March 2020

COVID-19 Telehealth Relief; CMS ESRD, General Practitioner Telehealth Toolkits Released

March 24, 2020

The U.S Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced Health Insurance Portability & Accountability Act Privacy Rule 2019 Novel Coronavirus (COVID-19) emergency enforcement relief for certain covered health care providers and their business associates participating in the operation of mobile, drive-through, or walk-up COVID-19 specimen collection and testing sites that only provide COVID-19 specimen collection or testing services to the public (Community-Based Testing Sites, or CBTS). The Notification of Enforcement Discretion ON CBTS During The COVID-19 Nationwide Public Health Emergency (“Notice”) expands upon the series of HIPAA enforcement relief and other flexibility OCR has granted to health care providers and other HIPAA-covered entities and business associates when dealing with the COVID-19 National Health Emergency declared by President Trump on March 13, 2020.

While welcome relief for those health care providers and business associates that qualify for this relief, it is critical that all health care providers, health plans, health care clearinghouses and their business associates do not overlook the importance of ensuring their HIPAA obligations are fulfilled amid the frenzy of coping with the ongoing COVID-19 crisis. Like OCR’s previously announced March 30, 2020 Notification of Enforcement Discretion for Telehealth Remote Communications During the COVID-19 Nationwide Public Health Emergency (“Telehealth Relief”) and the COVID-19 related flexibilities granted by OCR in its February 2020 Office for Civil Rights, U.S. Department of Health and Human Services BULLETIN: HIPAA Privacy and Novel Coronavirus (“OCR COVID-19 HIPAA Bulletin”), the CBTS Notice provides valuable flexibility and relief for HIPAA covered entities and business associates that qualify for the granted relief. While welcoming this relief, all covered entities and business associates need to keep in mind that the shifting of care locations, systems, affiliations and other arrangements to deal with the COVID-19 national health emergency generally are accompanied by changes in the collection, use, access, disclosure, storage and transmission of protected health information generally and electronic protected health information and its associated devices and systems. Except to the extent protected by COVID-19 or other specific disaster relief from OCR, covered entities and business associates need to use care to conduct appropriately documented risk assessments and take other necessary steps to maintain HIPAA compliance in these operations and systems throughout the emergency. See also COVID-19 Telehealth Relief; CMS ESRD, General Practitioner Telehealth Toolkits Released; OCR Grants HIPAA Telemedic ine Relief During COVID-19 Crisis.

April 9 HIPAA Enforcement Relief For Certain COVID-19 Testing Related Activities

According to Director Roger Severino, the limited enforcement relief in the Notice is intended “to encourage the growth of mobile testing sites so more people can get tested quickly and safely.” Under the April 9, 2020 Notice, OCR will not impose penalties for violations of HIPAA regulatory requirements committed by covered entities or business associates in connection with their good faith participation in the operation of COVID-19 testing sites during the COVID-19 nationwide public health emergency. The enforcement relief provided by the s retroactive to violations committed on or after March 13, 2020 even though just announced on April 9.

The enforcement relief applies to all HIPAA covered health care providers and their business associates when such entities are, in good faith, participating in the operation of a CBTS. According to the Notice, operation of a CBTS includes all activities that support the collection of specimens from individuals for COVID-19 testing. Covered entities and business associates intending to rely upon the enforcement relief need to understand its limited scope. The relief only applies to health care providers or their business associates when participating in CBTS related activities. It does not apply to non-CBTS related activities of health care providers or their business associates including the handling of PHI outside of the operation of a CBTS or to health plans, health care clearinghouses, or their business associates performing health plan and clearinghouse functions. To the extent that an entity performs both plan and provider functions, the Notice says the relief only applies to the entity in its role as a covered health care provider and only to the extent that it participates in a CBTS. Covered entities and business associates not covered by the CBTS relief provided by the Notice generally remain subject to all otherwise applicable HIPAA requirements except as otherwise provided in the Telehealth Relief or other COVID-19 related flexibilities granted by OCR in the OCR COVID-19 HIPAA Bulletin or other previously issued HIPAA guidance for dealing with public emergencies,

While committing that OCR will not take HIPAA enforcement action against covered entities or business associates for violating HIPAA’s regulatory requirements during the COVID-19 emergency, the Notice nevertheless encourages covered entities and business associates participating in the good faith operation of a CBTS to implement reasonable safeguards to protect the privacy and security of individuals’ PHI including:

Using and disclosing only the minimum PHI necessary except when disclosing PHI for treatment.
Setting up canopies or similar opaque barriers at a CBTS to provide some privacy to individuals during the collection of samples.
Controlling foot and car traffic to create adequate distancing at the point of service to minimize the ability of persons to see or overhear screening interactions at a CBTS. (A six foot distance would serve this purpose as well as supporting recommended social distancing measures to minimize the risk of spreading COVID-19.)
Establishing a “buffer zone” to prevent members of the media or public from observing or filming individuals who approach a CBTS, and posting signs prohibiting filming.
Using secure technology at a CBTS to record and transmit electronic PHI.
Posting a Notice of Privacy Practices (NPP), or information about how to find the NPP online, if applicable, in a place that is readily viewable by individuals who approach a CBTS.

While OCR says the Notice’s enforcement relief for CBTS related activity is not conditional upon adherence to these recommendations, CBTS involved covered entities and business associations should keep in mind that the OCR relief does not necessarily affect their otherwise applicable requirements, if any, to comply to these and other health or medical privacy, data security, confidentiality or other similar requirements applicable under otherwise applicable state statutory or common laws, regulations, accreditation or credentialing, contractual or other legally relevant requirements or standards.

Today, the Department of Health and Human Services (HHS) Centers for Medicare & Medicaid Services (CMS) released two comprehensive toolkits on telehealth:

The Telehealth Toolkit for General Practitioners available here;
The End-Stage Renal Disease Providers Toolkit available here .

The Toolkits’ release follows up on last week’s Centers for Medicare & Medicare Services (“CMS”) loosening of requirements for Medicare coverage of telehealth services and privacy and data security requirements so that beneficiaries can receive a wider range of services from their doctors without having to travel to a healthcare facility on a temporary and emergency basis under the 1135 waiver authority and Coronavirus Preparedness and Response Supplemental Appropriations Act.

COVID-19 Emergency TeleHealth Waivers & Rules

Under this temporary new waiver, Medicare can pay for office, hospital, and other visits furnished via telehealth across the country and including in patient’s places of residence starting March 6, 2020. The waiver applies to a range of providers, such as doctors, nurse practitioners, clinical psychologists, and licensed clinical social workers, will be able to offer telehealth to their patients.

New TeleHealth Toolkits

Each of the telehealth toolkits released today contains electronic links to reliable sources of information on telehealth and telemedicine, which will reduce the amount of time providers spend searching for answers and increase their time with patients. HHS intends these links to help providers choose learn about the general concept of telehealth, choose telemedicine vendors, initiate a telemedicine program, monitor patients remotely, and develop documentation tools. Additionally, the information contained within each toolkit also outlines temporary virtual services that could be used to treat patients during this specific period of time.

