A server hacking incident at Texas Ear, Nose and Throat Specialists (“Texas ENT”) allowed hackers to access and copy patient records containing patient names, dates of birth, medical record numbers, and procedure codes used for billing purposes and in some cases, patient Social Security numbers of 535,489 Texas ENT patients, according to a breach notification report filed with the Department of Health & Human Services Office of Civil Rights (“OCR”). With cybersecurity incidents reaching pandemic levels, health care providers, health plans, healthcare clearinghouses, their business associates and leaders need to take careful, well-documented steps to protect their data, organizations and leaders against disruptions and liabilities arising from these risks.
A Notice of Security Incident (the “Announcement”) posted to the Texas ENT website reports Texas ENT set letters notifying affected of the breach of their personal health information on December 10, 2021 and advises patients to review the statements from healthcare providers for accuracy, and to contact their provider if their review identifies services that were not received. The Announcement also states that Texas ENT is offering complimentary monitoring services through Experian to patients whose Social Security numbers were in the improperly accessed files.
The notifications to OCR, the patients and the media are required to comply with breach notification the Federally imposed breach notification requirements of the Health Insurance Portability & Accountability Act (“HIPAA”) as data breach notice requirements of the Texas Medical Records Privacy Act (“TMRPA”) and the Texas Identity Theft Enforcement and Protection Act (TITEPA).
The Texas ENT breach notification filed to OCR is one of a hundreds of large breach notifications recently reported to OCR. HIPAA generally requires that health care providers like Texas ENT, health plans, healthcare clearinghouses and their service providers that qualify as business associates (hereafter “covered entities”) safeguard the privacy and security of individually identifiable protected health information (“protected health information”) in paper, electronic or other form against use, access or disclosure other than as allowed by HIPAA. Along with its general restrictions upon use, access or disclosure of protected health information, HIPAA also requires that covered entities and their business associates take the special precautions to protect electronic protected health information (“ePHI”) against improper access, use, disclosure or loss required by the OCR HIPAA Security Rule. Meanwhile, the OCR HIPAA Breach Notification Rule requires that covered entities notify affected individuals, OCR and in the case of breaches involving records of more than 500 individuals, the media in accordance with the OCR Breach Notification Rule following breach of unsecured protected health information. Breaches of the Security or Breach Notification Rules often result in significant civil monetary penalty assessments or negotiated settlements to mitigate civil liability exposures arising out of such breaches. See e.g., Clinical Laboratory Pays $25,000 To Settle Potential HIPAA Security Rule Violations (May 25, 2021); Health Insurer Pays $5.1 Million to Settle Data Breach Affecting Over 9.3 Million People (January 15, 2021); Aetna Pays $1,000,000 to Settle Three HIPAA Breaches (October 28, 2020); Health Insurer Pays $6.85 Million to Settle Data Breach Affecting Over 10.4 Million People (September 25, 2020); HIPAA Business Associate Pays $2.3 Million to Settle Breach Affecting Protected Health Information of Over 6 million Individual – (September 23, 2020); Lifespan Pays $1,040,000 to OCR to Settle Unencrypted Stolen Laptop Breach (July 27, 2020); Small Health Care Provider Fails to Implement Multiple HIPAA Security Rule Requirements (July 23, 2020). While various factors can influence whether and the amount of any fine that Texas ENT will face as a result of OCR’s ongoing investigation of the breach, OCR’s enforcement record strongly suggests Texas ENT may seek to negotiate a resolution agreement or other arrangement with OCR to mitigate its exposure to potential civil monetary penalties.
Alerts issued by OCR regarding heightened security risks in recent months and a growing tide of highly publicized breaches send a strong warning to other covered entities and their business associates to reconfirm the adequacy of their own HIPAA privacy, security, breach notification and other procedures and protections by among other things:
Reviewing and monitoring on a documented, ongoing basis the adequacy and susceptibilities of existing practices, policies, safeguards of their own organizations, as well as their business associates and their vendors within the scope of attorney-client privilege taking into consideration data available from OCR, data regarding known or potential susceptibilities within their own operations as well as in the media, and other developments to determine if additional steps are necessary or advisable.
Updating policies, privacy and other notices, practices, procedures, training and other practices as needed to promote compliance and defensibility.
Renegotiating and enhancing service provider agreements to detail the specific compliance, audit, oversight and reporting rights, workforce and vendor credentialing and access control, indemnification, insurance, cooperation and other rights and responsibilities of all entities and individuals that use, access or disclose, or provide systems, software or other services or tools that could impact on security; to clarify the respective rights, procedures and responsibilities of each party in regards to compliance audits, investigation, breach reporting, and mitigation; and other relevant matters.
Verifying and tightening technological and other tracking, documentation and safeguards and controls to the use, access and disclosure of protected health information and systems.
Conducting well-documented training as necessary to ensure that members of the workforce of each covered entity and business associate understand and are prepared to comply with the expanded requirements of HIPAA, understand their responsibilities and appropriate procedures for reporting and investigating potential breaches or other compliance concerns, and understand as well as are prepared to follow appropriate procedures for reporting and responding to suspected violations or other indicia of potential security concerns.
Tracking and reviewing on a systemized, well-documented basis actual and near miss security threats to evaluate, document decision-making and make timely adjustments to policies, practices, training, safeguards and other compliance components as necessary to identify and resolve risks.
Establishing and providing well-documented monitoring of compliance that includes board level oversight and reporting at least quarterly and sooner in response to potential threat indicators.
Establishing and providing well-documented timely investigation and redress of reported violations or other compliance concerns.
Establishing contingency plans for responding in the event of a breach.
Establishing a well-documented process for monitoring and updating policies, practices and other efforts in response to changes in risks, practices and requirements.
Preparing and maintaining a well-documented record of compliance, risk, investigation and other security activities.
Pursuing other appropriate strategies to enhance the covered entity’s ability to demonstrate its compliance commitment both on paper and in operation.
Because susceptibilities in systems, software and other vendors of business associates, covered entities and their business associates should use care to assess and manage business associate and other vendor associated risks and compliance as well as tighten business associate and other service agreements to promote the improved cooperation, coordination, management and oversight required to comply with the new breach notification and other HIPAA requirements by specifically mapping out these details.
Leaders of covered entities or their business associates also are cautioned that while HIPAA itself does not generally create any private right of action for victims of breach under HIPAA, breaches may create substantial liability for their organizations or increasingly, organizational leaders under state data privacy and breach, negligence or other statutory or common laws. In addition, physicians and other licensed parties may face professional discipline or other professional liability for breaches violating statutory or ethical standards. Meanwhile, the Securities and Exchange Commission has indicated that it plans to pursue enforcement against leaders of public health care or other companies that fail to use appropriate care to ensure their organizations comply with privacy and data security obligations and the Employee Benefit Security Administration recently has issued guidance recognizing prudent data security practicces as part of the fiduciary obligations of health plans and their fiduciaries.
For Additional Information Or Assistance
If you need have questions or need assistance with health, benefit, payroll, investment or other data, systems or other privacy or security related risk management, compliance, enforcement or management concerns, the author of this update, attorney Cynthia Marcotte Stamer may be able to help. Longtime scribe for the American Bar Association Joint Committee on Employee Benefits agency meeting with OCR and author of leading publications on HIPAA and other privacy and data security concerns, Ms. Stamer also regularly assists clients and provides input to Congress, OCR and other agencies, publishes and speaks extensively on medical and other privacy and data security, health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns. Her publications and insights appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, World At Work, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications. Her insights on HIPAA risk management and compliance frequently appear in medical privacy related publications of a broad range of health care, health plan and other industry publications. She also is a highly-sought out speaker on privacy and data security who serves on the planning faculty and speaks for the Association of State & Territorial Health Plans (ASTHO), the Los Angeles Health Department, the American Bar Association, the Health Care Compliance Association, a multitude of health industry, health plan, insurance and financial services, education, employer employee benefit and other clients, trade and professional associations and others. You can get more information about her HIPAA and other experience here. If you need assistance with these or other compliance concerns, wish to inquire about arranging for compliance audit or training, or need legal representation on other matters, e-mail Ms. Stamer or call (214) 452-8297.
About Solutions Law Press, Inc.™
Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here.
Important Information About This Communication
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.
NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author and Solutions Law Press, Inc.™ reserve the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The author and Solutions Law Press, Inc.™ disclaim, and have no responsibility to provide any update or otherwise notify anyone any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication. Readers acknowledge and agree to the conditions of this Notice as a condition of their access of this publication.
Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.
Following up on the White House’s announcement yesterday that major health insurers, Medicare and Medicaid would cover medically necessary testing and expand coverage for treatment of 2019 Novel Coronavirus (“coronavirus), without applying deductibles or coinsurance and offer expanded telemedicine and other coverage for coronavirus care, the Internal Revenue Service (“IRS”) today issued guidance giving health plans confirming health plans waiving deductibles won’t violate the Internal Revenue Code health savings account high deductible health plan rules. However many employer or other sponsors of self-insured health plans may need to amend their health plans and take other steps if they want their health plans to provide similar coverage. Meanwhile the Centers for Disease Control (“CDC”) relased updated guidance to help businesses, schools, and other organizations to operate safely during the current outbreak. Consequently providers and patients still must confirm the exact coverage a health plan or insurer providers for treatment.
Coronavirus Testing & Other Health Coverage Health
Major health insurers agreed in a Whitehouse Coronavirus Taskforce meeting yesterday to cover medically necessary testing and extend coverage to medically necessary treatment. The agreement only technically binds Medicare, Medicaid and other government programs and private insurers participating in the meeting. It does not automatically extend coverage or waive deductibles for self-insured employer or union sponsored health plans which provide coverage for an estimated 61 percent of covered U.S. worker and their families. Self-insured plan sponsors wishing to provide similar coverage and waive deductibles generally will need to take specific action to amend their plans and related contracts and communications.
Vice President Pence announced the agreement with insurers yesterday saying among other things:
I’m pleased to report, as you requested, Mr. President, that all the insurance companies here — either today or before today — have agreed to waive all copays on coronavirus testing and extend coverage for coronavirus treatment in all of their benefit plans.
And, at your direction, Medicare and Medicaid, last week, already made it clear to Medicare and Medicaid beneficiaries that coronavirus testing and treatment would be covered. These private insurance carriers have extended that as well.
They’ve also agreed to cover telemedicine so that anyone, particularly among the vulnerable senior population, would not feel it necessary to go to a hospital or go to their doctor. They’ll know that telemedicine is covered.
While the announcement indicates that insurers involved in the meeting plan to expand coverage and waive deductibles, self-insured employer and union sponsored plans aren’t technically covered by the agreement. While many employers sponsoring self-insured health plans will want their health plan to provide similar coverage as part of their risk management response to the coronavirus outbreak. Self-insured plan sponsors and fiduciaries should confirm appropriate plan language is adopted and that their stop loss insurance carriers are on board or other arrangements are made to plan for and cover costs, and that other plan vendors are on board to handle responsibilities.
In the meantime, the widespread lack of understanding among plan members about the distinction between insured and self-insured plans coupled with the breadth of the unqualified announcement by the White House is likely to fuel confusion by covered individuals and their providers. Not only will covered persons and providers need to know whether the program is insured or self-insured, they also will need to confirm how each of these programs implements the expanded coverage.
IRS Guidance Clears Way For High Deductible Health Plans To Raise Deductibles
Employers and health plans wishing to waive deductibles for coronavirus testing will not have to worry that waiving the deductible will violate IRS high deductible health plan (“HDHP”) rules, however. Earlier today, the IRS provided relief allowing high deductible health plans to pay these expenses without disqualifying their programs for high deductible health plan treatment under the Code in Notice 2020-15. The Notice provides that, until further guidance is issued, a health plan that otherwise satisfies the requirements to be a HDHP under Code section 223(c)(2)(A) will not fail to be an HDHP under section 223(c)(2)(A) merely because the health plan provides health benefits associated with testing for and treatment of COVID-19 without a deductible, or with a deductible below the minimum deductible (self only or family) for an HDHP. Also due to this guidance, an individual covered by the HDHP will not be disqualified from being an eligible individual under section 223(c)(1) who may make tax-favored contributions to a health savings account (HSA).
CDC Resources Provide Guidance On Safe Operation Through Outbreak
Along with the heath plan developments, many employer and other busines and community leaders are confronting how to deal d new resources today to help businesses, schools and others keep their people and locations safe at here.
Business & Other Disruptions Response
Along with dealing with the threat of the disease itself, the efforts to manage the disease outbreak, many businesses also are forced to deal with demand losses, supply and business interruptions, staffing shortages, unanticipated expenses and a wide range of other operational and financial disruptions that are side effects of the outbreak and its management.
The outbreak has and continues to prompt the cancellation of a plethora of business, trade, government, school, and sports and entertainment events. Notable for its involvement in heath care and related insurance matters, the National Association of Insurance Commissioners (“NAIC”)is one of a growing number of event sponsors that are allowing workers to work from home, are cancelling or banning participation in live meetings and other events and/or are converting from live to virtual formats in response to the outbreak. Trade and business associations, entertainment and sports and otehr venures also are impacted. For instance, the NAIC announced its decision to move its meetings to a purely virtual format today. According to the announcement, the National Spring Meeting that had been scheduled to take place in Phoenix next week is cancelled. Instead, the NAIC announced the following tentative schedule:
A revised schedule with dates, times and call-in numbers will be available on Naic.org next week.
Concerning the reasons for its decision, the NAIC explained:
Recently, the number of confirmed cases of COVID-19 has exceeded 100,000 worldwide, including over 1000 confirmed U.S. cases in 36 jurisdictions. Given rapidly changing information and out of an abundance of caution for the safety of our members, guests and staff, the NAIC officers, in consultation with NAIC members, have decided to hold the Spring National Meeting in a virtual-only format.
The financial consequences of staffing or supply shortages, declines in product or services demands, event cancellations, cleaning and other costs and a host of other side effects present such a widespread risk to many businesses that many are facing layoffs or even banktuptcy. While President Trump and other federal and state leaders are promising employment tax holidays and other relief to try to mitigate some of these financial effects, businesses impacted by these disruptions should begin assessing and planning to execute options to mitigate losses and manage these risks as soon as possible to maximize their potential ability to take advantage of options to restructure debt or contractual obligations, adjust workforce staffing, and make other adjustments successfully to weather the pandemic storm and fallout. When considering these options, businesses will want to understand the relative complete costs of reductions in hours, furloughs, contractual adjustments and other options to make and execute their choices as well as possible.
More Information
We hope this update is helpful. For more information about the these or other health or other legal, management or public policy developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.
Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years of health industry and other management work, public policy leadership and advocacy, coaching, teachings, and publications. As a significant part of her work, Ms. Stamer has worked extensively on pandemic, business and other crisis planning, preparedness and response for more than 30 years.
Scribe for the ABA JCEB Annual Agency Meeting with OCR, Vice Chair of the ABA International Section Life Sciences Committee, past Chair of the ABA Health Law Section Managed Care & Insurance Interest Group and the ABA RPTE Employee Benefits & Other Compensation Group, Ms. Stamer is most widely recognized for her decades of pragmatic, leading edge work, scholarship and thought leadership on health and other privacy and data security and other health industry legal, public policy and operational concerns. Ms. Stamer’s work throughout her 30 plus year career has focused heavily on working with health care and managed care, health and other employee benefit plan, insurance and financial services and other public and private organizations and their technology, data, and other service providers and advisors domestically and internationally with legal and operational compliance and risk management, performance and workforce management, regulatory and public policy and other legal and operational concerns. As a part of this work, she has continuously and extensively worked with domestic and international health plans, their sponsors, fiduciaries, administrators, and insurers; managed care and insurance organizations; hospitals, health care systems, clinics, skilled nursing, long term care, rehabilitation and other health care providers and facilities; medical staff, accreditation, peer review and quality committees and organizations; billing, utilization management, management services organizations, group purchasing organizations; pharmaceutical, pharmacy, and prescription benefit management and organizations; consultants; investors; EHR, claims, payroll and other technology, billing and reimbursement and other services and product vendors; products and solutions consultants and developers; investors; managed care organizations, self-insured health and other employee benefit plans, their sponsors, fiduciaries, administrators and service providers, insurers and other payers, health industry advocacy and other service providers and groups and other health and managed care industry clients as well as federal and state legislative, regulatory, investigatory and enforcement bodies and agencies.
This involvement encompasses helping health care systems and organizations, group and individual health care providers, health plans and insurers, health IT, life sciences and other health industry clients prevent, investigate, manage and resolve sexual assault, abuse, harassment and other organizational, provider and employee misconduct and other performance and behavior; manage Section 1557, Civil Rights Act and other discrimination and accommodation, and other regulatory, contractual and other compliance; vendors and suppliers; contracting and other terms of participation, medical billing, reimbursement, claims administration and coordination, Medicare, Medicaid, CHIP, Medicare/Medicaid Advantage, ERISA and other payers and other provider-payer relations, contracting, compliance and enforcement; Form 990 and other nonprofit and tax-exemption; fundraising, investors, joint venture, and other business partners; quality and other performance measurement, management, discipline and reporting; physician and other workforce recruiting, performance management, peer review and other investigations and discipline, wage and hour, payroll, gain-sharing and other pay-for performance and other compensation, training, outsourcing and other human resources and workforce matters; board, medical staff and other governance; strategic planning, process and quality improvement; meaningful use, EHR, HIPAA and other technology, data security and breach and other health IT and data; STARK, ant kickback, insurance, and other fraud prevention, investigation, defense and enforcement; audits, investigations, and enforcement actions; trade secrets and other intellectual property; crisis preparedness and response; internal, government and third-party licensure, credentialing, accreditation, HCQIA and other peer review and quality reporting, audits, investigations, enforcement and defense; patient relations and care; internal controls and regulatory compliance; payer-provider, provider-provider, vendor, patient, governmental and community relations; facilities, practice, products and other sales, mergers, acquisitions and other business and commercial transactions; government procurement and contracting; grants; tax-exemption and not-for-profit; privacy and data security; training; risk and change management; regulatory affairs and public policy; process, product and service improvement, development and innovation, and other legal and operational compliance and risk management, government and regulatory affairs and operations concerns. to establish, administer and defend workforce and staffing, quality, and other compliance, risk management and operational practices, policies and actions; comply with requirements; investigate and respond to Board of Medicine, Health, Nursing, Pharmacy, Chiropractic, and other licensing agencies, Department of Aging & Disability, FDA, Drug Enforcement Agency, OCR Privacy and Civil Rights, Department of Labor, IRS, HHS, DOD, FTC, SEC, CDC and other public health, Department of Justice and state attorneys’ general and other federal and state agencies; JCHO and other accreditation and quality organizations; private litigation and other federal and state health care industry actions: regulatory and public policy advocacy; training and discipline; enforcement; and other strategic and operational concerns.
Author of “Privacy and the Pandemic Workshop” for the Association of State and Territorial Health Plans, as well as a multitude of other health industry matters, workforce and health care change and crisis management and other highly regarded publications and presentations, the American Bar Association (ABA) International Section Life Sciences Committee Vice Chair, a Scribe for the ABA Joint Committee on Employee Benefits (JCEB) Annual OCR Agency Meeting and a former Council Representative, Past Chair of the ABA Managed Care & Insurance Interest Group, former Vice President and Executive Director of the North Texas Health Care Compliance Professionals Association, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, and a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her extensive publications and thought leadership as well as leadership involvement in a broad range of other professional and civic organizations. For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.
About Solutions Law Press, Inc.™
Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here such as:
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.
$3 million is the hefty price that the University of Rochester Medical Center (URMC) has agreed to pay to the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) to settle potential violations of the Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security Rules arising from the loss of unencrypted laptops and other mobile devices containing protected health information (PHI). Like prior settlements and civil monetary penalties OCR previously assessed against HIPAA-covered entities for using or storing electronic protected health information (ePHI) on unencrypted mobile devices, the $3 million sanction and other requirements imposed in the URMC Resolution Agreement and Corrective Action Plan made public after the close of business on November 5 reaffirm OCR’s readiness to sanction harshly health care providers, health plans, healthcare clearinghouses and businesses associates for the loss or compromise of ePHI due to the covered entity’s failure to appropriately encrypt mobile devices. Any HIPAA covered entity or business associate that has not already done so must act to avoid a similar fate by establishing and enforcing systematic procedures to ensure all mobile devices using, accessing, storing or otherwise dealing with ePHI are properly encrypted at all times.
URMC Breach & Resolution Agreement
The URMC Resolution Agreement resolves potential charges resulting from an OCR investigation commenced in response to breach reports UMRC filed with OCR in 2013 and 2017. The breach reports disclosed UMRC’s discovery of the impermissible disclosure of PHI through the loss of an unencrypted flash drive and theft of an unencrypted laptop, respectively. URMC includes healthcare components such as the School of Medicine and Dentistry and Strong Memorial Hospital. URMC is one of the largest health systems in New York State with over 26,000 employees.
OCR’s investigation revealed that URMC failed to conduct an enterprise-wide risk analysis; implement security measures sufficient to reduce risks and vulnerabilities to a reasonable and appropriate level; utilize device and media controls; and employ a mechanism to encrypt and decrypt electronic protected health information (ePHI) when it was reasonable and appropriate to do so. Of note, in 2010, OCR investigated URMC concerning a similar breach involving a lost unencrypted flash drive and provided technical assistance to URMC. Despite the previous OCR investigation, and URMC’s own identification of a lack of encryption as a high risk to ePHI, URMC permitted the continued use of unencrypted mobile devices.
OCR made a point of reaffirming the requirement to encrypt laptops and other mobile devices containing ePHI when announcing the new Resolution Agreement. “Because theft and loss are constant threats, failing to encrypt mobile devices needlessly puts patient health information at risk,” said Roger Severino, OCR Director. “When covered entities are warned of their deficiencies, but fail to fix the problem, they will be held fully responsible for their neglect.”
As part of its punishment for allowing the ePHI breaches by failing to encrypt mobile devices, URMC must pay a $3 million monetary settlement as well as undertake a corrective action plan that includes two years of monitoring their compliance with the HIPAA Rules.
Mobile Device Encryption Requirement Well-Established
Entities regulated by the HIPAA Privacy, Security, and Breach Notification Rules (the HIPAA Rules) must be sure to include mobile devices in their enterprise-wide risk analysis and take action(s) to reduce risks identified with the use of mobile devices to a reasonable and appropriate level.
The article also shared insights about some of the steps OCR considers necessary to meet this expectation, as including:
Implement policies for use of mobile devices that are used to handle PHI;
Consider using Mobile Device Management (MDM) software to secure mobile devices;
Install or enable automatic lock/logoff functions;
Require authentication to access devices;
Keep devices’ security features updated;
Procure encryption, anti-virus/anti-malware software, and remote wipe capabilities;
Use a privacy screen to prevent viewing by third-parties;
Assure that Wi-Fi networks used are secure;
Use a secure Virtual Private Network (VPN);
Institute policies regarding downloading third-party apps on devices which access PHI;
Delete all PHI from device before disposing of; and
Provide training on secure use of mobile devices for all employees.
Covered entities and business associates should promptly and continuously act to ensure on a systematic and carefully documented basis that their organization is taking these and and other steps necessary to ensure that all mobile device with ePHI are always appropriately encrypted.
We hope this information was helpful. For more information about HIPAA or other related concerns, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.
Solutions Law Press, Inc. invites you receive future updates and join discussions about these and other human resources, health and other employee benefit and patient empowerment concerns by participating and contributing to the discussions in our Solutions Law Press Health Care Risk Management & Operations Group and registering for updates on our Solutions Law Press Website.
About the Author
Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years of health industry and other management work, public policy leadership and advocacy, coaching, teachings, and publications.
As a primary focus of this work, Ms. Stamer has worked extensively with domestic and international hospitals, health care systems, clinics, skilled nursing, long term care, rehabilitation and other health care providers and facilities; medical staff, accreditation, peer review and quality committees and organizations; billing, utilization management, management services organizations, group purchasing organizations; pharmaceutical, pharmacy, and prescription benefit management and organizations; consultants; investors; technology, billing and reimbursement and other services and product vendors; products and solutions consultants and developers; investors; managed care organizations, insurers, self-insured health plans and other payers, health industry advocacy and other service providers and groups and other health industry clients as well as federal and state legislative, regulatory, investigatory and enforcement bodies and agencies.
Scribe for the ABA JCEB Annual Agency Meeting with OCR, Vice Chair of the ABA International Section Life Sciences Committee, past Chair of the ABA Health Law Section Managed Care & Insurance Interest Group, the ABA RPTE Employee Benefits & Other Compensation Group, Ms. Stamer is noted for her decades-long leading edge work, scholarship and thought leadership on health and other privacy and data security and other health industry legal, public policy and operational concerns. This involvement encompasses helping health care systems and organizations, group and individual health care providers, health plans and insurers, health IT, life sciences and other health industry clients prevent, investigate, manage and resolve sexual assault, abuse, harassment and other organizational, provider and employee misconduct and other performance and behavior; manage Section 1557, Civil Rights Act and other discrimination and accommodation, and other regulatory, contractual and other compliance; vendors and suppliers; contracting and other terms of participation, medical billing, reimbursement, claims administration and coordination, Medicare, Medicaid, CHIP, Medicare/Medicaid Advantage, ERISA and other payers and other provider-payer relations, contracting, compliance and enforcement; Form 990 and other nonprofit and tax-exemption; fundraising, investors, joint venture, and other business partners; quality and other performance measurement, management, discipline and reporting; physician and other workforce recruiting, performance management, peer review and other investigations and discipline, wage and hour, payroll, gain-sharing and other pay-for performance and other compensation, training, outsourcing and other human resources and workforce matters; board, medical staff and other governance; strategic planning, process and quality improvement; meaningful use, EMR, HIPAA and other technology, data security and breach and other health IT and data; STARK, antikickback, insurance, and other fraud prevention, investigation, defense and enforcement; audits, investigations, and enforcement actions; trade secrets and other intellectual property; crisis preparedness and response; internal, government and third-party licensure, credentialing, accreditation, HCQIA and other peer review and quality reporting, audits, investigations, enforcement and defense; patient relations and care; internal controls and regulatory compliance; payer-provider, provider-provider, vendor, patient, governmental and community relations; facilities, practice, products and other sales, mergers, acquisitions and other business and commercial transactions; government procurement and contracting; grants; tax-exemption and not-for-profit; privacy and data security; training; risk and change management; regulatory affairs and public policy; process, product and service improvement, development and innovation, and other legal and operational compliance and risk management, government and regulatory affairs and operations concerns. to establish, administer and defend workforce and staffing, quality, and other compliance, risk management and operational practices, policies and actions; comply with requirements; investigate and respond to Board of Medicine, Health, Nursing, Pharmacy, Chiropractic, and other licensing agencies, Department of Aging & Disability, FDA, Drug Enforcement Agency, OCR Privacy and Civil Rights, Department of Labor, IRS, HHS, DOD, FTC, SEC, CDC and other public health, Department of Justice and state attorneys’ general and other federal and state agencies; JCHO and other accreditation and quality organizations; private litigation and other federal and state health care industry actions: regulatory and public policy advocacy; training and discipline; enforcement; and other strategic and operational concerns.
Author of leading works on HIPAA and a multitude of other health care, health plan and other health industry matters, the American Bar Association (ABA) International Section Life Sciences Committee Vice Chair, a Scribe for the ABA Joint Committee on Employee Benefits (JCEB) Annual OCR Agency Meeting and a former Council Representative, Past Chair of the ABA Managed Care & Insurance Interest Group, former Vice President and Executive Director of the North Texas Health Care Compliance Professionals Association, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, and a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her extensive publications and thought leadership as well as leadership involvement in a broad range of other professional and civic organizations. For more information about Ms. Stamer or her services, experience and involvements, e-mail Ms. Stamer here or contact Ms. Stamer via telephone at (214) 452-8297 or see here.
About Solutions Law Press, Inc.™
Solutions Law Press, Inc.™ provides legal risk management and compliance, business strategy and operations, management, leadership and other publications, coaching, , training and education tools and other resources on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, we invite you to register to receive other updates and review our other Solutions Law Press, Inc.™ resources available here.
NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author reserves the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The author and Solutions Law Press, Inc. disclaim, and have no responsibility to provide any update or otherwise notify anyone any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.
Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.
Department of Health & Human Services Office of Inspector General (“OIG”) data showing a rise in Medicaid criminal convictions arising from fraud and patient abuse or neglect investigations and prosecutions during the 2022 fiscal year (“FY”) confirms the continued robustness of its Medicaid Fraud Control Units (MFCUs).
1,327 criminal convictions, an increase over the previous 2 years, but resulted in criminal recoveries of only $416 million; and
553 civil settlements and judgments resulting in civil recoveries of $641 million.
A Statistical Chart included in the Report provides a breakdown by state of the civil and criminal convictions and recoveries by nature of the offense.
While the Report reveals that civil and criminal recoveries from Medicaid criminal and civil enforcement dropped in FY 2022, the increase in convictions and other data sends a clear warning to health care providers and others that Medicaid fraud investigation and enforcement remains a key priority of the OIG and federal prosecutors.
Criminal Convictions
Total convictions resulting from MFCU cases continued to increase from the FY 2020 level, but remained lower than in FY 2019. In FY 2022, MFCU cases resulted in 946 convictions for fraud and 381 convictions for patient abuse or neglect. Exhibit 2 shows the total number of convictions during FYs 2018 through 2022. Although the proportion of patient abuse or neglect convictions to fraud convictions was similar to that in previous years, the total number of patient abuse or neglect convictions also continued to increase from the FY 2020 level.
As in previous years, significantly more convictions for fraud involved Personal Care Services (PCS) attendants than any other provider type with fraud convictions of PCS attendants accounted for 44 percent of the fraud convictions.
MFCU convictions related to the fraudulent billing of Medicaid, fraudulent activities of Medicaid providers involving drugs diverted from legal and medically necessary uses, regardless of whether Medicaid itself was billed and other “drug diversion” cases continued to increase from the FY 2020 level. Associated criminal recoveries from drug diversion cases totaled $18 million in FY 2022. Two States, Pennsylvania and Kentucky, accounted for 79 percent of the total convictions.
In FY 2022, convictions of nurse’s aides and of nurses or physician assistants accounted for 39 percent of the total 381 convictions for patient abuse or neglect.
Criminal and Civil Recoveries
While convictions rose, criminal recoveries decreased from $857 million in FY 2021 to $416 million in FY 2022. The Report attributes the drop in atypically large criminal recovery amounts realized in FY 2021 that resulted primarily from cases prosecuted by MFCUs in Virginia and Texas that produced a combined $714 million in criminal recoveries, 83 percent of the total reported criminal recoveries in FY 2021.
The Report points out that a single Texas criminal prosecution also significantly contributed to the total criminal recoveries in FY 2022. According to the Report, $82 million of the FY 2022 criminal recoveries resulted from the prosecution and conviction of the former head of Novus and Optimum Health Services, Bradley J. Harris and other defendants by the U.S. Attorney’s Office for the Northern District of Texas for defrauding the Medicare and Medicaid programs by among other actions:
Billing Medicare and Medicaid for hospice services that were (1) not provided, (2) not directed by a medical professional, and (3) provided to patients not eligible for hospice care; and
Using blank, pre-signed controlled substance prescriptions to distribute drugs without physician input.
Recoveries from civil settlements and judgments also decreased in FY 2022, as did the total number of civil settlements and judgments associated with pharmaceutical manufacturers. In FY 2022, $395 million (62 percent) of the $641 million in civil recoveries derived from nonglobal cases. The remaining $246 million derived from global cases.
Appendixes to the report include a list of “beneficial” practices implemented by the MFCUs to prevent and discover these and other Medicaid abuses in various regions. Reviewing the granular statistics and these findings set forth in the Report provide valuable insights for health care providers, their leaders and advisors about these and other enforcement priorities and practices.
More Information
We hope this update is helpful. For more information about the these or other health or other legal, management or public policy developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.
Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 35+ years of workforce and other management work, public policy leadership and advocacy, coaching, teachings, scholarship and thought leadership.
A Fellow in the American College of Employee Benefit Counsel, Chair of the American Bar Association (“ABA”) International Section Life Sciences and Health Committee, Chair-Elect of the ABA TIPS Section Medicine & Law Committee, Chair of the ABA Intellectual Property Section Law Practice Management Committee, Past Chair of the ABA Managed Care & Insurance Interest Group, Scribe for the ABA JCEB Annual Agency Meeting with HHS-OCR, past chair of the ABA RPTE Employee Benefits & Other Compensation Group and current co-Chair of its Welfare Benefit Committee, Ms. Stamer’s work throughout her 35 year career has focused heavily on working with health care and managed care, health and other employee benefit plan, insurance and financial services and other public and private organizations and their technology, data, and other service providers and advisors domestically and internationally with legal and operational compliance and risk management, performance and workforce management, regulatory and public policy and other legal and operational concerns. As an ongoing component of this work, she regularly advises, represents and defends businesses on Guideline Program and other compliance, risk management and other internal and external controls in a wide range of areas and has published and spoken extensively on these concerns.
Ms. Stamer also is widely recognized for her decades of pragmatic, leading edge work, scholarship and thought leadership on workforce, compensation, and other operations, risk management, compliance and regulatory and public affairs concerns.
For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.
IMPORTANT NOTICE ABOUT THIS COMMUNICATION
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.
NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author and Solutions Law Press, Inc.™ reserve the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving, and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The author and Solutions Law Press, Inc.™ disclaim, and have no responsibility to provide any update or otherwise notify anyone any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication. Readers acknowledge and agree to the conditions of this Notice as a condition of their access of this publication.
Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.
Physicians, hospitals, clinics and other health care providers should take any necessary steps to adjust their practices to ensure their defensibility under federal health care fraud laws when flexibilities allowed under the COVID-19 public health emergency declaration (COVID-19 Declaration) first issued on January 31, 2020 end in May, 2023 as well as audit other potential compliance risks that may have arisen from staffing or other operational disruptions that occurred during the COVID-19 pandemic.
The Secretary of Health & Human Services (“HHS”) has announced the COVID-19 Declaration will expire at the end of the day on May 11, 2023. When the COVID-19 Declaration expires, physicians and other health care providers need to recognize and begin preparing for the end of the following special flexibilities and relief that HHS granted by the HHS Office of Inspector General (“OIG”) through various Policy Statements and Frequently Asked Questions (“FAQs”) while the COVID-19 Declaration remained in effect to provide flexibility and minimize burdens for the health care industry as it faced the challenges of the COVID-19 pandemic. Other agencies that issued flexibilities or other relief during the pandemic also have or are ending that relief, The termination of these flexibilities will immediately reactivate a host of federal, state and local rules suspended softened during the COVID-19 pandemic even as the operations of agencies and the courts normalize. Amid these developments, health care providers, health care organizations and other businesses need to use care to avoid creating liability by continuing to use practices adopted under the flexibilities granted under the COVID-19 Declaration or other similar pandemic relief after that temporary relief expires.
