Rules for Missouri Ambulance Districts

XIX. Ambulance Services

AD rules and regulations for ambulance services

There are many laws (190.0601[3]; 190.060.1[4]; 190.060.1[7]; 190.250; 190.827) regarding an AD’s power to fix, charge and collect reasonable fees and compensation for operation, management or the use of ambulance services. And this all must be done according to AD rules and regulations properly adopted by the AD board, that is, through resolutions and ordinances and prior to any billed services provided. What the AD board adopts must be consistent with federal and state laws, rules and regulations. An AD also needs to ensure its rules and regulations for ambulance services render the highest quality of emergency medical care and without discrimination (190.060.1[7]; 190.105.12; 191.665; Chapter 213), although those who willfully disregard any established AD rules and regulations may be excluded by the AD (190.060.1[7]).

Many of the AD rules and regulations regarding ambulance services may involve medical direction (see Medical direction under this chapter for more information about medical direction).

Health insurance carriers and managed care plans must pay benefits directly to ambulance services and emergency medical response agencies (190.205.1) and cannot prohibit or discourage the use of the 9-1-1 emergency telephone system to avoid using ambulance services when there is an emergency (190.205.2).

When collecting for claims, by law (190.250), ambulance services also have the same rights granted to hospitals regarding liens for the cost of services upon any and all claims, counterclaims, demands, suits or rights of action of anyone receiving treatment, excluding workers compensation claims, but “including any personal injury as the result of the negligence or wrongful act of another, which such injured person may have, assert or maintain against the person or persons causing such injury for damages on account of such injury”.

Public ambulance services by law (190.827) may also receive additional revenue in the form of reimbursement payments from the Missouri Department of Health and Senior Services (DHSS) if the ambulance service has a Missouri HealthNet participation agreement. This “MO HealthNet” revenue is the result of a special tax that private ambulance organizations pay for the privilege of being able to provide ambulance services in Missouri. Public ambulance services, such as an AD, are required to keep certain records to determine the amount of its reimbursement payment and report such information to the DHSS (190.806).

Federal and state rules and regulations for ambulance services

ADs must follow all the state laws, rules and regulations regarding medical licensing of ambulances (19 CSR 30-40.309), which includes the license (190.105), insurance (190.120), equipment and staffing. For instance, ambulances staffed with volunteer staff must also have an EMT and at least one other crew member who has first responder certification, at a  minimum (190.094).

(See Chapter XIV. Training, Physical fitness and Equipment for more information on EMT and paramedic training, physical fitness and providing staff uniforms and equipping ambulances, including automated external defibrillators and epinephrine auto-injectors).

(See Licenses and certifications under this chapter for information on medical licenses and certifications that could be important to rules and regulations for ambulance services).

ADs must also follow all federal and state healthcare laws, rules and regulations regarding such areas as operating emergency vehicles, ambulance licensing, licenses and certifications for emergency medical service (EMS) personnel, Medicare participation, privacy laws, joint public safety organizations and management contracts.

(See ADs have special circumstances under Chapter XII. Personnel for more information on authorized emergency vehicle drivers and operations.)

Licensing ambulance services

For a new AD the task of establishing ambulance services can be daunting even if the ambulance services are being transitioned from an existing organization.

Ground ambulances are licensed by the Missouri Bureau of EMS in the DHSS. The Bureau of EMS will require the AD to submit a Missouri Ground Ambulance Service License Application and will use the Ground Ambulance Service License Inspection Form during a site visit. During the site visit, all required documentation and records must be available, including records required by other regulatory agencies, namely a laboratory license from the Centers for Disease Control and Prevention (CDC) for testing patient blood sugar samples.

During the site visit by the Bureau of EMS, whether for a new or renewing ambulance service, the following documentation will be reviewed:

• Safety program including infection control program, including a comprehensive safety component;
• Vehicle operations and driving procedures;
• Communications procedures;
• Standards for clinical care (medical protocols and standing order authorizations from medical direction);
• Vehicle and equipment maintenance procedures;
• Disaster/multiple casualty protocols; and
• Quality Improvement program (including problem identification and resolution).

Licenses and certifications for EMS personnel

Employees and volunteers providing EMS are required to have certifications or licenses. In fact, no AD is allowed to employ or permit any employee to perform any services for which a medical license or certificate is required unless and until that person possesses all required licenses and certificates (190.196.1). Therefore, ADs absolutely must ensure licensed medical staff actually have their medical license and that medical licenses are not lapsed, suspended or revoked.