COVID-19 Temporary Limited Scope HIPAA Privacy Telehealth Relief

The HHS COVID-19 emergency teleheath waivers follow up on the HHS Office for Civil Rights (OCR) March 20, 2020 Notification of Enforcement Discretion on Telehealth Remote Communications (the “Notice”) announcing temporary, limited scope enforcement relief from some, but not all of the requirements of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy, Security and Breach Notification Rules for health care providers using “non-public facing” communication technologies to provide telemedicine services during the COVID-19 health care emergency

Intended to allow health care providers greater latitude under HIPAA to communicate with patients and provide telehealth services through remote communications technologies during the COVID-19 national emergency, the Notice allows covered health care providers wishing to use audio or video communication technology to provide telehealth to patients during the COVID-19 nationwide public health emergency the option to any availabe “non-public facing” remote communication product to communicate with patients if the platform by verifying the platform is HIPAA compliant and securing the necessary business associate agreement (“BAA”) with the communication provider.

Specifically the Notice announces OCR is exercising its enforcement discretion not to impose penalties for noncompliance with the HIPAA Rules in connection with the good faith provision of telehealth using non-public facing audio or video communication products during the COVID-19 nationwide public health emergency in accordance with the requirements set forth in the Notice. The non-enforcement policy applies to telehealth provided for any reason, regardless of whether the telehealth service is related to the diagnosis and treatment of health conditions related to COVID-19. During the COVID-19 emergency, this relief for non-public facing remote communications allows a health care providers the flexibility when it determines appropriate in his or her professional judgement to request to examine a patient using a video chat application connecting the provider’s or patient’s phone or desktop computer in order to assess a greater number of patients while limiting the risk of infection of other persons who would be exposed from an in-person consultation.

The relief does not apply to “public facing” remote communications however, Facebook Live, Twitch, TikTok, and similar video communication applications are considered “public facing.” The OCR bulletin states health care providers should not use any of these or other public facing remote communications to provide telehealth services under the Bulletin.

The Notice also alerts health care providers providing telemedicine services under the Notice need to ensure they have in place appropriate business associate agreements {“BAAs”) with each technology vendors used to conduct these communications and that the vendor is otherwise HIPAA compliant. The Notice lists the following as some vendors that have represented to OCR that they provide HIPAA-compliant video communication products and that they will enter into a HIPAA BAA include:

Skype for Business
Updox
VSee
Zoom for Healthcare
me
Google G Suite Hangouts Meet

Providers should note that the Notice also states that OCR does not endorse, recommend or certify any of these vendors or the adequacy of their BAAs. Consequently, providers intending to use any of thes platforms should conduct their own documented due diligence to confirm that the necessary HIPAA requirements are met. Providers also should keep in mind that the OCR Notice does not modify any otherwise applicable federal or state law, contractual or ethical requirements that may apply to their use of these telemedicine platforms. As many provider’s HIPAA notices may have included statements inconsistent with the use of these technologies, the provider should consider providing notification of the change of its practices that includes disclosures about potentially lower privacy protections. Because the relief is limited in scope and duration, providers relying on the relief also will need to closely monitor developments and adjust practices as necessary when the emergency waivers expire or are modified.

Covered Entities & Business Associates Should Conduct Documented Risk Assessment To Verify Compliance Taking Into Account COVID-19 Operational Changes & Relief

Health care providers, health plans, health care clearinghouses and their business associates hoping to rely upon the relief in the CBTS Notice, the Telehealth Relief, the OCR COVID-19 HIPAA Bulletin or other previously issued HIPAA guidance for dealing with public emergencies, need to verify their qualification and compliance with that guidance. In the meantime, all HIPAA covered entities and business associates also should be cognizant of the advisability of also conducting timely, documented risk assessments and taking other necessary steps to ensure that they can demonstrate that their ongoing operations, taking into account any COVID-19 specific changes in operations, systems, locations, business associates or other HIPAA relevant arrangements or operations, comply with all remaining relevant requirements of HIPAA or other relevant federal or state statutory, regulatory, common law, ethical, contractual or other requirements. This is particularly important with respect to modification locations, equipment, or other COVID-19 related changes may impact or disrupt usual operations or involve the use, access, disclosure, retention or transmission of protected health information or other sensitive data outside of processes, systems or location previously subject to a risk assessment to confirm and document adequate compliance with HIPAA or other relevant requirements. To the extent that any deficiencies may have occurred, timely action should be taken to conduct an appropriate documented investigation and risk assessment, and provide any necessary breach notification or other corrective action necessary to correct or mitigate those events. Because of the potential sensitivity of these activities, health care providers, health plans, health care clearinghouses and their business associations should consider contacting experienced legal counsel to arrange for those activities to be structured to preserve the possibility of using attorney-client privilege or other legal privileges to help defend sensitive communications or evaluations against discovery in the event of a future litigation or administrative investigation.

More Information & Resources

We hope this update is helpful. If you need assistance reviewing or responding to these or other health care related risk management, compliance, enforcement or management concerns, the author of this update, attorney Cynthia Marcotte Stamer, may be able to help. To learn more about Ms. Stamer, her services, experience, publications or involvements; to review or request other developments, publications, resources and tools; or to register for future updates, see www.cynthiastamer.com, see www.cynthiastamer.com; connect on LinkedIn or Facebook; or contact us via e-mail or via telephone at (214) 452 -8297

About The Author

Cynthia Marcotte Stamer is a practicing attorney, management and regulatory affairs consultant, author and lecturer, who has worked extensively on pandemic and other crisis planning, preparedness and response and other business change, risk, compliance and operation management throughout her 30 plus year career.

Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, and a Fellow in the American Bar Foundation, the Texas Bar Foundation and the American College of Employee Benefit Counsel, Ms. Stamer is widely recognized for her pragmatic, leading edge work, scholarship and thought leadership on domestic and international, public and private sector health care and managed care, workforce and performance, safety, legal and operational compliance and risk management, crisis preparedness and response, and other essential legal and operational concerns.

Her experience includes extensive work domestically and internationally with hospitals, health care systems, clinics, skilled nursing and other long term care, rehabilitation and other health care facilities; physicians, medical staff and other health care providers and organizations; accreditation, peer review and quality committees and organizations; health care management and technology and other health and managed care industry clients; self-insured and insured health and other employee benefit plans, their sponsors, fiduciaries, administrators, insurers and service providers and other payers; employers; billing, utilization management, quality, management services organizations, group purchasing organizations; pharmaceutical, pharmacy, and prescription benefit management and organizations; consultants; investors; EHR, claims, payroll and other technology, billing and reimbursement and other services and product vendors; products and solutions consultants and developers; investors; health industry advocacy and other service providers and groups and other health and managed care industry clients as well as federal and state legislative, regulatory, investigatory and enforcement bodies and agencies.