The Telehealth Policy Statement issued March 17, 2020 notified physicians and other practitioners that HHS would not impose administrative sanctions for reducing or waiving any cost-sharing obligations Federal health care program beneficiaries may owe for telehealth services furnished consistent with the then-applicable coverage and payment rules, as long as the provider met the conditions specified in the Telehealth Policy Statement. The Telehealth Policy Statement imposed several conditions upon its applicability. Since the Telehealth Policy Statement only applies while the COVID-19 Declaration remained in effect, reductions or waivers of Federal health care program enrollees’ cost-sharing obligations for telehealth services furnished after the expiration of the COVID-19 Declaration on May 11, 2023, will not receive prospective immunity from OIG administrative sanctions under the Telehealth Policy Statement.
The OIG Blanket Waivers Policy Statement issued April 3, 2020 announced OIG would not to impose certain administrative sanctions for certain remuneration related to COVID-19 covered by the Blanket Waivers of Section 1877(g) of the Social Security Act (Centers for Medicare & Medicaid Services (CMS) Blanket Waivers) issued by the Secretary, subject to the conditions specified in the Policy Statement. This relief will end on March 11, 2023.
The CMS Blanket Waivers applied to allow health care provider to be reimbursed for the items and services and exempted from sanctions for such noncompliance, absent the government’s determination of fraud or abuse the following referrals and claims made where necessary to ensure sufficient health care items and services remained available to meet the needs of individuals enrolled in the Medicare, Medicaid, and CHIP programs and the health care providers furnishing those items and services in good faith were unable to comply with one or more of the specified requirements of section 1877 of the Social Security Act due to the consequences of the COVID-19 pandemic:
Remuneration from an entity to a physician (or an immediate family member of a physician) that is above or below the fair market value for services personally performed by the physician (or the immediate family member of the physician) to the entity.
Rental charges paid by an entity to a physician (or an immediate family member of a physician) that are below fair market value for the entity’s lease of office space from the physician (or the immediate family member of the physician).
Rental charges paid by an entity to a physician (or an immediate family member of a physician) that are below fair market value for the entity’s lease of equipment from the physician (or the immediate family member of the physician).
Remuneration from an entity to a physician (or an immediate family member of a physician) that is below fair market value for items or services purchased by the entity from the physician (or the immediate family member of the physician).
Rental charges paid by a physician (or an immediate family member of a physician) to an entity that are below fair market value for the physician’s (or immediate family member’s) lease of office space from the entity.
Rental charges paid by a physician (or an immediate family member of a physician) to an entity that are below fair market value for the physician’s (or immediate family member’s) lease of equipment from the entity.
Remuneration from a physician (or an immediate family member of a physician) to an entity that is below fair market value for the use of the entity’s premises or for items or services purchased by the physician (or the immediate family member of the physician) from the entity.
Remuneration from a hospital to a physician in the form of medical staff incidental benefits that exceeds the limit set forth in 42 CFR 411.357(m)(5).
Remuneration from an entity to a physician (or the immediate family member of a physician) in the form of nonmonetary compensation that exceeds the limit set forth in 42 CFR 411.357(k)(1).
Remuneration from an entity to a physician (or the immediate family member of a physician) resulting from a loan to the physician (or the immediate family member of the physician): (1) with an interest rate below fair market value; or (2) on terms that are unavailable from a lender that is not a recipient of the physician’s referrals or business generated by the physician.
Remuneration from a physician (or the immediate family member of a physician) to an entity resulting from a loan to the entity: (1) with an interest rate below fair market value; or (2) on terms that are unavailable from a lender that is not in a position to generate business for the physician (or the immediate family member of the physician).
The referral by a physician owner of a hospital that temporarily expands its facility capacity above the number of operating rooms, procedure rooms, and beds for which the hospital was licensed on March 23, 2010 (or, in the case of a hospital that did not have a provider agreement in effect as of March 23, 2010, but did have a provider agreement in effect on December 31, 2010, the effective date of such provider agreement) without prior application and approval of the
Providers that have or are billing for services in reliance on the blanket waiver should keep in mind that they only apply to financial relationships and referrals that are related to the COVID-19 outbreak in the United States. Any remuneration described in the blanket waivers must be directly between the entity and: (1) the physician or the physician organization in whose shoes the physician stands under 42 CFR 411.354(c); or (2) the immediate family member of the physician.
Also, the remuneration and referrals described in the blanket waivers must be solely related to COVID-19 Purposes, which means:
Diagnosis or medically necessary treatment of COVID-19 for any patient or individual, whether or not the patient or individual is diagnosed with a confirmed case of COVID[1]19;
Securing the services of physicians and other health care practitioners and professionals to furnish medically necessary patient care services, including services not related to the diagnosis and treatment of COVID-19, in response to the COVID-19 outbreak in the United States;
Ensuring the ability of health care providers to address patient and community needs due to the COVID-19 outbreak in the United States;
Expanding the capacity of health care providers to address patient and community needs due to the COVID-19 outbreak in the United States;
Shifting the diagnosis and care of patients to appropriate alternative settings due to the COVID-19 outbreak in the United States; or
Addressing medical practice or business interruption due to the COVID-19 outbreak in the United States in order to maintain the availability of medical care and related services for patients and the community.
Providers must not attempt to rely upon the CMS Blanket Waivers to justify any transaction after May 11, 2023. Furthermore, providers acting in reliance upon the CMS Blanket Waivers must not rely upon the CMS Blanket Waivers to bill for, and should take prompt action to correct billing for any services provided in reliance on the Blanket Waiver that don’t meet these or any other applicable conditions.
HHS beginning April 10, 2020 also published informal, nonbinding guidance in the form of Frequently Asked Questions (“FAQs”) that discussed OIG’s views on the following arrangements when directly connected to the public health emergency and implicated OIG’s administrative enforcement authorities, including the Federal anti-kickback statute and Beneficiary Inducements CMP:
Would the offer or provision of cash, cash-equivalent, or in-kind incentives or rewards to Federal health care program beneficiaries who receive COVID-19 vaccinations during the public health emergency violate OIG’s administrative enforcement authorities?
What are the implications, under OIG’s administrative sanction authorities, of an ambulance provider or supplier waiving or discounting beneficiary cost-sharing obligations (required by the Medicare program) resulting from ground ambulance services paid for by the Medicare program under a waiver established pursuant to section 1135(b)(9) of the Social Security Act?
Can a federally qualified health center (FQHC) with a location in a rural area provide free space to a retail pharmacy that administers COVID-19 vaccinations to FQHC patients and the general public (including Federal health care program beneficiaries)?
Can a non-provider philanthropic entity contract to provide certain administrative services to a health care provider relating to the operation of COVID-19 vaccination sites and be compensated on a per-vaccine basis?
Can a Federally Qualified Health Center (FQHC), including an entity that receives grant funds or designation under section 330 of the Public Health Service Act, conduct free COVID-19 diagnostic testing that has been cleared or approved by the Food and Drug Administration (FDA), is subject to an FDA-issued Emergency Use Authorization, or is covered by the Medicare program, including for Federal health care program beneficiaries, at community health fairs and via mobile testing in underserved communities impacted by COVID-19?
Can a provider or supplier such as a hospital, pharmacy, or health system provide other providers and suppliers with free items and services related to COVID-19 vaccine storage, distribution, redistribution, and/or administration?
A Federally Qualified Health Center (FQHC) received from a private foundation a $15,000 COVID-19 relief grant designated for emergency cash assistance for financially needy individuals. Can the FQHC furnish cash-equivalent gift cards, in specified amounts, to address social determinants of health for financially needy individuals, including Federal health care program beneficiaries who meet certain criteria?
Can a home health agency’s (HHA) staff members furnish free blood draws-provided that such blood draws are within the scope of the staff’s licenses-to assisted living facility residents who are Federal health care program beneficiaries and are not patients of the HHA?
Can clinical laboratories offer free COVID-19 antibody testing to Federal health care program beneficiaries who are contemporaneously receiving other medically necessary blood tests during the COVID-19 public health emergency?
Can an oncology practice offer free or discounted lodging to its financially needy patients who are Federal health care program beneficiaries if, prior to the COVID-19 public health emergency, such patients would have had access to free or discounted housing at a nonprofit lodging facility while receiving chemotherapy or radiation treatment?
Can a physician group that contracts with a nursing home to provide care to its residents furnish protective face masks-at no or reduced cost-to the nursing home if it is experiencing supply shortages due to the COVID-19 outbreak?
During the time period subject to the COVID-19 Declaration, can a clinical laboratory that bills Federal health care programs for laboratory tests to diagnose COVID-19 pay a retail pharmacy a fee for certain costs that the retail pharmacy incurs related to testing collection sites?
Why does the “OIG Policy Statement Regarding Application of Certain Administrative Enforcement Authorities Due to Declaration of Coronavirus Disease 2019 (COVID-19) Outbreak in the United States as a National Emergency” not incorporate sections II(B)(12)-(18) of the blanket waivers of the physician self-referral law as issued by the Secretary?
Can a hospital assist a Federally Qualified Health Center Look-Alike (FQHCLA) by suspending rental charges and forgoing the accrual of interest on a line of credit during the period subject to the COVID-19 Declaration to ensure the FQHCLA is able to continue to serve the medical needs of the community during the pandemic?
I am an eligible provider who received a distribution through the CARES Act Provider Relief Fund. Where do I sign my attestation?
Can mental health and substance use disorder providers accept donations from public entities (i.e., local, State, or Federal government entities), private charitable foundations, or health plans to fund cell phones, service or data plans, or both for patients who are financially needy or who do not own their own cell phone for the purpose of furnishing medically necessary services while in-person care is disrupted during the COVID-19 outbreak?
Can an oncology group practice provide free in-kind local transportation to and from an established patient’s home to an alternate practice location to receive medically necessary oncology care during the time period subject to the COVID-19 Declaration?
Can health care providers and practitioners furnish services, not to exceed their scope of practice, for free or at a reduced rate, to assist skilled nursing facilities (SNFs) or other long-term-care providers that are facing staffing shortages due to the COVID-19 outbreak?
Can a hospital provide access to its existing HIPAA-compliant, web-based telehealth platform for free to independent physicians on its medical staff to furnish medically necessary telehealth services during the time period subject to the COVID-19 Declaration?
As stated in the FAQs, the informal, nonbinding feedback provided “applies only to arrangements in existence solely during the time period subject to the COVID-19 Declaration” and that OIG may take a different position on arrangements that are the same or similar in nature that existed before the effective date of the COVID-19 Declaration or after the time such COVID-19 Declaration ends versus during the COVID-19 Emergency due to the emergency situation. Providers also are cautioned against to seek the advice of legal counsel about the potential risks and consequences of relying on FAQ or other COVID-19 relief where their proposed activity does not obviously meet all of the assumptions and requirements stated in the applicable FAQ or other guidance. In any event, providers should not rely on any relief provided by any of the FAQs after May 11, 2023.
Other Expiring Flexibilities
The expiration of the COVID-19 Declaration also will end relief granted during the COVID health care emergency by the Drug Enforcement Agency (“DEA”), the HHS Office of Civil Rights (“OCR”) and other agencies.
For example, the end of the COVID-19 Declaration will end COVID-19 flexibilities for prescribers and others granted by the DEA while the COVID-19 Declaration remained in effect, See here.
For example, health care providers and their patients may need to plan ahead to avoid unexpected medication and care disruptions that could arise when DEA temporary relief waving requirements for prescribers to register in each state to prescribe across state lines and relief allowing DEA-registered practitioners to issue prescriptions for controlled substances based on telemedicine consultations to patients for whom they have not conducted an in-person medical evaluation ends on May 11, 2023.
Likewise, health care providers also need to make any adjustments in their practices for handling and protecting protected health information needed due to the expiration in COVID-19 related flexibility granted by the HHS Office of Civil Rights (“OCR”) under the COVID-19 Declaration.
Specifically, OCR’s COVID-19 nonenforcement policies like the following also expire when the COVID-10 Declaration ends on May 11, 2023:
Beyond the expiration of these and other health care specific flexibilities, health care providers, like other businesses also should anticipate and take any necessary steps to confirm their ongoing compliance with any expired or expiring COVID-19 related relief and flexibilities granted on other federal and state employment, heath care, insurance, tax, and other laws in response to the COVID-19 Declaration or other state or local COVID-19 relief.
When reviewing existing practices for required or advisable adjustments in responses to the resolution of the COVID-19 Declaration or other COVID-19 relief, health care providers and other organizations also should assess their potential exposure from other known or potential deficiencies in their overall compliance while their operations were disrupted by the COVID-19 heath care emergency.
While federal and state agencies provided certain limited flexibility and relief in response to the COVID-19 pandemic, the majority of laws and regulations applicable to health care providers and other businesses remained in effect even as the pandemic shutdown and other disruptions disrupted staffing and other operations necessary reliably to monitor, enforce, document, keep records and perform other critical compliance functions. Accordingly, many health care and other businesses are funding themselves susceptible to compliant, audits, or other investigations or enforcement actions made by agencies, disgruntled employees, contractors, patients, vendors, or others, or both. Conducting compliance and risk assessments with these additional requirements within the scope of attorney client privilege may help identify and uncover opportunities to mitigate those exposures.
Enforcement Illustrates Advisability Of Caution
Health care providers are cautioned against overestimated the protection allowed by the COVID-19 flexibilities. Although the False Claims Act generally allows OIG and the Department of Justice (“”DOJ”) up to 10 years to find and prosecute providers providing care or engaging in other prohibited referrals, kickbacks or other activities, recent enforcement activities make clear the agencies are serious about enforcement against providers acting beyond the scope of the relief. For instance, an investigation and enforcement against Dr. Musaddiq Nazeeri resulted in his agreement to pay the United States $86,506.30 to resolve civil liability for alleged violations of the False Claims Act based on DOJ charges that between February 10, 2021 and January 21, 2022, Dr. Nazeeri billed Medicare for certain services that were not supported by the medical record. During the above timeframe, Dr. Nazeeri submitted Evaluation & Management (E&M) claims when the only service rendered was the administration of the COVID-19 vaccine. In the DOJ announcement of the settlement, HHS OIG Special Agent in Charge Maureen R. Dixon warned, “Investigating violations of the False Claims Act is a top priority,”
Bottom line: health care providers and others involved in providing care, treatment, referrals or other activities covered by the STARK, Fraud & Abuse, or other requirements of Medicare or Medicaid in reliance on flexibilities granted by OIG during the COVID-19 Declaration should cease to rely upon those flexibilities no later than May 11, 2023. In addition, health care providers are well advised to review any activities conducted in reliance upon these flexibilities during while the COVID-19 Declaration remained in effect to confirm that all conditions to qualify for those flexibilities were met or seek the assistance of legal counsel about whether and what corrective action is advisable.
More Information
We hope this update is helpful. For more information about the these or other health or other legal, management or public policy developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.
Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 35+ years of workforce and other management work, public policy leadership and advocacy, coaching, teachings, scholarship and thought leadership.
A Fellow in the American College of Employee Benefit Counsel, Chair of the American Bar Association (“ABA”) International Section Life Sciences and Health Committee, Chair-Elect of the ABA TIPS Section Medicine & Law Committee, Chair of the ABA Intellectual Property Section Law Practice Management Committee, Past Chair of the ABA Managed Care & Insurance Interest Group, Scribe for the ABA JCEB Annual Agency Meeting with HHS-OCR, past chair of the ABA RPTE Employee Benefits & Other Compensation Group and current co-Chair of its Welfare Benefit Committee, Ms. Stamer’s work throughout her 35 year career has focused heavily on working with health care and managed care, health and other employee benefit plan, insurance and financial services and other public and private organizations and their technology, data, and other service providers and advisors domestically and internationally with legal and operational compliance and risk management, performance and workforce management, regulatory and public policy and other legal and operational concerns. As an ongoing component of this work, she regularly advises, represents and defends businesses on Guideline Program and other compliance, risk management and other internal and external controls in a wide range of areas and has published and spoken extensively on these concerns.
Ms. Stamer also is widely recognized for her decades of pragmatic, leading edge work, scholarship and thought leadership on workforce, compensation, and other operations, risk management, compliance and regulatory and public affairs concerns.
For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.
IMPORTANT NOTICE ABOUT THIS COMMUNICATION
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.
NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author and Solutions Law Press, Inc.™ reserve the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving, and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The author and Solutions Law Press, Inc.™ disclaim, and have no responsibility to provide any update or otherwise notify anyone any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication. Readers acknowledge and agree to the conditions of this Notice as a condition of their access of this publication.
Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.
Healthcare and other businesses that disqualify applicants from employment based on past Marijuanna convictions need to prepare to respond to applicants presenting certificates of pardon of their prior federal conviction of simple Marijuanna conviction received under President Biden’s October 6, 2023 Presidential Proclamation on Marijuana Possession.
Biden Marijuanna Pardons
The Proclamation provided a blanket pardon for all prior federal and D.C. (but not state) offenses of simple possession of marijuana.
Those who were pardoned on October 6, 2022, are eligible for a certificate of pardon. Consistent with the proclamation, to be eligible for a certificate, an applicant must have been charged or convicted of simple possession of marijuana in either a federal court or D.C. Superior Court, and the applicant must have been lawfully within the United States at the time of the offense. Similarly, an individual must have been a U.S. citizen or lawful permanent resident on October 6, 2022. Those convicted of state marijuana offenses do not qualify for the pardon.
On March 3, 2023, the Justice Department announced the application process for issuing certificates of the pardons to pardoned individuals. This process allows pardoned individuals to get prof of their pardons to present to employers and others. Consequently health care and other businesses should prepare to respond to applicants presenting these certificates.
When he made the pardon proclamation, President Biden directed the Justice Department to develop a process for individuals to receive their certificate of pardon. On March 3, 2023, the Justice Department issued an application for eligible individuals to receive certificate of proof that they were pardoned under the Oct. 6, 2022, proclamation by President Biden.
The online application available on the Office of the Pardon Attorney’s website: Application for Certificate of Pardon allows eligible persons to submit documentation to the Office of the Pardon Attorney and receive a certificate indicating the person was pardoned on October 6, 2022, for simple possession of marijuana.
President Biden said when making his proclamation he intended the pardons to “help relieve the consequences arising from these convictions.” The President’s pardon, effective Oct. 6, 2022, may assist pardoned persons by removing civil or legal disabilities such as restrictions on the right to vote, to hold office or to sit on a jury that are imposed because of the pardoned conviction. Proofs of pardon also may help those pardoned to obtain licenses, bonding or employment.
Potential Employer Challenges
The pardons are likely to create concerns for health care and other employers who currently disqualify applicants from eligibility for employment based on drug related criminal conditions where the employer remains subject to statutory, regulatory, contractual or other requirements prohibiting employment of workers with prior or current history of drug offenses or use.
As a starting point, employers should carefully review their own existing policies as well as any statutory, regulatory contractual requirements applicable to their workforce to assess the implications of the pardons on the employment eligibility of a pardoned worker. Ambiguities are likely to arise under many policies, particularly where a hugyirunof drug use or possession is disqualifying without a requirement of a conviction.
Employers contemplating continuing to disqualify pardoned applicants for safety or other reasons probably should seek the advice of legal counsel. Some pardoned applicants might argue an employer’s reliance on a pardoned criminal drug conviction constitutes prohibited discrimination based on a history of prior drug dependence that violates the Americans With Disabilities Act or other discrimination laws. Statements made by President Biden and others within the Administration suggest the Equal Employmrnt Opportunity omission might support these or similar arguments in furtherance of promotion if President Biden’s policy of facilitating opportunities for employment for individuals recovering from substance abuse.
Employers also may struggle with equity questions raised by the pardoning of federal convicts but not those with state convictions.
Employers should monitor Equal Employment Opportunities Commission and other guidance and seek advice of experienced legal counsel to develop and administer hiring policies to mitigate potential exposures.
More Information
We hope this update is helpful. For more information about the these or other health or other legal, management or public policy developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.
Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 35+ years of workforce and other management work, public policy leadership and advocacy, coaching, teachings, scholarship and thought leadership.
A Fellow in the American College of Employee Benefit Counsel, Vice Chair of the American Bar Association (“ABA”) International Section Life Sciences and Health Committee, Past Chair of the ABA Managed Care & Insurance Interest Group, Scribe for the ABA JCEB Annual Agency Meeting with HHS-OCR, past chair of the ABA RPTE Employee Benefits & Other Compensation Group and current co-Chair of its Welfare Benefit Committee, Ms. Stamer’s work throughout her 35 year career has focused heavily on working with health care and managed care, health and other employee benefit plan, insurance and financial services and other public and private organizations and their technology, data, and other service providers and advisors domestically and internationally with legal and operational compliance and risk management, performance and workforce management, regulatory and public policy and other legal and operational concerns. As an ongoing component of this work, she regularly advises, represents and defends businesses on Guideline Program and other compliance, risk management and other internal and external controls in a wide range of areas and has published and spoken extensively on these concerns.
Ms. Stamer also is widely recognized for her decades of pragmatic, leading edge work, scholarship and thought leadership on workforce, compensation, and other operations, risk management, compliance and regulatory and public affairs concerns.
For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.
About Solutions Law Press, Inc.™
Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here.
IMPORTANT NOTICE ABOUT THIS COMMUNICATION
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.
NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author and Solutions Law Press, Inc.™ reserve the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving, and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The author and Solutions Law Press, Inc.™ disclaim, and have no responsibility to provide any update or otherwise notify anyone any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication. Readers acknowledge and agree to the conditions of this Notice as a condition of their access of this publication.
Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.
A new $4 million settlement by Lakeland Regional Medical Center (LRMC) in Lakeland, Florida, alerts other health care providers and state and local governments administering Medicaid funded care to confirm their arrangements don’t involve prohibited donations.
Under federal law, a state’s share of Medicaid payments must consist of state or local government funds, and may not come from “non-bona fide donations” from private health care providers, such as hospitals.
A non-bona fide donation is a payment in cash or in kind from a private provider to a governmental entity that is then returned to the private provider through a payment by Medicaid.
Because Medicaid services are reimbursed jointly by the federal and state governments, a non-bona fide donation causes federal expenditures to increase without any corresponding increase in state expenditures, since the state share of the Medicaid payments to the provider comes from and is returned to the provider. The prohibition of this practice ensures that states are in fact paying a share of Medicaid payments and thus have an incentive to curb Medicaid costs and prevent unnecessary services.
LMRC has agreed to pay the United States $4 million to resolve allegations that it made prohibited donations to a local unit of government to improperly fund the state’s share of Medicaid payments to LRMC.
The United States alleged that, between October 2014 and September 2015, LRMC made improper, non-bona fide donations to Polk County, Florida by assuming and paying certain of Polk County’s financial obligations to other healthcare providers. These donations were designed to increase Medicaid payments received by LRMC, by freeing up funds for the County to make payments to the State as the state share of Medicaid payments to LRMC. This state share was “matched” by the federal government before being returned to LRMC as Medicaid payments. The Medicaid payments LRMC received were thus funded by the federal government and LRMC’s own donations, in violation of the prohibition on non-bona fide donations.
More Information
We hope this update is helpful. For more information about the these or other health or other legal, management or public policy developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.
Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 35+ years of workforce and other management work, public policy leadership and advocacy, coaching, teachings, scholarship and thought leadership.
A Fellow in the American College of Employee Benefit Counsel, Vice Chair of the American Bar Association (“ABA”) International Section Life Sciences and Health Committee, Past Chair of the ABA Managed Care & Insurance Interest Group, Scribe for the ABA JCEB Annual Agency Meeting with HHS-OCR, past chair of the ABA RPTE Employee Benefits & Other Compensation Group and current co-Chair of its Welfare Benefit Committee, Ms. Stamer’s work throughout her 35 year career has focused heavily on working with health care and managed care, health and other employee benefit plan, insurance and financial services and other public and private organizations and their technology, data, and other service providers and advisors domestically and internationally with legal and operational compliance and risk management, performance and workforce management, regulatory and public policy and other legal and operational concerns. As an ongoing component of this work, she regularly advises, represents and defends businesses on Guideline Program and other compliance, risk management and other internal and external controls in a wide range of areas and has published and spoken extensively on these concerns.
Ms. Stamer also is widely recognized for her decades of pragmatic, leading edge work, scholarship and thought leadership on workforce, compensation, and other operations, risk management, compliance and regulatory and public affairs concerns.
For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.
IMPORTANT NOTICE ABOUT THIS COMMUNICATION
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.
NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author and Solutions Law Press, Inc.™ reserve the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving, and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The author and Solutions Law Press, Inc.™ disclaim, and have no responsibility to provide any update or otherwise notify anyone any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication. Readers acknowledge and agree to the conditions of this Notice as a condition of their access of this publication.
Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.
This week’s announcement of the criminal sentencing of the co-founder of a clinic that pleaded guilty to health care fraud and other federal crimes for involvement in a scheme to defraud self-insured health plans and the Justice Department announcement of its filing of health care fraud and other federal criminal charges against two operators of a chain of substance abuse clinics for their alleged involvement in a scheme to file false claims with private health plans, Medicare and Medicaid remind health care providers and others participating in schemes to defraud private or public health plans risk criminal conviction.
This week, the U.S. District Court for the Western District of Kentucky ordered the co-founder of a that Yesdel Acosta Perez to time served of 14 months in prison and to pay $258,507 in restitution for his role in causing health care clinics he cofounded to bill 15 self-funded health plans for $4.7 million in medical services never provided. The conviction reminds health plans, health care providers and others that fraudulently billing self-insured or other private health plans can result in criminal conviction punishable as felony under multiple provisions of the United States Criminal Code. Acosta Perez’ sentencing coincides with the Justice Department’s announcement of its March 2, 2023 filing of similar criminal charges against the operator of a chain of substance abuse clinics and others for their alleged involvement in millions of dollars of false charges billed to private health plans, Medicare and Medicaid for substance abuse addition treatment not provided.
The conviction and sentencing of Acosta Perez and the newly announced charges against operators of a chain of addiction treatment clinics in Massachusetts and Rhode Island and others for alleged health care fraud aggravated identity theft, money laundering and obstruction in relation to alleged billing of millions of dollars of false charges to private health plans, Medicare and Medicaid for substance abuse treatment by clinics highlight the continuing threat fraudulent actors present for self-insured and other private health plans, Medicare and Medicaid, as well as the potential criminal prosecution and consequences those individuals convicted of these crimes risk from their criminal activity.
Acosta Perez Conviction & Sentencing
The co-founder of Romero Rehabilitation Physical Therapy Inc. and Empire USA Inc. in Louisville and Imaging Group Center Inc. in Atlanta plead guilty to one count of conspiracy to commit healthcare fraud in February, 2023, after the U.S. Department of Labor found the operators collected $258,000 from 15 self-funded healthcare benefit programs for services they never provided based on fraudulent claims made between 2016 and 2018.
In June, 2018, a federal grand jury indicted Acosta Perez and fellow co-founder Eduardo Chinea-Martinez and others on multiple counts of Health Care Fraud in violation of 18 U.S.C. §1347, Theft from a Health Care Benefit Program in violation of 18 U.S.C. §669, Aggravated Identity Theft in violation of 18 U.S 8 U.S.C. §1028A, Money Laundering in violation of 18 U,S,C. §1956, Mail Fraud in violation of 18 U.S.C Chapter 63 and aiding and abetting in the commission of these violations under 18 U.S.C. §1349. billing various healthcare benefit programs through claims administrators Humana, CIGNA and United Healthcare for $4.7 million for services never provided. The U.S. Criminal Code authorized potential sentences of between 10 to 20 years of imprisonment as well as subjected charged defendants to asset forfeiture upon conviction.
The grand jury inditement and subsequent prosecution of Acosta Perz and a fellow co-founder resulted from an Employee Benefit Security Benefit Administration investigation that found that, between May 2015 and January 2016, Acosta Perez and Eduardo Chinea-Martinez co-founded three companies to intentionally defraud various healthcare benefit programs. Investigators also determined Acosta Perez opened bank accounts for the fictitious businesses at JPMorgan Chase Bank, Wells Fargo Bank and Bank of America. Acosta Perez and Chinea-Martinez. The indictment charges that Acosta Perez and Chinea-Martinez misappropriated and used patients’ names, dates of birth, insurance/policy numbers, addresses, and patient IDs/Social Security Numbers, without the patients’ knowledge and names and National Provider Numbers (“NPIs”) from uninvolved doctors without the doctors’ knowledge to create claims for payment by representing these uninvolved doctors and clinics allegedly ordered or performed the services in the false and fraudulent billings submitted by defendants for payment to submit fraudulent claims. The fraudulent claims directed the plans to send payment for the billed services to a Regus virtual office location in Louisville, Kentucky. Acosta Perez then directed Regus via email to forward all mail to Romero Rehabilitation Physical Therapy. According to the indictment, using this process to submit claims for payment for the fraudulent services, Chinea-Martinez and Acosta Perez billed approximately $4,700,000 in fraudulent medical services to the self-insured plans and received payment for $258,000.
In March 2020, the court sentenced Chinea-Martinez to 42 months in prison and three years of supervised release for his part in the scheme. However, before his in June 2018, Acosta Perez fled the U.S. On July 22, 2022, however, the Italian government granted the request of the U.S. for the extradition of Acosta Perez and surrendered him to U.S. authorities. Acosta-Perez was arrested in June 2022.
New Health Care Fraud Charges Against Rhode Island and Massachusetts Addiction Treatment Chain Operators
Acosta-Perez’s sentencing coincides with the Justice Department’s March 2, 2023 announcement of its filing of a host of similar charges in Rhode Island against the operator of a chain of addiction treatment clinics and others for alleged aggravated identity theft, money laundering and obstruction in relation to theft of the identities and other patient and provider information and using their information to file false charges billed to private health plans, Medicare and Medicaid for substance abuse treatment by clinics.
Michael Brier, Mi Ok Bruining and Recovery Connections Centers of America, Inc. (RCCA) are charged in a federal criminal complaint with health care fraud and Michael Brier also is charged with aggravated identity theft, money laundering and obstruction. In addition, the treatment center and its former supervisory counselor were also charged with health care fraud. The Justice Department announcement of these charges reminds readers that its federal criminal complaint is merely an accusation and that the defendants are presumed innocent unless and until proven guilty.
The Justice Department alleges in court documents that, Brier, Bruining, and RCCA shortchanged Rhode Island and Massachusetts substance abuse disorder patients out of much needed counseling and treatment services, while defrauding Medicare, Medicaid, and other health insurers out of millions of dollars.
According to the charging documents, Brier, Bruining and RCCA operated a chain of addiction treatment centers but failed to provide the patients with the required counseling sessions and treatment, while simultaneous billing Medicare, Medicaid and other health care payors for 45-minute counseling sessions on a routine basis even though the sessions were not more than 15 minutes, and often only 5-10 minutes or less. At times, so many counseling sessions were billed at this level that the total amount of time would be impossible for the available therapist to have provided in any 24 hours period.
Brier and RCCA are also alleged to have caused a fraudulent application to be submitted to Medicare which, among other things, misrepresented and concealed the role that Brier was playing in the business and failed to disclose Brier’s 2013 criminal conviction for federal tax crimes, which was relevant to Medicare’s consideration of the application.
The Complaint also alleges that Brier purported to practice medicine and wrote and caused to be filled fraudulent prescriptions using the names and prescriber information, including Drug Enforcement Administration numbers, of doctors without their permission.
Brier is also alleged to have falsified a document in a matter within the jurisdiction of an agency of the United States by causing the Medical Director to sign a false and back-dated document.
The complaint alleges that defendants caused millions of dollars in fraudulent billings to be submitted to Medicare and millions more in fraudulent billings to other health care payors. The government is also seeking to forfeit thirteen bank accounts, two buildings, and two vehicles allegedly realized by the defendants as a result of the alleged criminal conduct.
The two prosecutions highlight the serious criminal consequences that health care providers or others participating in schemes to defraud employer or union sponsored self-insured health plans, group or individual health insurance, Medicare, Medicaid or other public or private health care programs can face under a host of federal criminal statutes. The felony liability imposed under these statutes makes it critical that health care providers, payers and other organizations involved in providing or billing for health care services both ensure that their programs are designed and administered to be legally defensible as well as to guard against the misuse of their systems, operations or data by insiders from misappropriating and using their systems, practices or data for illicit billing or other fraudulent purposes.
To maintain and promote the effectiveness of these efforts, organizations and their leaders also should consider the advisability of enhancing these fraud and other compliance efforts, as well as updating their organization’s Federal Sentencing Guideline and other compliance programs and practices in light of the new corporate criminal conduct Voluntary Self-Disclosure Policy (“VSD policy”) announced by the Department of Justice on February 23, 2023. Concurrently, organizations and their leaders also will want to monitor and respond promptly to Justice Department statements and congressional recommendations on proposed Guideline changes providing critical insights into the Justice Department’s planned interpretation and enforcement of federal criminal laws and the Guidelines against organizations and their leaders like those available here. For more information about the VSD policy and its implications on your organization under the Federal Sentencing Guidelines, see Ensure Health Care & Other Compliance Practices Updated For New DOJ Voluntary Disclosure Policy.
More Information
We hope this update is helpful. For more information about the these or other health or other legal, management or public policy developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.
Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 35+ years of workforce and other management work, public policy leadership and advocacy, coaching, teachings, scholarship and thought leadership.
A Fellow in the American College of Employee Benefit Counsel, Vice Chair of the American Bar Association (“ABA”) International Section Life Sciences and Health Committee, Past Chair of the ABA Managed Care & Insurance Interest Group, Scribe for the ABA JCEB Annual Agency Meeting with HHS-OCR, past chair of the ABA RPTE Employee Benefits & Other Compensation Group and current co-Chair of its Welfare Benefit Committee, Ms. Stamer’s work throughout her 35 year career has focused heavily on working with health care and managed care, health and other employee benefit plan, insurance and financial services and other public and private organizations and their technology, data, and other service providers and advisors domestically and internationally with legal and operational compliance and risk management, performance and workforce management, regulatory and public policy and other legal and operational concerns. As an ongoing component of this work, she regularly advises, represents and defends businesses on Guideline Program and other compliance, risk management and other internal and external controls in a wide range of areas and has published and spoken extensively on these concerns.
Ms. Stamer also is widely recognized for her decades of pragmatic, leading edge work, scholarship and thought leadership on workforce, compensation, and other operations, risk management, compliance and regulatory and public affairs concerns.
For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.
IMPORTANT NOTICE ABOUT THIS COMMUNICATION
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.
NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author and Solutions Law Press, Inc.™ reserve the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving, and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The author and Solutions Law Press, Inc.™ disclaim, and have no responsibility to provide any update or otherwise notify anyone any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication. Readers acknowledge and agree to the conditions of this Notice as a condition of their access of this publication.
Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.