An AD is required to report to the DHSS within 72 hours of having knowledge of one of their medical licensees being charged with child abuse, sexual abuse of a child, crimes of violence, or rape or sexual abuse (190.196.3). Medical licensees are also required to report to DHSS within 72 hours of being charged with the same offenses (190.196.4).

After first responder certification, the law (190.142) provides for the next levels of EMS licensure, which are known by their titles: EMT, EMT- Intermediate (EMT-I), and EMT-paramedic (EMT-P or, generally, just paramedic or medic). Achieving this licensure with volunteers can be difficult. Requiring licensure with paid EMTs and paramedics is easier. Temporary medical licenses may be issued by DHSS to certain qualified health care professionals in good standing in another state, for example, military personnel, including the National Guard, in a hospital training program, or during a governor’s declaration of an emergency (190.500).

ADs should ensure its EMTs and paramedics receive continuing education to maintain their medical licenses and ADs should provide an adequate budget for this.

Record keeping for ambulance services

According to law (190.175.1; 190.175.2) and the code of state regulations (19 CSR 30-40.375), every ambulance service must maintain accurate patient care records, including, if applicable, the transportation of each patient. Patient care records must be retained for five years and readily available at any reasonable time during business hours for inspection by the Bureau of EMS of the DHSS (190.175.2; 190.175.5). Specific ambulance service records that must be kept and will be reviewed during site inspections by the Bureau of EMS for new or renewing ambulance services, include the following:

• Ambulance run report (must meet required EMS data elements in 190.175.3);
• Medical direction agreement (190.103.4) and the code of state regulations (19 CSR 30-40.303[2][A], and [B]);
• Medical Director protocol and policy authorization;
• Vehicle maintenance records;
• Records of driver competency in emergency vehicle operations;
• Equipment maintenance records;
• Controlled substance security and record keeping;
• Documentation of ambulance response times;
• Licenses and certifications for EMS personnel;
• Memorandum of understanding (MOU) with each Emergency Medical Response Agency (190.133.1[4]); and
• MOU with the AD’s dispatch agency (190.134).

(See Record keeping under Chapter V. Secretary Powers and Duties for additional information on AD record keeping.)

Medical direction

As required by law (190.103) and the code of state regulations (19 CSR 30- 40.303[3][A], and [B]), a qualified medical director is required for all ambulance services and emergency medical response agencies that provide:

• Advanced life support services;
• Basic life support services using medications or providing assistance with patients’ medications; or
• Basic life support services performing invasive procedures including invasive airway procedures.

A medical director, in cooperation with the EMS chief, has the responsibility and authority (19 CSR 30-40.303[3][C], [D], and [E]) to ensure that personnel working under his or her supervision are able to provide care that meets established standards of care for state and national standards as well as local area needs and resources. A medical director, in cooperation with the EMS chief, establishes and develops triage, treatment and transport protocols, which may include authorization for standing doctor’s orders.

There are many things to be considered when an AD appoints a medical director. finding a medical director can be problematic for an AD —  consider a doctor at your local hospital or the medical director of any medical response agency serving your AD, such as a fire protection district.

By law (190.103.4), there must be an agreement between the AD and its medical director that describes the medical director roles, responsibilities and authority. Other things in the agreement to consider include whether the medical director will be paid and whether medical malpractice insurance will be provided. The agreement, by law, also must include grievance procedures.

Medicare participation

Almost every AD will want to bill patients who are beneficiaries of the Centers for Medicare & Medicaid Services (CMS), which is the federal agency responsible for administering the Medicare, Medicaid, State Children’s Health Insurance Program (SCHIP), Health Insurance Portability and Accountability Act of 1996 (HIPAA), Clinical Laboratory Improvement Amendments (CLIA), and several other health-related programs. Therefore, a new AD will need to submit a Medicare Enrollment Application to the fee-for-service contractor for the area served by the AD.