Board Certified in Labor and Employment Law by the Texas Board of Legal Specialization and the author of “Privacy and the Pandemic Workshop” for the Association of State and Territorial Health Plans and a multitude of other publications and workshops on health and other disaster and other crisis preparedness, risk management and response, as well as a multitude of other health care, workforce and other management and regulatory affairs publications and presentations, Ms. Stamer also shares her thought leadership through her extensive and diverse involvement in a broad range of other professional and civic organizations. Examples of these involvements include her service as the current American Bar Association (ABA) International Section Life Sciences Committee Vice Chair, Scribe for the ABA Joint Committee on Employee Benefits (JCEB) Annual OCR Agency Meeting and a former JCEB Council Representative; past Chair of the ABA Health Law Section Managed Care & Insurance Interest Group; former ABA RPTE Employee Benefits & Other Compensation Group Chair and Past Chair and current Co-Chair of its Welfare Benefits Committee; former Vice President and Executive Director of the North Texas Health Care Compliance Professionals Association, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Member and Compliance Chair of the National Kidney Foundation of North Texas; former technical advisor to the National Physicians Council on Health Care Policy; former member of the Stem Cell Advisory Committee; and in a multitude of other professional, trade, civic and community service organizations.

IMPORTANT NOTICE ABOUT THIS COMMUNICATION

NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author and Solutions Law Press, Inc.™ reserve the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The author and Solutions Law Press, Inc.™ disclaim, and have no responsibility to provide any update or otherwise notify anyone any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication. Readers acknowledge and agree to the conditions of this Notice as a condition of their access of this publication. Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein. ©2020 Cynthia Marcotte Stamer. Limited non-exclusive right to republish granted to Solutions Law Press, Inc.™.

Leave a Comment » | Academic medicine, Centers For Disease Control, Childrens Health Insurance Program, Conditions of Participation, Coronavirus, COVID-19, Disease Management, Doctor, E-Prescribing, Electronic Health Records, Electronic Medical Records, Emergency Care, Employer, Health Care, Health Care Finance, Health Care Provider, Health Care Quality, Health Insurance, Health IT, Health Plan, HIPAA, Home Health, home health, Hospice, Hospital, hospitals, Indian Health, Inpatient Rehabilitation, Inpatient Rehabilitation Facility, Licensing, Meaningful Use, Medicaid, Medical Licensure, Medical Malpractice, Medical Privacy, Medical Records, Medicare, Medicare Advantage, Mental Health, Pandemic, Pharmaceudical, Pharmacy, Physician, Prescription Drugs, Prohibited Transaction, Reimbursement, Rural Health Care, Uncategorized, Veterans Health, Veterans Health Care | Permalink
Posted by Cynthia Marcotte Stamer

OCR Grants HIPAA Telemedicine Relief During COVID-19 Crisis

March 17, 2020

The Office for Civil Rights (OCR) at the Department of Health and Human Services (HHS) announced relief providing covered health care providers subject to the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy, Security and Breach Notification Rules greater latitude for communicating with patients, and providing telehealth services, through remote communications technologies during the COVID-19 national emergency, OCR also published a bulletin advising covered entities of further flexibilities available to them as well as obligations that remain in effect under HIPAA as they respond to crises or emergencies available here.

According to the OCR Notice, a covered health care provider that wants to use audio or video communication technology to provide telehealth to patients during the COVID-19 nationwide public health emergency can use any non-public facing remote communication product that is available to communicate with patients. OCR is exercising its enforcement discretion to not impose penalties for noncompliance with the HIPAA Rules in connection with the good faith provision of telehealth using such non-public facing audio or video communication products during the COVID-19 nationwide public health emergency. This exercise of discretion applies to telehealth provided for any reason, regardless of whether the telehealth service is related to the diagnosis and treatment of health conditions related to COVID-19.

For example, a covered health care provider in the exercise of their professional judgement may request to examine a patient exhibiting COVID- 19 symptoms, using a video chat application connecting the provider’s or patient’s phone or desktop computer in order to assess a greater number of patients while limiting the risk of infection of other persons who would be exposed from an in-person consultation. Likewise, a covered health care provider may provide similar telehealth services in the exercise of their professional judgment to assess or treat any other medical condition, even if not related to COVID-19, such as a sprained ankle, dental consultation or psychological evaluation, or other conditions.

The Notice clears the way for covered health care providers to use popular applications that allow for video chats, including Apple FaceTime, Facebook Messenger video chat, Google Hangouts video, or Skype, to provide telehealth without risk that OCR might seek to impose a penalty for noncompliance with the HIPAA Rules related to the good faith provision of telehealth during the COVID-19 nationwide public health emergency. Providers are encouraged to notify patients that these third-party applications potentially introduce privacy risks, and providers should enable all available encryption and privacy modes when using such applications.

Under this Notice, however, Facebook Live, Twitch, TikTok, and similar video communication applications are public facing, and should not be used in the provision of telehealth by covered health care providers.

Covered health care providers that seek additional privacy protections for telehealth while using video communication products should provide such services through technology vendors that are HIPAA compliant and will enter into HIPAA business associate agreements (BAAs) in connection with the provision of their video communication products. The Notice states that some vendors that represent to OCR that they provide HIPAA-compliant video communication products and that they will enter into a HIPAA BAA include:

Skype for Business

Updox

VSee

Zoom for Healthcare

Doxy.me

Google G Suite Hangouts Meet

However the Notice also states OCR has not reviewed the BAAs offered by these vendors, and this list does not constitute an endorsement, certification, or recommendation of specific technology, software, applications, or products. There may be other technology vendors that offer HIPAA-compliant video communication products that will enter into a HIPAA BAA with a covered entity. Further, OCR does not endorse any of the applications that allow for video chats listed above.

Under this Notice, however, OCR will not impose penalties against covered health care providers for the lack of a BAA with video communication vendors or any other noncompliance with the HIPAA Rules that relates to the good faith provision of telehealth services during the COVID-19 nationwide public health emergency.

Guidance on BAAs, including sample BAA provisions, is available here. Additional information about HIPAA Security Rule safeguards is available here.

Beyond the Notice, HealthIT.gov has technical assistance on telehealth here.

More Information

We hope this update is helpful. For more information about the these or other health or other legal, management or public policy developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.

Solutions Law Press, Inc. invites you receive future updates by registering on our Solutions Law Press, Inc. Website and participating and contributing to the discussions in our Solutions Law Press, Inc. LinkedIn SLP Health Care Risk Management & Operations Group, HR & Benefits Update Compliance Group, and/or Coalition for Responsible Health Care Policy.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here such as:

Leave a Comment » | Uncategorized | Permalink
Posted by Cynthia Marcotte Stamer

CMS COVID-19 Nursing Home Safety Guidance

March 16, 2020

On Friday, the Centers for Medicare & Medicaid Services (CMS) announced tight facilities access restrictions and other critical additional new measures designed to keep America’s nursing home residents safe from the 2019 Novel Coronavirus (COVID-19) in connection with the broader Trump Administration declaration of a national emergency to deal with the COVID-19 outbreak. The guidance follows news that the Washington nursing home with the biggest cluster of COVID-19 deaths to date in the U.S. thought it was facing an influenza outbreak.

The President’s declaration empowers the Secretary of Health and Human Services (HHS) to authorize CMS to take proactive steps through 1135 waivers. Under these emergency procedures, the HHS Secretary is authorized to waive certain Medicare, Medicaid and Children’s Health Insurance Program (CHIP) program requirements and conditions of participation under Section 1135 of the Social Security Act once the President declares an emergency through the Stafford Act or National Emergency Act, and the Secretary declares a Public Health Emergency (PHE). HHS Secretary Alex M. Azar issued a PHE on January 31, 2020. As a result of this authority, CMS has enacted blanket waivers easing certain requirements for impacted providers and states and other relief.