Former Missouri state representative Patricia “Tricia” Ashton Derges was sentenced in federal court for a nearly $900,000 COVID-19 fraud scheme, as well as a separate $200,000 fraud scheme in which she made false claims about a fake stem cell treatment marketed through her clinics in southern Missouri, and for illegally providing prescription drugs to clients of those clinics.
U..S. District Judge Brian C. Wimes sentenced Derges to six years and three months in federal prison without parole and ordered Derges to pay $500,600 in restitution to her victims.
“Derges exploited her position as an elected official and a medical professional to benefit herself financially with complete disregard, to not only her constituents, but to the oath she took as a health care professional to do no harm,” said Charles Dayoub, Special Agent in Charge of FBI Kansas City. “She not only fraudulently received nearly $300,000 in CARES Act funds, but also deceived patients by marketing fake stem cell treatment and illegally provided drugs to clients of her clinics. Her actions were a betrayal of trust, eroding the very core of our confidence in a system we rely on and damaging the public’s trust not only in our elected officials but in our health care system.”
Derges was elected in November 2020 as a Missouri state representative in District 140 (Christian County) and served one term. Derges, who was never a physician, surrendered her physician’s assistant license on June 29, 2023. Derges formerly operated three for-profit Ozark Valley Medical Clinic locations in Springfield, Ozark, and Branson, Mo. Derges also operated the non-profit corporation Lift Up Someone Today, Inc., with a medical and dental clinic in Springfield.
COVID-19 Fraud Scheme
Derges was convicted of three counts of wire fraud related to her attempt to fraudulently receive nearly $900,000 in CARES Act funds. Derges actually was awarded $296,574 in CARES Act funds for Lift Up, although Lift Up did not provide any COVID-19 testing services to its patients. In fact, Lift Up’s medical clinic closed at the beginning of the COVID-19 pandemic and remained closed from March to June 2020.
Derges sought CARES Act funding for COVID-19 testing that had been provided, and already paid for, at her for-profit Ozark Valley Medical Clinic. Derges requested reimbursement for $379,294 in COVID-19 testing and related expenses, and future funding in the amount of $503,350. In total, Derges applied for $882,644 from the CARES Act Relief Fund on Lift Up’s behalf.
Congress passed the Coronavirus Aid, Relief, and Economic Security (CARES) Act in March 2020, which provided $150 billion to states, tribal governments, and units of local government. Missouri was allocated approximately $2.3 billion. Missouri allocated approximately $34 million in CARES Act funds to Greene County. To administer the CARES Act funds it received, the Greene County Commission created the CARES Act Relief Fund to “promote recovery by funding programs and services that support the needs of those impacted by the COVID-19 public health emergency.” An advisory council of 30 citizen volunteers was appointed to review funding requests and make funding recommendations to the Greene County Commission.
Derges claimed in her application to the Greene County CARES Act Relief Fund that Lift Up provided COVID-19 testing and sought reimbursement for “COVID-19 eligible expenses” that Lift Up had incurred. To support her claim, Derges provided invoices totaling $296,574 from Dynamic DNA for more than 3,000 COVID-19 laboratory tests. Derges submitted the Dynamic DNA invoices as Lift Up expenditures, although they were actually for testing done at Derges’s for-profit Ozark Valley Medical Clinic.
Lift Up, a non-profit charity, and Ozark Valley Medical Clinic, a for-profit corporation, are separate legal entities. Ozark Valley Medical Center had already received payment from its clients of approximately $517,000 for these COVID-19 tests. Ozark Valley Medical Center charged clients, patients, or their patients’ employers approximately $167 per sample for its COVID-19 testing services. Derges concealed from Greene County that these COVID-19 tests had already been paid for by other payors.
In December 2020, the Greene County Commission awarded Lift Up $296,574 in CARES Act funding based upon Lift Up’s fraudulent application and the Dynamic DNA invoices Derges had submitted. Derges deposited the check into Lift Up’s bank account, then transferred the funds into Ozark Valley Medical Center’s bank account.
Derges provided several more invoices from Dynamic DNA to Greene County later in December 2020 to further support her application for Lift Up, although the invoices were actually for testing done for clients at Ozark Valley Medical Center, raising the total to $589,143 for 6,177 COVID-19 tests. Derges concealed from Greene County that Ozark Valley Medical Center already had been paid approximately $1 million by clients, patients, or their patients’ employers, for these COVID-19 tests.
Stem Cell Fraud Scheme
Derges also was convicted of seven counts of wire fraud related to a nearly $200,000 fraud scheme, which lasted from December 2018 to May 2020. Derges marketed a stem cell treatment that actually utilized amniotic fluid that did not contain any stem cells. The federal indictment charged her with defrauding four specific victims, each of whom testified during the trial.
Derges exclusively obtained amniotic fluid from the University of Utah, which she marketed under the name Regenerative Biologics. Derges advertised Ozark Valley Medical Clinic as a “Leader in … Regenerative Medicine,” including stem cells, and marketed her “stem cell” practice through seminars, media interviews, and social media. Derges made similar claims in personal consultations.
In fact, however, the amniotic fluid Derges administered to her patients did not contain mesenchymal stem cells, or any other stem cells. The amniotic fluid she obtained from the University of Utah was a sterile filtered amniotic fluid allograft (a tissue graft comprised of human amniotic membrane and amniotic fluid components derived from placental tissue). The amniotic fluid allograft was “acellular,” meaning it did not contain any cells, including stem cells.
Despite being told by the University of Utah that the University of Utah’s amniotic fluid allograft was “acellular” and did not contain mesenchymal stem cells, Derges continued to tell her patients and the public that the amniotic fluid allograft contained stem cells.
Derges administered amniotic fluid, which she falsely claimed contained stem cells, to patients who suffered from, among other things, tissue damage, kidney disease, chronic obstructive pulmonary disease (COPD), Lyme disease, and urinary incontinence. In an April 11, 2020, Facebook post Derges wrote of amniotic fluid allograft: “This amazing treatment stands to provide a potential cure for COVID-19 patients that is safe and natural.”
The University of Utah sold its amniotic fluid allograft to Derges for approximately $244 per milliliter and $438 for two milliliters. Derges charged her patients $950 to $1,450 per milliliter. In total, Derges’s patients paid her approximately $191,815 for amniotic fluid that did not contain stem cells.
Controlled Substances Act
Derges also was convicted of 10 counts of distributing Oxycodone and Adderall over the internet without valid prescriptions. Derges, without conducting in-person medical evaluations of the patients, wrote electronic prescriptions for Oxycodone and Adderall for patients and transmitted them to pharmacies over the internet.
Because none of the assistant physicians whom Derges employed at Ozark Valley Medical Clinic could prescribe Schedule II controlled substances, it was the standard practice of the assistant physicians to see a patient and later communicate to Derges the controlled substances they wanted her to prescribe to their patients. Derges, without conducting an in-person medical evaluation of the patients as required by federal law, wrote electronic prescriptions for the patients and transmitted the prescriptions over the internet to pharmacies.
False Statements
Derges also was convicted of two counts of making false statements to federal agents investigating this case in May 2020.
Derges told agents that the amniotic fluid allograft that she used in her practice contained mesenchymal stem cells, which she knew was false. Derges also told federal agents that she had not treated a patient for urinary incontinence with amniotic fluid allograft, which she knew was false.
Convictions
On June 28, 2022, Derges was found guilty at trial of 10 counts of wire fraud, 10 counts of distributing drugs over the internet without a valid prescription, and two counts of making false statements to a federal law enforcement agent.
The convictions remind other healthcare providers, their practices and their leaders of the risks of violating federal, false claims act and other laws in relation to the practice of healthcare and investigations of fraud, or other misconduct connected to their practices. healthcare providers, or healthcare practices that suspect that they or others practicing as their employee, practitioners or agents have engaged in these or other violations of federal healthcare laws should contact counsel to explore their responsibilities and potential liability under the Federal Sentencing Guidelines, and other laws.
More Information
When investigating and responding to a violation, it is critically important to document the timing and details of the discovery of a potentially concern
We hope this update is helpful. For more information about the these or other health or other legal, management or public policy developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.
Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 35+ years of workforce and other management work, public policy leadership and advocacy, coaching, teachings, scholarship and thought leadership.
A Fellow in the American College of Employee Benefit Counsel, Vice Chair of the American Bar Association (“ABA”) International Section Life Sciences and Health Committee, Past Chair of the ABA Managed Care & Insurance Interest Group, Scribe for the ABA JCEB Annual Agency Meeting with HHS-OCR, past chair of the ABA RPTE Employee Benefits & Other Compensation Group and current co-Chair of its Welfare Benefit Committee, Ms. Stamer’s work throughout her 35 year career has focused heavily on working with health care and managed care, health and other employee benefit plan, insurance and financial services and other public and private organizations and their technology, data, and other service providers and advisors domestically and internationally with legal and operational compliance and risk management, performance and workforce management, regulatory and public policy and other legal and operational concerns. As an ongoing component of this work, she regularly advises, represents and defends businesses on Guideline Program and other compliance, risk management and other internal and external controls in a wide range of areas and has published and spoken extensively on these concerns.
Ms. Stamer also is widely recognized for her decades of pragmatic, leading edge work, scholarship and thought leadership on workforce, compensation, and other operations, risk management, compliance and regulatory and public affairs concerns.
For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.
Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here.
IMPORTANT NOTICE ABOUT THIS COMMUNICATION
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.
NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author and Solutions Law Press, Inc.™ reserve the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving, and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The author and Solutions Law Press, Inc.™ disclaim, and have no responsibility to provide any update or otherwise notify anyone any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication. Readers acknowledge and agree to the conditions of this Notice as a condition of their access of this publication.
Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.
Health care, life sciences and other organizations and their leaders generally recognize the need for effective compliance programs to mitigate their organizational and individual criminal liability risks for violations of the constantly widening plethora of federal health care, tax, marketing, labor and employment, antitrust, marketing, securities, cyber liability, safety, environmental and other laws.
To maintain and promote the effectiveness of these efforts, organizations and their leaders now need to consider advisability of enhancements or other modifications of their organization’s Federal Sentencing Guideline and other compliance programs and practices in light of the new corporate criminal conduct Voluntary Self-Disclosure Policy (“VSD policy”) announced by the Department of Justice on February 23, 2023. Concurrently, organizations and their leaders also will want to monitor and respond promptly to Justice Department statements and congressional recommendations on proposed Guideline changes providing critical insights into the Justice Department’s planned interpretation and enforcement of federal criminal laws and the Guidelines against organizations and their leaders like those available here.
While the application of the VSP policy inherently requires subjective decision-making, the VSP policy and other emerging statements reenforces to organizations and their leaders the advisability of ensuring their organizations adopt and administer effective Federal Sentencing Guideline compliance programs for the ever-growing list of laws applicable to their organizations that carry potential felony and class A misdemeanor criminal liability and timely to investigate and self-disclose violations with the assistance of legal counsel in accordance with the Guideline requirements for liability mitigation to mitigate the potential liability exposure of the organization and its leader.
Chapter 8 of the Federal Sentencing Guidelines sets standards for assessment of criminal liability and punishment against corporations, partnerships, labor unions, pension funds, trusts, non-profit entities, and governmental unit (“organizations”) and their leaders for legal violations committed by the organization that carry felony or Class A misdemeanor liability or when the Federal Sentencing Guidelines impute criminal liability to the organization for criminal acts that an employee of the organization commits an act within the apparent scope of his employment.
The standards for organizational sentencing offer organizations the opportunity to mitigate their liability exposure if it can persuade the prosecuting U.S. attorneys office (“USAO”) it had in place and followed an effective compliance program, promptly reported the violation to the authorities, and that high level were not involved in the actual offense conduct. On the other hand, an organization the organization’s lack of an effective compliance program, delay in investigation, cover-up or failure or delay or timely disclose and make restitution for violations are aggravating factors that can increase its potential sanction.
According to the Justice Department, the Justice Department intends that the VSD policy ensure that organizations can rely on receiving the same treatment and benefits for voluntarily self-disclosing criminal conduct under the Federal Sentencing Guidelines organizational liability rules to any USAO no matter where the organization operates by setting “a nationwide standard” for how USAOs will determine whether an organization has made a voluntary self-disclosure and making transparent the specific, tangible benefits to an organization that the USAO will offer the organization for making a voluntary self-disclosure, fully cooperating, and remediating the criminal conduct.
In furtherance of this goal, the new VSD policy provides that a USAG will consider an organization to have made a VSD for purposes of the Federal Sentencing Guidelines if it becomes aware of misconduct by employees or agents before that misconduct is publicly reported or otherwise known to the DOJ, and discloses all relevant facts known to the company about the misconduct to USAO in a timely fashion before an imminent threat of disclosure or government investigation.
In the absence of any aggravating factor, the VSD policy calls for the USAG “significant benefits” to a corporation that voluntarily self-discloses criminal conduct committed by its employee or agent in accordance with the VSD policy, fully meets the other requirements of the VSD policy, fully cooperates and timely and appropriately remediates the criminal conduct including agreeing to pay all disgorgement, forfeiture, and restitution resulting from the misconduct. The promised significant benefits for organizations making a qualifying VSD include that the USAO:
Will not seek a guilty plea;
May choose not to impose any criminal penalty and in any event will not impose a criminal penalty that is greater than 50% below the low end of the United States Sentencing Guidelines (USSG) fine range; and
Will not seek the imposition of an independent compliance monitor if the company demonstrates that it has implemented and tested an effective compliance program.
The VSD policy identifies three aggravating factors that could warrant a USAO seeking a guilty plea even if the other requirements of the VSD policy are met:
If the misconduct poses a grave threat to national security, public health, or the environment;
If the misconduct is deeply pervasive throughout the company; or
If the misconduct involved current executive management of the company.
The Justice Department says the presence of an aggravating factor does not necessarily mean that a guilty plea will be required. Rather, the USAO will assess the relevant facts and circumstances to determine the appropriate resolution. If a guilty plea is ultimately required, the Justice Department says the organization will still receive the other benefits under the VSD policy, including that the USAO will recommend a criminal penalty of at least a 50% and up to a 75% reduction off the low end of the USSG fine range, and that the USAO will not require the appointment of a monitor if the company has implemented and tested an effective compliance program.
In cases where a company is being jointly prosecuted by a USAO and another DOJ component, or where the misconduct reported by the company falls within the scope of conduct covered by VSD policies administered by other DOJ components, the USAO will coordinate with, or, if necessary, obtain approval from, the DOJ component responsible for the VSD policy specific to the reported misconduct when considering a potential resolution. Consistent with relevant provisions of the Justice Manual and as allowable under alternate VSD policies, the USAO may choose to apply any provision of an alternate VSD policy in addition to, or in place of, any provision of its policy.
VSD Policy Reenforces Necessity of Effective Compliance Program & Guideline Compliance
The stated goal of the VSD policy to incentivize companies to maintain effective compliance programs capable of identifying misconduct, expeditiously and voluntarily disclose and remediate misconduct, and cooperate fully with the government in corporate criminal investigations sends a strong message to organizations and their leaders to maintain and administer effective compliance programs and follow the VSD policy promptly when issues arise.
While the Justice Department touts the benefits of compliance with the VSD policy, its adoption also carries an implicit warning to organizations against failing to comply with its provisions.
With the Biden Administration accelerating enforcement of a wide range of federal laws carrying criminal liability, organizations and their leaders should heed this warning by auditing and enhancing their and their organization’s potential criminal exposures and the adequacy of their compliance policies, practices and documentation.
Because of the highly sensitive nature Campus of this type of analysis for the organization and its leaders, before starting the review, and throughout its conduct organizations are urged to engage and seek guidance from qualified legal counsel to position their review for protection, within the scope of attorney, client privilege, and other evidentiary protections, as well as to maximize the benefit of the effort undertaken in the event of future investigations or enforcement.
Possessing an up-to-date understanding of legal obligations, caring, criminal liability exposure is absolutely critical to the effectiveness of this review. With laws and regulations constantly changing, and organizations, and their leaders must start by ensuring their organizations’ processes for monitoring and identifying laws, carrying potential criminal liability, exposure or otherwise, requiring corporate compliance programs are robust and up to date.
When implementing compliance procedures, for any specific law, organizations, and their leaders will also want to ensure that their processes and policies are designed to meet the seven criterial that Chapter 8 of the Federal Sentencing Guidelines outlines for establishing an “effective compliance program”
The maintenance and enforcement of compliance standards and procedures reasonably capable of reducing the prospect of criminal activity;
Oversight by high-level personnel;
Due care in delegating substantial discretionary authority;
Effective Communication to all levels of employees;
Reasonable steps to achieve compliance, which include systems for monitoring, auditing, and reporting suspected wrongdoing without fear of reprisal.
Consistent enforcement of compliance standards including disciplinary mechanisms; and
Reasonable steps to respond to and prevent further similar offenses upon detection of a violation.
Taking into account these criteria and the new VSP policy, organizations and their leaders also should ensure their organization has appropriate procedures and protocols for receiving, investigating and reports of potential violations and the organization’s timely and appropriate response in a manner that best positions the organization to demonstrate the culture of compliance, and other factors necessary to qualify for the maximum leniency under the guidelines. in a manner that best positions the organization to demonstrate the culture of compliance, and other factors necessary to qualify for the maximum leniency under the guidelines.
When designing and administering compliance investigations and responses, documentation and other evidence regarding actions taken, communications and deliberations, play a key role in deciding how the organization and its leaders will be treated under the VCD policy and the guidelines. For this reason, organization should include appropriate procedures to determine when and how legal counsel will become involved to guide the process and allow for the use of attorney client privilege to help protect, sensitive discussions along the way. Legal counsel also should assist in documenting the process and findings for presentation to the Justice Department and subsequent communications with it through resolution.
More Information
When investigating and responding to a violation, it is critically important to document the timing and details of the discovery of a potentially concern
We hope this update is helpful. For more information about the these or other health or other legal, management or public policy developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.
Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 35+ years of workforce and other management work, public policy leadership and advocacy, coaching, teachings, scholarship and thought leadership.
A Fellow in the American College of Employee Benefit Counsel, Vice Chair of the American Bar Association (“ABA”) International Section Life Sciences and Health Committee, Past Chair of the ABA Managed Care & Insurance Interest Group, Scribe for the ABA JCEB Annual Agency Meeting with HHS-OCR, past chair of the ABA RPTE Employee Benefits & Other Compensation Group and current co-Chair of its Welfare Benefit Committee, Ms. Stamer’s work throughout her 35 year career has focused heavily on working with health care and managed care, health and other employee benefit plan, insurance and financial services and other public and private organizations and their technology, data, and other service providers and advisors domestically and internationally with legal and operational compliance and risk management, performance and workforce management, regulatory and public policy and other legal and operational concerns. As an ongoing component of this work, she regularly advises, represents and defends businesses on Guideline Program and other compliance, risk management and other internal and external controls in a wide range of areas and has published and spoken extensively on these concerns.
Ms. Stamer also is widely recognized for her decades of pragmatic, leading edge work, scholarship and thought leadership on workforce, compensation, and other operations, risk management, compliance and regulatory and public affairs concerns.
For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.
Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here.
IMPORTANT NOTICE ABOUT THIS COMMUNICATION
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.
NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author and Solutions Law Press, Inc.™ reserve the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving, and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The author and Solutions Law Press, Inc.™ disclaim, and have no responsibility to provide any update or otherwise notify anyone any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication. Readers acknowledge and agree to the conditions of this Notice as a condition of their access of this publication.
Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.
New policy guidance issued by the U.S. Citizenship and Immigration Services (“ICE”) could impact employment options of medical, nursing, technology and other foreign students options for work under F-1 student visas.
ICE’s new guidance clarifies the validity period of employment authorization for F-1 nonimmigrant students experiencing severe economic hardship due to emergent circumstances (also known as special student relief (SSR)) who are work authorized under the SSR provisions of 8 CFR. Health care and other organizations should note the update both to recognize the students’ expanded eligibility to work to avoid improper discrimination against foreign student applicants and as prospects for worker hires.
The policy update to the USCIS Policy Manualclarifies that in cases of severe economic hardship due to emergent circumstances, ICE may grant off-campus SSR employment authorization to an F-1 nonimmigrant student for the duration of the Federal Register notice validity period, which is typically 18-months. However this employment authorization may not extend past the student’s academic program end date..
Emergent circumstances are events that affect F-1 nonimmigrant students from a particular region and create severe economic hardship. These events may include, but are not limited to, natural disasters, financial crises, and military conflicts.
This policy update will be effective when published and will apply to all pending and future applications for SSR employment authorization.
More Information
We hope this update is helpful. For more information about the these or other workforce or other legal, management or public policy developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.
Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years of health industry and other management work, public policy leadership and advocacy, coaching, teachings, and publications.
A Fellow in the American College of Employee Benefit Counsel, Chair of the American Bar Association (“ABA”) International Section Life Sciences and Health Committee, Chair-Elect of the ABA TIPS Section Medicine & Law Committee, Past Chair of the ABA Managed Care & Insurance Interest Group, Scribe for the ABA JCEB Annual Agency Meeting with HHS-OCR, past chair of the the ABA RPTE Employee Benefits & Other Compensation Group and current co-Chair of its Welfare Benefit Committee, Ms. Stamer is most widely recognized for her decades of pragmatic, leading edge work, scholarship and thought leadership on health and managed care and employer benefits legal, public policy and operational concerns.
Ms. Stamer’s work throughout her 30 plus year career has focused heavily on working with health care and managed care, health and other employee benefit plan, insurance and financial services and other public and private organizations and their technology, data, and other service providers and advisors domestically and internationally with legal and operational compliance and risk management, performance and workforce management, regulatory and public policy and other legal and operational concerns. Her work has included ongoing involvement in health industry and workforce competition and antitrust issues.
For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.
About Solutions Law Press, Inc.™
Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here.
IMPORTANT NOTICE FOR ABOUT THIS COMMUNICATION
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.
NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author and Solutions Law Press, Inc.™ reserve the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The author and Solutions Law Press, Inc.™ disclaim, and have no responsibility to provide any update or otherwise notify anyone any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication. Readers acknowledge and agree to the conditions of this Notice as a condition of their access of this publication.
Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.
The withdrawal follows growing activity by DOJ in challenging certain other health industry conduct as anticompetitive under Fdderal antitrust laws in recent years as well as new policies challenging noncompetition and other workforce practices used widely within the health care industry. (These developments were discussed in a September, 2022 Joint Committee on Employee Benefits webinar on Department of Justice Enforcement Update webinar moderated by Cynthia Marcotte Stamer.)
Following an uptake in DOJ health care and workforce antitrust enforcement in recent years, the announcement of the antitrust statement withdrawals confirms the Biden Administration led DOJ plans changes to care antitrust and other competition policies and enforcement impacting health care providers, payers, employers and other plan sponsors. In lieu of the principles previously provided by the withdrawn guidelines, DOJ says it will evaluate mergers and conduct in healthcare markets that may harm competition on the case-by-case basis. The announced plan to interpret antitrust law in health care on a case by case basis creates significant uncertainty about the scope of risk and safety of many contracting, business transaction and other activities in the health care industry. All segments of the marketplace should monitor developments and proceed cautiously to avoid inadvertently triggering challenges or liability as a result of the newly created ambiguity.
In the face of these developments, health industry providers, payers, employers and other plan sponsors and others concerned about health industry competition should proceed cautiously and carefully monitor developments at DOJ and FTC. Stay tuned for further developments.
More Information
We hope this update is helpful. For more information about the these or other health or other legal, management or public policy developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.
Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years of health industry and other management work, public policy leadership and advocacy, coaching, teachings, and publications.
A Fellow in the American College of Employee Benefit Counsel, Chair of the American Bar Association (“ABA”) International Section Life Sciences and Health Committee, Chair-Elect of the ABA TIPS Section Medicine & Law Committee, Past Chair of the ABA Managed Care & Insurance Interest Group, Scribe for the ABA JCEB Annual Agency Meeting with HHS-OCR, past chair of the the ABA RPTE Employee Benefits & Other Compensation Group and current co-Chair of its Welfare Benefit Committee, Ms. Stamer is most widely recognized for her decades of pragmatic, leading edge work, scholarship and thought leadership on health and managed care and employer benefits legal, public policy and operational concerns.
Ms. Stamer’s work throughout her 30 plus year career has focused heavily on working with health care and managed care, health and other employee benefit plan, insurance and financial services and other public and private organizations and their technology, data, and other service providers and advisors domestically and internationally with legal and operational compliance and risk management, performance and workforce management, regulatory and public policy and other legal and operational concerns. Her work has included ongoing involvement in health industry and workforce competition and antitrust issues.
For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.
About Solutions Law Press, Inc.™
Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here.
IMPORTANT NOTICE ABOUT THIS COMMUNICATION
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.
NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author and Solutions Law Press, Inc.™ reserve the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The author and Solutions Law Press, Inc.™ disclaim, and have no responsibility to provide any update or otherwise notify anyone any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication. Readers acknowledge and agree to the conditions of this Notice as a condition of their access of this publication.
Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.
Phoenix-based nonprofit health system Banner Health and its affiliates (“Banner Health”) paid $1.25 million and agreed to take corrective actions to resolve its exposure to potentially much greater Health Insurance Portability and Accountability Act (HIPAA) Security Rule civil monetary penalty exposure for a 2016 cyber hacking breach that compromised the person health information of 2.81 million consumers. OCR used its February 2 announcement of the Banner Health settlement to warn health care providers, health plans, health care clearing houses (“covered entities”) and business associates covered by HIPAA to guard their own system containing protected health information against breach by cyber hacking.
Banner Health Settlement
Banner Health is one of the largest non-profit health systems in the country, with over 50,000 employees and operating in six states. Banner Health is the largest employer in Arizona, and one of the largest in northern Colorado.
In November 2016, OCR initiated an investigation of Banner Health following the receipt of a breach report stating that a threat actor had gained unauthorized access to electronic protected health information, potentially affecting millions. The hacker accessed protected health information that included patient names, physician names, dates of birth, addresses, Social Security numbers, clinical details, dates of service, claims information, lab results, medications, diagnoses and conditions, and health insurance information.
OCR’s investigation found evidence of long term, pervasive noncompliance with the HIPAA Security Rule across Banner Health’s organization, a serious concern given the size of this covered entity. Organizations must be proactive in their efforts to regularly monitor system activity for hacking incidents and have measures in place to sufficiently safeguard patient information from risk across their entire network.
The potential violations specifically include: the lack of an analysis to determine risks and vulnerabilities to electronic protected health information across the organization, insufficient monitoring of its health information systems’ activity to protect against a cyber-attack, failure to implement an authentication process to safeguard its electronic protected health information, and failure to have security measures in place to protect electronic protected health information from unauthorized access when it was being transmitted electronically.
Under the Resolution Agreement and Corrective Action Plan negotiated to resolve these potential violations, Banner Health paid $1,250,000 to OCR. Banner Health also agreed to implement a corrective action plan, which identifies steps Banner Health will take to resolve these potential violations of the HIPAA Security Rule and protect the security of electronic patient health information that will be monitored for two years by OCR to ensure compliance with the HIPAA Security Rule. Under the corrective action plan, Banner has agreed to take the following steps:
Conduct an accurate and thorough risk analysis to determine risks and vulnerabilities to electronic patient/system data across the organization
Develop and implement a risk management plan to address identified risks and vulnerabilities to the confidentiality, integrity, and availability of ePHI
Develop, implement, and distribute policies and procedures for a risk analysis and risk management plan, the regular review of activity within their information systems, an authentication process to provide safeguards to data and records, and security measures to protect electronic protected health information from unauthorized access when it is being transmitted electronically, and
Report to HHS within thirty (30) days when workforce members fail to comply with the HIPAA Security Rule.
OCR Warns Other HIPAA-Covered Entities
In the health care sector, hacking is now the greatest threat to the privacy and security of protected health information. OCR’sannouncement of the serrlement reports 74 percent (74%) of the breaches reported to OCR in 2021 involved hacking/IT incidents.
The announcement also notesOCR offers an array of resources to help health care organizations bolster their cybersecurity posture and comply with the HIPAA Rules,
The settlement and OCR’s announcement warn other covered entities and business associates to use these and other necessary resources to protect their systems with protected health information from cyber hacking and other breaches.
In conjunction with reminding other covered entities of these resources, the settlement announcement quotes OCR Director Melanie Fontes Rainer as warning, ‘Hackers continue to threaten the privacy and security of patient information held by health care organizations, including our nation’s hospitals, … It is imperative that hospitals and other covered entities and business associates be vigilant in taking robust steps to protect their systems, data, and records, and this begins with understanding their risks, and taking action to prevent, respond to and combat such cyber-attacks. … Cyber security is on all of us, and we must take steps to protect our health care systems from these attacks.”
Alerts issued by OCR regarding heightened security risks in recent months and a growing tide of highly publicized breaches send a strong warning to other covered entities and their business associates to reconfirm the adequacy of their own HIPAA privacy, security, breach notification and other procedures and protections by among other things:
Reviewing and monitoring on a documented, ongoing basis the adequacy and susceptibilities of existing practices, policies, safeguards of their own organizations, as well as their business associates and their vendors within the scope of attorney-client privilege taking into consideration data available from OCR, data regarding known or potential susceptibilities within their own operations as well as in the media, and other developments to determine if additional steps are necessary or advisable.
Updating policies, privacy and other notices, practices, procedures, training and other practices as needed to promote compliance and defensibility.
Renegotiating and enhancing service provider agreements to detail the specific compliance, audit, oversight and reporting rights, workforce and vendor credentialing and access control, indemnification, insurance, cooperation and other rights and responsibilities of all entities and individuals that use, access or disclose, or provide systems, software or other services or tools that could impact on security; to clarify the respective rights, procedures and responsibilities of each party in regards to compliance audits, investigation, breach reporting, and mitigation; and other relevant matters.
Verifying and tightening technological and other tracking, documentation and safeguards and controls to the use, access and disclosure of protected health information and systems.
Conducting well-documented training as necessary to ensure that members of the workforce of each covered entity and business associate understand and are prepared to comply with the expanded requirements of HIPAA, understand their responsibilities and appropriate procedures for reporting and investigating potential breaches or other compliance concerns, and understand as well as are prepared to follow appropriate procedures for reporting and responding to suspected violations or other indicia of potential security concerns.
Tracking and reviewing on a systemized, well-documented basis actual and near miss security threats to evaluate, document decision-making and make timely adjustments to policies, practices, training, safeguards and other compliance components as necessary to identify and resolve risks.
Establishing and providing well-documented monitoring of compliance that includes board level oversight and reporting at least quarterly and sooner in response to potential threat indicators.
Establishing and providing well-documented timely investigation and redress of reported violations or other compliance concerns.
Establishing contingency plans for responding in the event of a breach.
Establishing a well-documented process for monitoring and updating policies, practices and other efforts in response to changes in risks, practices and requirements.
Preparing and maintaining a well-documented record of compliance, risk, investigation and other security activities.
Pursuing other appropriate strategies to enhance the covered entity’s ability to demonstrate its compliance commitment both on paper and in operation.
Because susceptibilities in systems, software and other vendors of business associates, covered entities and their business associates should use care to assess and manage business associate and other vendor associated risks and compliance as well as tighten business associate and other service agreements to promote the improved cooperation, coordination, management and oversight required to comply with the new breach notification and other HIPAA requirements by specifically mapping out these details.
Beyond these HIPAA exposures, breaches and other HIPAA noncompliance carries other liability risks. Leaders of covered entities or their business associates also are cautioned that while HIPAA itself does not generally create any private right of action for victims of breach under HIPAA, breaches may create substantial liability for their organizations or increasingly, organizational leaders. For instance, the Department of Health & Human Services has warned health care providers participating in Medicare or other federal programs and Medicare Advantage health plans that HIPAA compliance is a program term of participation.
Health care providers and health insurers can face liability under state data privacy and breach, negligence or other statutory or common laws. In addition, physicians and other licensed parties may face professional discipline or other professional liability for breaches violating statutory or ethical standards.
Health plans also face a myriad of other exposures from failing to use appropriate cyber safeguards. Plan fiduciaries of employment based health plans covered by the Employee Retirement Income Security Act (“ERISA”} risk liability under ERISA’s fiduciary responsibility rules. The Department of Labor Employee Benefit Security Administration (“EBSA”) now audits the adequacy of the cybersecurity and other HIPAA compliance of health plans and their third party administrators and other business associates as part of EBSA’s oversight and enforcement of ERISA. Department of Labor Assistant Secretary for EBSA Lisa Gomez confirmed audit and enforcement of cybersecurity obligations is a key priority in EBSA’s current work plan in her February 4, 2023 comments to the American bar Association.
Meanwhile, the Securities and Exchange Commission has indicated that it plans to pursue enforcement against leaders of public health care or other public companies that fail to use appropriate care to ensure their organizations comply with privacy and data security obligations.
Furthermore, appropriate cyber security practices also may be advisable elements for organizations to include in their Federal Sentencing Guideline Compliance Programs to mitigate potential organization liability risks under federal electronic crime and related laws.
In the face of these risks and warnings, all covered entities and their business associates should reassess and confirm the adequacy of their and their business associates’ cyber security defenses and breach response preparations.
More Information
We hope this update is helpful. For more information about the these or other health or other legal, management or public policy developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.
Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years of health industry and other management work, public policy leadership and advocacy, coaching, teachings, and publications.
A Fellow in the American College of Employee Benefit Counsel, Vice Chair of the American Bar Association (“ABA”) International Section Life Sciences and Health Committee, Past Chair of the ABA Managed Care & Insurance Interest Group, Scribe for the ABA JCEB Annual Agency Meeting with HHS-OCR, past chair of the the ABA RPTE Employee Benefits & Other Compensation Group and current co-Chair of its Welfare Benefit Committee, Ms. Stamer is most widely recognized for her decades of pragmatic, leading edge work, scholarship and thought leadership on health, health plan and managed care industry legal, public policy and operational concerns.
Ms. Stamer’s work throughout her 35 year career has focused heavily on working with health care and managed care, health and other employee benefit plan, insurance and financial services and other public and private organizations and their technology, data, and other service providers and advisors domestically and internationally with legal and operational compliance and risk management, performance and workforce management, regulatory and public policy and other legal and operational concerns. As an ongoing component of this work, she regularly advises, represents and defends HIPAA covered entities, business associates and other organizations on HIPAA and other cyber, privacy and data security concerns and has published and spoken extensively on these concerns.
For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.
About Solutions Law Press, Inc.™
Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here.
IMPORTANT NOTICE ABOUT THIS COMMUNICATION
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.
NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author and Solutions Law Press, Inc.™ reserve the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The author and Solutions Law Press, Inc.™ disclaim, and have no responsibility to provide any update or otherwise notify anyone any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication. Readers acknowledge and agree to the conditions of this Notice as a condition of their access of this publication.
Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.
Nine Texas individuals were arrested this week in Houston on criminal charges related to their alleged involvement in the unlawful distribution of 1.5 million opioid pills and other controlled substances as a result of a joint federal-state investigation.
