Doctor |

Sibley Hospital & Johns Hopkins Health System Pay $5 Million To Settle Stark Violations

April 19, 2023

Sibley Hospital (“Sibley”) and its parent company, Johns Hopkins Health System (“Johns Hopkins”) will pay the United States $5 million to resolve Physician Self-Referral Law, (commonly known as the “Stark Law”) allegations arising from claims that Sibley submitted to the Medicare Program, the Justice Department announced today.

The Stark Law prohibits a hospital from billing Medicare for certain services referred by physicians with whom the hospital has a financial relationship, unless that relationship satisfies one of the law’s statutory or regulatory exceptions. It is intended to ensure that medical decision-making is not influenced by improper financial incentives and instead is based on the best interests of the patient.

The new settlement resolves allegations that, from 2008 through 2011, Sibley violated the Stark Law by billing Medicare for services referred by ten cardiologists to whom Sibley was paying compensation that exceeded the fair market value of the services provided. These allegations arose out of conduct that Sibley and Johns Hopkins self-disclosed to the United States.

“Improper financial arrangements between hospitals and physicians can influence the type and amount of health care that is provided,” said Principal Deputy Assistant Attorney General Brian M. Boynton, head of the Justice Department’s Civil Division. “The department is committed to holding accountable those who violate prohibitions designed to protect the integrity of physician decision-making.”

The high dollar settlement reminds other health care providers to ensure their own relationships with other health care providers comply with Stark, anti-kickback and other federal and state health care fraud laws.

More Information

We hope this update is helpful. For more information about these or other health or other legal, management or public policy developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.

Solutions Law Press, Inc. invites you to receive future updates by registering on our Solutions Law Press, Inc. Website and participating and contributing to the discussions in our Solutions Law Press, Inc. LinkedIn SLP Health Care Risk Management & Operations Group, HR & Benefits Update Compliance Group, and/or Coalition for Responsible Health Care Policy.

About the Author

A Fellow in the American College of Employee Benefit Counsel, Chair of the American Bar Association (“ABA”) International Section Life Sciences and Health Committee, Chair-Elect of the ABA TIPS Section Medicine & Law Committee, Past Chair of the ABA Managed Care & Insurance Interest Group, Scribe for the ABA JCEB Annual Agency Meeting with HHS-OCR, past chair of the ABA RPTE Employee Benefits & Other Compensation Group and current co-Chair of its Welfare Benefit Committee, Ms. Stamer is most widely recognized for her decades of pragmatic, leading-edge work, scholarship and thought leadership on health and managed care and employer benefits legal, public policy and operational concerns in the healthcare, employer benefits, and insurance and financial services industries. She speaks and publishes extensively on HIPAA and other related compliance issues.

Ms. Stamer’s work throughout her career has focused heavily on working with health care and managed care, health and other employee benefit plan, insurance and financial services and other public and private organizations and their technology, data, and other service providers and advisors domestically and internationally with legal and operational compliance and risk management, performance and workforce management, regulatory and public policy and other legal and operational concerns.

For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested in reviewing some of our other Solutions Law Press, Inc.™ resources available here such as:

IMPORTANT NOTICE ABOUT THIS COMMUNICATION

NOTICE: These statements and materials are for general informational and educational purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstances at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author and Solutions Law Press, Inc.™ reserve the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules make it highly likely that subsequent developments could impact the currency and completeness of this discussion. The author and Solutions Law Press, Inc.™ disclaim, and have no responsibility to provide any update or otherwise notify anyone of any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication. Readers acknowledge and agree to the conditions of this Notice as a condition of their access to this publication.

Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.

Leave a Comment » | Academic medicine, Anti-KickBack, ASC, billing, Child Care, Childcare, Childrens Health Insurance Program, Conditions of Participation, Corporate Compliance, DME, Doctor, E-Prescribing, false claims act, Grants, Health Care, Health Care Finance, Health Care Fraud, Health Care Provider, home health, Hospital, Laws, Life Sciences, Medicaid, Medicare, Medicare Advantage, OIG, pharmaceutical, Prescription Drugs | Permalink
Posted by Cynthia Marcotte Stamer

4/21 Deadline For Comments On Proposed HIPAA Administrative Simplification Adoption of Standards for Health Care Attachments Transactions and Electronic Signatures, and Modification To Referral Certification and Authorization Transaction Standard

April 19, 2023

April 21 is the deadline to comment on the Centers for Medicare & Medicaid Services (CMS) National Standards Group (NSG) proposed rule that, if finalized, would adopt standards for “health care attachments” transactions, a standard for electronic signatures to be used in conjunction with health care attachments transactions, and a modification to the standard for the referral certification and authorization transaction (X12 278) published last December.