Nursing Home Containment Guidance

Under the Memo Nursing Home Guidance QSO-20-14 –NH issued Friday, HHS directed nursing homes to significantly restrict visitors and nonessential personnel, as well as restrict communal activities inside nursing homes. Specifically, the Memo directs that:

General Restrictions On Access. Facilities should restrict visitation of all visitors and non-essential health care personnel, except for the following:

Health care workers: Facilities should follow CDC guidelines for restricting access to health care workers found here. This also applies to other health care workers, such as hospice workers, EMS personnel, or dialysis technicians, that provide care to residents. They should be permitted to come into the facility if they meet the CDC guidelines for health care workers. The Memo also states that facilities should contact their local health department for questions, and frequently review the CDC website dedicated to COVID-19 for health care professionals
Surveyors: CMS and state survey agencies are constantly evaluating their surveyors to ensure they don’t pose a transmission risk when entering a facility. For example, surveyors may have been in a facility with COVID-19 cases in the previous 14 days, but because they were wearing PPE effectively per CDC guidelines, they pose a low risk to transmission in the next facility and must be allowed to enter. However, there are circumstances under which surveyors should still not enter, such as if they have a fever.
Certain Compassionate Care Visits. The Memo says facilities may allow certain compassionate care situations, such as an end-of-life situations, under certain circumstances discussed below. Facilities are expected to notify potential visitors to defer visitation until further notice (through signage, calls, letters, etc.).
Ombudsman Program Visits. Residents still have the right to access the Ombudsman program, but the Memo says that access should be restricted per the guidance above (except in compassionate care situations). The Memo states facilities may review this on a case by case basis. If in-person access is not available due to infection control concerns, facilities need to facilitate resident communication (by phone or other format) with the Ombudsman program or any other entity listed in 42 CFR § 483.10(f)(4)(i).

Compassionate Care Access. The Memo directs that facilities make decisions about visitation during an end of life situation on a case by case basis, which includes careful screening of the visitor (including clergy, bereavement counselors, etc.) for fever or respiratory symptoms. Those with symptoms of a respiratory infection (fever, cough, shortness of breath, or sore throat) should not be permitted to enter the facility at any time (even in end-of-life situations).

For individuals that enter in compassionate situations (e.g., end-of-life care), the Memo requires that facilities enforce protective restrictions on access including:

Facilities should require visitors to perform hand hygiene and use Personal Protective Equipment (PPE), such as facemasks while in the building;
Visitors must restrict their visit to the resident’s room or other location designated by the facility; and
Facilities should remind visitors frequently perform hand hygiene.

Safeguards When Visits Allowed. When visitation is necessary or allowable (e.g., in end-of-life scenarios), facilities should make efforts to allow for safe visitation for residents and loved ones such as:

Suggesting refraining from physical contact with residents and others while in the facility. For example, practice social distances with no hand-shaking or hugging and remaining six feet apart.
If possible (e.g., pending design of building), creating dedicated visiting areas (e.g., “clean rooms”), near the entrance to the facility where residents can meet with visitors in a sanitized environment.
Facilities should disinfect rooms after each resident-visitor meeting.

Offer Options In Lieu Of Visits. CMS notes in the Memo that while visitor restrictions may be difficult for residents and families, CMS says the restrictions based on the newest recommendations from the Centers for Disease Control and Prevention (CDC) are an important temporary measure for their protection. In lieu of and to mitigate the effect of visitor restrictions on patients and their families, CMS encourages facilities to consider taking the following steps:

Offering alternative means of communication for people who would otherwise visit, such as virtual communications (phone, video-communication, etc.).
Creating/increasing listserv communication to update families, such as advising to not visit.
Assigning staff as primary contact to families for inbound calls and conduct regular outbound calls to keep families up to date.
Offering a phone line with a voice recording updated at set times (e.g., daily) with the facility’s general operating status, such as when it is safe to resume visits.

Tighter State Law Restrictions. The Memo states that if a state implements actions that exceed CMS requirements, such as a ban on all visitation through a governor’s executive order, a facility would not be out of compliance with CMS’ requirements. In this case, CMS surveyors would still enter the facility, but not cite for noncompliance with visitation requirements.

When To Consider Transferring Patients With Confirmed COVID-19 Infection To A Hospital. Concerning when to transfer patients with COVID-19 investions to the hospital, the Memo states that nursing homes with residents suspected of having COVID-19 infection should contact their local health department. Residents infected with COVID-19 may vary in severity from lack of symptoms to mild or severe symptoms or fatality. Initially, symptoms may be mild and may not require transfer to a hospital as long as the facility can follow the infection prevention and control practices recommended by CDC. Facilities without an airborne infection isolation room (AIIR) are not required to transfer the resident assuming:

The resident does not require a higher level of care; and
The facility can adhere to the rest of the infection prevention and
control practices recommended for caring for a resident with COVID-19.

When Should A Nursing Home Accept Resident Diagnosed With COVID-19 From A Hospital? CMS also notes that nursing homes should admit any individuals that they would normally admit to their facility, including individuals from hospitals where a case of COVID-19 was/is present provided they can provide appropriate precautionary safeguards. The Memo states a nursing home can accept a resident diagnosed with COVID-19 and still under Transmission Based Precautions for COVID-19 as long as the facility can follow CDC guidance for Transmission-Based Precautions. If a nursing home cannot, it must wait until these precautions are discontinued. Also, if possible, Nursing Homes also should dedicate a unit/wing exclusively for any residents coming or returning from the hospital. This can serve as a step-down unit where they remain for 14 days with no symptoms (instead of integrating as usual on short-term rehab floor, or returning to long-stay original room).

CDC has released Interim Guidance for Discontinuing Transmission-Based Precautions or In-Home Isolation for Persons with Laboratory-confirmed COVID-19. As information on the duration of infectivity is limited, the interim guidance was developed with available information from similar coronaviruses. CDC states that decisions to discontinue Transmission-based Precautions in hospitals will be made on a case-by-case basis in consultation with clinicians, infection prevention and control specialists, and public health officials based on multiple factors (see current CDC guidance for further details).

Other Internal Operations To Control Infection. The Memo also indicates that nursing homes should take the following other actions to control exposure within facilities.

Cancel communal dining and all group activities, such as internal and external group activities.
Implement active screening of residents and staff for fever and respiratory symptoms.
Remind residents to practice social distancing and perform frequent hand hygiene.
Screen all staff at the beginning of their shift for fever and respiratory symptoms. Actively take their temperature and document absence of shortness of breath, new or change in cough, and sore throat. If they are ill, have them put on a facemask and self-isolate at home.
For individuals allowed in the facility (e.g., in end-of-life situations), provide instruction, before visitors enter the facility and residents’ rooms, provide instruction on hand hygiene, limiting surfaces touched, and use of PPE according to current facility policy while in the resident’s room. Individuals with fevers, other symptoms of COVID-19, or unable to demonstrate proper use of infection control techniques should be restricted from entry.
Facilities should communicate through multiple means to inform individuals and nonessential health care personnel of the visitation restrictions, such as through signage at entrances/exits, letters, emails, phone calls, and recorded messages for receiving calls.
Facilities should identify staff that work at multiple facilities (e.g., agency staff, regional or corporate staff, etc.) and actively screen and restrict them appropriately to ensure they do not place individuals in the facility at risk for COVID-19.
Facilities should review and revise how they interact vendors and receiving supplies, agency staff, EMS personnel and equipment, transportation providers (e.g., when taking residents to offsite appointments, etc.), and other non-health care providers (e.g., food delivery, etc.), and take necessary actions to prevent any potential transmission. For example, do not have supply vendors transport supplies inside the facility. Have them dropped off at a dedicated location (e.g., loading dock). Facilities can allow entry of these visitors if needed, as long as they are following the appropriate CDC guidelines for Transmission-Based Precautions.