According to court documents, Kent Lyons, 52, of Houston; Roquel Turner, 47, of Manvel; and Traunce Alfred, 43, of Baytown, are charged with illegally distributing controlled substances, including oxycodone and hydrocodone. From August 2017 until late 2022, Lyons and Turner allegedly operated pill-mill pharmacies as fronts to obtain opioids in their highest-strength and immediate-release pill form. They then allegedly sold the drugs on the black market – without the involvement of patients, prescriptions, or doctors – to drug traffickers like Alfred. Lyons and Turner allegedly concealed the drug proceeds using numerous bank accounts and real estate transactions. Lyons also allegedly used some of the proceeds to purchase luxury items, including a Rolls Royce, a Ford F-250, and a Mercedes Maybach.
Court documents allege starting around December 2020, Dwain Ross and Delores Mackey-Ross both of Pearland, and licensed pharmacist Ann Nguyen, of Stafford, allegedly used pharmacies to illegally distribute and dispense nearly half a million pills of oxycodone and hydrocodone. Dwain Ross and Mackey-Ross and David Ross of Houston; Kevin Peterson of Pearland; and Eleanor Marsh of Fulshear, also allegedly illegally ordered the opioid potentiators alprazolam, carisoprodol, promethazine with codeine – which are reported to enhance the high from opioids – from a pharmaceutical wholesaler and a pharmaceutical sales representative then allegedly illegally distributed the opioid potentiators in bulk. Dwain Ross and Mackey-Ross allegedly used numerous bank accounts and real estate transactions to conceal their ill-gotten gains. Dwain Ross also allegedly used some of the drug proceeds to purchase a Lamborghini.
The pharmacies alleged in the indictments to have been controlled by the defendants’ drug trafficking organizations are K Med Pharmacy, Nex Gen Pharmacy, TX United Pharmacy, Power Center Pharmacy #2, DR Pharmacy, and Nu Care Pharmacy. Several other pharmacies, including P&A Pharmacy and Pearland Holistic Pharmacy, voluntarily surrendered their DEA Registration numbers, which a pharmacy needs to legally purchase pharmaceutical opioids and other controlled substances.
Lyons, Turner, Alfred, Dwain Ross, Mackey-Ross, and Nguyen are each charged with illegal distribution of Schedule II opioids. Dwain Ross, Mackey-Ross, David Ross, Peterson, and Marsh are each charged with the illegal distribution of Schedule IV drugs. Lyons, Turner, Dwain Ross, and Mackey-Ross are also charged with money laundering crimes.
Regardless of the ultimate outcome of the current charges, the indictments demonstrate the continuing commitment by the Department of Justice and other federal and state agencies to investigate and prosecute opiate prescription and distribution.
If convicted, Lyons, Turner, Alfred, Dwain Ross, Mackey-Ross, and Nguyen face up to 20 years on the top counts. David Ross and Peterson each face up to five years. Marsh faces up to 10 years if convicted. Court documents allege that over 15 bank accounts, four real properties, and several luxury vehicles – including a Rolls Royce, a Bentley, and a Lamborghini – were involved in, or acquired with proceeds from, the scheme, and are subject to forfeiture if the defendants are convicted.
Of course, the facts alledged in the indictments are allegations ll defendants are presumed innocent until proven guilty beyond a reasonable doubt in a court of law. If a conviction happens, a federal district court judge will determine any sentence after considering the U.S. Sentencing Guidelines and other statutory factors. Regardless of the outcome, the prosecution demonstrates the prioritization of the investigation and prosecution of abusive opiate prescribing or distribution.
More Information
We hope this update is helpful. For more information about the these or other health or other legal, management or public policy developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.
Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years of health industry and other management work, public policy leadership and advocacy, coaching, teachings, and publications.
A Fellow in the American College of Employee Benefit Counsel, Chair of the American Bar Association (“ABA”) International Section Life Sciences and Health Committee, Chair-Elect of the ABA TIPS Section Medicine & Law Committee, Past Chair of the ABA Managed Care & Insurance Interest Group, Scribe for the ABA JCEB Annual Agency Meeting with HHS-OCR, past chair of the the ABA RPTE Employee Benefits & Other Compensation Group and current co-Chair of its Welfare Benefit Committee, Ms. Stamer is most widely recognized for her decades of pragmatic, leading edge work, scholarship and thought leadership on health and managed care and employer benefits legal, public policy and operational concerns.
Ms. Stamer’s work throughout her 30 plus year career has focused heavily on working with health care and managed care, health and other employee benefit plan, insurance and financial services and other public and private organizations and their technology, data, and other service providers and advisors domestically and internationally with legal and operational compliance and risk management, performance and workforce management, regulatory and public policy and other legal and operational concerns.
For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.
About Solutions Law Press, Inc.™
Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here.
IMPORTANT NOTICE ABOUT THIS COMMUNICATION
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.
NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author and Solutions Law Press, Inc.™ reserve the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The author and Solutions Law Press, Inc.™ disclaim, and have no responsibility to provide any update or otherwise notify anyone any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication. Readers acknowledge and agree to the conditions of this Notice as a condition of their access of this publication.
Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.
A medical laboratory is the latest health care provider nailed under the U.S. Department of Health and Human Services Office for Civil Rights (OCR) Right of Access Initiative for violating the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule’s right of access requirements.
OCR announced the 43rd access rule settlement with Life Hope Labs, LLC (“Life Hope Labs”), a full-service diagnostic laboratory in Sandy Springs, Georgia Tuesday.
In August 2021, a complaint was filed with OCR alleging that Life Hope Labs would not provide a personal representative with a copy of her deceased father’s medical records. The personal representative first requested access to her father’s records on July 7, 2021, but did not receive them until February 16, 2022, over seven months later. OCR’s investigation determined that Life Hope Labs’ failure to provide timely access to the requested medical records was a potential violation of the HIPAA right of access provision.
The access rule requires that patients be able to access their health information in a timely manner.
In its Resolution Agreement, Life Hope Labs agreed to pay $16,500 to resolve this investigation. In addition to the monetary settlement, Life Hope Labs also agreed to implement a corrective action plan that includes two years of monitoring by OCR.
In announcing its filing of the settlement, OCR warned other labs and health care providers to ensure their right of access compliance.
“Access to medical records, including lab results, empowers patients to better manage their health, communicate with their treatment teams, and adhere to their treatment plans. The HIPAA Privacy Rule gives individuals and personal representatives a right to timely access their medical records from all covered entities, including laboratories,” said OCR Director Melanie Fontes Rainer in OCR’s announcement of the settlement. “Laboratories covered by HIPAA must follow the law and ensure that they are responding timely to records access requests.”
If your organization would like to learn more about the concerns discussed in this update, contact management attorney and consultant Cynthia Marcotte Stamer.
An attorney Board Certified in Labor & Employment Law by Texas Board of Legal Specialization, Ms. Stamer is recognized for work helping organizations management people, operations and risk as a Fellow in the American College of Employee Benefit Counsel, a “Top Woman Lawyer,” “Top Rated Lawyer,” and “LEGAL LEADER™” in Labor and Employment Law and Health Care Law; a “Best Lawyers” in “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law.”
For 35 years, Ms. Stamer’s work has focused on advising and assisting businesses and business leaders with these and other employment and other staffing, employee benefit, compensation, risk, performance and compliance management and other operational solutions and concerns. Her experience includes helping management both manage performance and manage legal risk and compliance. While helping businesses define and manage the conduct and performance of their employees, contractors and vendors, she also assists employers and others about compliance with federal and state equal employment opportunity, compensation, health and other employee benefit, workplace safety, leave, and other labor and employment laws, advises and defends businesses against labor and employment, employee benefit, compensation, fraud and other regulatory compliance and other related audits, investigations and litigation, charges, audits, claims and investigations by the IRS, Department of Labor, Department of Justice, SEC, Federal Trade Commission, HUD, HHS, DOD, Departments of Insurance, and other federal and state regulators. Ms. Stamer also speaks, coaches management and publishes extensively on these and other related matters. For additional information about Ms. Stamer and her experience or to access other publications by Ms. Stamer see hereor contact Ms. Stamer directly.
Other Helpful Resources & Information
If you found this article of interest, you also may be interested in reviewing other Breaking News, articles and other resources available including:
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information – including your preferred e-mail – by creating or updating your profile here. For important information concerning this communication click here. If you do not wish to receive these updates in the future, unsubscribe by updating your profile here.
Three consolidated False Claims Act (“FCA”) lawsuits against chiropractor Yury Gampel (“Gampel”), 15 Modern Vascular office-based labs owned primarily by Gampel located across the United States, and five Modern Vascular-affiliated companies owned by Gampel alert other chiropractic, physician and other medical providers using office-based labs send a clear warning to other health care providers and suppliers for services covered or billed to Medicare, Medicaid, TRICARE or other federal health care programs about the necessity to ensure their arrangements don’t involve illegal financial relationships or transactions.
False Claims Act Liability Arising From Participation In Or Filing Claims Involving Improper Inducements
The Justice Department suit against the defendants alleges the defendants both arose from the defendants participation in arrangements involving the offering and payment of illegal remuneration in violation of the federal Anti-Kickback Statute (“AKS”) and that the claims for benefits made to Medicare and other federal programs for care provided involving the arrangement violated the FCA.
The AKS generally prohibits any person or entity from soliciting, receiving, offering, or paying any direct or indirect prohibited remuneration as an inducement or reward for referring, recommending, ordering, or arranging for the purchase of any item or service for which payment may be made in whole or in part by a federal health care program. Parties violating the AKS commit a felony punishable with a fine of up to $100,000, imprisonment for up to 10 years or both.
In addition to any criminal liability arising under the AKS, filing claims derived or involving transactions prohibited by the AKS also can trigger liability for violation of the FCA. The FCA makes it unlawful for any person to submit, directly or indirectly, false or fraudulent claims for payment to the Government by among other things:
Knowingly presenting, or causing to be presented, a false or fraudulent claim for payment or approval in violation of 31 U.S.C. § 3729(a)(1)(A) (the “presentment provision”); or
Knowingly making, using, or causing to be made or used, a false record or statement material to a false or fraudulent claim in violation of 31 U.S.C. § 3729(a)(1)(B).
The FCA defines the term “knowingly” under the FCA very broadly. As defined, “knowingly” means that a person, with respect to information, (i) has actual knowledge of the information, (ii) acts in deliberate ignorance of the truth or falsity of the information, or (iii) acts in reckless disregard of the truth or falsity of the information. 31 U.S.C. § 3729(b). No proof of specific intent to defraud is required to show that a person acted knowingly under the FCA.
Violations of the FCA subject the defendant to mandatory civil penalties per FCA violation, plus three times the amount of damages that the Government sustains as a result of the defendant’s actions. 31 U.S.C. § 3729(a). Under 42 U.S.C. § 1320a-7(b)(7), health care providers submitting claims to Medicare or other federal health care programs also can face exclusion from participation in federal health care programs for FCA violations.
Health care providers filing claims for Medicare or other federal health plans can violate the FCA by knowingly presenting or causing to be presented claims for items or services that the person knew or should have known were not medically necessary, or were false or fraudulent. 42 U.S.C. §§ 1320a-7a(a)(1).
Moreover, health care providers under the Medicare statute have an affirmative duty to familiarize themselves with the statutes, regulations, and guidelines regarding coverage for the Medicare services. As a condition of program participation, Medicare regulations require providers and suppliers to certify that:
The provider or supplier meets, and will continue to meet, the requirements of the Medicare statute and regulations, 42 C.F.R. § 424.516(a)(1), including that any claims and underlying transactions made in a claim for Medicare comply with the Federal anti-kickback statute and the Stark law), and on the supplier’s compliance with all otherwise applicable conditions of participation in Medicare; and
The provider or supplier will not knowingly to present or cause to be presented a false or fraudulent claim for payment by Medicare, or to submit claims with deliberate ignorance or reckless disregard of their truth or falsity.
Additional certifications of continued compliance with these requirements also are required when claims are filed. Accordingly, since health care providers and suppliers are responsible for taking appropriate steps to familiarize themselves with the rules and regulations applicable to their claim and the transactions underlying it and certify in connection with the filing of the claim that the claim and its underlying transactions comply with the law, health care providers filing claims involving prohibited financial incentives or other transactions prohibited by law risk FCA liability.
Gampel, Modern Vascular FCA Complaint
Derived from the Justice Department’s assumption and consolidation of various qui tam lawsuits separately brought by various physicians, the United States filed its complaint in three consolidated lawsuits pending in the United States District Court for the District of Arizona under the qui tam, or whistleblower, provisions of the False Claims Act, 31 U.S.C. §§ 3729-3733 (“FCA”) which allow a private citizen to sue on behalf of the government and share in any recovery. The United States is also entitled to intervene in the lawsuits, as it did in these cases.
The resulting consolidated three consolidated Justice Department lawsuits seek to recover treble damages and civil penalties, and under common law and equitable theories of recovery from defendants for their billing of Medicare, TRICARE and other federal health care programs for claims resulting from transactions involving prohibited remuneration offered and provided in violation of the AKS under Gampel’s alleged schemes Nobility Management LLC; Modern Vascular LLC; Modern Vascular of South Florida LLC; Modern Vascular Management LLC; Modern Vascular Management – East LLC; Modern Vascular Management – West LLC; Modern Vascular Institute LLC; Modern Vascular of Mesa LLC; Modern Vascular of Glendale LLC; Modern Vascular of Sun City LLC; Modern Vascular of Tucson LLC; San Antonio Vascular Specialists Corp. dba Modern Vascular; Fort Worth Vascular Specialists Corp. dba Modern Vascular; Modern Vascular of Denver LLC; Modern Vascular – Navajo LLC; Modern Vascular of Fairfax LLC; Modern Vascular of Houston LLC; Modern Vascular of Indianapolis LLC; Modern Vascular of Southaven LLC; Modern Vascular of St. Louis LLC; and Modern Vascular of Kansas LLC.
The Justice Department complaint alleges Defendant Yury Gampel, a chiropractor, is the founder and former Chief Executive Officer (“CEO”) of a franchise of office-based labs (“OBL”) located in Arizona, New Mexico, Colorado, Texas, Indiana, Kansas, Mississippi, Missouri, Tennessee, and Virginia operating under the name Modern Vascular (collectively, the “Modern Vascular OBLs”). The Modern Vascular OBLs – each its own separate legal entity – focus on the treatment of peripheral arterial disease (“PAD”), particularly through an aggressive use of vascular intervention procedures, such as angioplasty and atherectomy. The complaint claims Gampel and the Modern Vascular defendants designed and promoted the franchises that incorporated a package of management and other services provided by various Modern Vascular defendant companies.
Defendant Nobility Management, LLC, provides management services to the Modern Vascular OBLs. Defendants Modern Vascular Management, LLC; Modern Vascular Management – East, LLC; and Modern Vascular Management – West, LLC, offer IT and management support to Modern Vascular OBLs. Defendants Modern Vascular, LLC, and Modern Vascular of South Florida, LLC, are corporations controlled by Gampel that have various ownership interests in Modern Vascular OBLs. Through Modern Vascular, LLC, and Modern Vascular of South Florida, LLC, and in his own capacity, Gampel is the majority owner of the Modern Vascular OBLs. (These entities that own and manage the Modern Vascular OBLs are referred to collectively below as “Modern Vascular Corporate.”)
The complaint alleges that Gampel and Modern Vascular Corporate designed and implemented a fraud scheme at Modern Vascular OBLs at the expense of patients and federal payors from at least January 1, 2018 through June 30, 2022. Among other things, the complaint charges Gampel and the Modern Vascular defendants offered physicians the opportunity to invest in Modern Vascular office-based labs to induce them to refer their Medicare and TRICARE patients to Modern Vascular for the treatment of peripheral arterial disease. More specifically, Gampel and Modern Vascular Corporate opened Modern Vascular OBLs in new markets where referring physicians and vascular surgeons had established relationships. Prior to opening an OBL in a particular location, Gampel sought out up to 20 local physicians – usually podiatrists and pain management physicians – who traditionally referred to vascular surgeons and offered each up to a two percent ownership interest in the OBL in order to induce the physicians to refer to the OBL. Gampel and Modern Vascular Corporate selected these particular physicians (hereinafter “physician investors”) to offer ownership investment because Gampel and Modern Vascular Corporate identified them as potential high-referral sources. Once they invested in an OBL, Gampel and Modern Vascular Corporate further required the physician-investors to make referrals to Modern Vascular OBLs as a condition for remaining as a physician-investor. The complaint also alleges that Gampel pressured vascular surgeons and interventional radiologists employed at the Modern Vascular office-based labs to increase the number of invasive surgical procedures performed by tracking procedures and setting aggressive weekly and monthly goals for such procedures. In particular, Gampel and Modern Vascular Corporate provided remuneration to physician investors in Modern Vascular OBLs to induce those investors to refer patients to the Modern Vascular OBL.
The Justice Department charges that using this scheme, Defendants between January 1, 2018 and June 30, 2022 submitted, and caused to be submitted, tens of millions of dollars in false or fraudulent claims to Medicare, TRICARE and other federal health care programs by offering and providing illegal remuneration to health care providers to induce referrals to the Modern Vascular OBLs in violation of the Anti-Kickback Statute (“AKS”), 42 U.S.C. § 1320a-7b. To induce referrals, Gampel and Modern Vascular Corporate provided remuneration to physician-investors in the form of equity ownership interests in an OBL, which also included distributions, the prospect of future distributions, and/or the prospect of a cash-out of the equity ownership amounts when the Modern Vascular OBLs were sold. During the relevant time period, the Justice Department also claims Modern Vascular OBLs received over $50 million from Medicare Part B alone for claims submitted for patients referred by physician-investors in violation of the FCA.
Warning To Other Heath Care Providers & Suppliers
In announcing its filing of the Gambrel FCA lawsuit, the Justice Department warned other federal health program providers and suppliers and their business partners, investors, employees and agents from violating the AKS, FCA or both in the provision of or billing of health care services or supplies. “As part of our mission to protect the American people, the FBI remains committed to safeguarding patients who rely on our healthcare systems,” said Deputy Assistant Director Aaron Tapp of the FBI’s Criminal Investigative Division. “The FBI and our law enforcement partners will continue to investigate those who abuse our healthcare systems, place patients at risk, and waste taxpayer dollars.”
This warning, along with the ever-lengthening list of federal criminal and civil prosecutions, convictions and settlements by the Justice Department, the Department of Health & Human Services Office of Inspector General and other agencies provide a strong warning to health care providers, suppliers and others involved in creating or administering transactions and other arrangements for the delivery and billing for health are to be billed to Medicare, Medicaid, TRICARE and other health care arrangements covered by the AKS, the FCA or other federal or state health care fraud laws to take well documented care to ensure the care delivery arrangement does not involve transactions prohibited under the AKS or other federal or state health care fraud transactions and the care billed qualifies for reimbursement before submitting the claim. Parties who know or suspect that they may have participated in an arrangement prohibited under these laws or submitted prohibited claims should contact experienced legal counsel within the scope of attorney-client privilege for assistance in reviewing those concerns and exploring options for correction or mitigation.
For More Information
If your organization would like to learn more about the concerns discussed in this update or seeks assistance auditing, updating, administering or defending its human resources, compensation, benefits, corporate ethics and compliance practices, or other performance related concerns, contact management attorney and consultant Cynthia Marcotte Stamer.
An attorney Board Certified in Labor & Employment Law by Texas Board of Legal Specialization, Ms. Stamer is recognized for work helping organizations management people, operations and risk as a Fellow in the American College of Employee Benefit Counsel, a “Top Woman Lawyer,” “Top Rated Lawyer,” and “LEGAL LEADER™” in Labor and Employment Law and Health Care Law; a “Best Lawyers” in “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law.”
For 35 years, Ms. Stamer’s work has focused on advising and assisting businesses and business leaders with these and other employment and other staffing, employee benefit, compensation, risk, performance and compliance management and other operational solutions and concerns. Her experience includes helping management both manage performance and manage legal risk and compliance. While helping businesses define and manage the conduct and performance of their employees, contractors and vendors, she also assists employers and others about compliance with federal and state equal employment opportunity, compensation, health and other employee benefit, workplace safety, leave, and other labor and employment laws, advises and defends businesses against labor and employment, employee benefit, compensation, fraud and other regulatory compliance and other related audits, investigations and litigation, charges, audits, claims and investigations by the IRS, Department of Labor, Department of Justice, SEC, Federal Trade Commission, HUD, HHS, DOD, Departments of Insurance, and other federal and state regulators. Ms. Stamer also speaks, coaches management and publishes extensively on these and other related matters. For additional information about Ms. Stamer and her experience or to access other publications by Ms. Stamer see hereor contact Ms. Stamer directly.
Other Helpful Resources & Information
If you found this article of interest, you also may be interested in reviewing other Breaking News, articles and other resources available including:
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information – including your preferred e-mail – by creating or updating your profile here. For important information concerning this communication click here. If you do not wish to receive these updates in the future, unsubscribe by updating your profile here.
Children’s Healthcare of Atlanta (CHOA), a pediatric healthcare system in Georgia, faces a religious discrimination lawsuit filed by U.S. Equal Employment Opportunity Commission (EEOC) that charges CHOA violated federal law by firing a maintenance assistant for requesting a religious exemption to its influenza vaccination policy. The suit illustrates the narrow tightrope health care providers walk negotiating vaccination and other COVID-19 safety protocols without violating religous accommodation or other employment discrimination requirements.
Title VII of the Civil Rights Act of 1964 prohibits firing an employee because of his religion and requires that employers accommodate sincerely held religious beliefs unless the employer proves accommodation would impose an undue hardship. EEOC COVID guidance warns employers of the EEOC’s interpretation of the continued applicability of Title VII’s religous accommodation requirements to employers enforcement of COVID and other vaccine mandates. Other related guidance also warns employers to avoid retaliation against employees for expressing religous objections to vaccination policies or engaging in other protected actions in violation of Title VII.
The EEOC’s suit states the maintenance employee, in accordance with CHOA’s procedures, requested a religious exemption to CHOA’s flu vaccination requirements based on sincerely held religious beliefs. CHOA previously granted the employee a religious exemption in 2017 and 2018. In 2019, however, CHOA changed its policy and denied the employee’s request for a religious accommodation and fired him, despite the employee’s extremely limited interaction with the public or staff.
The EEOC asserts it would not have been an undue burden for CHOA to continue accommodating its employee as it had in 2017 and 2018. However it instead changed its stance on flu vaccination exemptions for this maintenance employee in 2019 and failed to consider any meaningful reasonable accommodations for his sincerely held religious beliefs.
Charging the refusal to grant accommodation arges this alleged conduct violates Title VII, the EEOC filed suit (Civil Action No. 1:22-CV-4953 MLB RDC) in U.S. District Court for the Northern District of Georgia, Atlanta Division, after first attempting to reach a pre-litigation settlement via its conciliation process. The EEOC lawsuit seeks back pay, front pay, compensatory damages and punitive damages for the employee, as well as injunctive relief to prevent future discrimination.
The suit against CHOA follows through on the EEOC’s commitment to investigate and enforce Title VII against employees failing to grant exemptions to otherwise applicable COVID or other vaccination requirements to employees with sincerely held religous beliefs against vaccination unless the employer proved undue hardship preventing the accommodation.
The lawsuit warns health industry and other employers with vaccination requirements to provide accommodations for employees with deeply held religous beliefs against the vaccine unless the employer can prove undue hardship sufficient to excuse the accommodation. The prosecution of the suit against a health care organization subject to the tightest vaccination and other COVID safety mandates under Centers for Disease Control, the Centers for Medicare & Medicaid Services and Occupational Safety & Health Administration regulations demonstrates the high burden the EEOC expects employers refusing accommodation to meet. In light of these EEOC CHOA and other enforcement actions, employers should proceed carefully before refusing accommodation. See e.g., CMS Updates COVID-19 Guidance For Visiting Nursing Homes & LTC Facility Vaccination During Omicron Surge; CMS/CDC Mandating COVID Vaccination For All Nursing Home Staff; Health Provider Fined $273K+ For COVID Safety Violations; Dentists Face OSHA Retaliation Suit For Retaliating Against Workers Asking About COVID Safety. As COVID and other pandemic and epidemic outbreaks continue to threaten health care worker, patients and community safety, organizations must tred carefully and be prepared to defend the adequacy of their actions regardless of whether choosing to allow or deny accommodation from applicable communicable disease protocols.
For Help With Comments, Investigations Or The Other Needs
If your organization would like to learn more about the concerns discussed in this update or seeks assistance auditing, updating, administering or defending its human resources, compensation, benefits, corporate ethics and compliance practices, or other performance related concerns, contact management attorney and consultant Cynthia Marcotte Stamer.
An attorney Board Certified in Labor & Employment Law by Texas Board of Legal Specialization, Ms. Stamer is recognized for work helping organizations management people, operations and risk as a Fellow in the American College of Employee Benefit Counsel, a “Top Woman Lawyer,” “Top Rated Lawyer,” and “LEGAL LEADER™” in Labor and Employment Law and Health Care Law; a “Best Lawyers” in “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law.”
For 35 years, Ms. Stamer’s work has focused on advising and assisting businesses and business leaders with these and other employment and other staffing, employee benefit, compensation, risk, performance and compliance management and other operational solutions and concerns. Her experience includes helping management both manage performance and manage legal risk and compliance. While helping businesses define and manage the conduct and performance of their employees, contractors and vendors, she also assists employers and others about compliance with federal and state equal employment opportunity, compensation, health and other employee benefit, workplace safety, leave, and other labor and employment laws, advises and defends businesses against labor and employment, employee benefit, compensation, fraud and other regulatory compliance and other related audits, investigations and litigation, charges, audits, claims and investigations by the IRS, Department of Labor, Department of Justice, SEC, Federal Trade Commission, HUD, HHS, DOD, Departments of Insurance, and other federal and state regulators. Ms. Stamer also speaks, coaches management and publishes extensively on these and other related matters. For additional information about Ms. Stamer and her experience or to access other publications by Ms. Stamer see hereor contact Ms. Stamer directly.
Other Helpful Resources & Information
If you found this article of interest, you also may be interested in reviewing other Breaking News, articles and other resources available including:
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information – including your preferred e-mail – by creating or updating your profile here. For important information concerning this communication click here. If you do not wish to receive these updates in the future, unsubscribe by updating your profile here.
Developers of mobile applications for healthcare and fitness must identify and negotiate a diverse array of federal and state laws, regulations and rulings when designing and deploying their apps.
Since figuring out which federal rules apply often proves challenging, the Federal Trade Commission (FTC) in conjunction with the HHS Office for Civil Rights (OCR), the HHS Office of the National Coordinator for Health Information Technology (ONC), and the Food and Drug Administration (FDA) maintain and have just updated the Mobile Health App Interactive Tool intended to help developers of health-related mobile apps understand when and federal laws and regulations might apply.
While not covering all relevant legal risks, the guidance tool does highlight certain key regulatory concerns by asking developers a series of high-level questions about the nature of their app, including about its function, the data it collects, and the services it provides to users. Based on the developer’s answers to those questions, the guidance tool points the app developer toward detailed information about certain federal laws that might apply to the app. These include the FTC Act, the FTC’s Health Breach Notification Rule, the Children’s Online Privacy Protection Act (COPPA), the Health Insurance Portability and Accountability Act (HIPAA), the Federal Food, Drug and Cosmetics Act (FD&C Act), and the 21st Century Cures Act and ONC Information Blocking Regulations.
Using the tool can help to clarify the potential applicability of these rules to a proposed app and help focus the developer on issues to consider regarding these laws as they design in administer their apps. Running through the tool also could help reduce legal fees and other consulting anniversary costs by helping developers of these apps gather helpful information and be more prepared to participate in informed manner when working with the legal team on their compliance. Additionally documented use of the tool could prove helpful in the event of a compliance audit or investigation by capturing evidence helpful to establish a culture of compliance or mitigate other potential liability concerns.
Of course app developers using these tools need to keep in mind that they are not legal advice or a substitute for legal advice. The tools only are intended to provide guidance regarding the potential likely application of the rules covered by the tool. They do not cover broad range of other federal and state Laws, regulations, rulings, and contractual commitments that also can impact the use and design of these apps and their defensibility and a broad range of circumstances. Moreover developers also should keep in mind that the use of the tools and their discussion may uncover existing or past compliance concerns, which might best be conducted within the protection of attorney-client privilege. Consequently, developers and users should consult and closely worked with experienced, qualified legal counsel to address these and other legal risks and compliance.
For Help With Comments, Investigations Or Other Needs
If your organization would like to learn more about the concerns discussed in this update or seeks assistance auditing, updating, administering or defending its human resources, compensation, benefits, corporate ethics and compliance practices, or other performance related concerns, contact management attorney and consultant Cynthia Marcotte Stamer.
An attorney Board Certified in Labor & Employment Law by Texas Board of Legal Specialization, Ms. Stamer is recognized for work helping organizations management people, operations and risk as a Fellow in the American College of Employee Benefit Counsel, a “Top Woman Lawyer,” “Top Rated Lawyer,” and “LEGAL LEADER™” in Labor and Employment Law and Health Care Law; a “Best Lawyers” in “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law.”
For 35 years, Ms. Stamer’s work has focused on advising and assisting businesses and business leaders with these and other employment and other staffing, employee benefit, compensation, risk, performance and compliance management and other operational solutions and concerns. Her experience includes helping management both manage performance and manage legal risk and compliance. While helping businesses define and manage the conduct and performance of their employees, contractors and vendors, she also assists employers and others about compliance with federal and state equal employment opportunity, compensation, health and other employee benefit, workplace safety, leave, and other labor and employment laws, advises and defends businesses against labor and employment, employee benefit, compensation, fraud and other regulatory compliance and other related audits, investigations and litigation, charges, audits, claims and investigations by the IRS, Department of Labor, Department of Justice, SEC, Federal Trade Commission, HUD, HHS, DOD, Departments of Insurance, and other federal and state regulators. Ms. Stamer also speaks, coaches management and publishes extensively on these and other related matters. For additional information about Ms. Stamer and her experience or to access other publications by Ms. Stamer see hereor contact Ms. Stamer directly.
Other Helpful Resources & Information
If you found this article of interest, you also may be interested in reviewing other Breaking News, articles and other resources available including:
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information – including your preferred e-mail – by creating or updating your profile here. For important information concerning this communication click here. If you do not wish to receive these updates in the future, unsubscribe by updating your profile here.
Mental health and other healthcare providers, health plans and issuers, employers, health care professional associations, consumer advocates, community organizations, state and local government entities, patients and caregivers and others concerned with mental health and substance abuse treatment and management should review and comment by January 30, 2023 on proposed changes to rules on unauthorized disclosures the Confidentiality of Substance Use Disorder (SUD) Patient Records under 42 CFR part 2 (“Part 2”) proposed by the U.S. Health and Human Services Department Office for Civil Rights (OCR) and the Substance Abuse and Mental Health Services Administration (SAMHSA) in a Notice of Proposed Rulemaking (NPRM) made public November 28, 2022 here and scheduled for publication in the December 2, 2022 Federal Register. If adopted as proposed, mental health and substance abuse providers, as well as other health care providers and insurers should prepare to meet new responsibilities and manage new liabilities under the revised rules.
On November 28, 2022, OCR and SAMHSA issued the NPRM to revise the Confidentiality of Substance Use Disorder Patient Records regulations at 42 CFR part 2 (“Part 2”), which seek to address concerns that concerns about discrimination or prosecution might deter people from entering treatment for SUD by protecting “records of the identity, diagnosis, prognosis, or treatment of any patient which are maintained in connection with the performance of any program or activity relating to substance abuse education prevention, training, treatment, rehabilitation, or research, which is conducted, regulated, or directly or indirectly assisted by any department or agency of the United States.”(“SUD Records”).
Currently, the Part 2 protections of patient privacy and records concerning treatment related to substance use challenges from unauthorized disclosures differ from the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy, Breach Notification, and Enforcement Rules (“HIPAA”) rules. These distinctions create barriers to information sharing by patients and among health care providers and create dual obligations and compliance challenges for regulated entities. To address this concern, Congress mandated in Section 3221 of the Coronavirus Aid, Relief, and Economic Security Act (CARES Act) that HHS to bring Part 2 into greater alignment with certain aspects of the HIPAA Privacy rule.
Amid these challenges, the NPRM proposes to implement this CARES Act mandate through the following changes to Part 2 that HHS says will help safeguard the health and outcomes of individuals with SUD while creating greater flexibility for information sharing envisioned by Congress in its passage of Section 3221 of the CARES Act:
Permit Part 2 programs to use and disclose Part 2 records based on a single prior consent signed by the patient for all future uses and disclosures for treatment, payment, and health care operations;
Permit the redisclosure of Part 2 records as permitted by the HIPAA Privacy Rule by recipients that are Part 2 programs, HIPAA covered entities, and business associates, with certain exceptions;
Expand prohibitions on the use and disclosure of Part 2 records in civil, criminal, administrative, or legislative proceedings conducted by a federal, state, or local authority against a patient, absent a court order or the consent of the patient;
Create two patient rights under Part 2 that align with individual rights under the HIPAA Privacy Rule:
Right to an accounting of disclosures; and
Right to request restrictions on disclosures for treatment, payment, and health care operations;
Require disclosures to the Secretary for enforcement;
Apply HIPAA and HITECH Act civil and criminal penalties to Part 2 violations;
Require Part 2 programs to establish a process to receive complaints of Part 2 violations;
Prohibit Part 2 programs from taking adverse action against patients who file complaints;
Prohibit Part 2 programs from requiring patients to waive the right to file a complaint as a condition of providing treatment, enrollment, payment, or eligibility for services;
Apply the standards in the HITECH Act and the HIPAA Breach Notification Rule to breaches of Part 2 records by Part 2 programs;
Modify the Part 2 confidentiality notice requirements (“Patient Notice”) to align with the HIPAA Notice of Privacy Practices;
Modify the HIPAA Notice of Privacy Practices requirements for covered entities who receive or maintain Part 2 records to include a provision limiting redisclosure of Part 2 records for legal proceedings according to the Part 2 standards; and
Permit investigative agencies to apply for a court order to use or disclose Part 2 records after they unknowingly receive Part 2 records while investigating or prosecuting a Part 2 program, when certain preconditions are met.
While the Department is undertaking this rulemaking, the current Part 2 regulations remain in effect. However, once the comment period ends, the Biden Administration-led HHS is expected to finalize the proposed changes quickly. Consequently, in addition to sharing any concerns or other input about the proposed changes during the comment period, health care providers, health plans, health care clearinghouses, employers, community agencies, state and local governments, patients and other caregivers and other concerned parties also should begin planning and preparing to respond to the anticipated changes in the requirements.