The April 21, 2023 deadline reflects a 30-day extension from the original deadline date of March 21, 2023. Comments must be received no later than 5 p.m. on April 21.

More Information

About the Author

For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

About Solutions Law Press, Inc.™

IMPORTANT NOTICE ABOUT THIS COMMUNICATION

Prepare To Handle Justice Department Marijuana Pardon Certificates From Applicant

March 5, 2023

Healthcare and other businesses that disqualify applicants from employment based on past Marijuanna convictions need to prepare to respond to applicants presenting certificates of pardon of their prior federal conviction of simple Marijuanna conviction received under President Biden’s October 6, 2023 Presidential Proclamation on Marijuana Possession.

Biden Marijuanna Pardons

The Proclamation provided a blanket pardon for all prior federal and D.C. (but not state) offenses of simple possession of marijuana.

Those who were pardoned on October 6, 2022, are eligible for a certificate of pardon. Consistent with the proclamation, to be eligible for a certificate, an applicant must have been charged or convicted of simple possession of marijuana in either a federal court or D.C. Superior Court, and the applicant must have been lawfully within the United States at the time of the offense. Similarly, an individual must have been a U.S. citizen or lawful permanent resident on October 6, 2022. Those convicted of state marijuana offenses do not qualify for the pardon.

On March 3, 2023, the Justice Department announced the application process for issuing certificates of the pardons to pardoned individuals. This process allows pardoned individuals to get prof of their pardons to present to employers and others. Consequently health care and other businesses should prepare to respond to applicants presenting these certificates.

When he made the pardon proclamation, President Biden directed the Justice Department to develop a process for individuals to receive their certificate of pardon. On March 3, 2023, the Justice Department issued an application for eligible individuals to receive certificate of proof that they were pardoned under the Oct. 6, 2022, proclamation by President Biden.

The online application available on the Office of the Pardon Attorney’s website: Application for Certificate of Pardon allows eligible persons to submit documentation to the Office of the Pardon Attorney and receive a certificate indicating the person was pardoned on October 6, 2022, for simple possession of marijuana.

President Biden said when making his proclamation he intended the pardons to “help relieve the consequences arising from these convictions.” The President’s pardon, effective Oct. 6, 2022, may assist pardoned persons by removing civil or legal disabilities such as restrictions on the right to vote, to hold office or to sit on a jury that are imposed because of the pardoned conviction. Proofs of pardon also may help those pardoned to obtain licenses, bonding or employment.

Potential Employer Challenges

The pardons are likely to create concerns for health care and other employers who currently disqualify applicants from eligibility for employment based on drug related criminal conditions where the employer remains subject to statutory, regulatory, contractual or other requirements prohibiting employment of workers with prior or current history of drug offenses or use.

As a starting point, employers should carefully review their own existing policies as well as any statutory, regulatory contractual requirements applicable to their workforce to assess the implications of the pardons on the employment eligibility of a pardoned worker. Ambiguities are likely to arise under many policies, particularly where a hugyirunof drug use or possession is disqualifying without a requirement of a conviction.

Employers contemplating continuing to disqualify pardoned applicants for safety or other reasons probably should seek the advice of legal counsel. Some pardoned applicants might argue an employer’s reliance on a pardoned criminal drug conviction constitutes prohibited discrimination based on a history of prior drug dependence that violates the Americans With Disabilities Act or other discrimination laws. Statements made by President Biden and others within the Administration suggest the Equal Employmrnt Opportunity omission might support these or similar arguments in furtherance of promotion if President Biden’s policy of facilitating opportunities for employment for individuals recovering from substance abuse.

Employers also may struggle with equity questions raised by the pardoning of federal convicts but not those with state convictions.

Employers should monitor Equal Employment Opportunities Commission and other guidance and seek advice of experienced legal counsel to develop and administer hiring policies to mitigate potential exposures.

More Information

We hope this update is helpful. For more information about the these or other health or other legal, management or public policy developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.

Solutions Law Press, Inc. invites you receive future updates by registering on our Solutions Law Press, Inc. Website and participating and contributing to the discussions in our Solutions Law Press, Inc. LinkedIn SLP Health Care Risk Management & Operations Group, HR & Benefits Update Compliance Group, and/or Coalition for Responsible Health Care Policy.