The Memo also encourages all nursing homes:

To monitor residents and others for potential symptoms of respiratory infection as needed throughout the day;
Advise visitors, and any individuals who entered the facility (e.g., hospice staff), to monitor for signs and symptoms of respiratory infection for at least 14 days after exiting the facility. If symptoms occur, advise them to self-isolate at home, contact their healthcare provider, and immediately notify the facility of the date they were in the facility, the individuals they were in contact with, and the locations within the facility they visited. Facilities should immediately screen the individuals of reported contact, and take all necessary actions based on findings;
To take advantage of resources that have been made available by CDC and CMS to train and prepare staff to improve infection control and prevention practices;
To maintain a person-centered approach to care including communicating effectively with residents, resident representatives and/or their family, and understanding their individual needs and goals of care;
Facilities experiencing an increased number of respiratory illnesses (regardless of suspected etiology) among patients/residents or healthcare personnel to immediately contact their local or state health department for further guidance; and
To monitor the CDC Resources for Health Care Facilities for information and resources and contact their local health department when needed.

Exposure To Citation For Inadequate Supplies During COVID-19 Crisis. The Memo states that as CMS is aware of that there is a scarcity of some supplies in certain areas of the country, State and Federal surveyors should not cite facilities for not having certain supplies (e.g., PPE such as gowns, N95 respirators, surgical masks and ABHR) if they are having difficulty obtaining these supplies for reasons outside of their control. However, the Memo also states that CMS expects expect facilities to take actions to mitigate any resource shortages and show they are taking all appropriate steps to obtain the necessary supplies as soon as possible. For example:

If there is a shortage of ABHR, we expect staff to practice effective hand washing with soap and water. Similarly, if there is a shortage of PPE (e.g., due to supplier(s) shortage which may be a regional or national issue), the facility should contact the local and state public health agency to notify them of the shortage, follow national guidelines for optimizing their current supply, or identify the next best option to care for residents.
If a surveyor believes a facility should be cited for not having or providing the necessary supplies, the state agency should contact the CMS Branch Office.

Facilities also will want to ensure their documented compliance with the following additional direction to facilities:

Review CDC guidance for Infection Prevention and Control Recommendations for Patients with Confirmed Coronavirus Disease 2019;
Increase the availability and accessibility of alcohol-based hand rubs (ABHRs), reinforce strong hand-hygiene practices, tissues, no touch receptacles for disposal, and facemasks at healthcare facility entrances, waiting rooms, resident check-ins, etc.
Ensure ABHR is accessible in all resident-care areas including inside and outside resident rooms.
Increase signage for vigilant infection prevention, such as hand hygiene and cough etiquette.
Properly clean, disinfect and limit sharing of medical equipment between residents and areas of the facility.
Provide additional work supplies to avoid sharing (e.g., pens, pads) and disinfect workplace areas (nurse’s stations, phones, internal radios, etc.).
Take full documented advantage of other available resources for facilities to help improve infection control and prevention including:

Other COVID-19 Relief For Health Care Providers and States

As part of its exercise of its section 1135 waiver authority, CMS also now is encouraging states and territories are now encouraged to assess their needs and request these available flexibilities, which are outlined in the Medicaid and CHIP Disaster Response Toolkit. Examples of flexibilities available to states under section 1135 waivers include the ability to permit out-of-state providers to render services, temporarily suspend certain provider enrollment and revalidation requirements to promote access to care, allow providers to provide care in alternative settings, waive prior authorization requirements, and temporarily suspend certain pre-admission and annual screenings for nursing home residents.

Waivers and Flexibilities for Hospitals and other Healthcare Facilities. CMS has and is temporarily waiving or modifying or modify certain Medicare, Medicaid, and CHIP requirements. CMS will also issue several blanket waivers, listed on the website below, and the CMS Regional Offices will review other provider-specific requests. These waivers provide continued access to care for beneficiaries. For more information on the waivers CMS has granted, see here.

Provider Enrollment Flexibilities. CMS will temporarily suspend certain Medicare enrollment screening requirements including site visits and fingerprinting for non-certified Part B suppliers, physicians and non-physician practitioners. In addition, CMS will allow licensed providers to render services outside their state of enrollment. CMS will also establish a toll-free hotline for providers to enroll and receive temporary Medicare billing privileges.

Flexibility and Relief for State Medicaid Agencies. The national emergency declaration also enables CMS to grant state and territorial Medicaid agencies a wider range of flexibilities under section 1135 waivers. States and territories are now encouraged to assess their needs and request these available flexibilities, which are outlined in the Medicaid and CHIP Disaster Response Toolkit. Examples of flexibilities available to states under section 1135 waivers include the ability to permit out-of-state providers to render services, temporarily suspend certain provider enrollment and revalidation requirements to promote access to care, allow providers to provide care in alternative settings, waive prior authorization requirements, and temporarily suspend certain pre-admission and annual screenings for nursing home residents. For more information and to access the toolkit, see here.

Suspension of Enforcement Activities: CMS will temporarily suspend non-emergency survey inspections, allowing providers to focus on the most current serious health and safety threats, like infectious diseases and abuse. CMS also has announced the temporary suspension of non-emergency survey inspections, allowing providers to focus on the most current serious health and safety threats, like infectious diseases and abuse. As part of this relief, for instance, CMS has suspended nonemergency site inspections at nursing homes and other facilities. See Press Release.
Other Resources. CMS Central Office and the Regional Offices hosted two webinars in 2018 regarding Emergency Preparedness (EP) requirements and provider expectations. One was an all-provider training on June 19, 2018 (over 3,000 providers participated) and the other an all-surveyor training on August 14, 2018. Both presentations covered the EP Final Rule, which included emergency power supply; 1135 waiver process, best practices and lessons learned from past disasters, helpful resources and more. Both webinars are available here.

CMS also compiled a list of Frequently Asked Questions (FAQs) and useful national emergency preparedness resources to assist state survey agencies (SAs), their state, tribal, regional, and local emergency management partners, and healthcare providers to develop effective and robust emergency plans and toolkits to assure compliance with the EP rules. For additional information see the Survey & Certification Group Emergency Preparedness Regulation dated November 2016, Revised June 1, 2017 and associated Emergency Preparedness Checklists.

CMS and other agencies continue to tailor their response to the COVID-19 outbreak. To keep up with the important work the Task Force is doing in response to COVID-19, see www.coronavirus.gov and for CMS specific information, the Current Emergencies Website.