Implications For Health Care Providers, Health Insurers & Other Businesses
The NPRM’s extension of HIPAA and HIPAA-like requirements to the Part 2 substance abuse confidentiality provides clarification by adding new obligations for health care providers and others involved in substance abuse treatment or recordkeeping. Health care providers, health insurance, and others involved with these activities will need to assess and plan to meet these new responsibilities and the steps they can be expected to take to fulfill them.
Beyond these more obvious burdens, mental health and substance abuse and other health care providers and businesses also should carefully assess the potential implications of the proposed changes on their worker and vendor credentialing and workplace safety practices as well as their health and other benefit programs. Assuming the changes are adopted in their current form, businesses sponsoring health benefit programs, and health care organizations and providers specifically should prepare to modify their HIPAA required notices of privacy practices and associated practices to comply with the proposed updates.
Businesses required to comply with Department of Transportation Drug Free Workplace or other alcohol and substance abuse requirements also should consider the potential implications of the proposed changes on their ability to secure relevant substance abuse treatment and related history. In assessing these implications, businesses also should be cognizant of a new proactivity on behalf of certain uses of drugs by workers in the workplace under the Americans With Disabilities Act (“ADA”). For instance, the EEOC recently has sued Eagle Marine Services Electrical & Refrigeration, LLC for allegedly violating the ADA by refusing to hire or accommodate a worker because he used medication prescribed by his doctor to treat attention deficit hyperactivity disorder (“ADHD”) without making any individual assessment of the worker’s medication use or whether it would affect his ability to safely perform the marine electrician position, and instead relied on general stereotypes about disability and medication use to justify its decision not to hire him. Businesses seeking to investigate or deny employment opportunities to workers based on the worker’s past or current medication use will want to use care to ensure that their practices are tailored to defend against similar challenges.
Health plan sponsors and insurers also should assure their mental health and substance abuse treatment coverage documents and practices are defensible under the latest mental health and substance abuse parity mandates of the Mental Health Parity and Addiction Equity Act (MHPAEA) and coverage requirements of the Patient Protection and Affordable Care Act (“ACA”). Along with a host of statutory changes since the original parity mandates took effect, implementing regulations and guidance about non-qualitative limitations and exclusions and heightened agency enforcement are ramping up enforcement and liability risks. In addition to exposing the health plan administrators and other fiduciaries to potential claims denial or fiduciary responsibility claims brought by participants or beneficiaries, the Department of Labor or both, administrative penalties by the EBSA, or both, the MHPAEA mental health and substance abuse parity rules are among 40 federal mandates that when violated can trigger the automatic $100 per violation per day employer excise tax penalty under Internal Revenue Code Section 6039D. Consequently, violations of the MHPAEA are particularly risky and potentially expensive for private employers, their health plans and the plan administrators and fiduciaries that administer it.
For Help With Comments, Investigations Or Other Needs
If your organization would like to learn more about the concerns discussed in this update or seeks assistance auditing, updating, administering or defending its human resources, compensation, benefits, corporate ethics and compliance practices, or other performance related concerns, please contact management attorney and consultant Cynthia Marcotte Stamer.
An attorney Board Certified in Labor & Employment Law by Texas Board of Legal Specialization, Ms. Stamer is recognized for work helping organizations management people, operations and risk as a Fellow in the American College of Employee Benefit Counsel, a “Top Woman Lawyer,” “Top Rated Lawyer,” and “LEGAL LEADER™” in Labor and Employment Law and Health Care Law; a “Best Lawyers” in “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law.”
For 35 years, Ms. Stamer’s work has focused on advising and assisting businesses and business leaders with these and other employment and other staffing, employee benefit, compensation, risk, performance and compliance management and other operational solutions and concerns. Her experience includes helping management both manage performance and manage legal risk and compliance. While helping businesses define and manage the conduct and performance of their employees, contractors and vendors, she also assists employers and others about compliance with federal and state equal employment opportunity, compensation, health and other employee benefit, workplace safety, leave, and other labor and employment laws, advises and defends businesses against labor and employment, employee benefit, compensation, fraud and other regulatory compliance and other related audits, investigations and litigation, charges, audits, claims and investigations by the IRS, Department of Labor, Department of Justice, SEC, Federal Trade Commission, HUD, HHS, DOD, Departments of Insurance, and other federal and state regulators. Ms. Stamer also speaks, coaches management and publishes extensively on these and other related matters. For additional information about Ms. Stamer and her experience or to access other publications by Ms. Stamer see hereor contact Ms. Stamer directly.
Other Helpful Resources & Information
If you found this article of interest, you also may be interested in reviewing other Breaking News, articles and other resources available including:
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information – including your preferred e-mail – by creating or updating your profile here. For important information concerning this communication click here. If you do not wish to receive these updates in the future, unsubscribe by updating your profile here.
Fuve former Methodist Hospital Employees face criminal charges for conspiring with Roderick Harvey, to unlawfully disclose patient information in violation of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) under indictments announced by the Justice Department today.
HIPAA was enacted by Congress in 1996 to create national standards to protect sensitive patient information from being disclosed without a patient’s knowledge or consent. HIPAA’s provisions make it a crime to disclose patient information, or to obtain patient information with the intent to sell, transfer or use such information for personal gain.
According to the indictment, between November 2017 and December 2020, Harvey paid defendants Kirby Dandridge, Sylvia Taylor, Kara Thompson, Melanie Russell and Adrianna Taber, to provide him with names and phone numbers of Methodist patients who had been involved in motor vehicle accidents. After obtaining the information, Harvey sold the information to third persons including personal injury attorneys and chiropractors.
However, if convicted, the conspiracy charge carries a maximum penalty of five years imprisonment, a fine of $250,000 and three-year period of supervised release.
Harvey was also charged with seven counts of obtaining patient information with the intent to sell it for financial gain on various dates between November 12, 2017, and September 7, 2019. Each of those charges carries a maximum penalty of 10 years’ imprisonment, a fine of $250,000 and three years’ of supervised release.
Dandridge, Taylor, Thompson, Russell, and Taber were each charged with separate violations of disclosing the information to Harvey in violation of HIPAA. That charge carries a maximum penalty of one year imprisonment, a $50,000 fine and a one-year period of supervised release.
The Justice Department announcement reminds that charges and allegations in the indictment are merely accusations, and the defendants are presumed innocent unless and until proven guilty.
The. Indictments demonstrate the criminal liability that health care providers and others can face for willfully misappropriation or other misuse of medical records or other information in violation of HIPAA. Because these violations are federal felonies, Employing organizations like Methodist could face liability under the federal sentencing guidelines unless they have implemented and administered appropriate preventing procedures and taken timely and appropriate corrective action to mitigate that liability under federal criminal law. When the organization investigates in response promptly and has taken appropriate reasonable steps, the Justice Department generally does not pursue criminal charges against the organization. Rather, the organizations liability typically is handled by the Department of Health and Human Services Office of Civil Rights (“OCR”). If it determines that the organization’s deficiencies in compliance with HIPAA contributed to or failed timely to remediate the violations, OCR can pursue civil monetary penalties. In most cases, however, OCR charges are resolved through resolution agreement settlement processes.
The indictments and associated investigations remind other healthcare providers, health plans, healthcare clearinghouse as a business associates of the importance of ensuring that they maintain and administer appropriate processes to prevent breaches of their data by internal personnel and others as well as comply with post breach investigation over mediation and reporting obligations.
More Information
We hope this update is helpful. For more information about the these or other health or other legal, management or public policy developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.
Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years of health industry and other management work, public policy leadership and advocacy, coaching, teachings, and publications.
A Fellow in the American College of Employee Benefit Counsel, Vice Chair of the American Bar Association (“ABA”) International Section Life Sciences and Health Committee, Past Chair of the ABA Managed Care & Insurance Interest Group, Scribe for the ABA JCEB Annual Agency Meeting with HHS-OCR, past chair of the the ABA RPTE Employee Benefits & Other Compensation Group and current co-Chair of its Welfare Benefit Committee, Ms. Stamer is most widely recognized for her decades of pragmatic, leading edge work, scholarship and thought leadership on health and managed care industry legal, public policy and operational concerns.
Ms. Stamer’s work throughout her 30 plus year career has focused heavily on working with health care and managed care, health and other employee benefit plan, insurance and financial services and other public and private organizations and their technology, data, and other service providers and advisors domestically and internationally with legal and operational compliance and risk management, performance and workforce management, regulatory and public policy and other legal and operational concerns.
For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.
About Solutions Law Press, Inc.™
Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here.
IMPORTANT NOTICE ABOUT THIS COMMUNICATION
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.
NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author and Solutions Law Press, Inc.™ reserve the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The author and Solutions Law Press, Inc.™ disclaim, and have no responsibility to provide any update or otherwise notify anyone any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication. Readers acknowledge and agree to the conditions of this Notice as a condition of their access of this publication.
Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.
The Centers for Disease Control released updated opiate prescription guidance today, loosening restrictions on prescription of the pain management narcotics under certain conditions.
Ironically the new guidance loosening opiate prescription guidelines comes on the heels of the announcement yesterday of sellements of opiate litigation against CVS and Walgreens brought by multiple states’ seeking to recover states’ costs arising from citizens ‘ addicted to opiates.
CDC’s revised opiate guidance is intended to give providers more flexibility to prescribe under various situations in response to criticism that the original more narrow guidelines harmed patients legitimately needing the pain management treatment.
Guideline changes are likely to implicate prescribing practices as well as some prescription drug coverages, as well as electronic recordkeeping and prescribing systems.
Slay tuned for more details about the new guidelines and other health care and life sciences relevant developments.
More Information
We hope this update is helpful. For more information about the these or other health or other legal, management or public policy developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.
Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years of health industry and other management work, public policy leadership and advocacy, coaching, teachings, and publications.
A Fellow in the American College of Employee Benefit Counsel, Vice Chair of the American Bar Association (“ABA”) International Section Life Sciences and Health Committee, Past Chair of the ABA Managed Care & Insurance Interest Group, Scribe for the ABA JCEB Annual Agency Meeting with HHS-OCR, past chair of the the ABA RPTE Employee Benefits & Other Compensation Group and current co-Chair of its Welfare Benefit Committee, Ms. Stamer is most widely recognized for her decades of pragmatic, leading edge work, scholarship and thought leadership on health and managed care industry legal, public policy and operational concerns.
Ms. Stamer’s work throughout her 30 plus year career has focused heavily on working with health care and managed care, health and other employee benefit plan, insurance and financial services and other public and private organizations and their technology, data, and other service providers and advisors domestically and internationally with legal and operational compliance and risk management, performance and workforce management, regulatory and public policy and other legal and operational concerns.
For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.
About Solutions Law Press, Inc.™
Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here.
IMPORTANT NOTICE ABOUT THIS COMMUNICATION
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.
NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author and Solutions Law Press, Inc.™ reserve the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The author and Solutions Law Press, Inc.™ disclaim, and have no responsibility to provide any update or otherwise notify anyone any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication. Readers acknowledge and agree to the conditions of this Notice as a condition of their access of this publication.
Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.
The November 1, 2022 American Bar Association Tort Trial & Insurance Section Medicine & Law Committee November Learning Sessionwill focus on the details and likely implications of the groundbreaking August 8, 2022 settlement of the long-running In Re Blue Cross And Blue Shield Litigation on the commercial health insurance market and the health care provider contracting, payment and other relations by Blue Cross Blue Shueld Association and its member insurers.
The August 8, 2022 settlement requires the Association and its members to make substantial changes in longstanding market and business practices that have helped the Association and its member insurance organizations establish and protect their market dominance from external and internal competition, and use that market dominance in its contracting and other dealings with health care providers.
After nine years of litigation challenging the provider contracting and business contracting rules and practices of the Association as anticompetitive, the reforms by the Association and its member insurance organizations agreed upon in the settlement agreement are expected to foster freer market competition of insurance products and services to customers, and provide health care providers greater strength when dealing with the Association and its members on provider contracting and claims. Meanwhile, the more than nine years of litigation leading up to the settlement produced several significant procedural and substantive rulings likely to shape future antitrust litigation.
During Tuesday’s Committee Learning Session, Medicine & Law Committee Chair-Elect Cynthia Marcotte Stamer, Managing Shareholder, Cynthia Marcotte Stamer, P.C. will share a brief overview and selected resources about the litigation and settlement, before leading a discussion among call participants of their thoughts about the significance and implications of these developments on the marketplace and future antitrust litigation and enforcement.
For more information about the Learning Session or other opportunities for involvement with the Medicine & Law Committee, e-mail Chair Elect Cynthia Marcotte Stamer or see the Medicine & Law Committee webpage.
The $6.8 million plus settlement that four compounding pharmacies will pay highlights the federal health care fraud risks of co-payment and misrepresenting the charge for compound pain creams used by some compounding pharmacies and other health care providers.
DermaTran Health Solutions, LLC; Pharmacy Insurance Administrators, LLC; Legends Pharmacy; TriadRx; and the former owners of Lake Side Pharmacy and related entities, agreed to pay $6,876,564 to resolve allegations that they violated the False Claims Act by waiving copays, charging the government higher prices than permitted, and trading federal healthcare business with other pharmacies, according to an October 12, 2022 Justice Department announcement.
The government alleged that in 2012, pharmacy DermaTran Health Solutions, LLC (“DermaTran”), opened in Rome, Georgia, for the purpose of making and selling custom “compound” pain creams. DermaTran’s owners during the relevant time include DIII Consulting, LLC; SRM Holdings, LLC; Gussenhoven Holdings, LLC; Sam Moss; and Robert Gussenhoven. At the same time, another company named Pharmacy Insurance Administrators, LLC (“PIA”), was created to handle the billing for DermaTran. During the relevant time, PIA was a subsidiary of Insurance Administrative Solutions, LLC; which was a subsidiary of Gulfcoast Administrators, LLC; which was majority-owned by Life & Health Holdings, Inc.; which was a subsidiary of State Mutual Insurance Company.
The massive civil settlement resolves a lawsuit originally filed in the U.S. District Court for the Northern District of Georgia by a former accountant for DermaTran, under the qui tam, or whistleblower provisions, of the False Claims Act. United States ex rel. Doe v. DermaTran Health Solutions, LLC, et al., Civil Action No. 1:17-CV-1765. Under the False Claims Act, private citizens may bring suit for false claims on behalf of the United States and share in any recovery obtained by the government. The whistleblower will receive $1,434,775 from the settlements. PIA will also pay her attorney’s fees.
According to the complaint, the settling defendants used prohibited practices to cash in on lucrative coverage for compound pain creams provided by government backed health insurance programs such as TRICARE (for the military) and the Federal Employees Health Benefits Program (for federal workers). These programs would reimburse hundreds of dollars for these prescriptions, provided that certain restrictions to limit spending were met. For example, patients were required to contribute to the cost of the prescription in the form of copays. The government programs also limited payments to the “usual and customary price”—the price charged to a cash-paying, uninsured patient.
The Government alleged that DermaTran and PIA found ways to avoid these restrictions. DermaTran and PIA created a copay-waiver program where the providers would waive patients’ copayments based on a brief, unverified statement of economic need. DermaTran and PIA also misled the government programs about the price being charged to uninsured, cash-paying patients by falsely stating that that price was high when, in fact, it was only $30. As a result, there were days that veterans were charged $600+ for pain creams, while uninsured patients were charged only $30.
Eventually, various auditors uncovered these problems and began to terminate DermaTran from their networks. The Government alleged that DermaTran, looking for a way to continue to earn money, began selling its out-of-network prescriptions to other pharmacies. The other pharmacies could fill the prescriptions because they were still in network. After filling the lucrative prescriptions, the other pharmacies remitted a portion of the proceeds to DermaTran and PIA. The government alleged that this arrangement constituted an illegal kickback. The other pharmacies that participated in this prescriptions-for-money scheme included Legends Pharmacy (in Texas), Lake Side Pharmacy (in Alabama), and TriadRx (in Alabama).
The Government’s False Claims Act claims based on the above allegations are being settled. PIA will contribute $6.5 million to the settlement. DermaTran is no longer operating and was sold in an arm’s-length transaction to a third-party buyer last year for the price of $40,000. That amount will be turned over to the government as part of the settlement. MLDP of Texas, LP (a/k/a “Legends Pharmacy”) will pay $59,293. TRIAD Rx, Inc. will pay $166,547. Lake Side Pharmacy is no longer in business, but former owners of Lake Side Pharmacy will pay $110,724. The former owners include Titan Medical Marketing, LLC; Donald Wayne Bogue; George Takashi Elkins; James Bernard Bogue, Jr.; Robert Joseph Puckett, Jr.; Robert Joseph Puckett, Sr.; Stephen Weston Wilson; and Charles Franklin Taylor, Jr.
Statements by agencies involved in the investigation and prosecution of the DermaTran and PIA cases send a strong warning to other pharmacies and health care providers against engaging in similar copay waiver or billing practices. “Fraud through compounding pharmacies bilked billions out of TRICARE and undermined the integrity of our healthcare system designed to care for our service members and their families,” stated Cynthia Bruce, Special Agent in Charge of the Department of Defense, Office of Inspector General, Defense Criminal Investigative Service (DCIS). “I appreciate the partnership among involved law enforcement agencies and the U.S. Attorney’s Office to bring this matter to justice.”
“The OPM OIG has no tolerance for businesses that knowingly take advantage of FEHBP, violating the rules to make a profit,” said Amy K. Parker, Special Agent in Charge, OPM OIG. “I am extremely proud of the hard work of our investigators, analysts, and other law enforcement partners because overcharging the government is not a victimless crime – it contributes to higher premium prices and harms the financial integrity of the FEHBP.”
“The U.S. Postal Service, Office of Inspector General, will continue to tirelessly investigate those who commit frauds against federal benefit programs and the U.S. Postal Service. This settlement is a clear message that the USPS OIG is dedicated to rooting out corruption and bringing to justice those responsible for these crimes, said Special Agent in Charge Matthew Modafferi of the U.S. Postal Service, Office of Inspector General Northeast Area Field Office. The USPS OIG would like to thank our law enforcement partners and the Department of Justice for their efforts in this investigation”.
“Health care providers that try to boost their profits by submitting fraudulent claims to Federal health care programs threaten the integrity of those programs and drive up prices for everyone,” said Tamala E. Miles, Special Agent in Charge with the U.S. Department of Health and Human Services Office of Inspector General. “We work tirelessly alongside our law enforcement partners to protect the integrity of Federal health care programs and to ensure the appropriate use of taxpayer dollars.”
Compound pharmacies and other providers not only should not engage in these practices, but also should take steps to correct any past copayment waiver or billing practices that in retrospect could be found to have violated these or other Federal health program rules.
More Information
We hope this update is helpful. For more information about the these or other health or other legal, management or public policy developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.
Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years of health industry and other management work, public policy leadership and advocacy, coaching, teachings, and publications.
A Fellow in the American College of Employee Benefit Counsel, Vice Chair of the American Bar Association (“ABA”) International Section Life Sciences and Health Committee, Past Chair of the ABA Managed Care & Insurance Interest Group, Scribe for the ABA JCEB Annual Agency Meeting with HHS-OCR, past chair of the the ABA RPTE Employee Benefits & Other Compensation Group and current co-Chair of its Welfare Benefit Committee, Ms. Stamer is most widely recognized for her decades of pragmatic, leading edge work, scholarship and thought leadership on health and managed care industry legal, public policy and operational concerns.
Ms. Stamer’s work throughout her 30 plus year career has focused heavily on working with health care and managed care, health and other employee benefit plan, insurance and financial services and other public and private organizations and their technology, data, and other service providers and advisors domestically and internationally with legal and operational compliance and risk management, performance and workforce management, regulatory and public policy and other legal and operational concerns.
For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.
About Solutions Law Press, Inc.™
Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here.
IMPORTANT NOTICE ABOUT THIS COMMUNICATION
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.
NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author and Solutions Law Press, Inc.™ reserve the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The author and Solutions Law Press, Inc.™ disclaim, and have no responsibility to provide any update or otherwise notify anyone any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication. Readers acknowledge and agree to the conditions of this Notice as a condition of their access of this publication.
Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.
The $6.8 million settlement paid by four pharmacies to settle False Claims Act civil claims warns other pharmacies and other health care providers against improper copayment or other cost sharing waiver, billing and referral practices.
The Department of Justice announced October 12, 2022 that DermaTran Health Solutions, LLC (“DermaTran”); Pharmacy Insurance Administrators, LLC; Legends Pharmacy; TriadRx; and the former owners of Lake Side Pharmacy and related entities, agreed to pay $6,876,564 to resolve allegations that they violated the False Claims Act by waiving copays, charging the government higher prices than permitted, and trading federal healthcare business with other pharmacies.
The government alleged that in 2012, pharmacy DermaTran opened in Rome, Georgia, for the purpose of making and selling custom “compound” pain creams. DermaTran’s owners during the relevant time include DIII Consulting, LLC; SRM Holdings, LLC; Gussenhoven Holdings, LLC; Sam Moss; and Robert Gussenhoven. At the same time, another company named Pharmacy Insurance Administrators, LLC (“PIA”), was created to handle the billing for DermaTran. During the relevant time, PIA was a subsidiary of Insurance Administrative Solutions, LLC; which was a subsidiary of Gulfcoast Administrators, LLC; which was majority-owned by Life & Health Holdings, Inc.; which was a subsidiary of State Mutual Insurance Company.
Compound pain creams were very lucrative. Government-backed health insurance programs such as TRICARE (for the military) and the Federal Employees Health Benefits Program (for federal workers) would reimburse hundreds of dollars for these prescriptions. But the government programs imposed certain restrictions to limit spending. For example, patients were required to contribute to the cost of the prescription in the form of copays. The government programs also limited payments to the “usual and customary price”—the price charged to a cash-paying, uninsured patient.
The Government alleged that DermaTran and PIA found ways to avoid these restrictions. DermaTran and PIA created a copay-waiver program where patients would have their copays waived based on a brief, unverified statement of economic need. DermaTran and PIA also misled the government programs about the price being charged to uninsured, cash-paying patients by falsely stating that that price was high when, in fact, it was only $30. As a result, there were days that veterans were charged $600+ for pain creams, while uninsured patients were charged only $30.
Eventually, various auditors uncovered these problems and began to terminate DermaTran from their networks. The Government alleged that DermaTran, looking for a way to continue to earn money, began selling its out-of-network prescriptions to other pharmacies. The other pharmacies could fill the prescriptions because they were still in network. After filling the lucrative prescriptions, the other pharmacies remitted a portion of the proceeds to DermaTran and PIA. The government alleged that this arrangement constituted an illegal kickback. The other pharmacies that participated in this prescriptions-for-money scheme included Legends Pharmacy (in Texas), Lake Side Pharmacy (in Alabama), and TriadRx (in Alabama).
This settlement resulted from a joint investigation by the U.S. Attorney’s Office for the Northern District of Georgia, the FBI, the Defense Criminal Investigative Service, the US Office of Personnel Management – Office of the Inspector General, the U.S. Postal Service – Office of Inspector General, and the Health and Human Services – Office of Inspector General.
This civil settlement resolves a lawsuit filed in the U.S. District Court for the Northern District of Georgia by a former accountant for DermaTran, under the qui tam, or whistleblower provisions, of the False Claims Act. United States ex rel. Doe v. DermaTran Health Solutions, LLC, et al., Civil Action No. 1:17-CV-1765. Under the False Claims Act, private citizens may bring suit for false claims on behalf of the United States and share in any recovery obtained by the government.
Under the settlement, PIA will contribute $6.5 million to the settlement. DermaTran is no longer operating and was sold in an arm’s-length transaction to a third-party buyer last year for the price of $40,000. That amount will be turned over to the government as part of the settlement. MLDP of Texas, LP (a/k/a “Legends Pharmacy”) will pay $59,293. TRIAD Rx, Inc. will pay $166,547. Lake Side Pharmacy is no longer in business, but former owners of Lake Side Pharmacy will pay $110,724. The former owners include Titan Medical Marketing, LLC; Donald Wayne Bogue; George Takashi Elkins; James Bernard Bogue, Jr.; Robert Joseph Puckett, Jr.; Robert Joseph Puckett, Sr.; Stephen Weston Wilson; and Charles Franklin Taylor, Jr. The whistleblower will receive $1,434,775 from the settlements. PIA will also pay her attorney’s fees.
The settlement documents the commitment of the Justice Department, the Department of Health & Human Services (“HHS”) Office of Inspector General (“OIG”) and other federal agencies to enforce the False Claims Act to recover government payments that result from improper waiver of copays, charging the government higher prices and other improper practices in violation of the False Claims Act. The agencies made a point of including their respective warnings in their announcement of the settlement.
“Health care fraud abuse like this case erodes the trust patients have in the health care system,” said Keri Farley, Special Agent in Charge of FBI Atlanta. “The FBI will not stand by when there are allegations of companies operating corporate wide schemes to illegally line their pockets.”
“Fraud through compounding pharmacies bilked billions out of TRICARE and undermined the integrity of our healthcare system designed to care for our service members and their families,” stated Cynthia Bruce, Special Agent in Charge of the Department of Defense, Office of Inspector General, Defense Criminal Investigative Service (DCIS). “I appreciate the partnership among involved law enforcement agencies and the U.S. Attorney’s Office to bring this matter to justice.”
“The OPM OIG has no tolerance for businesses that knowingly take advantage of FEHBP, violating the rules to make a profit,” said Amy K. Parker, Special Agent in Charge, OPM OIG. “I am extremely proud of the hard work of our investigators, analysts, and other law enforcement partners because overcharging the government is not a victimless crime – it contributes to higher premium prices and harms the financial integrity of the FEHBP.”
“The U.S. Postal Service, Office of Inspector General, will continue to tirelessly investigate those who commit frauds against federal benefit programs and the U.S. Postal Service. This settlement is a clear message that the USPS OIG is dedicated to rooting out corruption and bringing to justice those responsible for these crimes, said Special Agent in Charge Matthew Modafferi of the U.S. Postal Service, Office of Inspector General Northeast Area Field Office. The USPS OIG would like to thank our law enforcement partners and the Department of Justice for their efforts in this investigation”.
“Health care providers that try to boost their profits by submitting fraudulent claims to Federal health care programs threaten the integrity of those programs and drive up prices for everyone,” said Tamala E. Miles, Special Agent in Charge with the U.S. Department of Health and Human Services Office of Inspector General. “We work tirelessly alongside our law enforcement partners to protect the integrity of Federal health care programs and to ensure the appropriate use of taxpayer dollars.”
More Information
We hope this update is helpful. For more information about the these or other health or other legal, management or public policy developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.
Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years of health industry and other management work, public policy leadership and advocacy, coaching, teachings, and publications.
A Fellow in the American College of Employee Benefit Counsel, Vice Chair of the American Bar Association (“ABA”) International Section Life Sciences and Health Committee, Past Chair of the ABA Managed Care & Insurance Interest Group, Scribe for the ABA JCEB Annual Agency Meeting with HHS-OCR, past chair of the the ABA RPTE Employee Benefits & Other Compensation Group and current co-Chair of its Welfare Benefit Committee, Ms. Stamer is most widely recognized for her decades of pragmatic, leading edge work, scholarship and thought leadership on health and managed care industry legal, public policy and operational concerns.
Ms. Stamer’s work throughout her 30 plus year career has focused heavily on working with health care and managed care, health and other employee benefit plan, insurance and financial services and other public and private organizations and their technology, data, and other service providers and advisors domestically and internationally with legal and operational compliance and risk management, performance and workforce management, regulatory and public policy and other legal and operational concerns.
For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.
About Solutions Law Press, Inc.™
Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here.
IMPORTANT NOTICE ABOUT THIS COMMUNICATION
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.
NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author and Solutions Law Press, Inc.™ reserve the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The author and Solutions Law Press, Inc.™ disclaim, and have no responsibility to provide any update or otherwise notify anyone any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication. Readers acknowledge and agree to the conditions of this Notice as a condition of their access of this publication.
Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.
Criminal inditements unsealed October 12, 2022 against a Brooklyn area doctor, three pharmacies and four employees illustrate federal authorities’ continuing war against providers for wrongfully distributing oxycodone or other controlled substances.
The 10-count indictment unsealed charges Dr. Somsri Ratanaprasatporn, her office manager Leticia Smith, pharmacists Bassam Amin, Omar Elsayed, and Yousef Ennab, Michael Kent, Anthony Mathis, and Raymond Walker with conspiracy to distribute and possess with intent to distribute oxycodone and related crimes. Smith and Kent are also charged with money laundering in connection with their alleged efforts to hide the proceeds of their illegal oxycodone distribution operation. All eight defendants were arrested this morning and are scheduled to be arraigned this afternoon before United States Magistrate Judge Robert M. Levy.
As set forth in the indictment and publicly filed documents, between December 2018 and October 2022, the defendants operated a drug distribution ring out of a medical practice on Linden Boulevard in East New York, Brooklyn. Together, they unlawfully distributed more than 11,000 prescriptions for oxycodone.
According to the unsealed inditements, the structured drug trafficking ring’s operations started in a doctor’s office and ended with more than 1.2 million dangerously addictive opioids worth $24 million supplied to the streets of New York City,. Ratanaprasatporn, a pediatrician and general practitioner, and Smith, issued the prescriptions; Amin, Ennab and Elsayed filled the prescriptions at pharmacies in Brooklyn and Staten Island, and Kent, Mathis, and Walker oversaw “crews” of sham patients who received medically unnecessary prescriptions. Together, the defendants made millions of dollars from the scheme. During the execution of a search warrant this morning, members of law enforcement recovered several hundred thousand dollars in U.S. currency from Smith’s residence. Law enforcement also recovered two handguns that Kent was observed tossing from a rear door of his residence.
The charges in the indictment are allegations, and the defendants are presumed innocent unless and until proven guilty. If convicted of the drug charges, the defendants face up to 20 years’ imprisonment. If convicted of the money laundering charges, Smith and Kent face up to 20 years’ imprisonment for each count.
Oxycodone is a highly addictive opioid used to treat severe and chronic pain conditions. Addition and other abuse often starts from medications prescribed by or otherwise made available by health care providers.
Every year, millions of Americans abuse oxycodone. Misuse of painkillers like oxycodone leads to hundreds of thousands of annual emergency room visits. More than 16,000 Americans died from prescription opioid overdoses in 2020. Oxycodone prescriptions have enormous cash value to drug dealers. For example, one oxycodone 30 mg tablet, which was the dosage prescribed in this case, can be sold by dealers on the street for between $20 and $30 in New York City.
The growing epidemic of abuse of oxycodone and other prescription pain medications have prompted federal and state authorities to partner in their fight against pain medication abuse.
The charges are the result of an ongoing Organized Crime Drug Enforcement Task Forces (OCDETF) investigation led by the United States Attorney’s Office for the Eastern District of New York and the DEA. The principal mission of the OCDETF program is to identify, disrupt, and dismantle the most serious drug trafficking, weapons trafficking, and money laundering organizations, and those primarily responsible for the nation’s illegal drug supply. OCDETF uses a prosecutor-led, intelligence-driven, multi-agency approach that leverages the strengths of federal, state, and local law enforcement agencies against criminal networks.
Like many other recent prosecutions, these inditements target health care providers profiting off of the illegal prescription or other distribution of oxycodine or other controlled substances.
In announcing the inditements, representatives of each participating agency reintegrated their agencies commitment to continue investigation and prosecuting health care providers improperly distributing controlled substances.
“Doctors and medical professionals have a professional obligation to do no harm, but, as alleged, the defendants callously supplied more than one million pills to traffickers for distribution, resulting in dangerous opioids flooding the streets of this district,” stated United States Attorney Peace. “Today’s charges demonstrate this Office’s continued commitment to stemming the availability of illegal drugs and holding to account those who contribute to the epic tragedy that is the opioid epidemic.”
DEA Special Agent-in-Charge Tarentino warned the “DEA and our law enforcement partners will continue to hold DEA Registrants and other medical professionals to the highest possible standards and also hold them accountable when they knowingly endanger members of the community.”
“With this multi-million-dollar criminal scheme, it’s alleged the defendants made their profits off the vulnerabilities and addictions of their customers throughout New York City. Law enforcement partnerships like those seen here today have been and continue to be an integral part of stopping the flow of highly addictive narcotics into our communities,” stated IRS-CI Special Agent-in-Charge Fattorusso.
“Today’s charges show how diverted prescription drugs still fuel the opioid epidemic in New York. The Bureau of Narcotic Enforcement remains resolute in its commitment to work together with our federal and local law enforcement partners to disrupt and dismantle the criminal organizations that abuse the public’s trust in health care practitioners to move these dangerous and addictive pills from pharmacies to our neighborhoods,” stated BNE Director Vinciguerra.
Along with vigorous investigation and enforcement of providers and others involved in illegal distribution, federal and state authorities also have worked to tighten rules, standards and records keeping requirements for the legal prescription of opioids and other narcotics by physicians and other prescribers and stepped up disciplinary investigation and enforcement of these requirements. Billing for prescriptions of opioids beyond the parameters of tightened parameters also can trigger overprescribing and other allegations. Physician and other prescribers, pharmacists and pharmacies and other health industry participants should use care to establish and ensure they and their staff meticulously follow appropriate protocols and procedures to ensure their ability to defend their handling of opioid and other narcotic painkillers.
More Information
We hope this update is helpful. For more information about the these or other health or other legal, management or public policy developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.
Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years of health industry and other management work, public policy leadership and advocacy, coaching, teachings, and publications.
A Fellow in the American College of Employee Benefit Counsel, Vice Chair of the American Bar Association (“ABA”) International Section Life Sciences and Health Committee, Past Chair of the ABA Managed Care & Insurance Interest Group, Scribe for the ABA JCEB Annual Agency Meeting with HHS-OCR, past chair of the the ABA RPTE Employee Benefits & Other Compensation Group and current co-Chair of its Welfare Benefit Committee, Ms. Stamer is most widely recognized for her decades of pragmatic, leading edge work, scholarship and thought leadership on health and managed care industry legal, public policy and operational concerns.
Ms. Stamer’s work throughout her 30 plus year career has focused heavily on working with health care and managed care, health and other employee benefit plan, insurance and financial services and other public and private organizations and their technology, data, and other service providers and advisors domestically and internationally with legal and operational compliance and risk management, performance and workforce management, regulatory and public policy and other legal and operational concerns.
For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.
About Solutions Law Press, Inc.™
Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here.
IMPORTANT NOTICE ABOUT THIS COMMUNICATION
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.
NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author and Solutions Law Press, Inc.™ reserve the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The author and Solutions Law Press, Inc.™ disclaim, and have no responsibility to provide any update or otherwise notify anyone any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication. Readers acknowledge and agree to the conditions of this Notice as a condition of their access of this publication.
Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.
Today’s U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announcement of resolution agreements with three separate dental practices warns all health care providers, health plans and health care clearinghouses of the importance of complying with the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule’s patient right of access and other federal and state mandates about providing patients and health plan members access to their records.