About the Author

A Fellow in the American College of Employee Benefit Counsel, Vice Chair of the American Bar Association (“ABA”) International Section Life Sciences and Health Committee, Past Chair of the ABA Managed Care & Insurance Interest Group, Scribe for the ABA JCEB Annual Agency Meeting with HHS-OCR, past chair of the ABA RPTE Employee Benefits & Other Compensation Group and current co-Chair of its Welfare Benefit Committee, Ms. Stamer’s work throughout her 35 year career has focused heavily on working with health care and managed care, health and other employee benefit plan, insurance and financial services and other public and private organizations and their technology, data, and other service providers and advisors domestically and internationally with legal and operational compliance and risk management, performance and workforce management, regulatory and public policy and other legal and operational concerns. As an ongoing component of this work, she regularly advises, represents and defends businesses on Guideline Program and other compliance, risk management and other internal and external controls in a wide range of areas and has published and spoken extensively on these concerns.

Ms. Stamer also is widely recognized for her decades of pragmatic, leading edge work, scholarship and thought leadership on workforce, compensation, and other operations, risk management, compliance and regulatory and public affairs concerns.

For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here.

IMPORTANT NOTICE ABOUT THIS COMMUNICATION

NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author and Solutions Law Press, Inc.™ reserve the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving, and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The author and Solutions Law Press, Inc.™ disclaim, and have no responsibility to provide any update or otherwise notify anyone any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication. Readers acknowledge and agree to the conditions of this Notice as a condition of their access of this publication.

Leave a Comment » | Civil Rights, Controlled Substances, Corporate Compliance, Credentialing, Doctor, drug treatment, Employer, Employment law, Health Care, Marijuanna, Medical Licensure, Physician Licensing | Permalink
Posted by Cynthia Marcotte Stamer

Banner Health Pays $1.25 Million To Settle Cybersecurity Breach Impacting Nearly 3 Million Individuals

February 3, 2023

Phoenix-based nonprofit health system Banner Health and its affiliates (“Banner Health”) paid $1.25 million and agreed to take corrective actions to resolve its exposure to potentially much greater Health Insurance Portability and Accountability Act (HIPAA) Security Rule civil monetary penalty exposure for a 2016 cyber hacking breach that compromised the personal health information of 2.81 million consumers. OCR used its February 2 announcement of the Banner Health settlement to warn health care providers, health plans, health care clearinghouses (“covered entities”) and business associates covered by HIPAA to guard their own systems containing protected health information against breach by cyber hacking.

Banner Health Settlement

Banner Health is one of the largest non-profit health systems in the country, with over 50,000 employees and operating in six states. Banner Health is the largest employer in Arizona and one of the largest in northern Colorado.

In November 2016, OCR initiated an investigation of Banner Health following the receipt of a breach report stating that a threat actor had gained unauthorized access to electronic protected health information, potentially affecting millions. The hacker accessed protected health information that included patient names, physician names, dates of birth, addresses, Social Security numbers, clinical details, dates of service, claims information, lab results, medications, diagnoses and conditions, and health insurance information.

OCR’s investigation found evidence of long-term, pervasive noncompliance with the HIPAA Security Rule across Banner Health’s organization, a serious concern given the size of this covered entity. Organizations must be proactive in their efforts to regularly monitor system activity for hacking incidents and have measures in place to sufficiently safeguard patient information from risk across their entire network.

The potential violations OCR identified specifically included:

A lack of an analysis to determine risks and vulnerabilities of electronic protected health information across the organization;
Insufficient monitoring of its health information systems’ activity to protect against a cyber-attack;
Failure to implement an authentication process to safeguard its electronic protected health information; and
Failure to have security measures in place to protect electronic protected health information from unauthorized access when it was being transmitted electronically.

Under the Resolution Agreement and Corrective Action Plan negotiated to resolve these potential violations, Banner Health paid $1,250,000 to OCR. Banner Health also agreed to implement a corrective action plan, which identifies steps Banner Health will take to resolve these potential violations of the HIPAA Security Rule and protect the security of electronic patient health information that will be monitored for two years by OCR to ensure compliance with the HIPAA Security Rule. Under the corrective action plan, Banner has agreed to take the following steps:

Conduct an accurate and thorough risk analysis to determine risks and vulnerabilities to electronic patient/system data across the organization
Develop and implement a risk management plan to address identified risks and vulnerabilities to the confidentiality, integrity, and availability of ePHI
Develop, implement, and distribute policies and procedures for a risk analysis and risk management plan, the regular review of activity within their information systems, an authentication process to provide safeguards to data and records, and security measures to protect electronic protected health information from unauthorized access when it is being transmitted electronically, and
Report to HHS within thirty (30) days when workforce members fail to comply with the HIPAA Security Rule.