More Information

About the Author

Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years of health industry and other management work, public policy leadership and advocacy, coaching, teachings, and publications. As a significant part of her work, Ms. Stamer has worked extensively on pandemic, business and other crisis planning, preparedness and response for more than 30 years.

Scribe for the ABA JCEB Annual Agency Meeting with OCR, Vice Chair of the ABA International Section Life Sciences Committee, past Chair of the ABA Health Law Section Managed Care & Insurance Interest Group and the ABA RPTE Employee Benefits & Other Compensation Group, Ms. Stamer is most widely recognized for her decades of pragmatic, leading edge work, scholarship and thought leadership on health and other privacy and data security and other health industry legal, public policy and operational concerns. Ms. Stamer’s work throughout her 30 plus year career has focused heavily on working with health care and managed care, health and other employee benefit plan, insurance and financial services and other public and private organizations and their technology, data, and other service providers and advisors domestically and internationally with legal and operational compliance and risk management, performance and workforce management, regulatory and public policy and other legal and operational concerns. As a part of this work, she has continuously and extensively worked with domestic and international health plans, their sponsors, fiduciaries, administrators, and insurers; managed care and insurance organizations; hospitals, health care systems, clinics, skilled nursing, long term care, rehabilitation and other health care providers and facilities; medical staff, accreditation, peer review and quality committees and organizations; billing, utilization management, management services organizations, group purchasing organizations; pharmaceutical, pharmacy, and prescription benefit management and organizations; consultants; investors; EHR, claims, payroll and other technology, billing and reimbursement and other services and product vendors; products and solutions consultants and developers; investors; managed care organizations, self-insured health and other employee benefit plans, their sponsors, fiduciaries, administrators and service providers, insurers and other payers, health industry advocacy and other service providers and groups and other health and managed care industry clients as well as federal and state legislative, regulatory, investigatory and enforcement bodies and agencies.

This involvement encompasses helping health care systems and organizations, group and individual health care providers, health plans and insurers, health IT, life sciences and other health industry clients prevent, investigate, manage and resolve sexual assault, abuse, harassment and other organizational, provider and employee misconduct and other performance and behavior; manage Section 1557, Civil Rights Act and other discrimination and accommodation, and other regulatory, contractual and other compliance; vendors and suppliers; contracting and other terms of participation, medical billing, reimbursement, claims administration and coordination, Medicare, Medicaid, CHIP, Medicare/Medicaid Advantage, ERISA and other payers and other provider-payer relations, contracting, compliance and enforcement; Form 990 and other nonprofit and tax-exemption; fundraising, investors, joint venture, and other business partners; quality and other performance measurement, management, discipline and reporting; physician and other workforce recruiting, performance management, peer review and other investigations and discipline, wage and hour, payroll, gain-sharing and other pay-for performance and other compensation, training, outsourcing and other human resources and workforce matters; board, medical staff and other governance; strategic planning, process and quality improvement; meaningful use, EHR, HIPAA and other technology, data security and breach and other health IT and data; STARK, ant kickback, insurance, and other fraud prevention, investigation, defense and enforcement; audits, investigations, and enforcement actions; trade secrets and other intellectual property; crisis preparedness and response; internal, government and third-party licensure, credentialing, accreditation, HCQIA and other peer review and quality reporting, audits, investigations, enforcement and defense; patient relations and care; internal controls and regulatory compliance; payer-provider, provider-provider, vendor, patient, governmental and community relations; facilities, practice, products and other sales, mergers, acquisitions and other business and commercial transactions; government procurement and contracting; grants; tax-exemption and not-for-profit; privacy and data security; training; risk and change management; regulatory affairs and public policy; process, product and service improvement, development and innovation, and other legal and operational compliance and risk management, government and regulatory affairs and operations concerns. to establish, administer and defend workforce and staffing, quality, and other compliance, risk management and operational practices, policies and actions; comply with requirements; investigate and respond to Board of Medicine, Health, Nursing, Pharmacy, Chiropractic, and other licensing agencies, Department of Aging & Disability, FDA, Drug Enforcement Agency, OCR Privacy and Civil Rights, Department of Labor, IRS, HHS, DOD, FTC, SEC, CDC and other public health, Department of Justice and state attorneys’ general and other federal and state agencies; JCHO and other accreditation and quality organizations; private litigation and other federal and state health care industry actions: regulatory and public policy advocacy; training and discipline; enforcement; and other strategic and operational concerns.

Author of “Privacy and the Pandemic Workshop” for the Association of State and Territorial Health Plans, “From Flu Season to Ebola: Challenges & Best Practices For Containing & Responding To Contagious Diseases for Health Care Organizations,” as well as a multitude of other health industry matters, workforce and health care change and crisis management and other highly regarded publications and presentations, the American Bar Association (ABA) International Section Life Sciences Committee Vice Chair, a Scribe for the ABA Joint Committee on Employee Benefits (JCEB) Annual OCR Agency Meeting and a former Council Representative, Past Chair of the ABA Managed Care & Insurance Interest Group, former Vice President and Executive Director of the North Texas Health Care Compliance Professionals Association, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, and a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her extensive publications and thought leadership as well as leadership involvement in a broad range of other professional and civic organizations. For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

About Solutions Law Press, Inc.™

If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here. ©2020 Cynthia Marcotte Stamer. Limited non-exclusive license to republish granted to Solutions Law Press, Inc.™ All other rights reserved.

Leave a Comment » | Uncategorized | Permalink
Posted by Cynthia Marcotte Stamer

Workplace, School, Commercial Establishment & Business Coronavirus Safety Tips

March 11, 2020

The Centers for Disease Control is sharing the following recommendations to help Americans stay safe during the current pandemic outbreak:

More Information

About Solutions Law Press, Inc.™

Leave a Comment » | Uncategorized | Permalink
Posted by Cynthia Marcotte Stamer

Providers, Patients Still Need To Confirm Coverage Specifics Despite Insurers Agreement To Provide No Deductible Coronavirus Testing & Other Expanded Coverage; Self-Insured Plans Not Covered By Announced Deal

March 11, 2020

Following up on the White House’s announcement yesterday that major health insurers, Medicare and Medicaid would cover medically necessary testing and expand coverage for treatment of 2019 Novel Coronavirus (“coronavirus), without applying deductibles or coinsurance and offer expanded telemedicine and other coverage for coronavirus care, the Internal Revenue Service (“IRS”) today issued guidance giving health plans confirming health plans waiving deductibles won’t violate the Internal Revenue Code health savings account high deductible health plan rules. However many employer or other sponsors of self-insured health plans may need to amend their health plans and take other steps if they want their health plans to provide similar coverage. Meanwhile the Centers for Disease Control (“CDC”) relased updated guidance to help businesses, schools, and other organizations to operate safely during the current outbreak. Consequently providers and patients still must confirm the exact coverage a health plan or insurer providers for treatment.

Coronavirus Testing & Other Health Coverage Health

Major health insurers agreed in a Whitehouse Coronavirus Taskforce meeting yesterday to cover medically necessary testing and extend coverage to medically necessary treatment. The agreement only technically binds Medicare, Medicaid and other government programs and private insurers participating in the meeting. It does not automatically extend coverage or waive deductibles for self-insured employer or union sponsored health plans which provide coverage for an estimated 61 percent of covered U.S. worker and their families. Self-insured plan sponsors wishing to provide similar coverage and waive deductibles generally will need to take specific action to amend their plans and related contracts and communications.