The following three resolution agreements OCR announced September 20, 2022 underscore the importance and necessity of compliance with the right of access and other HIPAA requirements:
Chicago-based Family Dental Care, P.C. (“FDC”), paid $30,000.00 to resolve potential OCR charges aiding from OCR’s investigation located in Chicago, Illinois. OCR received a complaint on August 8, 2020, alleging that FDC failed to provide a former patient with timely access to her complete medical records. The former patient requested her entire medical records in May 2020, but received only portions. The former patient filed a complaint with OCR, and during OCR’s investigation, FDC provided her with the remainder of her records in October 2020. Thus, FDC did not provide a complete copy of the records until more than five months after the request was made. OCR’s investigation determined that FDC’s failure to provide timely access to the requested medical records was a potential violation of the HIPAA right of access provision. FDC agreed to pay $30,000 and implement a corrective action plan.
Georgia based dental and orthodontics provider Great Expressions Dental Center of Georgia, P.C. (“GEDC-GA”) paid $80,000 to resolve concerns arising from OCR’s investigation of a November 2020 complaint alleging that GEDC-GA would not provide an individual with copies of her medical records because she would not pay GEDC-GA’s $170 copying fee. The individual first requested her records in November 2019, but did not receive them until February 2021, over a year later. OCR’s investigation determined that GEDC-GA’s failure to provide timely access to the requested medical records, and its practice of assessing copying fees that were not reasonable and cost-based, were potential violations of the HIPAA right of access provision. GEDC-GA agreed to pay $80,000 and implement a corrective action plan.
Las Vegas, Nevada dental practice B. Steven L. Hardy, D.D.S., LTD, doing business as Paradise Family Dental (“Paradise”) paid $25,000 to resolve potential violations uncovered after OCR investigated an October 26, 2020 complaint alleging that Paradise had failed to provide a mother with copies of her and her minor child’s protected health information. The mother submitted multiple record requests between April 11, 2020, and December 4, 2020, but Paradise did not send the records until December 31, 2020, more than eight months after her initial request. OCR’s investigation determined that Paradise’s failure to provide timely access to the requested medical records was a potential violation of the HIPAA right of access provision. Paradise agreed to pay $25,000 and implement a corrective action plan.
The three newly announced resolution agreements bring to 41 the number of resolution agreements OCR has announced since announcing its program targeting access right violations. OCR call Rosov call Riedel access violations are the most common of all reported HIPAA violations.
OCR made clear its announcements of these resolution agreements to “send an important message to dental practices of all sizes that are covered by the HIPAA Rules to ensure they are following the law,” said OCR Director Melanie Fontes Rainer. “Patients have a fundamental right under HIPAA to receive their requested medical records, in most cases, within 30 days. I hope that these actions send the message of compliance so that patients do not have to file a complaint with OCR to have their medical records requests fulfilled.”
Health care providers as well as health plans should heed thus strong warning by ensuring their compliance with the HIPAA right of access as well as other applicable rules about providing patient and plan members copies of records or other data. for healthcare providers, you can please but are not limited to State medical records, ethics, and other rules and regulations. Or health plan, the HIPAA Records access rules are in addition to the Employee Retirement Invome Security Act mandates to provide plan records when requested.
If circumstances come to light that indicate a breach of the access or any other HIPAA standards, Covered Entities also promptly should work with legal counsel timely to investigate, determine and provide any required notifications or other corrective action and document their actions to meet applicable HIPAA and other legal obligations and mitigate liability.
Of course, all HIPAA-covered entities and their leaders always must keep in mind that their responsibilities and potential liability for mishandling protected health information could extend well beyond HIPAA. In addition to the civil monetary penalties HIPAA authorizes, mishandling the collection, protection or disposal of PHI or other sensitive data also can trigger other legal exposures. For instance, as HIPAA compliance is part of the Conditions of Participation that Medicare participating Covered Entities and Medicare Advantage Plans must meet to qualify for program participation, noncompliance could trigger program exclusion, False Claims Act or related exposures. Deficiencies in security or destruction of credit card, banking or other PHI that also qualifies as personal financial information could trigger exposure under Federal Trade Commission, state identity theft and privacy or other laws. Public companies and their leaders also may need to evaluate if deficiencies in their security or destruction protocols trigger investor disclosure obligations under Securities and Exchange Commission rules or other federal or state laws. Considering these and other exposures, documented, compliance and defensibility of PHI and other sensitive information use, protection, disclosure and destruction should rank high among the priorities of all Covered Entities and their leaders.
More Information
We hope this update is helpful. For more information about the these or other health or other legal, management or public policy developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.
Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years of health industry and other management work, public policy leadership and advocacy, coaching, teachings, and publications.
A Fellow in the American College of Employee Benefit Counsel, Vice Chair of the American Bar Association (“ABA”) International Section Life Sciences and Health Committee, Past Chair of the ABA Managed Care & Insurance Interest Group, Scribe for the ABA JCEB Annual Agency Meeting with HHS-OCR, past chair of the the ABA RPTE Employee Benefits & Other Compensation Group and current co-Chair of its Welfare Benefit Committee, Ms. Stamer is most widely recognized for her decades of pragmatic, leading edge work, scholarship and thought leadership on health and managed care industry legal, public policy and operational concerns.
Ms. Stamer’s work throughout her 30 plus year career has focused heavily on working with health care and managed care, health and other employee benefit plan, insurance and financial services and other public and private organizations and their technology, data, and other service providers and advisors domestically and internationally with legal and operational compliance and risk management, performance and workforce management, regulatory and public policy and other legal and operational concerns.
For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.
About Solutions Law Press, Inc.™
Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here.
IMPORTANT NOTICE ABOUT THIS COMMUNICATION
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.
NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author and Solutions Law Press, Inc.™ reserve the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The author and Solutions Law Press, Inc.™ disclaim, and have no responsibility to provide any update or otherwise notify anyone any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication. Readers acknowledge and agree to the conditions of this Notice as a condition of their access of this publication.
Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.
The arrest and criminal charges against Dallas anesthesiologist Raynaldo Rivera Ortiz Jr. (“Dr. Ortiz”) announced September 15, 2022 highlight the advisability of health care facilities and providers to use care to use appropriate monitoring and other safeguards to protect patients and other critical operations against potential retaliatory misconduct during professional peer review or other investigation or discipline of health care professionals or other members of their workforces.
Dr. Ortiz was arrested in Plano, Texas on Wednesday, September 14, 2022 and is scheduled to make his initial court appearance on Friday, September 16, 2022 on federal felony criminal charges that he caused the death of a patient and surgical emergencies of other patients by intentionally tampering with a consumer product and intentional drug alteration.
According to the by Principal Deputy Assistant Attorney General Brian M. Boynton, head of the Justice Department’s Civil Division, and U.S. Attorney for the Northern District of Texas Chad E. Meacham, Dr. Ortiz was arrested and charged via criminal complaint with tampering with a consumer product causing death and intentional drug adulteration.
According the criminal complaint, on June 21, 2022, a 55-year-old female coworker of Dr. Ortiz, experienced a medical emergency and died immediately after treating herself for dehydration using an IV bag of saline taken from a Baylor Scott & White operated surgical center. An autopsy report revealed that she died from a lethal dose of bupivacaine, a nerve blocking agent that is rarely abused but is often used during the administration of anesthesia.
Two months later, on August 24, 2022, an 18-year-old male patient experienced a cardiac emergency during a routine sinus surgery. The teen was intubated and transferred to a local ICU. Chemical analysis of the fluid from a saline bag used during his surgery revealed the presence of bupivacaine, epinephrine (a stimulant), and lidocaine, drugs that could have caused the patient’s sudden symptoms.
According to the complaint, surgical center personnel concluded that the incidents involving both patients suggested a pattern of intentional adulteration of IV bags used at the surgical center.
The surgical center personnel also identified 10 additional unexpected cardiac emergencies that occurred during otherwise unremarkable surgeries between May and August 2022, which the criminal complaint alleges is an exceptionally high rate of complications over such a short period of time. According to the criminal complaint, medical personnel in each of those additional 10 cases only were able to stabilize the patient through use of emergency measures. Most of the incidents occurred during longer surgeries that used more than one IV bag, including one or more bags retrieved mid-surgery from a stainless steel bag warmer.
Surveillance video from the center’s operating room hallway allegedly also shows Dr. Ortiz placing IV bags into the stainless-steel bag warmer shortly before other doctors’ patients experienced cardiac emergencies. The complaint alleges that in one instance captured in the surveillance video, agents observed Dr. Ortiz walk quickly from an operating room to the bag warmer, place a single IV bag inside, visually scan the empty hallway, and quickly walk away. Just over an hour later, according to the complaint, a 56-year-old woman suffered a cardiac emergency during a scheduled cosmetic surgery after a bag from the warmer was used during her procedure. The complaint also states that in another instance, agents observed Dr. Ortiz exit his operating room carrying an IV bag concealed in what appeared to be a paper folder, swap the bag with another bag from the warmer, and walk away. Roughly half an hour later, a 54-year-old woman suffered a cardiac emergency during a scheduled cosmetic surgery after a bag from the warmer was used during her procedure.
According to the complaint, none of the cardiac incidents occurred during Dr. Ortiz’s surgeries, and that the series of emergencies began just two days after Dr. Oritz was notified of a disciplinary inquiry stemming from an incident during which he allegedly “deviated from the standard of care” during an anesthesia procedure when a patient experienced a medical emergency. The complaint alleges that all of the incidents occurred around the time Dr. Ortiz performed services at the facility, and no incidents occurred while Dr. Ortiz was on vacation.
The complaint further alleges that Dr. Ortiz, who had a history of disciplinary actions against him, expressed concern to other physicians over the disciplinary action at the facility and complained the center was trying to “crucify” him. A nurse who worked on one of Dr. Ortiz’s surgeries allegedly told law enforcement that Dr. Ortiz refused to use an IV bag she retrieved from the warmer, physically waving the bag off.
“Our complaint alleges this defendant surreptitiously injected heart-stopping drugs into patient IV bags, decimating the Hippocratic oath,” said U.S. Attorney Chad E. Meacham in the Department of Justice announcement of the charges. The criminal charges stemmed from these findings.
The Justice Department announcement reminds readers that a criminal complaint is merely an allegation of criminal conduct, not evidence. Dr. Ortiz is presumed innocent unless and until proven guilty beyond a reasonable doubt in a court of law. If convicted, however, Dr. Ortiz faces a maximum penalty of life in prison.
Both Dr. Ortiz and the surgical facility are exposed to potential liability as a result of the alleged charges. Aside from the pending criminal charges, Dr. Ortiz also almost certainly could face potential peer review and licensing board disciplinary investigation, as well as civil lawsuits.
In addition to these liability exposures for Dr. Ortiz, the surgical facility and other providers also could face civil or potentially even criminal liability.
It seems almost inevitable that the facility and potentially some other providers might be drawn into civil lawsuits brought by affected patients and their families allegedly injured or place at risk by the alleged actions by Dr. Ortiz, as well as licensing and/or accreditation investigation arising from the alleged events.
Because Dr. Ortez’s alleged Actions constitute federal felonies, the Federal Sentencing Guidelines sentencing and organizational liability rules apply. The Sentencing Guidelines will apply to determine the sentence imposed if Dr. Ortez ultimately is convicted. In addition, the Sentencing Guidelines organizational liability provisions also raise a risk of criminal charges against the facility or other parties with knowledge or other imputed responsibility. Under the organizational guidelines, organizations can have imputedliability for the criminal acts committed by the members of their workforce. However whether criminal charges will be pursued against the organization and the level of culpability and resulting liability is determined based upon both whether the organization took appropriate steps to prevent the misconduct before it happened and the extent to which the organization acted promptly in its investigation and redress of the conduct. The apparent actions of the surgical center and its leader ship to investigate, report, and cooperate in the investigation with federal officials are likely to mitigate if not resolve their criminal exposure.
Organizations and their leaders should treat the charges against Dr. Ortiz as a reminder, at minimum carefully to credential and monitor team members including doctors or other non-employer actors working in or with their facilities, to establish appropriate safeguards to prevent and identify quickly mistakes or intentional conduct, to monitor and enforce those safeguards, and to take appropriate prompt action to investigate concerns and redress and if necessary report misconduct with the advice of counsel.
When dealing with position performance and discipline concerns, facilities typically must carefully negotiate applicable contractual and workforce issues as well as the procedural and due process requirements of applicable medical staff bylaws and federal and state peer review and discipline statutes and regulations and medical staff discipline rules.
When a medical staff member protected by peer review or other procedural safeguards commits behaviors that raise a material and continuing threat to the health and safety of patients or the public, summary suspension may be necessary. When considering or taking an action to summarily suspend a healthcare provider, however, facilities and their medical staff leaders should document both the grounds for the patient safety concerns and need for immediate action and scrupulously follow the summary suspension procedures.
Along with seeking to prevent and mitigate these legal risks, Facilities and other providers also need to consider white reporting obligations they may bear under applicable statutes, regulations and contracts.
While managing these legal risks, facilities and other involved parties also need to anticipate media and public concern about the occurrences. Facilities and their leaders should anticipate and be prepared to work in conjunction with qualified legal counsel and experienced qualified public relations experts to decide when, what, and how to communicate with the public in the media about these types of events to avoid is there a bold minefield of traps created by privacy laws, evidentiary and other legal risk management concerns, and the management of relationships with other members of the medical staff and workforce, business partners, insurance, and the public.
More Information
We hope this update is helpful. For more information about the these or other health or other legal, management or public policy developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.
Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years of health industry and other management work, public policy leadership and advocacy, coaching, teachings, and publications.
A Fellow in the American College of Employee Benefit Counsel, Vice Chair of the American Bar Association (“ABA”) International Section Life Sciences and Health Committee, Past Chair of the ABA Managed Care & Insurance Interest Group, Scribe for the ABA JCEB Annual Agency Meeting with HHS-OCR, past chair of the the ABA RPTE Employee Benefits & Other Compensation Group and current co-Chair of its Welfare Benefit Committee, Ms. Stamer is most widely recognized for her decades of pragmatic, leading edge work, scholarship and thought leadership on health and managed care industry legal, public policy and operational concerns. 
Ms. Stamer’s work throughout her 35 plus year career has focused heavily on working with health care and managed care, health and other employee benefit plan, insurance and financial services and other public and private organizations and their technology, data, and other service providers and advisors domestically and internationally with legal and operational compliance and risk management, performance and workforce management, regulatory and public policy and other legal and operational concerns. In the course of this work, she has worked extensively on workforce and medical staff credentialing, management, investigation, peer review and discipline, and reporting and remediation of criminal or other activity to regulatory officials.
For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.
About Solutions Law Press, Inc.™
Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here.
IMPORTANT NOTICE ABOUT THIS COMMUNICATION
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.
NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author and Solutions Law Press, Inc.™ reserve the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The author and Solutions Law Press, Inc.™ disclaim, and have no responsibility to provide any update or otherwise notify anyone any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication. Readers acknowledge and agree to the conditions of this Notice as a condition of their access of this publication.
Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.
Health care providers, health plans and insurers and other stakeholders concerned about the Department of Health and Human Services Office of the National Coordinator for Healthcare Information (“ONC”) electronic clinical quality measures (“eCQMs”) have the opportunity to review and comment on draft changes to the eCQM specifications and supporting resources under consideration by ONC as part of ONC’s 2022 Change Review Process (CRP) for the ONC Project Tracking System. Interested stakeholders must monitor the posting of issues and act quickly to share their feedback, however, as stakeholders have only two weeks to comment after a ONC posts a new proposed eCQm change.
eCQMs As Measure of Health Care Quality
Electronic clinical quality measures or “eCQMs” are tools that ONC develops with stakeholder input to help Medicare and Medicaid measure and track the quality of health care services that eligible hospitals and critical access hospitals (CAHs) provide, as generated by a provider’s electronic health record (EHR). CMS Measuring and reporting eCQMs helps to ensure that our health care system is delivering effective, safe, efficient, patient-centered, equitable, and timely care. CMS’ eCQMs measure many aspects of patient care, including:
Patient and Family Engagement
Patient Safety
Care Coordination
Population/Public Health
Efficient Use of Healthcare Resources
Clinical Process/Effectiveness
To successfully participate in the Medicare and Medicaid Promoting Interoperability Programs, the Centers for Medicare and Medicaid Services (“CMS”) requires eligible providers, eligible hospitals, critical access hospitals and dual-eligible hospitals electronically to report on eCQMs determined by CMS that require the use of data from the provider’s certified electronic health record (“EHR”) technology (CEHRT) or other health information technology systems to measure and report quality measures in a standardized manner. For calendar year (CY) 2022, Medicare Promoting Interoperability Program participants arerequired to report on three self-selected eCQMs and the Safe Use of Opioids – Concurrent PrescribingeCQM from the set of nine available for at least three self-selected quarters of CY 2022 data. To report eCQMs successfully, health care providers must use an EHR and adhere to the requirements identified by the CMS quality program. Failing to meet these eCQM reporting requirements can prevent the provider from meeting meaningful use requirements and trigger reductions in reimbursements for care.
Health care quality, credentialing, accreditation, and other provider, health plan and other organizations also use the eCQMs data alone or with other quality measures and tools to set standards and assess and enforce quality goals and performances.
As the proposed changes on a relevant eCQM could materially impact the reporting responsibilities of the reporting providers, the quality and meaning of a proposed data measure, or both, impacted stakeholders should monitor the system for possible changes impacting the eCQMs used or applicable to their organizations and its activities and if appropriate, comment promptly.
2022 eCQMs Updates
Each year, CMS makes updates to the eCQMs approved for CMS programs to reflect changes in:
Evidence-based Medicine
Code Sets
Measure Logic
Conducted annually as part of OCN’s eCQM Issue Tracker project, the CRP provides eCQM users the opportunity to review and comment on draft changes to the eCQM specifications and supporting resources under consideration by the measure stewards. The goal of the CRP is for eCQM implementers to comment on the potential impact of draft changes to eCQMs so CMS and measure stewards can make improvements to meet CMS’s intent of minimizing provider and vendor burden in the collection, capture, calculation, and reporting of eCQMs.
Stakeholders with an account on the ONC Project Tracking System can monitor, review and comment on proposed eCQM changes through the eCQM Issue Tracker project during the two week period following the date the issue is posted in the eCQM Issue Tracker. To participate in the CRP, users must have an ONC Project Tracking System account. New users can create an account via the ONC Project Tracking System website.
The following table reflects the eCQM issues open on the eCQM Issue Tracker as of September 14, 2022 and their scheduled comment closing dates
Issues Open for Public Comment As of 9/14/2022
CMS eCQM Identifier and Measure Title
CRP Issue Title
Issue Number and Link
Issue Type
Goal of Review
Public Comment Open Date
Public Comment Close Date
Multiple measures
Incorporate ‘Diagnosis’ datatype to capture Hospice Care
CMS128: Anti-depressant Medication Management; CMS136: Follow-Up Care for Children Prescribed ADHD Medication (ADD); CMS156: Use of High-Risk Medications in Older Adults
Update Cumulative Medication Duration function to calculate maximum daily frequency
eCQM Issue Tracker Open Issues As Of September 14, 2022
As proposed eCQM changes are posted for public comment as CRP issues. ONC informs eCQM accountholders of the proposed change or eCQM issue by posting for review in the ONC Project Tracking System. Accountholders only have two weeks after ONC posts a proposed eCQM to comment on the posted issue. Stakeholders interested in commenting on a particular issue must submit their comment in accordance with the directions within this two week period.
More Information
We hope this update is helpful. For more information about the these or other health or other legal, management or public policy developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.
Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years of health industry and other management work, public policy leadership and advocacy, coaching, teachings, and publications.
A Fellow in the American College of Employee Benefit Counsel, Vice Chair of the American Bar Association (“ABA”) International Section Life Sciences and Health Committee, Past Chair of the ABA Managed Care & Insurance Interest Group, Scribe for the ABA JCEB Annual Agency Meeting with HHS-OCR, past chair of the the ABA RPTE Employee Benefits & Other Compensation Group and current co-Chair of its Welfare Benefit Committee, Ms. Stamer is most widely recognized for her decades of pragmatic, leading edge work, scholarship and thought leadership on health and managed care industry legal, public policy and operational concerns.
Ms. Stamer’s work throughout her 30 plus year career has focused heavily on working with health care and managed care, health and other employee benefit plan, insurance and financial services and other public and private organizations and their technology, data, and other service providers and advisors domestically and internationally with legal and operational compliance and risk management, performance and workforce management, regulatory and public policy and other legal and operational concerns.
For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.
About Solutions Law Press, Inc.™
Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here.
IMPORTANT NOTICE ABOUT THIS COMMUNICATION
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.
NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author and Solutions Law Press, Inc.™ reserve the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The author and Solutions Law Press, Inc.™ disclaim, and have no responsibility to provide any update or otherwise notify anyone any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication. Readers acknowledge and agree to the conditions of this Notice as a condition of their access of this publication.
Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.
As qualifying individuals and companies that purchased or received health insurance await instructions on how to claim their share of the $2.67 billion In re: Blue Cross Blue Shield Antitrust Litigation private federal class action civil antitrust lawsuit settlement (“Settlement”) finally approved August 9, 2022 against the Blue Cross Blue Shield Association (“BCBSA”) and other settling individual Blue Cross Plans, employers and other plan sponsors, health care systems and providers, health insurers, pharmacy benefit managers, brokerages, and other health and health insurance market participants need to keep in mind that the private antitrust judgements are not their only exposure under federal antitrust laws. Health insurance and health industry market participants that engage in anticompetitive conduct or business transactions also risk investigation and prosecution under federal antitrust laws by the U.S. Department of Justice, the Federal Trade Commission and state regulators or attorneys general.
Market participants and others with health or health insurance industry market competitiveness concerns or interests should register and attend the September 8, 2022 Justice Department Health Industry Antitrust Enforcement Update to learn about key federal antitrust statutes regulating or prohibiting anticompetitive conduct and business transactions and hear how the Department of Justice uses these laws to promote market competition in the health care and health insurance marketplaces.
Hosted by the American Bar Association Joint Committee on Employee Benefits, the webinar will feature a discussion by U.S. Department of Justice Civil Division Healthcare and Consumer Products Section Antitrust Attorney Natalie Melada of basic federal antitrust rules and principles the Justice Department relies upon to safeguard market competitiveness and discusses selected Justice Department antitrust litigation and other compliance and enforcement initiatives the Department of Justice has undertaken to protect competition in the healthcare industry. Attorney and Solutions Law Press, Inc. editor and author Cynthia Marcotte Stamer also will provide an update on the In re: Blue Cross Blue Shield Antitrust Litigation and resulting $2.67 billion settlement approved August 9.
For more details and to register for the program, see here.
More Information
We hope this update is helpful. For more information about the these or other health or other legal, management or public policy developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.
Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years of health industry and other management work, public policy leadership and advocacy, coaching, teachings, and publications.
A Fellow in the American College of Employee Benefit Counsel, Vice Chair of the American Bar Association (“ABA”) International Section Life Sciences and Health Committee, Past Chair of the ABA Managed Care & Insurance Interest Group, Scribe for the ABA JCEB Annual Agency Meeting with HHS-OCR, past chair of the the ABA RPTE Employee Benefits & Other Compensation Group and current co-Chair of its Welfare Benefit Committee, Ms. Stamer is most widely recognized for her decades of pragmatic, leading edge work, scholarship and thought leadership on health and managed care industry legal, public policy and operational concerns.
Ms. Stamer’s work throughout her 30 plus year career has focused heavily on working with health care and managed care, health and other employee benefit plan, insurance and financial services and other public and private organizations and their technology, data, and other service providers and advisors domestically and internationally with legal and operational compliance and risk management, performance and workforce management, regulatory and public policy and other legal and operational concerns.
For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.
About Solutions Law Press, Inc.™
Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here.
IMPORTANT NOTICE ABOUT THIS COMMUNICATION
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.
NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author and Solutions Law Press, Inc.™ reserve the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The author and Solutions Law Press, Inc.™ disclaim, and have no responsibility to provide any update or otherwise notify anyone any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication. Readers acknowledge and agree to the conditions of this Notice as a condition of their access of this publication.
Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.
A Massachusetts dermatology practice’s Health Insurance Portability & Accountability Act (“HIPAA”) $300,000 plus settlement with the Department of Health & Human Services Office for Civil Rights (OCR) reminds health care providers, health plans, health care clearinghouses and their business associates (“Covered Entities”) to use proper practices and safeguards when disposing of protected health information (“PHI”).
Following up on other OCR enforcement involving improper protection and disposal of paper and electronic PHI, the settlement with New England Dermatology P.C., d/b/a New England Dermatology and Laser Center (“NDELC”) OCR announced today (August 23, 2022) resolves charges that NDELC violated the HIPAA Privacy Rules when it placed specimen containers with patient identifying PHI in its parking lot garbage bin.
OCR interprets HIPAA as requiring Covered Entities to appropriate steps to ensure that safeguards are in place when disposing of patient information to keep it from being accessible by the public. ”Improper disposal of protected health information creates an unnecessary risk to patient privacy,” said Acting OCR Director Melanie Fontes Rainer.
On May 11, 2021, NEDLC filed a breach report with OCR that reported empty specimen containers with the PHI on labels were placed in a garbage bin in their parking lot. The containers’ labels included patient names and dates of birth, dates of sample collection, and name of the provider who took the specimen. On March 31, 2021, a third-party security guard found one specimen container bearing a label containing patient names, dates of birth, dates of sample collection, and name of the provider who took the specimen. During the investigation, NEDLC stated that from February 4, 2011 until March 31, 2021, it regularly discarded specimen containers with an attached label that contained PHI as regular waste, bagged and placed in an exterior dumpster accessible via the parking lot, without alteration to the PHI containing label.
OCR’s New England Regional Office found the practice of disposing of specimen containers with their labels containing PHI violated the HIPAA Privacy Rule including the impermissible use and disclosure of PHI and failure to maintain appropriate safeguards to protect the privacy of PHI.
Under the NEDLC Resolution Agreement negotiated to settle the alleged violations, NEDLC paid $300,640 to OCR and agreed to implement a “robust” corrective action plan that includes two years of OCR monitoring. Among other things, the corrective action plan requires NEDLC to:
Within 60 days, develop, maintain, and revise, as needed and present for OCR review its written policies and procedures to comply with the physical safeguard and disposal of PHI created, received or maintained by or on behalf of NEDLC and all other HIPAA Privacy, Security and Breach Notification and training protocols to ensure workforce member compliance with these policies; and sanctions for workforce members violating these requirements;
Implement the updated policies and procedures within 30 days of receipt of HHS approval;
Distribute the policies to existing members of its workforce within 30 days of receipt of HHS approval of the policies and subsequently to new members of the workforce within 30 days of their beginning of service and obtain a signed written or electronic initial compliance certification from all members of the workforce and relevant business associates stating that the workforce members have read, understand, and shall abide by such policies and procedures;
Assess, update, and revise, as necessary, the policies and procedures at least annually or as needed, provide the revised policies and procedures to HHS for review and approval, and redistribute to and obtained new compliance certifications from workforce members and business associates within 30 days of HHS approval;
If it receives information during the Compliance Term that a workforce member or business associate may have failed to comply with its policies and procedures for safeguarding PHI, promptly investigate and it the investigation finds a violation, notify HHS within 30 days of the violation and corrective action taken;
Comply with specified breach investigation and notification requirements;
Provide reports certified by a designated leader of the organization its implementation of the corrective action plan, annually and upon the occurrence of certain other events during the two-year monitoring period.
The NEDLC Resolution Agreement is not the first time OCR has nailed a Covered Entity for improper disposal of PHI. In 2015 Cornell Prescription Pharmacy paid OCR $125,000 and implemented a correction action plan to correct alleged HIPAA violations after an OCR investigation of a local news report confirmed unsecured paper documents containing PHI of more than 1600 patients were disposed of in an unlocked, open container on Cornell’s premises. The documents were not shredded and contained identifiable information regarding specific patients. See Cornell Prescription Pharmacy Resolution Agreement. See also $800,000 HIPAA Settlement in Medical Records Dumping Case.
To reduce their own exposure to potential HIPAA liability arising from improper disposal of PHI, covered entities should evaluate the adequacy of the PHI handling, security and disposal policies, procedures, training and compliance for potential weaknesses and take appropriate, timely documented corrective action to tighten their compliance with OCR’s regulations, OCR’s Frequently Asked Questions About the Disposal and other OCR enforcement actions and guidance on PHI disposal.
Since these evaluations could uncover past or ongoing compliance concerns, Covered Entities and business associates should consider engaging legal counsel experienced with HIPAA compliance to advise and aid the Covered Entity to structure, conduct, evaluate findings and determine and implement any corrective actions that the review reveals as required or advisable within the scope of attorney client privilege.
Effective protection and disposal of PHI requires that Covered Entities recognize and keep track of all PHI in the various phases of its lifecycle in the organization including when it is being disposed or or migrating through various systems. Sanctions for disposal of specimen bottles containing PHI labels should raise the need for awareness of disposal practices for other patient labeled items including identification bracelets, medication containers and labels, meal trays and the plethora of other items containing patient specific information. PHI disposal issues also can arise out of the disposal of files, storage containers, computers, copiers or other devices. For instance, under the Affinity Health Plan, Inc. Resolution Agreement, Affinity Health paid OCR $1,215,780 to settle potential HIPAA Civil Monetary Sanctions after OCR found it exposed the PHI of up to 344,579 individuals by returning photocopiers to a leasing agent without erasing the data contained on the copier hard drives.
Because HIPAA obligations continue even when a Covered Entity or business associate goes out of business, Covered Entities also need to take appropriate steps to provide for ongoing management, protection and disposal of PHI when they or a business associate ceases business. Thus, in the FileFax Resolution Agreement, for instance the receiver appointed to liquidate the assets of Filefax, Inc. agreed to pay $ 100,000 out of the receivership estate to OCR to settle potential HIPAA violations after Filefax shut its doors during the course of OCR’s investigation into alleged HIPAA violations.
Covered Entities must understand that these responsibilities generally cannot be met merely through adoption of a standard set of policies and procedures from a third-party. The HIPAA Privacy Rule requires all Covered Entities to prepare and document risk assessments and develop and enforce appropriate privacy and security policies and procedures. Security and disposal practices and procedures are among the elements of HIPAA compliance that OCR expects Covered Entities to address in the documented risk assessments the regulations require Covered Entities to prepare and maintain. See $750,000 HIPAA Settlement Underscores the Need for Organization Wide Risk Analysis. As with other HIPAA compliance responsibilities, OCR regulations require that Covered Entities include their documented assessment and decision-making about the adequacy and reasonableness of their PHI protection and destruction practices under HIPAA as part of their overall HIPAA risk assessment plan and practices.
While OCR guidance provides some examples of several practices that a Covered Entity might use that could or could not meet the destruction standards, these examples are not safe harbors. The regulations and guidance expect Covered Entities to conduct a documented review and assessment “of their own circumstances to determine what steps are reasonable to safeguard PHI through disposal and develop and implement policies and procedures to carry out those steps.” OCR guidance directs that Covered Entities should assess potential risks to patient privacy, as well as consider such issues as the form, type, and amount of PHI to be disposed. Covered entities are responsible for conducting and documenting their analysis as well as their adoption, implementation and enforcement of the resulting policies and procedures.
If circumstances come to light that indicate a breach of the standards in the course of the disposal compliance assessment or otherwise, Covered Entities also promptly should work with legal counsel timely to investigate, determine and provide any required notifications or other corrective action and document their actions to meet applicable HIPAA and other legal obligations and mitigate liability.
Of course, Covered Entities and their leaders always must keep in mind that their responsibilities and potential liability for mishandling PHI could extend well beyond HIPAA. In addition to the civil monetary penalties HIPAA authorizes, mishandling the collection, protection or disposal of PHI or other sensitive data also can trigger other legal exposures. For instance, as HIPAA compliance is part of the Conditions of Participation that Medicare participating Covered Entities and Medicare Advantage Plans must meet to qualify for program participation, noncompliance could trigger program exclusion, False Claims Act or related exposures. Deficiencies in security or destruction of credit card, banking or other PHI that also qualifies as personal financial information could trigger exposure under Federal Trade Commission, state identity theft and privacy or other laws. Public companies and their leaders also may need to evaluate if deficiencies in their security or destruction protocols trigger investor disclosure obligations under Securities and Exchange Commission rules or other federal or state laws. Considering these and other exposures, documented, compliance and defensibility of PHI and other sensitive information use, protection, disclosure and destruction should rank high among the priorities of all Covered Entities and their leaders.
More Information
We hope this update is helpful. For more information about the these or other health or other legal, management or public policy developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.
Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years of health industry and other management work, public policy leadership and advocacy, coaching, teachings, and publications.
A Fellow in the American College of Employee Benefit Counsel, Vice Chair of the American Bar Association (“ABA”) International Section Life Sciences and Health Committee, Past Chair of the ABA Managed Care & Insurance Interest Group, Scribe for the ABA JCEB Annual Agency Meeting with HHS-OCR, past chair of the the ABA RPTE Employee Benefits & Other Compensation Group and current co-Chair of its Welfare Benefit Committee, Ms. Stamer is most widely recognized for her decades of pragmatic, leading edge work, scholarship and thought leadership on health and managed care industry legal, public policy and operational concerns.
Ms. Stamer’s work throughout her 30 plus year career has focused heavily on working with health care and managed care, health and other employee benefit plan, insurance and financial services and other public and private organizations and their technology, data, and other service providers and advisors domestically and internationally with legal and operational compliance and risk management, performance and workforce management, regulatory and public policy and other legal and operational concerns.
For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.
About Solutions Law Press, Inc.™
Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here.
IMPORTANT NOTICE ABOUT THIS COMMUNICATION
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.
NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author and Solutions Law Press, Inc.™ reserve the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The author and Solutions Law Press, Inc.™ disclaim, and have no responsibility to provide any update or otherwise notify anyone any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication. Readers acknowledge and agree to the conditions of this Notice as a condition of their access of this publication.
Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.
The Department of Health & Human Services Office of Civil Rights (“OCR”) has declared a public health emergency for Kentucky due to consequences of severe storms, flooding, landslides, and mudslides.
OCR’s bulletin on the Limited Waiver of HIPAA Sanctions and Penalties as a Result of the Consequences of Flooding in the Commonwealth of Kentucky available here.
Healthcare providers and other covered entities, their business associates and others with data security responsibilities or sensitivities should keep in mind their general obligations under these requirements continue during the disaster except as provided in the Declaration guidance.
More Information
We hope this update is helpful. For more information about the these or other health or other legal, management or public policy developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.
Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years of health industry and other management work, public policy leadership and advocacy, coaching, teachings, and publications.