The Medicare Enrollment Application must also include an Electronic Funds Transfer (EFT) Authorization Agreement, a Medicare Participating Physician or Supplier Agreement, and, on AD letterhead, a signed attestation that the AD will be legally and financially responsible in the event there is any outstanding debt owed to CMS (see Contracts must be in writing under Chapter XI. Purchasing, Bids and the Bidding Process for information on proper procedures for the AD board to authorize in writing the “Authorized Official” of the AD who will have the authority to legally and financially bind the AD to the laws, regulations and program instructions of the Medicare program). The Medicare Enrollment Application may also allow the AD to specify optional “Delegated Officials,” who should also be authorized in writing by the AD board so that the Delegated Official(s) can sign the Medicare Enrollment Application.

Before completion of the Medicare Enrollment Application and Medicare Participating Physician or Supplier Agreement, the AD will need to complete a National Provider Identifier (NPI) Application Update Form to be assigned a unique NPI to the AD. The AD’s ambulance service will also need to be licensed by Missouri.

Deliberately falsifying information in the Medicare Enrollment Application to gain or maintain enrollment in the Medicare program will bring severe penalties, and any changes to the Medicare Enrollment Application must be reported in accordance with established timeframes in the code of federal regulations (42 CFR § 424.516[d]).

CMS may require the AD to submit or update its enrollment information. The fee-for-service contractor will notify the AD when it is time for the AD to revalidate its Medicare Enrollment Application information.

Following insurance laws, rules and regulations is especially critical when charging patients who are Medicare beneficiaries. Medicare fraud and abuse costs taxpayers billions of dollars, so the federal government aggressively goes after providers, including ADs, for errors (incorrect billing), waste (medically unnecessary services), abuse (improper billing practices such as, up-charging), and fraud (billing for services or supplies that were not provided). In fact, the CMS Office of Inspector General (IOG) has joined up with a Department of Justice (read FBI) Medicare Fraud Strike Force to fight Medicare fraud and abuse. Violations can and have resulted in nonpayment of claims, criminal and civil liability (fines and/or jail), exclusion (meaning the AD can no longer receive payment from Medicare and state healthcare programs), and individuals disbarred from ever again being involved with Medicare —effectively ending anyone’s career as a healthcare provider or administrator.

There are several federal laws governing Medicare fraud and abuse, including the False Claims Act (FCA), Anti-Kickback Statute, the Physician Self-Referral Law (Stark Law), the Social Security Act, and other parts of the United States Criminal Code. These laws specify the criminal and/or civil remedies that can be imposed upon individuals or entities such as ADs that commit fraud and abuse in the Medicare Program, and it is important to note that liability can exist without proof of actual knowledge or a specific intent to violate the law (meaning that ignorance of the law is not an excuse).

For example, an AD submits a claim to Medicare for paramedic services provided, even though the patient care record indicates that the emergency medical services provided were for a lower, EMT level of medical services. If this claim is found to be false and a violation of the FCA, then the fine for this single false claim could be $5,500–$11,000 plus up to three times the amount of damages to Medicare as a result of the false claim. Individuals or entities, such as an AD, involved with such a false claim can also face criminal prosecution.

In the example above, falsifying the patient care record so that it looks like the patient required the higher paramedic care, is a violation in and of itself under the Civil Monetary Penalties Law, which allows fines up to $50,000 per violation plus assessments of up to triple the claim amount for each item or service, or up to triple the amount of money offered, paid, solicited or received.

Federal privacy laws

Many people may recognize one of the primary federal laws regarding privacy of health information: Health Insurance Portability and Accountability Act (HIPAA) of 1996. However, the purpose of HIPPA is much broader: “to improve the Medicare program …, and the efficiency and effectiveness of the health care system, by encouraging the development of a health information system through the establishment of standards and requirements for the electronic transmission of certain health information.”

The second part of HIPAA, called Title II, created several programs to control fraud and abuse. It also defined policies, procedures and guidelines for maintaining the privacy and security of personal health information (PHI), as well as outlining numerous offenses relating to health care, and set civil and criminal penalties for violations. PHI is any information held by a covered entity that concerns health status, provision of health care or payment for health care that can be linked to an individual. PHI is interpreted broadly and includes any part of an individual’s medical record or payment history.