Vice President Pence announced the agreement with insurers yesterday saying among other things:

I’m pleased to report, as you requested, Mr. President, that all the insurance companies here — either today or before today — have agreed to waive all copays on coronavirus testing and extend coverage for coronavirus treatment in all of their benefit plans.
And, at your direction, Medicare and Medicaid, last week, already made it clear to Medicare and Medicaid beneficiaries that coronavirus testing and treatment would be covered. These private insurance carriers have extended that as well.

They’ve also agreed to cover telemedicine so that anyone, particularly among the vulnerable senior population, would not feel it necessary to go to a hospital or go to their doctor. They’ll know that telemedicine is covered.

While the announcement indicates that insurers involved in the meeting plan to expand coverage and waive deductibles, self-insured employer and union sponsored plans aren’t technically covered by the agreement. While many employers sponsoring self-insured health plans will want their health plan to provide similar coverage as part of their risk management response to the coronavirus outbreak. Self-insured plan sponsors and fiduciaries should confirm appropriate plan language is adopted and that their stop loss insurance carriers are on board or other arrangements are made to plan for and cover costs, and that other plan vendors are on board to handle responsibilities.

In the meantime, the widespread lack of understanding among plan members about the distinction between insured and self-insured plans coupled with the breadth of the unqualified announcement by the White House is likely to fuel confusion by covered individuals and their providers. Not only will covered persons and providers need to know whether the program is insured or self-insured, they also will need to confirm how each of these programs implements the expanded coverage.

IRS Guidance Clears Way For High Deductible Health Plans To Raise Deductibles

Employers and health plans wishing to waive deductibles for coronavirus testing will not have to worry that waiving the deductible will violate IRS high deductible health plan (“HDHP”) rules, however. Earlier today, the IRS provided relief allowing high deductible health plans to pay these expenses without disqualifying their programs for high deductible health plan treatment under the Code in Notice 2020-15. The Notice provides that, until further guidance is issued, a health plan that otherwise satisfies the requirements to be a HDHP under Code section 223(c)(2)(A) will not fail to be an HDHP under section 223(c)(2)(A) merely because the health plan provides health benefits associated with testing for and treatment of COVID-19 without a deductible, or with a deductible below the minimum deductible (self only or family) for an HDHP. Also due to this guidance, an individual covered by the HDHP will not be disqualified from being an eligible individual under section 223(c)(1) who may make tax-favored contributions to a health savings account (HSA).

CDC Resources Provide Guidance On Safe Operation Through Outbreak

Along with the heath plan developments, many employer and other busines and community leaders are confronting how to deal d new resources today to help businesses, schools and others keep their people and locations safe at here.

Business & Other Disruptions Response

Along with dealing with the threat of the disease itself, the efforts to manage the disease outbreak, many businesses also are forced to deal with demand losses, supply and business interruptions, staffing shortages, unanticipated expenses and a wide range of other operational and financial disruptions that are side effects of the outbreak and its management.

The outbreak has and continues to prompt the cancellation of a plethora of business, trade, government, school, and sports and entertainment events. Notable for its involvement in heath care and related insurance matters, the National Association of Insurance Commissioners (“NAIC”)is one of a growing number of event sponsors that are allowing workers to work from home, are cancelling or banning participation in live meetings and other events and/or are converting from live to virtual formats in response to the outbreak. Trade and business associations, entertainment and sports and otehr venures also are impacted. For instance, the NAIC announced its decision to move its meetings to a purely virtual format today. According to the announcement, the National Spring Meeting that had been scheduled to take place in Phoenix next week is cancelled. Instead, the NAIC announced the following tentative schedule:

The public portion of the NAIC’s special session on state responses to COVID-19 will be held on March 20, 2020, starting at 11 AM ET via virtual meeting.
Working groups, subgroups and other meetings will be held via conference calls March 16-31, 2020.
Task force meetings will be held via conference calls April 1-10, 2020.
Executive Committee and letter committees will be held via conference calls the week of April 13, 2020.
EX/Plenary will meet via public conference call on April 20, 2020.

A revised schedule with dates, times and call-in numbers will be available on Naic.org next week.

Concerning the reasons for its decision, the NAIC explained:

Recently, the number of confirmed cases of COVID-19 has exceeded 100,000 worldwide, including over 1000 confirmed U.S. cases in 36 jurisdictions. Given rapidly changing information and out of an abundance of caution for the safety of our members, guests and staff, the NAIC officers, in consultation with NAIC members, have decided to hold the Spring National Meeting in a virtual-only format.

The NAIC is only one of a multitude of events cancelled or converted to a virtual format in the wake of fears of the coronavirus outbreak as US officials try to stem the spread of the virus. See e.g., Coronavirus updates in Texas: Community spread, school cancellations and more; Colleges and Universities Cancel Classes and Move Online Amid Coronavirus Fears; Coronavirus and sports: Seattle Mariners will move their home games, Golden State Warriors will play without fans and CBI is canceled.

The financial consequences of staffing or supply shortages, declines in product or services demands, event cancellations, cleaning and other costs and a host of other side effects present such a widespread risk to many businesses that many are facing layoffs or even banktuptcy. While President Trump and other federal and state leaders are promising employment tax holidays and other relief to try to mitigate some of these financial effects, businesses impacted by these disruptions should begin assessing and planning to execute options to mitigate losses and manage these risks as soon as possible to maximize their potential ability to take advantage of options to restructure debt or contractual obligations, adjust workforce staffing, and make other adjustments successfully to weather the pandemic storm and fallout. When considering these options, businesses will want to understand the relative complete costs of reductions in hours, furloughs, contractual adjustments and other options to make and execute their choices as well as possible.

More Information

About the Author

Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years of health industry and other management work, public policy leadership and advocacy, coaching, teachings, and publications. As a significant part of her work, Ms. Stamer has worked extensively on pandemic, business and other crisis planning, preparedness and response for more than 30 years.

Author of “Privacy and the Pandemic Workshop” for the Association of State and Territorial Health Plans, as well as a multitude of other health industry matters, workforce and health care change and crisis management and other highly regarded publications and presentations, the American Bar Association (ABA) International Section Life Sciences Committee Vice Chair, a Scribe for the ABA Joint Committee on Employee Benefits (JCEB) Annual OCR Agency Meeting and a former Council Representative, Past Chair of the ABA Managed Care & Insurance Interest Group, former Vice President and Executive Director of the North Texas Health Care Compliance Professionals Association, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, and a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her extensive publications and thought leadership as well as leadership involvement in a broad range of other professional and civic organizations. For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

About Solutions Law Press, Inc.™

IMPORTANT NOTICE ABOUT THIS COMMUNICATION

Leave a Comment » | Coronavirus, Disease Management, Employer, Health Care, Pandemic, Uncategorized | Permalink
Posted by Cynthia Marcotte Stamer

Gastroenterology Practices Pays $100K For HIPAA Noncompliance

March 3, 2020

The $100,000 settlement payment the medical practice of Steven A. Porter, M.D., has agreed to pay $100,000 to the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services to settle a potential violation of the Health Insurance Portability and Accountability Act (HIPAA) Security Rule Serves as a warning to other physicians and healthcare providers that they too could pay big bucks for failing to comply with HIPAA. The resolution agreement and corrective action plan may be found here.