A Fellow in the American College of Employee Benefit Counsel, Vice Chair of the American Bar Association (“ABA”) International Section Life Sciences and Health Committee, Past Chair of the ABA Managed Care & Insurance Interest Group, Scribe for the ABA JCEB Annual Agency Meeting with HHS-OCR, past chair of the the ABA RPTE Employee Benefits & Other Compensation Group and current co-Chair of its Welfare Benefit Committee, Ms. Stamer is most widely recognized for her decades of pragmatic, leading edge work, scholarship and thought leadership on health and managed care industry legal, public policy and operational concerns.
Ms. Stamer’s work throughout her 30 plus year career has focused heavily on working with health care and managed care, health and other employee benefit plan, insurance and financial services and other public and private organizations and their technology, data, and other service providers and advisors domestically and internationally with legal and operational compliance and risk management, performance and workforce management, regulatory and public policy and other legal and operational concerns.
For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.
About Solutions Law Press, Inc.™
Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here.
IMPORTANT NOTICE ABOUT THIS COMMUNICATION
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.
NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author and Solutions Law Press, Inc.™ reserve the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The author and Solutions Law Press, Inc.™ disclaim, and have no responsibility to provide any update or otherwise notify anyone any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication. Readers acknowledge and agree to the conditions of this Notice as a condition of their access of this publication.
Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.
Unemployment is slightly up according to just released U.U. Department of Labor (“DOL”) data.
DOL reports the advance figure for seasonally adjusted initial claims rose by 9,000 from 235,000 to 244,000, In the week ending July 9, 2022. The 4-week moving average was 235,750, an increase of 3,250 from the previous week’s unrevised average of 232,500.
We hope this update is helpful. For more information about the these or other health or other legal, management or public policy developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.
Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years of health industry and other management work, public policy leadership and advocacy, coaching, teachings, and publications.
For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.
About Solutions Law Press, Inc.™
Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here.
IMPORTANT NOTICE ABOUT THIS COMMUNICATION
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.
NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author and Solutions Law Press, Inc.™ reserve the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The author and Solutions Law Press, Inc.™ disclaim, and have no responsibility to provide any update or otherwise notify anyone any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication. Readers acknowledge and agree to the conditions of this Notice as a condition of their access of this publication.
Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.
As Americans prepare to celebrate the July 4th holiday, CISA, the Federal Bureau of Investigation (FBI), the Department of the Treasury (Treasury), and the Financial Crimes Enforcement Network (FinCEN) are warning of a cyber threat for Remote Desktop users. Health care, health plan, healthcare clearing houses, their business associates and other security sensitive organizations using remote access technology should perform and document their risk assessment and any corrective actions taken as part of their continuing Health Insurance Portability and Accountability Act (“HIPAA”), Fair and Accurate Credit Transactioms Act (FACTA”), government contracting, securities law, and other data security compliance.
The joint Cybersecurity Advisory (CSA), #StopRansomware: MedusaLocker, published July 1 alerts of the risk of MedusaLocker ransomware. MedusaLocker actors target vulnerabilities in Remote Desktop Protocol (RDP) to access victims’ networks.
CISA, FBI, Treasury and FinCEN are encouraging network defenders to examine their current cybersecurity posture and apply the recommended mitigations in this joint CSA, which include:
Train users to recognize and report phishing attempts.
Enable and enforce multifactor authentication.
When assessing Remote Desktop protocol risks, covered entities, business associates and other security concerned organizations also should examine their exposures to other vulnerabilities.
A key resource for monitoring some of these vulnerabilities is the CISA Known Exploited Vulnerabilities Catalog, which lists exposures based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk federal enterprises. CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the Catalog that meet the specified criteria.
The Department of Health & Human Services Office of Civil Rights (‘“OCR”) guidance and enforcement makes clear covered entities and business associates must monitor and take appropriate actions to update their security in response to emerging cyber security threats.
Along with monitoring and responding to this and other security threats, covered entities also should add reviewing and updating their HI-AA practices in response to new guidance OCR issued this week in response to the Supreme Court Dobbs vs. Jackson Women’s Health Organization abortion ruling. The HIPAA Privacy Rule and Disclosures of Information Relating to Reproductive Health Care guidance generally addresses when the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule restricts or allows individuals’ private medical information (known as “protected health information” or “PHI”) relating to abortion and other sexual and reproductive health care. For more details, see here.
Beyond HIPAA, malware and other data or system security breaches and susceptibilities can create liability risks under tax, securities, government contracting, FACTA and a wide range of federal and state laws. For instance, with cybersecurity threats and compliance concerns growing, the SEC is prioritizing cybersecurity regulation, investigation and enforcement against public companies and other market participants for lack cybersecurity governance, safeguards or disclosures. See e.g., SEC Office of Compliance Inspections and Examinations Cybersecurity and Resiliency Observations. Along announcing its commitment to hold market involved and impacting regulated entities accountable for failing to maintain and enforce appropriate internal and external controls to prevent, detect and redress cybersecurity threats, including appropriate board governance and risk management, access rights and controls, data loss prevention, mobile security, incident response and resiliency, vendor management, training and awareness, investor disclosures and other practices.
Healthcare providers and other covered entities, their business associates and others with data security responsibilities or sensitivities should respond promptly and carefully document their risk analysis and response in response to these emerging concerns.
More Information
We hope this update is helpful. For more information about the these or other health or other legal, management or public policy developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.
Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years of health industry and other management work, public policy leadership and advocacy, coaching, teachings, and publications.
A Fellow in the American College of Employee Benefit Counsel, Vice Chair of the American Bar Association (“ABA”) International Section Life Sciences and Health Committee, Past Chair of the ABA Managed Care & Insurance Interest Group, Scribe for the ABA JCEB Annual Agency Meeting with HHS-OCR, past chair of the the ABA RPTE Employee Benefits & Other Compensation Group and current co-Chair of its Welfare Benefit Committee, Ms. Stamer is most widely recognized for her decades of pragmatic, leading edge work, scholarship and thought leadership on health and managed care industry legal, public policy and operational concerns.
Ms. Stamer’s work throughout her 30 plus year career has focused heavily on working with health care and managed care, health and other employee benefit plan, insurance and financial services and other public and private organizations and their technology, data, and other service providers and advisors domestically and internationally with legal and operational compliance and risk management, performance and workforce management, regulatory and public policy and other legal and operational concerns.
For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.
About Solutions Law Press, Inc.™
Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here.
IMPORTANT NOTICE ABOUT THIS COMMUNICATION
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.
NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author and Solutions Law Press, Inc.™ reserve the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The author and Solutions Law Press, Inc.™ disclaim, and have no responsibility to provide any update or otherwise notify anyone any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication. Readers acknowledge and agree to the conditions of this Notice as a condition of their access of this publication.
Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.
In response to the Supreme Court Dobbs vs. Jackson Women’s Health Organization abortion ruling the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) issued new guidance discussing when the protects patient reproductive health care records and information by health care providers, health plans, health care clearinghouses (“covered entities”) and their business associates.
The HIPAA Privacy Rule and Disclosures of Information Relating to Reproductive Health Care guidance generally addresses when the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule restricts or allows individuals’ private medical information (known as “protected health information” or “PHI”) relating to abortion and other sexual and reproductive health care. The guidance does not discuss responsibilities if any of providers or other covered entities under other federal or state laws. Instead, the guidance directs concerned about their obligations to disclose information concerning abortion or other reproductive health care to seek legal advice regarding their responsibilities under other federal and state laws.
Regiarding HIPAA, the guidance begins with the reminder that HIPAA covered entities and business associates can use and disclose PHI without an individual’s signed authorization, only on the narrow circumstances expressly permitted or required by the Privacy Rule.
The guidance goes on to explain when the Privacy Rule allows disclosures of PHI when required by law, for law enforcement purposes, and to avert a serious threat to health or safety. In keeping with the Biden Administration announced commitment to work to preserve the availability of abortion against restriction by state laws banning or restricting abortion rights following the Supreme Court’s decision, the guidance invites health care providers to resist disclosures HIPAA permits by making a point of saying that these exceptions are permitted but not required in bold language.
Disclosures Required by Law
The Privacy Rule permits but does not require covered entities to disclose PHI about an individual without the individual’s authorization, when the disclosure is required by another law and the disclosure complies with the requirements of the other law.9
The guidance states the HIPAA permission to disclose PHI as “required by law” is limited to “a mandate contained in law that compels an entity to make a use or disclosure of PHI and that is enforceable in a court of law.”10 Further, where a disclosure is required by law, the disclosure is limited to the relevant requirements of such law.11 Disclosures of PHI that do not meet the “required by law” definition in the HIPAA Rules,12 or that exceed what is required by such law, do not qualify as permissible disclosures.13
The guidance provides the following example:
An individual goes to a hospital emergency department while experiencing complications related to a miscarriage during the tenth week of pregnancy. A hospital workforce member suspects the individual of having taken medication to end their pregnancy. State or other law prohibits abortion after six weeks of pregnancy but does not require the hospital to report individuals to law enforcement. Where state law does not expressly require such reporting, the Privacy Rule would not permit a disclosure to law enforcement under the “required by law” permission. Therefore, such a disclosure would be impermissible and constitute a breach of unsecured PHI requiring notification to HHS and the individual affected.
Disclosures for Law Enforcement Purposes
The guidance also discusses when HIPAA allows disclosure of PHI for law enforcement purposes.
The Privacy Rule permits but does not require covered entities to disclose PHI about an individual for law enforcement purposes “pursuant to process and as otherwise required by law” only under certain conditions.14. As an example, the guidance states a covered entity may respond to a law enforcement request made through such legal processes as a court order or court-ordered warrant, or a subpoena or summons, by disclosing only the requested PHI, provided that all of the conditions specified in the Privacy Rule for permissible law enforcement disclosures are met.15
In the absence of a mandate enforceable in a court of law,16 the Privacy Rule’s permission to disclose PHI for law enforcement purposes does not permit a disclosure to law enforcement where a hospital or other health care provider’s workforce member chose to report an individual’s abortion or other reproductive health care. That is true whether the workforce member initiated the disclosure to law enforcement or others or the workforce member disclosed PHI at the request of law enforcement.17 OCR states this is because, state laws generally do not require doctors or other health care providers to report an individual who self-managed the loss of a pregnancy to law enforcement.18 Also, state fetal homicide laws generally do not penalize the pregnant individual, and “appellate courts have overwhelmingly rejected efforts to use existing criminal and civil laws intended for other purposes (e.g., to protect children) as the basis for arresting, detaining, or forcing interventions on pregnant” individuals.19 ,20
OCR illustrates its position with the following examples.
A law enforcement official goes to a reproductive health care clinic and requests records of abortions performed at the clinic. If the request is not accompanied by a court order or other mandate enforceable in a court of law, the Privacy Rule would not permit the clinic to disclose PHI in response to the request. Therefore, such a disclosure would be impermissible and constitute a breach of unsecured PHI requiring notification to HHS and the individual affected.
A law enforcement official presents a reproductive health care clinic with a court order requiring the clinic to produce PHI about an individual who has obtained an abortion. Because a court order is enforceable in a court of law, the Privacy Rule would permit but not require the clinic to disclose the requested PHI. The clinic may disclose only the PHI expressly authorized by the court order.
Disclosures to Avert a Serious Threat to Health or Safety
The guidance also points out that the Privacy Rule permits but does not require a covered entity, consistent with applicable law and standards of ethical conduct, to disclose PHI if the covered entity, in good faith, believes the use or disclosure is necessary to prevent or lessen a serious and imminent threat to the health or safety of a person or the public, and the disclosure is to a person or persons who are reasonably able to prevent or lessen the threat.21 OCR’s guidance states that the American Medical Association and American College of Obstetricians and Gynecologists and other professional bodies, professional standards of ethical conduct treat as unethical a disclosure of PHI to law enforcement or others regarding an individual’s interest, intent, or prior experience with reproductive health care.22
OCR illustrates its interpretation with the following example:
A pregnant individual in a state that bans abortion informs their health care provider that they intend to seek an abortion in another state where abortion is legal. The provider wants to report the statement to law enforcement to attempt to prevent the abortion from taking place. However, the Privacy Rule would not permit this disclosure of PHI to law enforcement under this permission for several reasons, including:
A statement indicating an individual’s intent to get a legal abortion, or any other care tied to pregnancy loss, ectopic pregnancy, or other complications related to or involving a pregnancy does not qualify as a “serious and imminent threat to the health or safety of a person or the public.
It generally would be inconsistent with professional ethical standards as it compromises the integrity of the patient–physician relationship and may increase the risk of harm to the individual.
Accordingly the guidance concludes, such a disclosure would be impermissible and constitute a breach of unsecured PHI requiring notification to HHS and the individual affected.
Disclosures in Litigation
Healthcare providers another covered entities also should anticipate becoming parties to or being asked to provide testimony or records for private litigation among parties over abortion or other reproductive rights as a result of the recent decision.
Whether participating as a party to litigation or responding to request to provide testimony or other evidence that includes confidential health information or other protected health information on reproductive rights, Healthcare providers and other HIPAA covered entities in business associates should be careful to ensure all requirements of HIPAA are met before sharing any information or records.
When a plaintiff or defendant in a legal proceeding, the covered entity may use or disclose protected health information for purposes of the litigation as part of its health care operations under 45 CFR 164.501. Covered entities and business associates must keep in mind, however, that they cannot share protected health information with their legal counsel until the legal counsel enters into a business associate agreement that meets the requirements of HIPAA.
Before sharing PHI in response to a subpoena or other litigation associated request, covered entities and business associates also generally must provide notice to the subject of the PHI and must make reasonable efforts to limit such uses and disclosures to the minimum necessary to accomplish the intended purpose. See 45 CFR 164.502(b), 164.514(d). In light of these requirements, covered entities and business associates dealing with these requests generally will want to seek the advice of a lawyer and may need to consider pursuing a protective order for requests for testimony or evidence containing PHI without authorization from the subject.
Covered Entities Should Use Care To Protect & Prevent Improper Disclosure
Providers, health plans and other covered entities and business associates should exercise height in Care when dealing with the use or disclosure of records or information on abortion or other reproductive rights and their activities associated with that care.
HIPAA is one of many legal land mines providers and other covered entities must avoid when addressing abortion or other reproductive care following the Dobbs decision. The Supreme Court decision holding the Constitution does not guarantee a right to abortion creates many more questions than answers. With parties on all sides of the question energized with activism, covered entities and business associates dealing with abortion and other reproductive health concerns should prepare to defend their actions both against legal challenges and political harassment. In this charged environment, healthcare providers and other covered entities and business associates healthcare providers and other covered entities and business associates handling records or other abortion or reproductive health concerns should prepare to face questions and demands for information regardless of how they choose to proceed. Accordingly, most healthcare providers and other covered entities will want engage legal counsel with experience with HIPAA and other health care experience to discuss these concerns and develop a plan of action within the scope of attorney-client privilege.
More Information
We hope this update is helpful. For more information about the these or other health or other legal, management or public policy developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.
Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years of health industry and other management work, public policy leadership and advocacy, coaching, teachings, and publications.
A Fellow in the American College of Employee Benefit Counsel, Vice Chair of the American Bar Association (“ABA”) International Section Life Sciences and Health Committee, Past Chair of the ABA Managed Care & Insurance Interest Group, Scribe for the ABA JCEB Annual Agency Meeting with HHS-OCR, past chair of the the ABA RPTE Employee Benefits & Other Compensation Group and current co-Chair of its Welfare Benefit Committee, Ms. Stamer is most widely recognized for her decades of pragmatic, leading edge work, scholarship and thought leadership on health and managed care industry legal, public policy and operational concerns.
Ms. Stamer’s work throughout her 30 plus year career has focused heavily on working with health care and managed care, health and other employee benefit plan, insurance and financial services and other public and private organizations and their technology, data, and other service providers and advisors domestically and internationally with legal and operational compliance and risk management, performance and workforce management, regulatory and public policy and other legal and operational concerns.
For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.
About Solutions Law Press, Inc.™
Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here.
IMPORTANT NOTICE ABOUT THIS COMMUNICATION
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.
NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author and Solutions Law Press, Inc.™ reserve the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The author and Solutions Law Press, Inc.™ disclaim, and have no responsibility to provide any update or otherwise notify anyone any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication. Readers acknowledge and agree to the conditions of this Notice as a condition of their access of this publication.
Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.
The Department of Justice sent another strong warning to physicians and other health care provides not to violate the False Claims Act by making improper patient referrals in violation of the Anti-Kickback Statute and the Stark Law, billing federal health care programs for medically unnecessary laboratory testing or other services or both when charged six Texas physicians with federal health care fraud this week. The prosecution of the physicians for laboratory tests arranged and billed through management services organizations also reminds physicians and other providers that reliance upon management services or other third-party service providers generally does not protect a physician participating in prohibited laboratory or other testing, durable medical equipment, facility, physical therapy or other health care billing or referral arrangements from liability.
Charges Against Texas Physicians
This week, the Justice Department added the following six physicians as defendants to criminal charges filed in a False Claims Act complaint filed in January 2022 against former True Health Diagnostics LLC (THD) CEO Christopher Grottenthaler, former Boston Heart Diagnostics Corporation (BHD) CEO Susan Hertzberg, former LRH CEO Jeffrey Madison, and others:
Doyce Cartrett, Jr., M.D., of Silsbee, Texas, allegedly received over $320,000 from LRH and two management services organizations or “MSOs,” Ascend MSO of TX LLC (Ascend) and Eridanus MG LLC (Eridanus), in return for his referrals.
Elizabeth Seymour, M.D., of Corinth, Texas, allegedly received over $280,000 from two MSOs, Ascend and Eridanus, in return for her referrals.
Emanuel Paul “E.P.” Descant, II, M.D., of Spring, Texas, allegedly received over $125,000 from two MSOs, North Houston MSO and Tomball Medical Management Inc., in return for his referrals.
Frederick Brown, M.D., of Missouri City, Texas, allegedly received over $190,000 from two MSOs, Ascend and Indus MG LLC (Indus), in return for his referrals.
Heriberto Salinas, M.D., of Cleburne, Texas, allegedly received over $75,000 from two MSOs, Ascend and Herculis MG LLC (Herculis), in return for his referrals.
Hong Davis, M.D., of Lewisville, Texas, allegedly received over $70,000 from two MSOs, Ascend and Herculis, in return for her referrals.
The complaint in United States, et al. ex rel. STF, LLC v. True Health Diagnostics, LLC, et al., No. 4:16-cv-547 (E.D. Tex.) charges that small Texas hospitals including Rockdale Hospital dba Little River Healthcare (LRH), THD, BHD, the six physicians and others conspired to pay physicians to induce referrals to the hospitals for laboratory testing performed by THD or BHD. The charges stem from allegations made under the qui tam or whistleblower provisions of the False Claims Act by STF LLC by Felice Gersh, M.D. and Chris Riedel. The United States intervened in the qui tam action in December 2021.
The complaint alleges the charged hospitals paid a portion of their laboratory profits to recruiters, who in turn kicked back those funds to the referring physicians through MSOs allegedly set up by the recruiters to make payments to referring physicians. The Justice Department charges the alleged kickbacks were disguised as investment returns but actually were based on, and offered in exchange for, the physicians’ referrals. The complaint alleges that laboratory tests resulting from this referral scheme were billed to various federal health care programs, and that the claims not only were tainted by improper inducements but, in many cases, also involved tests that were not reasonable and necessary.
The Justice Department reports that before adding charges against the six physicians to the complaint this week, the Justice Department recovered more than $31 million relating to conduct involving BHD, THD and LRH, including False Claims Act settlements with 29 physicians, two health care executives and a laboratory company.
Health Care Fraud Liability Under False Claims Act, Anti-Kickback Statute, Stark Law
The Anti-Kickback Statute prohibits offering, paying, soliciting or receiving remuneration to induce referrals of items or services covered by Medicare, Medicaid and other federally-funded programs. The Stark Law forbids a hospital or laboratory from billing Medicare for certain services referred by physicians that have a financial relationship with the hospital or laboratory. The Anti-Kickback Statute and the Stark Law seek to ensure that medical providers’ judgments are not compromised by improper financial incentives and are instead based on the best interests of their patients.
The False Claims Act prohibits health care providers from billing federal health care programs for services resulting from referrals prohibited by the Anti-Kickback Statute or the Stark law.
Under the False Claims Act, a private party can file an action on behalf of the United States and receive a portion of the recovery. The False Claims Act also allows the Justice Department to intervene in such lawsuits and add claims and defendants, as happened in this litigation. The qui tam case is captioned United States, et al. ex rel. STF, LLC v. True Health Diagnostics, LLC, et al., No. 4:16-cv-547 (E.D. Tex.). If a defendant is found liable for violating the act, the United States may recover three times the amount of its losses plus applicable penalties.
The United States’ pursuit of this lawsuit illustrates the government’s emphasis on combating health care fraud generally with a special emphasis on physicians. For instance, U.S. Attorney Brit Featherston is quoted as saying, “Schemes that funnel health care referrals do not work without the participation of physicians. … They are not merely passive players in these elaborate schemes, but an integral part, without which the scheme could not exist. Our office is committed to rooting out health care fraud by pursuing all players involved the scheme, from the laboratories and their leaders to the marketers and the physicians who make it all possible. Naming these physicians in the complaint is evidence of that commitment.”
Given this clear warning, physicians and other prescribers, as well as recruiting, billing and management services organizations, laboratories and others involved in recruiting and marketing, providing or billing for laboratory or other services to double check the appropriateness of their referral and other practices keeping in mind that the Anti-Kickback Statute and Stark Law prohibitions against direct and indirect compensation can reach to a wide range of subtle value and benefits in addition to the obvious payment of cash or gifts delivered in a multitude of ways. The prosecution of these physicians for referrals made and compensation delivered under management services contracts also clearly warns physicians and other providers against expecting their reliance upon billing, management services or other staff or management service providers to shield them from liability if an improper referral or payment happens.
More Information
We hope this update is helpful. For more information about the these or other health or other legal, management or public policy developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.
Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years of health industry and other management work, public policy leadership and advocacy, coaching, teachings, and publications.
A Fellow in the American College of Employee Benefit Counsel, Vice Chair of the American Bar Association (“ABA”) International Section Life Sciences and Health Committee, Past Chair of the ABA Managed Care & Insurance Interest Group, Scribe for the ABA JCEB Annual Agency Meeting with HHS-OCR, past chair of the the ABA RPTE Employee Benefits & Other Compensation Group and current co-Chair of its Welfare Benefit Committee, Ms. Stamer is most widely recognized for her decades of pragmatic, leading edge work, scholarship and thought leadership on health and managed care industry legal, public policy and operational concerns.
Ms. Stamer’s work throughout her 30 plus year career has focused heavily on working with health care and managed care, health and other employee benefit plan, insurance and financial services and other public and private organizations and their technology, data, and other service providers and advisors domestically and internationally with legal and operational compliance and risk management, performance and workforce management, regulatory and public policy and other legal and operational concerns.
For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.
About Solutions Law Press, Inc.™
Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here.
IMPORTANT NOTICE ABOUT THIS COMMUNICATION
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.
NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author and Solutions Law Press, Inc.™ reserve the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The author and Solutions Law Press, Inc.™ disclaim, and have no responsibility to provide any update or otherwise notify anyone any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication. Readers acknowledge and agree to the conditions of this Notice as a condition of their access of this publication.
Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.
Today’s Supreme Court ruling that emotional distress damages are not recoverable in a private action to enforce the disability discrimination and accommodation requirements of either the Rehabilitation Act of 1973 (“Rehab Act”) or the Patient Protection and Affordable Care Act (“ACA”) prevents health care and other businesses subject to these requirements against the risk of large emotional injury awards in private actions for discrimination based on these laws. However, health care providers and other organizations subject to these requirements should use care to maintain compliance to avoid large actual damage awards to plaintiffs bringing private lawsuits, program exclusion, penalties or other governmental sanctions or both.
Cummings Supreme Court Ruling
The May 1, 2022 United States Supreme Court ruling in Cummings v. Premier Rehab Keller authored by Supreme Court Justice John Roberts resulted from a suit that sought emotional distress damages brought by filed by a deaf and legally blind woman, Jane Cummings against Premier Rehab Keller after it denied her request that it provide an American Sign Language interpreter at her physical therapy sessions. Premier Rehab told Cummings the therapist could communicate with her through other means, Claiming Premier Rehab’s failure to provide an ASL interpreter constituted discrimination on the basis of disability in violation of the Rehab Act and Section 1557 of the ACA, Cummings sued Premier Rehab seeking various damages and other relief, including emotional distress damages.
The Supreme Court took notice that Premier Rehab was subject to these laws because its receipt of Medicare and Medicaid payments qualified as federal financial assistance triggering their applicability.
The Supreme Court affirmed the previous District Court and Fifth Circuit Court of Appeals’ rulings that emotional distress damages are not recoverable in a private action to enforce either the Rehab Act or the ACA.
The Supreme Court Majority based its decision on its finding that the Rehab Act and Act both are spending statutes that condition their offer of federal funding on a promise by the recipient not to discriminate creating what amounts essentially to a contract between the Government and the recipient of funds. Following previously established Supreme Court precedent for “private spending clause actions,” the Court ruled the emotional distress or other remedy is not available unless “the funding recipient is on notice that by accepting federal funding, it exposes itself to liability of that nature.”
To decide whether emotional distress damages are available under the Spending Clause statutes in this case, the Court therefore asked if a prospective funding recipient deciding whether to accept federal funds would have had “clear notice” regarding that liability. Because the two statutes are silent on the availability of emotional injury damages, the Supreme Court followed prior precedent by looking to whether the emotional damages sought by Cummings were the type of damages traditionally available in suits for breach of contract so as to put Premier Rehab and other defendants on notice of their exposure to such damages from actions under the Rehab Act or ACA. While acknowledging some exceptional circumstances where punitive damages may be recovered where “the conduct constituting the breach is also a tort for which punitive damages are recoverable,” the Court found such damages “are generally not available for breach of contract.” Concluding that the recognized exception to the general rule was insufficient to give funding recipients the requisite notice that they could face such damages. the Supreme Court ruled that funding recipients under the Rehab Act and the ACA “have not, merely by accepting funds, implicitly consented to liability for punitive damages.”
To read the full Majority opinion and related consenting and dissenting opinions, see here.
While the Supreme Court’s ruling means private litigants cannot recover emotional injury damages in discrimination actions brought to enforce the Rehabilitation Act or the ACA, health industry and other organizations remain subject to other substantial liability risks for improper discrimination in violation of those laws. Beyond recoveries for actual damages, attorneys’ fees and costs recoverable by private litigants, covered organizations also can face substantial civil monetary penalties, program disqualification, in some instances even False Claims Act liability for billing in violation of program conditions of participation and other risks. As federal agencies continue to make enforcement of these sanctions a priority, organization covered by either of these laws should use care to maintain appropriate compliance and risk management to ensure their ability to defend against any potential charges.
HHS’ guidance announcements all include a warning like the one from OCR Director Lisa J. Pino in the February 4, 2022 announcment that “OCR will continue our robust enforcement of federal civil rights laws that protect people with disabilities from discrimination, including when Crisis Standards of Care are in effect.”
These OCR guidance and enforcement actions and similar activities by other federal agencies send a strong message that OCR and other federal agencies will continue and expand their zealous investigation and enforcement of disability and other violations by health care providers and other public and private organizations covered by the Rehabilitation Act, the ACA or other federal discrimination and civil rights laws. Health care providers and others regulated by these federal discrimination laws should consider auditing the adequacy of existing practices, reaffirming their own and their business partners’ compliance, retraining workforce and taking other appropriate steps to help prevent illegal discrimination within their organization and to position their organization to respond and defend against potential discrimination investigations or charges.
For Additional Information Or Assistance
If you need have questions or need assistance with health, health or other insurance, employee benefit, payroll, investment or other data, systems or other privacy or security related risk management, compliance, enforcement or management concerns, the author of this update, attorney Cynthia Marcotte Stamer may be able to help. Longtime scribe for the American Bar Association Joint Committee on Employee Benefits agency meeting with OCR and author of leading publications on HIPAA and other privacy and data security concerns, Ms. Stamer regularly assists clients and provides input to Congress, OCR and other agencies, publishes and speaks extensively on medical and other privacy and cybersecurity, health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns.
Ms. Stamer also shares her extensive publications and thought leadership as well as leadership involvement in a broad range of other professional and civic organizations. For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.
Her publications and insights appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, World At Work, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications. Her insights on HIPAA risk management and compliance frequently appear in medical privacy related publications of a broad range of health care, health plan and other industry publications. She also is a highly-sought out speaker on privacy and data security who serves on the planning faculty and speaks for the Association of State & Territorial Health Plans (ASTHO), the Los Angeles Health Department, the American Bar Association, the Health Care Compliance Association, a multitude of health industry, health plan, insurance and financial services, education, employer employee benefit and other clients, trade and professional associations and others. You can get more information about her HIPAA and other experience here. If you need assistance with these or other compliance concerns, wish to inquire about arranging for compliance audit or training, or need legal representation on other matters, e-mail Ms. Stamer or call (214) 452-8297.
About Solutions Law Press, Inc.™
Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here.
Important Information About This Communication
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.
NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author and Solutions Law Press, Inc.™ reserve the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The author and Solutions Law Press, Inc.™ disclaim, and have no responsibility to provide any update or otherwise notify anyone any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication. Readers acknowledge and agree to the conditions of this Notice as a condition of their access of this publication.
Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.
June 6, 2022 is the deadline for health plans, their sponsors, fiduciaries, administrative and other business associates and others to provide input to the U.S. Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) that OCR says it seeks to help shape how it defines and implements the “recognized security standards” requirements of the Health Information Technology for Economic and Clinical Health Act of 2009 (HITECH Act), as amended in 2021 for purposes of its administration and enforcement of civil monetary penalty and other provisions of of the Health Insurance Portability and Accountability Act (“”HIPAA”). The regulatory and enforcement decisions that OCR makes could significantly impact the civil monetary penalty liability, compliance, audit and recordkeeping responsibilities that health plans, health care providers, health care clearinghouses and their business associates (“Covered Entities”) face under the HIPAA Security and Breach Notification Rules.
The definition and administration of the “recognized security practice” factor the HITECH Act requires OCR to consider when assessing audit results, civil monetary penalty and settlement amounts and other HIPAA Security and Breach Rule enforcement; and
The rules that OCR will follow to determine when and how OCR will share portions of amounts it receives from civil monetary penalties or settlements with individuals harmed by breaches of electronic protected health information,
Recognized Security Practices
Section 13412 of the HITECH Act requires HHS to take into consideration certain recognized security practices of covered entities (health plans, health care clearinghouses, and most health care providers) and business associates1 when determining potential fines, audit results, or other remedies for resolving potential violations of the HIPAA Security Rule pursuant to an investigation, compliance review, or audit.
A primary goal of the requirement, which took effect January 5, 2021, is to encourage covered entities and business associates to do “everything in their power to safeguard patient data.”
The RFI solicits comment on how covered entities and business associates are implementing “recognized security practices,” how they anticipate adequately demonstrating that recognized security practices are in place, and any implementation issues they would like OCR to clarify through future guidance or rulemaking.
Civil Money Penalty (CMP) and Settlement Sharing
Section 13410(c)(3) of the HITECH Act requires HHS to establish by regulation a methodology under which an individual harmed by a potential violation of the HIPAA Privacy, Security, and/or Breach Notification Rules may receive a percentage of any CMP or monetary settlement collected with respect to that offense.
Section 13140(d)(1) of HITECH requires that OCR base determinations of appropriate penalty amounts on the nature and extent of the violation and the nature and extent of the harm resulting from such violation. The HITECH Act does not define “harm,” nor does it provide direction to aid HHS in defining the term.
The RFI solicits public comment on the types of harms that should be considered in the distribution of CMPs and monetary settlements to harmed individuals, discusses potential methodologies for sharing and distributing monies to harmed individuals, and invites the public to submit alternative methodologies.
Comments Due 6/6
Health plan and other Covered Entity input could significantly impact how OCR implements and administers these two important aspects of the HIPAA Security Rule going forward. As these decisions are likely to significantly impact the policies, practices, recordkeeping, breach investigation and other obligations that Covered Entities would need to meet in the event of an audit, breach or other investigation or enforcement, timely, thoughtful input from all Covered Entities and affected stakeholders is important. In addition, its decisions on how to distribute CMPs.
For more information about the RFI or instructions for submitting comments, see here.
HITECH & Other HIPAA Security Exposures Already Significant & Growing
Regardless of how OCR choses to respond to the comments received in response to the RIF, Covered Entities, their business associates and those responsible for their leadership already face significant exposure from breaches of protected health information and other lax cybersecurity practices, policies and management.
This is a lesson Texas Ear, Nose and Throat Specialists (“Texas ENT”) and a multitude of other coveered entities have learned the hard way in recent years.
Alerts issued by OCR regarding heightened security risks in recent months and a growing tide of highly publicized breaches send a strong warning to other covered entities and their business associates to reconfirm the adequacy of their own HIPAA privacy, security, breach notification and other procedures and protections by among other things:
Reviewing and monitoring on a documented, ongoing basis the adequacy and susceptibilities of existing practices, policies, safeguards of their own organizations, as well as their business associates and their vendors within the scope of attorney-client privilege taking into consideration data available from OCR, data regarding known or potential susceptibilities within their own operations as well as in the media, and other developments to determine if additional steps are necessary or advisable.
Updating policies, privacy and other notices, practices, procedures, training and other practices as needed to promote compliance and defensibility.
Renegotiating and enhancing service provider agreements to detail the specific compliance, audit, oversight and reporting rights, workforce and vendor credentialing and access control, indemnification, insurance, cooperation and other rights and responsibilities of all entities and individuals that use, access or disclose, or provide systems, software or other services or tools that could impact on security; to clarify the respective rights, procedures and responsibilities of each party in regards to compliance audits, investigation, breach reporting, and mitigation; and other relevant matters.
Verifying and tightening technological and other tracking, documentation and safeguards and controls to the use, access and disclosure of protected health information and systems.
Conducting well-documented training as necessary to ensure that members of the workforce of each covered entity and business associate understand and are prepared to comply with the expanded requirements of HIPAA, understand their responsibilities and appropriate procedures for reporting and investigating potential breaches or other compliance concerns, and understand as well as are prepared to follow appropriate procedures for reporting and responding to suspected violations or other indicia of potential security concerns.
Tracking and reviewing on a systemized, well-documented basis actual and near miss security threats to evaluate, document decision-making and make timely adjustments to policies, practices, training, safeguards and other compliance components as necessary to identify and resolve risks.
Establishing and providing well-documented monitoring of compliance that includes board level oversight and reporting at least quarterly and sooner in response to potential threat indicators.
Establishing and providing well-documented timely investigation and redress of reported violations or other compliance concerns.
Establishing contingency plans for responding in the event of a breach.
Establishing a well-documented process for monitoring and updating policies, practices and other efforts in response to changes in risks, practices and requirements.
Preparing and maintaining a well-documented record of compliance, risk, investigation and other security activities.
