REPORT HIGHLIGHTS DEPARTMENT OF HUMAN SERVICES’ OVERSIGHT AND MONITORING OF THE COMMUNITY INTEGRATED LIVING ARRANGEMENT PROGRAM PERFORMANCE AUDIT Release Date: August 28, 2024 State of Illinois, Office of the Auditor General FRANK J. MAUTINO, AUDITOR GENERAL To obtain a copy of the Report contact: Office of the Auditor General, 400 West Monroe, Suite 306, Springfield, IL 62704-9849 (217) 782-6046 or TTY (888) 261-2887 This Report Digest and Full Report are also available on the worldwide web at www.auditor.illinois.gov BACKGROUND: Legislative Audit Commission Resolution Number 164, adopted March 14, 2023, directed the Auditor General to conduct a performance audit of the Department of Human Services’ (DHS) oversight and monitoring of the Community Integrated Living Arrangement (CILA) program. CILAs are living arrangements certified by a community mental health or developmental services agency where eight or fewer recipients with mental illness or recipients with a developmental disability reside under the supervision of the agency. DHS, through its Bureau of Accreditation, Licensing, and Certification (BALC), is responsible for the licensing of CILA providers. Other DHS areas join BALC in monitoring and oversight of the CILA program. There were 235 CILA providers specializing in care for individuals with developmental disabilities in operation as of July 13, 2023. For the period FY21-FY23, the State expended more than $2.2 billion on CILAs. KEY FINDINGS: CILA Licensing Process • In accordance with the CILA rule, DHS conducts licensing surveys of CILA programs. During the COVID-19 pandemic, DHS implemented a temporary self-assessment process for licensing. However, DHS failed to ensure that all CILA providers followed protocols relative to self-assessments. Thirty-six percent of our sample population had no self-assessment during the period beginning July 2020 through May 2021, a period determined by DHS. The average number of days between BALC surveys for those CILA providers without self- assessments was 889 days. Additionally, BALC officials also failed to conduct all of its monitoring activities during the self- assessment period by not completing all required interviews of residents, guardians, and CILA staff. • DHS failed to conduct BALC licensing surveys in a thorough, accurate, and timely manner. We found instances of BALC not following established criteria in the review of CILA providers for determining whether a license should be renewed. • DHS serves a Notice of Violation (NOV) when deficiencies are noted during a survey. We noted several issues with the use of NOV forms: — DHS failed to report violations identified in self-assessments and BALC reviews on a NOV form. In the case of one self-assessment, DHS did not issue an NOV despite a provider self-reporting nine violations. Sixteen out of forty-seven NOVs in our sample had violations noted during full and focus surveys that were not included on the NOV. — Additionally, violations reported on NOVs were not entered into the DHS’s NOV database. Seven out of sixteen self- assessments received an NOV with violations and had some or all violations missing from the NOV database. Additionally, 14 of 47 BALC surveys had some or all violations from the NOV not entered into the NOV database. • CILA providers are required to report suspected instances of abuse or neglect against individuals to the DHS Office of the Inspector General (OIG). However, DHS failed to ensure that BALC surveyors reviewed whether the timeliness of CILA providers reporting of OIG incidents complied with reporting requirements. We found 34 instances, at five providers, where evidence showed noncompliant reporting yet the scoring did not parallel the late reporting. • DHS allowed a CILA provider to remain serving residents on a continued license even though its original license had been expired for nearly 900 days. While DHS had no documentation in its file for the provider and the providers dispute with the Office of the State Fire Marshal, DHS issued three continuations for the CILA license. DHS Monitoring of the CILA Program • A DHS CILA monitoring unit has operated for five fiscal years under a draft policy and procedure manual. Additionally, a DHS licensing unit had a policy and procedure manual that had conflicting requirements related to survey requirements. • DHS failed to enforce admissions restrictions on CILA providers that were on probation based on unacceptable licensing survey scores. The failure led to five individuals from our sample being admitted to providers that failed to achieve minimally acceptable scores from BALC officials. • DHS failed to assign division monitors to oversee corrective actions by CILA providers with the worst licensing survey scores. This failure is a violation of administrative rule. • DHS failed to sanction a CILA provider that repeatedly refused to cooperate with OIG investigations of allegations against the provider. Our examination of OIG investigative reports found 22 instances where the provider violated State law or rule by not cooperating with OIG investigations. DHS could not provide any documentation to show it took any actions against the provider for a failure to cooperate. • DHS failed to consistently apply CILA rules to all providers that failed to correct noted deficiencies. While some providers had CILA licenses revoked, others were allowed to continue in the program despite not correcting deficiencies. Additionally, for providers allowed to remain in the program, DHS did not have documentation to support plans of correction for the uncorrected deficiencies. Emergency Call Notifications • Public Act 101-0075 required facilities licensed under the CILA Act to notify DHS when emergency calls are made from the facility. The Public Act also required DHS to adopt rules to implement the new requirement. However, DHS failed to follow State statute and develop administrative