Dr. Porter’s medical practice provides gastroenterological services to over 3,000 patients per year in Ogden, Utah.

OCR began investigating Dr. Porter’s medical practice after it filed a breach report with OCR related to a dispute with a business associate. OCR’s investigation determined that Dr. Porter had never conducted a risk analysis at the time of the breach report, and despite significant technical assistance throughout the investigation, had failed to complete an accurate and thorough risk analysis after the breach and failed to implement security measures sufficient to reduce risks and vulnerabilities to a reasonable and appropriate level.

Many physician and other small healthcare providers underestimate their responsibilities or their exposure for noncompliance. Many have never conducted the necessary risk analysis or initially adopted the requisite policies and procedures to comply. Furthermore, practices relying upon outsourced management or compliance services for their HIPAA compliance need to ensure that they have appropriate business associates agreements with those and all other service providers. While OCR typically takes into account efforts to obtain services as evidence of a culture of compliance, when breaches happen in the practice or at the business associate, A physician or other healthcare provider can expect OCR to investigate their compliance and potentially their culpability for the breach. physicians and other healthcare providers also should not assume that their engagement of a service HIPAA to comply with or provide HIPAA compliant services equates to making that service provider accountable for the quality in adequacy of the services.Typically service providers and consultants limit their liability contractually and otherwise when providing these services, often do not have adequate compliance themselves, or both. Licensing agreements and other services contracts typically include various provisions excusing or limiting the service provider from liability for deficiencies in compliance resulting from inadequacies in their procedures, operational noncompliance or both. In some instances, business associates may include provisions in their business associate agreement or other related agreements that actually obligate the healthcare provider to defend and indemnify the service provider for breaches and other liabilities arising out of HIPAA noncompliance. Since the cost of investigating and defending an alleged complaint can be very expensive even if no penalties are sought by OCR, most physicians and other healthcare providers should explore the availability of insurance coverage to help protect against these expenses.

“All health care providers, large and small, need to take their HIPAA obligations seriously,” said OCR Director Roger Severino. “The failure to implement basic HIPAA requirements, such as an accurate and thorough risk analysis and risk management plan, continues to be an unacceptable and disturbing trend within the health care industry.”

In addition to the monetary settlement, Dr. Porter will undertake a corrective action plan that includes two years of monitoring.

Physicians and other healthcare providers need to keep in mind that OCR penalties are not the only risk of HIPAA violations. Noncompliance with these requirements also commonly gives rise to licensing board, peer review, and other professional, employment or contractual consequences as well as negative publicity.

The resolution agreement demonstrates OCR requires physicians shouldn’t expect OCR to look the other way when they violate HIPAA. Given the potential professional and monetary liability risk that result from complaints and violations, physicians and other healthcare Should consult with qualified legal counsel for assistance with assessing the adequacy of their current clients within the scope of attorney-client privilege. Additionally, in the event of a complaint or threaten complaint, physicians and other healthcare providers should take appropriate steps to conduct a documentary investigation. As discussions and activities conducted in association with such investigations can involve sensitive communications and information, it also is advisable to consult with legal counsel at the beginning of an issue to determine whether the investigation or other activities should be conducted within the scope of attorney-client privilege so as to minimize exposure of sensitive communications as admissions or another discoverable evidence for administrative or litigation proceedings.

More Information

About the Author

Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years of health industry and other management work, public policy leadership and advocacy, coaching, teachings, and publications.

Author of leading works on HIPAA and a multitude of other health care, health plan and other health industry matters, the American Bar Association (ABA) International Section Life Sciences Committee Vice Chair, a Scribe for the ABA Joint Committee on Employee Benefits (JCEB) Annual OCR Agency Meeting and a former Council Representative, Past Chair of the ABA Managed Care & Insurance Interest Group, former Vice President and Executive Director of the North Texas Health Care Compliance Professionals Association, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, and a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her extensive publications and thought leadership as well as leadership involvement in a broad range of other professional and civic organizations. For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

About Solutions Law Press, Inc.™

Leave a Comment » | ambulance, ASC, data security, Direct Primary Care, Doctor, drug treatment, Durable Medical Equipment, E-Prescribing, Electronic Health Records, Electronic Medical Records, Emergency Care, FACTA, Federal Health Center, Genetic Information, GINA, Health Care Fraud, Health Care Provider, Health IT, HHS, HIPAA, HIPAA Cyber Crime, HITECH Act, Home Health, home health, Hospice, Hospital, hospitals, Licensing, long-term care, Medical Privacy, Medical Records, OCR, participating provider, Pharmacy, Physician, Physician Licensing, Privacy, Substance Abuse, Uncategorized | Permalink
Posted by Cynthia Marcotte Stamer

COVID-19 Telehealth Relief; CMS ESRD, General Practitioner Telehealth Toolkits Released

OCR Grants HIPAA Telemedicine Relief During COVID-19 Crisis

CMS COVID-19 Nursing Home Safety Guidance

Workplace, School, Commercial Establishment & Business Coronavirus Safety Tips

More Information

Providers, Patients Still Need To Confirm Coverage Specifics Despite Insurers Agreement To Provide No Deductible Coronavirus Testing & Other Expanded Coverage; Self-Insured Plans Not Covered By Announced Deal

Coronavirus Testing & Other Health Coverage Health

IRS Guidance Clears Way For High Deductible Health Plans To Raise Deductibles

CDC Resources Provide Guidance On Safe Operation Through Outbreak

Business & Other Disruptions Response

More Information

About the Author

About Solutions Law Press, Inc.™

Gastroenterology Practices Pays $100K For HIPAA Noncompliance

Recent Posts

Archives

About Cynthia Marcotte Stamer

Share this blog

Archives

Solutions Law Press Health Care Update

COVID-19 Telehealth Relief; CMS ESRD, General Practitioner Telehealth Toolkits Released

Share this:

Like this:

OCR Grants HIPAA Telemedicine Relief During COVID-19 Crisis

Share this:

Like this:

CMS COVID-19 Nursing Home Safety Guidance

Share this:

Like this:

Workplace, School, Commercial Establishment & Business Coronavirus Safety Tips

More Information

Share this:

Like this:

Providers, Patients Still Need To Confirm Coverage Specifics Despite Insurers Agreement To Provide No Deductible Coronavirus Testing & Other Expanded Coverage; Self-Insured Plans Not Covered By Announced Deal

Coronavirus Testing & Other Health Coverage Health

IRS Guidance Clears Way For High Deductible Health Plans To Raise Deductibles

CDC Resources Provide Guidance On Safe Operation Through Outbreak

Business & Other Disruptions Response

More Information

About the Author

About Solutions Law Press, Inc.™

Share this:

Like this:

Gastroenterology Practices Pays $100K For HIPAA Noncompliance

Share this:

Like this:

Recent Posts

Archives

About Cynthia Marcotte Stamer

Share this blog

Archives

Solutions Law Press Health Care Update