Pursuing other appropriate strategies to enhance the covered entity’s ability to demonstrate its compliance commitment both on paper and in operation.
Because susceptibilities in systems, software and other vendors of business associates, covered entities and their business associates should use care to assess and manage business associate and other vendor associated risks and compliance as well as tighten business associate and other service agreements to promote the improved cooperation, coordination, management and oversight required to comply with the new breach notification and other HIPAA requirements by specifically mapping out these details.
Depending on how OCR responds to the input it receives from its April 6, 2022 RFI, additional safeguards also may be advisable in the future. Covered Entities, and their leaders and insurers should carefully monitor OCR’s actions in this regard.
Cybersecurity & Breach Exposures Beyond HIPAA
Covered entities, their business associates and their leaders should keep in mind that their cybersecurity responsibilities and liability exposures likely extend well beyond HIPAA. Health care providers, health plans, health care clearinghouses, business associates and other service providers and other businesses and their leaders also generally face significant risk for failing to properly handle cybersecurity and breaches under a myriad of federal and state laws, regulations, common law, contracts and other sources. Examples include the Fair and Accurate Credit Transactions Act (“FACTA”), the Federal Trade Act (the “FTA”), the False Claims Act liability for violating Medicare, Medicaid, government contractor and other conditions of participation, various federal and state cybersecurity, identity theft, electronic crimes and other statutes and regulations, shareholder, business partner, and customer claims and others.
Where the business is a public company regulated by the Security and Exchange Commission (“SEC”), these risks and their implications on shareholder and investor risk from cybersecurity deficiencies also could create securities exposures for organizations and their leaders as the SEC now is prioritizing cybersecurity investigation and enforcement against public companies and other market participants for lack cybersecurity governance, safeguards or disclosures. See e.g., SEC Office of Compliance Inspections and Examinations Cybersecurity and Resiliency Observations. Along announcing its commitment to hold market involved and impacting regulated entities accountable for failing to maintain and enforce appropriate internal and external controls to prevent, detect and redress cybersecurity threats, including appropriate board governance and risk management, access rights and controls, data loss prevention, mobile security, incident response and resiliency, vendor management, training and awareness, investor disclosures and other practices.
These are just some of the emerging cybersecurity risks and responsibilities that covered entities, their leaders, service providers and insurers need to watch and manage. Amber M. Rivers, Director of the Employee Benefit Security Administration Office of Health Plan Standards and Compliance will discuss these and other risks during the “Department of Labor Health Plan Compliance and Enforcement Update” at a virtual program hosted by the American Bar Association Joint Committee on Employee Benefits from Noon to 1:30 p.m. Central Time on May 5, 2022 to be moderated by Solutions Law Press, Inc. author and publisher, attorney Cynthia Marcotte Stamer will moderate the program. For additional information about or to register for this program, see here.
Considering these and other developments, Covered Entities, their leaders, insurers and other impacted parties should seriously consider submitting thoughtful comments to OCR in response to its April 6, RFI as well as tightening and using careful, well-documented practices to ensure their ability to demonstrate their use and administration of appropriate cybersecurity, breach investigation and other data security practices.
For Additional Information Or Assistance
If you need have questions or need assistance with health, health or other insurance, employee benefit, payroll, investment or other data, systems or other privacy or security related risk management, compliance, enforcement or management concerns, the author of this update, attorney Cynthia Marcotte Stamer may be able to help. Longtime scribe for the American Bar Association Joint Committee on Employee Benefits agency meeting with OCR and author of leading publications on HIPAA and other privacy and data security concerns, Ms. Stamer regularly assists clients and provides input to Congress, OCR and other agencies, publishes and speaks extensively on medical and other privacy and cybersecurity, health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns.
As a part of this work, she has continuously and extensively worked with domestic and international health and other employee benefit plans, their sponsors, fiduciaries, administrators, and insurers; managed care and insurance organizations; hospitals, health care systems, clinics, skilled nursing, long term care, rehabilitation and other health care providers and facilities; medical staff, accreditation, peer review and quality committees and organizations; billing, utilization management, management services organizations, group purchasing organizations; pharmaceutical, pharmacy, and prescription benefit management and organizations; consultants; investors; EHR, claims, payroll and other technology, billing and reimbursement and other services and product vendors; products and solutions consultants and developers; investors; managed care organizations, self-insured health and other employee benefit plans, their sponsors, fiduciaries, administrators and service providers, insurers and other payers, health industry advocacy and other service providers and groups and other health and managed care industry clients as well as federal and state legislative, regulatory, investigatory and enforcement bodies and agencies. She also has extensive experience dealing with OCR Privacy and Civil Rights, Department of Labor, IRS, HHS, DOD, FTC, SEC, CDC and other public health, Department of Justice and state attorneys’ general and other federal and state agencies; JCHO and other accreditation and quality organizations; private litigation and other federal and state health care industry actions: regulatory and public policy advocacy; training and discipline; enforcement; and other strategic and operational concerns.
Ms. Stamer also provides leadership through her extensive professional, civil and community involvement such as her service as the American Bar Association (ABA) International Section Life Sciences Committee Vice Chair, a Scribe for the ABA Joint Committee on Employee Benefits (JCEB) Annual OCR Agency Meeting, current ABA TIPS Medicine and Law Chair-Elect and Vice Chair and former Employee Benefits and Worker’s Compensation Committees Vice Chair, current RPTE Welfare Benefit Committee Co-Chair and former Chairpersonship of its Employee Plans and Executive Compensation Group, Fiduciary Responsibility, Plan Terminations and Distributions and Defined Contribution Plan Committees, fa former JCEB Council Representative, Past Chair of the ABA Managed Care & Insurance Interest Group, former SHRM Consultants Board and Region IV Chair, former Texas Association of Business Board, BACPAC Board and Dallas Chapter Chair, former Vice President and Executive Director of the North Texas Health Care Compliance Professionals Association, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Member and Compliance Chair of the National Kidney Foundation of North Texas.
Ms. Stamer also shares her extensive publications and thought leadership as well as leadership involvement in a broad range of other professional and civic organizations. For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.
Her publications and insights appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, World At Work, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications. Her insights on HIPAA risk management and compliance frequently appear in medical privacy related publications of a broad range of health care, health plan and other industry publications. She also is a highly-sought out speaker on privacy and data security who serves on the planning faculty and speaks for the Association of State & Territorial Health Plans (ASTHO), the Los Angeles Health Department, the American Bar Association, the Health Care Compliance Association, a multitude of health industry, health plan, insurance and financial services, education, employer employee benefit and other clients, trade and professional associations and others. You can get more information about her HIPAA and other experience here. If you need assistance with these or other compliance concerns, wish to inquire about arranging for compliance audit or training, or need legal representation on other matters, e-mail Ms. Stamer or call (214) 452-8297.
About Solutions Law Press, Inc.™
Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here.
Important Information About This Communication
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.
NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author and Solutions Law Press, Inc.™ reserve the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The author and Solutions Law Press, Inc.™ disclaim, and have no responsibility to provide any update or otherwise notify anyone any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication. Readers acknowledge and agree to the conditions of this Notice as a condition of their access of this publication.
Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.
Physicians and other health care prescribers must remain hyper vigilant when prescribing, documenting, billing and managing opiate and other pain management prescriptions and patients. That’s the clear message sent by the ever-growing wave of federal prosecutions and convictions like the March 2, 2022 federal conviction of Tennessee physician Mark Murphy and his wife, Jennifer Murphy and his wife for unlawfully distributing opioids, providing unnecessary services and defrauding insurers from their now-shuttered North Alabama Pain Services clinics (“NAPS”) and March 1, 2022 sentencing of former physician Patrick Titus to 20 years in prison for his conviction of unlawful distribution of opioid drug outside the usual scope of professional practice and not for legitimate medical purposes as part of the his internal medicine practice.
Tennessee Doctor & Wife Convicted of Pain Management Related Unlawful Opioid Distribution, Health Care Fraud & Other Criminal Charges
The March 2 federal jury conviction of Dr. and Ms. Murphy stemmed from their ownership and operation of their now-defunct pain management clinics resulted from evidence gathered through a joint investigation by the Federal Bureau of Investigation, the Department of Health & Human Services Office of Inspector General, the Internal Revenue Service, and the Drug Enforcement Agency.
During the resulting jury trial, federal prosecutors presented evidence that during the five-year period leading up to the clinic closing its Alabama locations in 2017, Dr. Murphy and Ms. Murphy, who was the office manager, caused over $50 million in fraudulent or unnecessary medical services to be charged to Medicare, TRICARE, Blue Cross Blue Shield of Alabama and others. Evidence at trial showed that NAPS provided pre-signed prescriptions to thousands of patients a month, including prescriptions written outside the usual course of professional practice without a legitimate medical purpose. Federal prosecutors also introduced evidence that the Murphys also solicited and received unlawful payments for referring fraudulent or unnecessary services to patients.
Based on the evidence, the jury found both Dr. and Ms. Murphy guilty on numerous criminal charges including:
Conspiracy to unlawfully distribute and unlawful distribution of controlled substances;
Conspiracy to commit and commission of health care fraud;
Conspiracy to defraud the United States; and
Receiving illegal kickbacks in violation of the Anti-Kickback Statute.
Ms. Murphy also was convicted of tax-related charges for underreporting clinic income.
Currently scheduled for sentencing in June, the Murphys each face a maximum of 20 years in prison for the drug charges and a maximum of 10 years in prison for the health care fraud charges. Both defendants also face a maximum of five years in prison for charges stemming from violations of the Anti-Kickback Statute, and Ms. Murphy faces up to three years in prison for the tax charges.
Former Delaware Doctor Sentenced to 20 Years in Prison for Unlawful Opioid Distribution
The Murphy’s jury conviction came one day after the sentencing of former to 20 years in prison for his July 2021 federal jury conviction on 13 counts of unlawfully distributing and dispensing controlled substances and one count of maintaining a drug-involved premises.
Federal prosecutors presented evidence in court documents and trial that Dr. Titus unlawfully distributed or dispensed opioid drugs including fentanyl, morphine, methadone, OxyContin and oxycodone outside the usual scope of professional practice and not for legitimate medical purposes as part of the his internal medicine practice. The Justice Department charged Dr. Titus frequently prescribed these dangerous controlled substances in high dosages, sometimes in combination with each other or in other dangerous combinations, mostly in exchange for cash. Evidence at trial showed he distributed over 1 million opioid pills without providing any meaningful medical care and to patients he knew were suffering from substance use disorder and/or who demonstrated clear signs that the prescribed drugs were being abused, diverted or sold on the street.
Health Care Fraud Task Force Targeting Opioid Distribution, Billing, & Related Misconduct
Both the Murphy and Titus prosecutions and convictions are two of a growing series of convictions resulted from investigations into opioid and other pain management prescribing conducted as part of efforts targeting physicians and other health care providers involved in prohibited the federal Health Care Fraud Strike Force Program. See e.g., Medical Director Convicted in $110 Million Addiction Treatment Fraud Scheme.
The Federal agencies made a point of warning to other physicians not to overprescribe, bill or engage in other prohibited dealings involving opioids or other controlled substances when announcing the Titus sentencing.
“As we continue the fight against the opioid crisis, this case serves as an important reminder that health care professionals have a duty to prescribe medication responsibly to ensure the well-being of individuals under their care. Failing to do so can endanger patients and undermines critical, ongoing public health measures,” said Special Agent in Charge Maureen Dixon of the U.S. Department of Health and Human Services, Office of the Inspector General (HHS-OIG). “HHS-OIG will continue to work with our law enforcement partners to hold bad actors accountable.”
“This sentence is a reminder that the Department of Justice will hold accountable those doctors who are illegitimately prescribing opioids and fueling the country’s opioid crisis,” said Assistant Attorney General Kenneth A. Polite Jr. of the Justice Department’s Criminal Division. “Doctors who commit these unlawful acts exploit their roles as stewards of their patients’ care for their own profit.”
“DEA-registered medical practitioners have an important role in our communities to treat patients compassionately and responsibly,” said DEA Administrator Anne Milgram. “Today’s sentencing makes clear that medical professionals who recklessly prescribe opioids and endanger the safety and health of patients will be held accountable.”
More Information
We hope this update is helpful. For more information about the these or other health or other legal, management or public policy developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.
Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years of health industry and other management work, public policy leadership and advocacy, coaching, teachings, and publications.
A Fellow in the American College of Employee Benefit Counsel, Vice Chair of the American Bar Association (“ABA”) International Section Life Sciences and Health Committee, Past Chair of the ABA Managed Care & Insurance Interest Group, Scribe for the ABA JCEB Annual Agency Meeting with HHS-OCR, past chair of the the ABA RPTE Employee Benefits & Other Compensation Group and current co-Chair of its Welfare Benefit Committee, Ms. Stamer is most widely recognized for her decades of pragmatic, leading edge work, scholarship and thought leadership on health and managed care industry legal, public policy and operational concerns.
Ms. Stamer’s work throughout her 30 plus year career has focused heavily on working with health care and managed care, health and other employee benefit plan, insurance and financial services and other public and private organizations and their technology, data, and other service providers and advisors domestically and internationally with legal and operational compliance and risk management, performance and workforce management, regulatory and public policy and other legal and operational concerns.
For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.
About Solutions Law Press, Inc.™
Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here.
IMPORTANT NOTICE ABOUT THIS COMMUNICATION
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.
NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author and Solutions Law Press, Inc.™ reserve the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The author and Solutions Law Press, Inc.™ disclaim, and have no responsibility to provide any update or otherwise notify anyone any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication. Readers acknowledge and agree to the conditions of this Notice as a condition of their access of this publication.
Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.
The U.S. Department of Justice along with the Minnesota and New York Attorneys General (collectively “Justice Department”) are suing to stop UnitedHealth Group Incorporated (“United”) from acquiring Change Healthcare Inc. (“Change”) on February 24, 2022 in an announced $13 billion transaction as prohibited by antitrust laws. The suit is the latest in a series of Justice Department suits that seek to prevent continued consolidation of the health industry giants following decades of industry consolidation.
United, headquartered in Minnetonka, Minnesota, is an integrated health care enterprise that includes, among other subsidiaries, UnitedHealthcare, the largest health insurer in the United States; Optum Health, a large network of health care providers located throughout the country; OptumRx, a large pharmacy benefit manager; and OptumInsight, a health care technology business. United’s revenues were $288 billion in 2021.
Change Healthcare Inc. headquartered in Nashville, Tennessee, is a leading independent health care technology company providing health care analytics, software, services and data to health care providers, health insurers and other software and services firms in the health care industry. Today, Change markets itself as a partner to a wide variety of other health care ecosystem organizations including United’s major health insurance competitors as providing vital software and services need for innovation and problem solving. These services include electronic data interchange (EDI) clearinghouse services, which transmit claims and payment information between insurers and providers, and first-pass claims editing solutions, which review claims under the health insurer’s policies and relevant treatment protocols. Change’s revenues were $3.4 billion in 2021.
In the civil antitrust complaint filed in the U.S. District Court for the District of Columbia on February 24, 2022, the Justice Department charges United’s acquisition of this neutral player would allow United to tilt the playing field in its favor, harming current competition and allowing United to control and distort the course of innovation in this industry for the foreseeable future.
Among other things, the Justice Department alleges allowing United to eliminate a significant independent and innovative competitor firm by acquiring Change will undermine competition in the commercial health insurance market, stifle innovation in the employer health insurance markets and suppress competition in the market for a vital technology used by health insurers to process health insurance claims and reduce health care costs by giving United control of a critical data highway through which about half of all Americans’ health insurance claims pass each year.
As alleged in the complaint, the proposed transaction would give United, a massive company that owns the largest health insurer in the United States, access to a vast amount of its rival health insurers’ competitively sensitive information. Post-acquisition, United would be able to use its rivals’ information to gain an unfair advantage and harm competition in health insurance markets. The Justice Department also claims the proposed transaction would eliminate United’s only major rival for first-pass claims editing technology — a critical product used to efficiently process health insurance claims and save health insurers billions of dollars each year — and give United a monopoly share in the market.
A Justice Department press release about the lawsuit quotes Principal Deputy Assistant Attorney General Doha Mekki of the Justice Department’s Antitrust Division as saying, “Unless the deal is blocked, United stands to see and potentially use its health insurance rivals’ competitively sensitive information for its own business purposes and control these competitors’ access to innovations in vital health care technology. The department’s lawsuit makes clear that we will not hesitate to challenge transactions that harm competition by placing so much control of data and innovation in the hands of a single firm.”
The suit is the latest in a series of civil antitrust lawsuits challenging proposed mergers or acquisitions of between health insurance industry giants as anticompetitive in recent years. Stay tuned for more details.
More Information
We hope this update is helpful. For more information about the these or other health or other legal, management or public policy developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.
Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years of health industry and other management work, public policy leadership and advocacy, coaching, teachings, and publications.
A Fellow in the American College of Employee Benefit Counsel, Vice Chair of the American Bar Association (“ABA”) International Section Life Sciences and Health Committee, Past Chair of the ABA Managed Care & Insurance Interest Group, Scribe for the ABA JCEB Annual Agency Meeting with HHS-OCR, past chair of the the ABA RPTE Employee Benefits & Other Compensation Group and current co-Chair of its Welfare Benefit Committee, Ms. Stamer is most widely recognized for her decades of pragmatic, leading edge work, scholarship and thought leadership on health and managed care industry legal, public policy and operational concerns.
Ms. Stamer’s work throughout her 30 plus year career has focused heavily on working with health care and managed care, health and other employee benefit plan, insurance and financial services and other public and private organizations and their technology, data, and other service providers and advisors domestically and internationally with legal and operational compliance and risk management, performance and workforce management, regulatory and public policy and other legal and operational concerns.
For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.
About Solutions Law Press, Inc.™
Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here.
IMPORTANT NOTICE ABOUT THIS COMMUNICATION
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.
NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author and Solutions Law Press, Inc.™ reserve the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The author and Solutions Law Press, Inc.™ disclaim, and have no responsibility to provide any update or otherwise notify anyone any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication. Readers acknowledge and agree to the conditions of this Notice as a condition of their access of this publication.
Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.
Watch for the Department of Health & Hunan Services (“HHS”) to step up scrutiny and regulation of non-hospice reimbursements for hospice care in response to recommendations from a just-announced Office of Inspector General (“OIG”) findings of cost increases.
OIG’s analysis of trends and patterns in payments for items and services provided to Medicare beneficiaries outside the Medicare hospice benefit during a hospice period of care (“nonhospice payments”) showed an increase in Medicare nonhospice payments for beneficiaries. Nonhospice payments for Medicare Part A services and Part B items and services totaled $6.6 billion from 2010 through 2019. OIG is concerned if providers bill Medicare for nonhospice items and services that potentially should be covered by hospices, Medicare could pay for the same items or services twice.
We hope this update is helpful. For more information about the these or other health or other legal, management or public policy developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.
Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years of health industry and other management work, public policy leadership and advocacy, coaching, teachings, and publications.
Past Board President of the Richardson Development Program for Children ECE and Scribe for the ABA JCEB Annual Agency Meeting with HHS-OCR, Vice Chair of the ABA International Section Life Sciences Committee, past Chair of the ABA Health Law Section Managed Care & Insurance Interest Group and the ABA RPTE Employee Benefits & Other Compensation Group, Ms. Stamer is most widely recognized for her decades of pragmatic, leading edge work, scholarship and thought leadership on health industry legal, public policy and operational concerns.
Ms. Stamer’s work throughout her 30 plus year career has focused heavily on working with health care and managed care, health and other employee benefit plan, insurance and financial services and other public and private organizations and their technology, data, and other service providers and advisors domestically and internationally with legal and operational compliance and risk management, performance and workforce management, regulatory and public policy and other legal and operational concerns.
For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.
About Solutions Law Press, Inc.™
Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here.
IMPORTANT NOTICE ABOUT THIS COMMUNICATION
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.
NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author and Solutions Law Press, Inc.™ reserve the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The author and Solutions Law Press, Inc.™ disclaim, and have no responsibility to provide any update or otherwise notify anyone any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication. Readers acknowledge and agree to the conditions of this Notice as a condition of their access of this publication.
Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.
The National Science Advisory Board for Biosecurity (NSABB) is scheduled to virtually meet via video cast on February . 28, 2022, from 12 p.m. – 1 p.m. EST to discuss next steps for the committee in fulfilling its purpose to provide advice, guidance and recommendations to the U.S. government regarding biosecurity oversight of dual use research.
In January 2020, the NSABB was charged with providing recommendations on balancing security and public transparency when sharing information about research with enhanced potential pandemic pathogens (ePPP). The board was also tasked with evaluating and analyzing the U.S. Dual Use Research of Concern (DURC) policies. Due to the rapid escalation of the COVID-19 pandemic, the activities of the NSABB were paused to allow members to prioritize response activities at their home institutions.
The NSABB is being reconvened to help ensure that the U.S. government oversight framework is keeping up with rapid advances in science that may raise biosecurity concerns.
Interested persons should tune in.
More Information
We hope this update is helpful. For more information about the these or other health or other legal, management or public policy developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.
Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years of health industry and other management work, public policy leadership and advocacy, coaching, teachings, and publications.
Past Board President of the Richardson Development Program for Children ECE and Scribe for the ABA JCEB Annual Agency Meeting with HHS-OCR, Vice Chair of the ABA International Section Life Sciences Committee, past Chair of the ABA Health Law Section Managed Care & Insurance Interest Group and the ABA RPTE Employee Benefits & Other Compensation Group, Ms. Stamer is most widely recognized for her decades of pragmatic, leading edge work, scholarship and thought leadership on health industry legal, public policy and operational concerns.
Ms. Stamer’s work throughout her 30 plus year career has focused heavily on working with health care and managed care, health and other employee benefit plan, insurance and financial services and other public and private organizations and their technology, data, and other service providers and advisors domestically and internationally with legal and operational compliance and risk management, performance and workforce management, regulatory and public policy and other legal and operational concerns.
For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.
About Solutions Law Press, Inc.™
Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here.
IMPORTANT NOTICE ABOUT THIS COMMUNICATION
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.
NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author and Solutions Law Press, Inc.™ reserve the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The author and Solutions Law Press, Inc.™ disclaim, and have no responsibility to provide any update or otherwise notify anyone any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication. Readers acknowledge and agree to the conditions of this Notice as a condition of their access of this publication.
Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.
CMS recently updated its Nursing Home Resource Centerwith new pieces of informational guidance on visitation and vaccines in response to the recent surge in Omicron cases.
Visitation
As of January 6, CMS updated the Nursing Home Visitation FAQs (PDF) to give additional guidance about visitation during the Omicron surge and also created an infographic (PDF) to graphically represent how to safely conduct visits to nursing homes during this time of spiking COVID cases around the country. Nursing home providers, patients, caregivers, and CMS partners can use these 2 new resources to stay informed about CMS’ latest thinking for keeping nursing homes safe in the current COVID climate.
CMS also continues to urge long-term care settings, like nursing homes, assisted living, residential care communities, group homes, and senior housing, to ensure residents and staff get COVID-19 vaccine primary series and booster shots.
Vaccination
while long-term care and other Medicare and Medicaid participating healthcare providers continue to await the Supreme Court’s decision on the enforceability and validity of the Biden administration vaccine mandate for program participation, CMS continues to urge long-term care providers to coordinate access to COVID-19 vaccines, either in the local community or on-site using the newest CDC resources.
As a reminder, through enforcement discretion, CMS allows Medicare-enrolled immunizers, including but not limited to pharmacies working with the U.S., to bill directly and get direct reimbursement from the Medicare program for vaccinating Medicare skilled nursing facility residents. See, Medicare billing and payment information.
We hope this update is helpful. For more information about the these or other health or other legal, management or public policy developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.
Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years of health industry and other management work, public policy leadership and advocacy, coaching, teachings, and publications.
Past Board President of the Richardson Development Program for Children ECE and Scribe for the ABA JCEB Annual Agency Meeting with HHS-OCR, Vice Chair of the ABA International Section Life Sciences Committee, past Chair of the ABA Health Law Section Managed Care & Insurance Interest Group and the ABA RPTE Employee Benefits & Other Compensation Group, Ms. Stamer is most widely recognized for her decades of pragmatic, leading edge work, scholarship and thought leadership on health industry legal, public policy and operational concerns.
Ms. Stamer’s work throughout her 30 plus year career has focused heavily on working with health care and managed care, health and other employee benefit plan, insurance and financial services and other public and private organizations and their technology, data, and other service providers and advisors domestically and internationally with legal and operational compliance and risk management, performance and workforce management, regulatory and public policy and other legal and operational concerns.
As a part of this work, she has continuously and extensively worked with domestic and international health plans, their sponsors, fiduciaries, administrators, and insurers; managed care and insurance organizations; hospitals, health care systems, clinics, skilled nursing, long term care, rehabilitation and other health care providers and facilities; medical staff, accreditation, peer review and quality committees and organizations; billing, utilization management, management services organizations, group purchasing organizations; pharmaceutical, pharmacy, and prescription benefit management and organizations; consultants; investors; EHR, claims, payroll and other technology, billing and reimbursement and other services and product vendors; products and solutions consultants and developers; investors; managed care organizations, self-insured health and other employee benefit plans, their sponsors, fiduciaries, administrators and service providers, insurers and other payers, health industry advocacy and other service providers and groups and other health and managed care industry clients as well as federal and state legislative, regulatory, investigatory and enforcement bodies and agencies.
This involvement encompasses helping health care systems and organizations, schools, ECEs, group and individual health care providers, health plans and insurers, health IT, life sciences and other health industry clients prevent, investigate, manage and resolve sexual assault, abuse, harassment and other organizational, provider and employee misconduct and other performance and behavior; manage Section 1557, Civil Rights Act and other discrimination and accommodation, and other regulatory, contractual and other compliance; vendors and suppliers; contracting and other terms of participation, medical billing, reimbursement, claims administration and coordination, Medicare, Medicaid, CHIP, Medicare/Medicaid Advantage, ERISA and other payers and other provider-payer relations, contracting, compliance and enforcement; Form 990 and other nonprofit and tax-exemption; fundraising, investors, joint venture, and other business partners; quality and other performance measurement, management, discipline and reporting; physician and other workforce recruiting, performance management, peer review and other investigations and discipline, wage and hour, payroll, gain-sharing and other pay-for performance and other compensation, training, outsourcing and other human resources and workforce matters; board, medical staff and other governance; strategic planning, process and quality improvement; meaningful use, EHR, HIPAA and other technology, data security and breach and other health IT and data; STARK, ant kickback, insurance, and other fraud prevention, investigation, defense and enforcement; audits, investigations, and enforcement actions; trade secrets and other intellectual property; crisis preparedness and response; internal, government and third-party licensure, credentialing, accreditation, HCQIA and other peer review and quality reporting, audits, investigations, enforcement and defense; patient relations and care; internal controls and regulatory compliance; payer-provider, provider-provider, vendor, patient, governmental and community relations; facilities, practice, products and other sales, mergers, acquisitions and other business and commercial transactions; government procurement and contracting; grants; tax-exemption and not-for-profit; privacy and data security; training; risk and change management; regulatory affairs and public policy; process, product and service improvement, development and innovation, and other legal and operational compliance and risk management, government and regulatory affairs and operations concerns. to establish, administer and defend workforce and staffing, quality, and other compliance, risk management and operational practices, policies and actions; comply with requirements; investigate and respond to Board of Medicine, Health, Nursing, Pharmacy, Chiropractic, and other licensing agencies, Department of Aging & Disability, FDA, Drug Enforcement Agency, OCR Privacy and Civil Rights, Department of Labor, IRS, HHS, DOD, FTC, SEC, CDC and other public health, Department of Justice and state attorneys’ general and other federal and state agencies; JCHO and other accreditation and quality organizations; private litigation and other federal and state health care industry actions: regulatory and public policy advocacy; training and discipline; enforcement; and other strategic and operational concerns.
Author of a multitude of health industry and other highly regarded publications and presentations, the American Bar Association (ABA) International Section Life Sciences Committee Vice Chair, a Scribe for the ABA Joint Committee on Employee Benefits (JCEB) Annual OCR Agency Meeting and a former Council Representative, Past Chair of the ABA Managed Care & Insurance Interest Group, former Vice President and Executive Director of the North Texas Health Care Compliance Professionals Association, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, and a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her extensive publications and thought leadership as well as leadership involvement in a broad range of other professional and civic organizations.
For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.
About Solutions Law Press, Inc.™
Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here.
IMPORTANT NOTICE ABOUT THIS COMMUNICATION
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.
NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author and Solutions Law Press, Inc.™ reserve the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The author and Solutions Law Press, Inc.™ disclaim, and have no responsibility to provide any update or otherwise notify anyone any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication. Readers acknowledge and agree to the conditions of this Notice as a condition of their access of this publication.
Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.
The Centers for Medicare & Medicaid Services (CMS) has published an update to the 2022 CMS Quality Reporting Document Architecture (QRDA) Category III Implementation Guide (IG) and Sample Files (zip). The 2022 CMS QRDA III IG outlines requirements for eligible clinicians and eligible professionals to report electronic clinical quality measures for the calendar year (CY) 2022 performance period.
The updates include:
CMS added to Table 14: UUID List for MIPS 2022 CY Performance Period eCQM Specifications Eligible Professionals and Eligible Clinicians
The missing UUID of population 2 numerator exclusion for CMS156v10. This issue was reported in QRDA Known Issue QKI-6
Missing measure CMS646v2
CMS added these tables based on the CY 2022 Medicare Physician Fee Schedule Final Rule.
Table 15: Improvement Activities Identifiers for the MIPS CY 2022 Performance Period
Table 16: Promoting Interoperability Objectives and Measures Identifiers for the MIPS CY 2022 Performance Period
We hope this update is helpful. For more information about the these or other health or other legal, management or public policy developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.
Recognized as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years of health industry and other management work, public policy leadership and advocacy, coaching, teachings, and publications.
Past Board President of the Richardson Development Program for Children ECE and Scribe for the ABA JCEB Annual Agency Meeting with HHS-OCR, Vice Chair of the ABA International Section Life Sciences Committee, past Chair of the ABA Health Law Section Managed Care & Insurance Interest Group and the ABA RPTE Employee Benefits & Other Compensation Group, Ms. Stamer is most widely recognized for her decades of pragmatic, leading edge work, scholarship and thought leadership on health industry legal, public policy and operational concerns.
Ms. Stamer’s work throughout her 30 plus year career has focused heavily on working with health care and managed care, health and other employee benefit plan, insurance and financial services and other public and private organizations and their technology, data, and other service providers and advisors domestically and internationally with legal and operational compliance and risk management, performance and workforce management, regulatory and public policy and other legal and operational concerns.
As a part of this work, she has continuously and extensively worked with domestic and international health plans, their sponsors, fiduciaries, administrators, and insurers; managed care and insurance organizations; hospitals, health care systems, clinics, skilled nursing, long term care, rehabilitation and other health care providers and facilities; medical staff, accreditation, peer review and quality committees and organizations; billing, utilization management, management services organizations, group purchasing organizations; pharmaceutical, pharmacy, and prescription benefit management and organizations; consultants; investors; EHR, claims, payroll and other technology, billing and reimbursement and other services and product vendors; products and solutions consultants and developers; investors; managed care organizations, self-insured health and other employee benefit plans, their sponsors, fiduciaries, administrators and service providers, insurers and other payers, health industry advocacy and other service providers and groups and other health and managed care industry clients as well as federal and state legislative, regulatory, investigatory and enforcement bodies and agencies.
This involvement encompasses helping health care systems and organizations, schools, ECEs, group and individual health care providers, health plans and insurers, health IT, life sciences and other health industry clients prevent, investigate, manage and resolve sexual assault, abuse, harassment and other organizational, provider and employee misconduct and other performance and behavior; manage Section 1557, Civil Rights Act and other discrimination and accommodation, and other regulatory, contractual and other compliance; vendors and suppliers; contracting and other terms of participation, medical billing, reimbursement, claims administration and coordination, Medicare, Medicaid, CHIP, Medicare/Medicaid Advantage, ERISA and other payers and other provider-payer relations, contracting, compliance and enforcement; Form 990 and other nonprofit and tax-exemption; fundraising, investors, joint venture, and other business partners; quality and other performance measurement, management, discipline and reporting; physician and other workforce recruiting, performance management, peer review and other investigations and discipline, wage and hour, payroll, gain-sharing and other pay-for performance and other compensation, training, outsourcing and other human resources and workforce matters; board, medical staff and other governance; strategic planning, process and quality improvement; meaningful use, EHR, HIPAA and other technology, data security and breach and other health IT and data; STARK, ant kickback, insurance, and other fraud prevention, investigation, defense and enforcement; audits, investigations, and enforcement actions; trade secrets and other intellectual property; crisis preparedness and response; internal, government and third-party licensure, credentialing, accreditation, HCQIA and other peer review and quality reporting, audits, investigations, enforcement and defense; patient relations and care; internal controls and regulatory compliance; payer-provider, provider-provider, vendor, patient, governmental and community relations; facilities, practice, products and other sales, mergers, acquisitions and other business and commercial transactions; government procurement and contracting; grants; tax-exemption and not-for-profit; privacy and data security; training; risk and change management; regulatory affairs and public policy; process, product and service improvement, development and innovation, and other legal and operational compliance and risk management, government and regulatory affairs and operations concerns. to establish, administer and defend workforce and staffing, quality, and other compliance, risk management and operational practices, policies and actions; comply with requirements; investigate and respond to Board of Medicine, Health, Nursing, Pharmacy, Chiropractic, and other licensing agencies, Department of Aging & Disability, FDA, Drug Enforcement Agency, OCR Privacy and Civil Rights, Department of Labor, IRS, HHS, DOD, FTC, SEC, CDC and other public health, Department of Justice and state attorneys’ general and other federal and state agencies; JCHO and other accreditation and quality organizations; private litigation and other federal and state health care industry actions: regulatory and public policy advocacy; training and discipline; enforcement; and other strategic and operational concerns.
Author of a multitude of health industry and other highly regarded publications and presentations, the American Bar Association (ABA) International Section Life Sciences Committee Vice Chair, a Scribe for the ABA Joint Committee on Employee Benefits (JCEB) Annual OCR Agency Meeting and a former Council Representative, Past Chair of the ABA Managed Care & Insurance Interest Group, former Vice President and Executive Director of the North Texas Health Care Compliance Professionals Association, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, and a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her extensive publications and thought leadership as well as leadership involvement in a broad range of other professional and civic organizations.
For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.
About Solutions Law Press, Inc.™
Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here.
IMPORTANT NOTICE ABOUT THIS COMMUNICATION
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.
NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author and Solutions Law Press, Inc.™ reserve the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The author and Solutions Law Press, Inc.™ disclaim, and have no responsibility to provide any update or otherwise notify anyone any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication. Readers acknowledge and agree to the conditions of this Notice as a condition of their access of this publication.
Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.