In January 2013, updates were made to HIPAA as well as the Security Rule and Breach Notification portions of the Health Information Technology for Economic and Clinical Health (HITECH) Act. By regulation, the U.S. Department of Health and Human Services (HSS) extended the HIPAA privacy rule regarding PHI to covered entities and business associates such as ADs. The HIPAA and HITECH laws and associated HSS and Federal Trade Commission (FTC) regulations include requirements about releasing PHI, to whom PHI must be released and how quickly, correcting PHI inaccuracies, ensuring protection and confidentiality of PHI until 50 years after death, communications containing PHI, notifications when PHI is used, tracking disclosures of PHI, reporting breaches of PHI (including proof that harm has not occurred due to a breach), written privacy policies and procedures, appointment of a privacy official, appointment of  a contact person for receiving privacy complaints, and training everyone in the workforce on procedures regarding PHI.

State privacy laws

Although the Missouri Sunshine Law does not specifically restrict disclosure of patient medical information, the catch-all phrase in the law (610.021), “except to the extent disclosure is otherwise required by law,” protects confidentiality of patient medical information found in other parts of the Missouri statutes (see Chapter IX. Meetings, Records and Votes for more information about Missouri’s Sunshine Law).

Specifically, the law protects medical test results from disclosure without the patient’s consent (191.317). Also prohibited by law is disclosure of Medicaid beneficiary information (208.120; 208.155) except the state code of regulations allows release of such information for treatment, payment or health care purposes (13 CSR 70-1.020). There are laws regarding confidentiality of mental health records (630.140), nursing home residents’ medical, personal, or financial records (198.032), information pertaining to enrollees or applicants of health maintenance organizations (354.515), and certain information disclosed to medical peer review committees (537.035).

There are also Missouri laws regarding confidentiality of specific types of information, such as genetic information (375.1309), newborn hearing screening results (191.928), certain abortion reports (188.055) and an individual’s human immunodeficiency virus (HIV) status (191.656). Disease-specific registry medical reports and records are also subject to confidentiality requirements (192.739). Certain cancer reports from administrators or designated representatives of certain organizations must be kept confidential (192.655). Patient brain injury information and records maintained by rehabilitation or treatment facilities must be kept confidential (199.033). Disclosure or misuse of a criminal background investigation is prohibited (43.540).

Patient safety organizations (PSO)

In an effort to work collaboratively to reduce the frequency of serious EMS events and to improve the quality of EMS patient care, the Center for Patient Safety (CPS) is partnering with Missouri’s emergency medical service community, which includes ADs, fire-based EMS, hospitals and first-response providers to bring federal confidentiality and privilege protection to quality and patient safety data through the federally-listed CPS Patient Safety Organization (PSO). The purpose of CPS is to strive to learn what adverse EMS events occur, why they occur, and how to prevent them and, by sharing, promote safety improvement across the industry.

CPS provides the EMS community with a safe haven of federal confidentiality and privilege protection for the data sent to the PSO through an internet-based Patient Safety Evaluation System (PSES).  The PSES is used to collect and develop patient safety work products such as individual AD performance benchmarking against state comparatives, and collaboration and knowledge sharing opportunities among EMS agencies within Missouri and across the nation. Discussions take place under the legally protected, patient safety review program of the PSO.

Working with the CPS makes it possible for an EMS agency such as an AD to collect data on adverse events without fear of discovery or subpoena, perform analyses of those events (looking for patterns, similarities, etc.), compare de-identified data from one EMS agency to others across the state, and collect data on EMS quality indicators in a central repository leading to improvements in response times, greater efficiency and improvements in patient outcomes.

Management contracts

The law (190.060.5) allows an AD board of directors to propose to contract for the total management and operation of its ambulance services when the AD has not previously contracted out such a service. Within 30 days of proposing such a service, the AD board must hold a public hearing. If, after the public hearing, the AD board still proposes such a service, the AD board must make a satisfactory finding in its minutes that the proposed service will:

• Provide benefits to the public health that outweigh the associated costs;
• Maintain or enhance public access to ambulance services; and
• Maintain or improve the public health and promote the continued development of the regional EMS system.

Sixty days after a satisfactory finding for the proposed contract for the total management and operation of the ambulance services, the AD may enter into the proposed contract, but the proposed contract cannot be implemented for at least another 30 days (190.060.6[1]).

For contracts in place prior to Aug. 28, 1998, for the total management and operation of the ambulance services, the renewal or modification of these contracts or the signing of a new contract for these services does not required the public hearing, satisfactory finding or wait times (190.060.6[2]).

(See Consolidation and shared services under Chapter VII. Changing AD Boundaries for more information regarding a potential type of management contract called shared services.)