rules for emergency notifications made from CILA locations. While DHS did revise the CILA Rule 1,246 days after the effective date of the emergency notification requirement, that revision failed to contain a definition of “emergency call” or any penalties for non-compliance. • DHS developed the Critical Incident Reporting Analysis System (CIRAS) to capture electronic reports from providers and Independent Service Coordinators (ISCs) for critical incidents involving individuals with developmental disabilities. However, DHS failed to hold CILA providers that were not compliant with CIRAS reporting requirements accountable. Over the period FY20-FY23, 41 percent of CIRAS incident reports were not made within the required two working day requirement. Failure to enforce the reporting requirements resulted in one CILA provider taking 563 days, on average, to report FY20 incidents. • DHS failed to enforce its own procedures relative to CILA providers maintaining the requisite number of reporters for the CIRAS system. • All CIRAS submissions require either a next day follow up or a 10-day follow up. However, DHS failed to take steps necessary to ensure ISCs conducted follow up activities as required by Department procedure. This resulted in 76 percent of the next day follow up to cases either not being conducted or not conducted timely. Additionally, 10,617 cases that required 10- day follow up were not conducted by the ISC. For the 10-day follow up, 28 percent of the cases were not initially followed up timely. Finally, DHS could not provide sufficient documentation to support its own compliance with the procedures for following up with ISCs. • DHS has implemented a process for reporting critical incidents that results in under-reporting. DHS requirements for abuse, neglect, and exploitation require reporters to send those allegations to OIG. However, when OIG is unable to substantiate the allegations, the information is not included in the reporting of critical incidents in the CIRAS database. CILA providers and ISCs have reporting understandings that differ from the DHS reporting criteria. KEY RECOMMENDATIONS: The audit report contains 15 recommendations directed to DHS: • DHS should ensure that BALC consistently applies licensing protocols, such as self- assessments, even during times of unprecedented events, such as COVID-19, to all CILA providers. • DHS should ensure BALC surveys are conducted in a thorough, accurate, and timely manner. • DHS should ensure all violations noted during a BALC licensing survey are included in the Notice of Violation (NOV) and the NOV database. • DHS should ensure that its surveyors comply with agency guidance and review OIG reports for timely reporting before starting a licensing survey. Additionally, if DHS does not consider BALC surveyors to be responsible for checking CILA provider compliance with OIG reporting timeliness, DHS should seek changes to the CILA Rule and its own Compliance Checklist. • DHS should revise its licensing policies and procedures to include an acceptable number of license continuations. Additionally, DHS should define what a “short-term extension” means in relation to licensing. Finally, when a CILA provider does not present acceptable Office of the State Fire Marshal documentation during a licensing survey, DHS should enforce penalties that include admissions holds on the provider. • DHS should finalize, formalize, and approve the Bureau of Quality Management policy and procedure manual so that monitoring of CILA providers is consistent. Additionally, DHS should make corrections needed in the BALC policy and procedure manual so that staff conducting licensing surveys have correct and approved procedures to guide actions. • DHS should take steps necessary to comply with rules and ensure that admissions are not made to a CILA provider that is on probation. • DHS should comply with administrative rule and assign a monitor to oversee corrective actions for CILA providers that are on a restricted license. • DHS should develop a reporting mechanism where instances of noncooperation by CILA providers are reported to the Division of Developmental Disabilities. Additionally, when providers violate State law and administrative rule by failing to cooperate with the OIG, DHS should impose appropriate sanctions on the provider as allowed for in the Department of Human Services Act (20 ILCS 1305/1-17(p)(iv)). • DHS should develop criteria for CILA providers relative to circumstances of license revocation. Additionally, DHS should consistently apply those criteria to all CILA providers. • DHS should comply with the CILA Act and develop administrative rules for emergency notifications that clearly define what an emergency call is and the penalties to providers for failure to comply. • DHS should develop sanctions for CILA providers that are non-compliant with CIRAS reporting requirements. If DHS believes it already has appropriate sanctions available, it should enforce those sanctions. • DHS should ensure that CILA providers maintain the correct number of designated reporters and should develop a procedure that includes sanctions if a CILA provider does not maintain the correct number of designated reporters. • DHS should ensure that ISCs comply with the requirements in the CIRAS Manual for follow up to critical incidents. Also, DHS should document its own compliance with the CIRAS Manual relative to next day contacts for applicable incidents. • DHS should consider revising the reporting requirements in the CIRAS Manual to allow allegations reported to OIG, if they include elements that relate to critical incident reporting, to be also reported to CIRAS. If DHS chooses not to revise the requirements, then DHS should clarify the current reporting requirements for CILA providers and ISCs so that they are compliant with policy. This performance audit was conducted by the staff of the Office of the Auditor General.