OCR Warns Other HIPAA-Covered Entities

In the health care sector, hacking is now the greatest threat to the privacy and security of protected health information. OCR’s announcement of the settlement reports 74 percent (74%) of the breaches reported to OCR in 2021 involved hacking/IT incidents.

The announcement also notes OCR offers an array of resources to help health care organizations bolster their cybersecurity posture and comply with the HIPAA Rules,

The settlement and OCR’s announcement warn other covered entities and business associates to use these and other necessary resources to protect their systems with protected health information from cyber hacking and other breaches.

In conjunction with reminding other covered entities of these resources, the settlement announcement quotes OCR Director Melanie Fontes Rainer as a warning, “Hackers continue to threaten the privacy and security of patient information held by health care organizations, including our nation’s hospitals, … It is imperative that hospitals and other covered entities and business associates be vigilant in taking robust steps to protect their systems, data, and records, and this begins with understanding their risks, and taking action to prevent, respond to and combat such cyber-attacks. … Cyber security is on all of us, and we must take steps to protect our health care systems from these attacks.”

OCR’s enforcement record confirms these are not idyl threats. Breaches of the Security or Breach Notification Rules often result in significant civil monetary penalty assessments or negotiated settlements to mitigate civil liability exposures arising out of such breaches. See e.g., Clinical Laboratory Pays $25,000 To Settle Potential HIPAA Security Rule Violations (May 25, 2021); Health Insurer Pays $5.1 Million to Settle Data Breach Affecting Over 9.3 Million People (January 15, 2021); Aetna Pays $1,000,000 to Settle Three HIPAA Breaches(October 28, 2020); Health Insurer Pays $6.85 Million to Settle Data Breach Affecting Over 10.4 Million People (September 25, 2020); HIPAA Business Associate Pays $2.3 Million to Settle Breach Affecting Protected Health Information of Over 6 million Individual – (September 23, 2020); Lifespan Pays $1,040,000 to OCR to Settle Unencrypted Stolen Laptop Breach (July 27, 2020); Small Health Care Provider Fails to Implement Multiple HIPAA Security Rule Requirements (July 23, 2020).

Alerts issued by OCR regarding heightened security risks in recent months and a growing tide of highly publicized breaches send a strong warning to other covered entities and their business associates to reconfirm the adequacy of their own HIPAA privacy, security, breach notification and other procedures and protections by among other things:

Reviewing and monitoring on a documented, ongoing basis the adequacy and susceptibilities of existing practices, policies, safeguards of their own organizations, as well as their business associates and their vendors within the scope of attorney-client privilege taking into consideration data available from OCR, data regarding known or potential susceptibilities within their own operations as well as in the media, and other developments to determine if additional steps are necessary or advisable.
Updating policies, privacy and other notices, practices, procedures, training and other practices as needed to promote compliance and defensibility.
Renegotiating and enhancing service provider agreements to detail the specific compliance, audit, oversight and reporting rights, workforce and vendor credentialing and access control, indemnification, insurance, cooperation and other rights and responsibilities of all entities and individuals that use, access or disclose, or provide systems, software or other services or tools that could impact on security; to clarify the respective rights, procedures and responsibilities of each party in regards to compliance audits, investigation, breach reporting, and mitigation; and other relevant matters.
Verifying and tightening technological and other tracking, documentation and safeguards and controls to the use, access and disclosure of protected health information and systems.
Conducting well-documented training as necessary to ensure that members of the workforce of each covered entity and business associate understand and are prepared to comply with the expanded requirements of HIPAA, understand their responsibilities and appropriate procedures for reporting and investigating potential breaches or other compliance concerns, and understand as well as are prepared to follow appropriate procedures for reporting and responding to suspected
violations or other indicia of potential security concerns.
Tracking and reviewing on a systemized, well-documented basis actual and near-miss security threats to evaluate, document decision-making and make timely adjustments to policies, practices, training, safeguards and other compliance components as necessary to identify and resolve risks.
Establishing and providing well-documented monitoring of compliance that includes board-level oversight and reporting at least quarterly and sooner in response to potential threat indicators.
Establishing and providing well-documented timely investigation and redress of reported
violations or other compliance concerns.
Establishing contingency plans for responding in the event of a breach.
Establishing a well-documented process for monitoring and updating policies, practices and other efforts in response to changes in risks, practices and requirements.
Preparing and maintaining a well-documented record of compliance, risk, investigation and other security activities.
Pursuing other appropriate strategies to enhance the covered entity’s ability to demonstrate its compliance commitment both on paper and in operation.

