin. Code 173-39-02
Effective: 7/1/2023
Five Year Review (FYR) Dates: 4/14/2023 and 06/30/2028
Promulgated Under: 119.03
Statutory Authority: 121.07, 173.01, 173.02, 173.391, 173.52, 173.522, 173.54, 173.543
Rule Amplifies: 173.39, 173.391, 173.52, 173.522, 173.54, 173.543; 42 CFR 441.352
Prior Effective Dates: 03/31/2006, 04/26/2009, 10/19/2009, 08/30/2010, 03/17/2011, 01/01/2013, 07/01/2014, 07/01/2016, 07/01/2019, 06/11/2020 (Emer.), 11/08/2020, 04/04/2022

State regulations are updated quarterly; we currently have two versions available. Below is a comparison between our most recent version and the prior quarterly release. More comparison features will be added as we have more versions to compare.


No prior version found.