Because of susceptibilities in systems, software and other vendors of business associates, suppliers and other third parties, covered entities and their business associates should use care to assess and manage business associate and other vendor-associated risks and compliance as well as tighten business associate and other service agreements to promote the improved cooperation, coordination, management and oversight required to comply with the new breach notification and other HIPAA requirements by specifically mapping out these details.

Beyond these HIPAA exposures, breaches and other HIPAA noncompliance carries other liability risks. Leaders of covered entities or their business associates also are cautioned that while HIPAA itself does not generally create any private right of action for victims of breach under HIPAA, breaches may create substantial liability for their organizations or increasingly, organizational leaders. For instance, the Department of Health & Human Services has warned health care providers participating in Medicare or other federal programs and Medicare Advantage health plans that HIPAA compliance is a program term of participation.

Health care providers and health insurers can face liability under state data privacy and breach, negligence or other statutory or common laws. In addition, physicians and other licensed parties may face professional discipline or other professional liability for breaches violating statutory or ethical standards.

Health plans also face a myriad of other exposures from failing to use appropriate cyber safeguards. Plan fiduciaries of employment-based health plans covered by the Employee Retirement Income Security Act (“ERISA”) risk liability under ERISA’s fiduciary responsibility rules. The Department of Labor Employee Benefit Security Administration (“EBSA”) now audits the adequacy of the cybersecurity and other HIPAA compliance of health plans and their third-party administrators and other business associates as part of EBSA’s oversight and enforcement of ERISA. Department of Labor Assistant Secretary for EBSA Lisa Gomez confirmed audit and enforcement of cybersecurity obligations is a key priority in EBSA’s current work plan in her February 4, 2023 comments to the American Bar Association.

Meanwhile, the Securities and Exchange Commission has indicated that it plans to pursue enforcement against leaders of public health care or other public companies that fail to use appropriate care to ensure their organizations comply with privacy and data security obligations.

Furthermore, appropriate cyber security practices also may be advisable elements for organizations to include in their Federal Sentencing Guideline Compliance Programs to mitigate potential organization liability risks under federal electronic crime and related laws.

In the face of these risks and warnings, all covered entities and their business associates should reassess and confirm the adequacy of their and their business associates’ cyber security defenses and breach response preparations.

More Information

About the Author

For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

About Solutions Law Press, Inc.™

IMPORTANT NOTICE ABOUT THIS COMMUNICATION

Leave a Comment » | Cyber crime, data breach, data security, DME, Doctor, Employer, ERISA, Federal Sentencing Guidelines, Health Care Finance, Health Care Provider, Health Insurance, Health IT, Health Plan, Health Plans, HHS, HIPAA, HIPAA Cyber Crime, HITECH Act, home health, Hospice, Hospital, hospitals, Licensing, Meaningful Use, Medicaid, Medicaid Advantage, Medical Licensure, Medical Malpractice, Medical Privacy, Medical Records, Medicare, Medicare Advantage, OCR, Peer Review, Physician Licensing, retaliation, Technology, Telemedicine, Whistleblower | Tagged: ARRA, Breach Notification, CMS, Compliance, Corporate Compliance, Data Breach, Data Security, Doctor, DOJ, EHR, Electronic Health Records, Employer, false claims act, Federal Sentencing Guidelines, Health Care, Health Care Compliance, Health Care Fraud, Health Care Provider, Health Care Reimbursement, Health Insurance, Health IT, Health Plan, Health Plans, HHS, HIPAA, HIPAA Privacy, HITECH Act, Hospital, Hospitals, licensure, Medicaid, Medical Privacy, Medicare, OCR, Office of Civil Rights, OIG, PHI, Physician, Physicians, Privacy, Protected Health Information | Permalink
Posted by Cynthia Marcotte Stamer

Lab Nailed For HIPAA Right Of Access Violation; Other Covered Entities Warned

January 3, 2023

A medical laboratory is the latest health care provider nailed under the U.S. Department of Health and Human Services Office for Civil Rights (OCR) Right of Access Initiative for violating the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule’s right of access requirements.

OCR announced the 43rd access rule settlement with Life Hope Labs, LLC (“Life Hope Labs”), a full-service diagnostic laboratory in Sandy Springs, Georgia Tuesday.

In August 2021, a complaint was filed with OCR alleging that Life Hope Labs would not provide a personal representative with a copy of her deceased father’s medical records. The personal representative first requested access to her father’s records on July 7, 2021, but did not receive them until February 16, 2022, over seven months later. OCR’s investigation determined that Life Hope Labs’ failure to provide timely access to the requested medical records was a potential violation of the HIPAA right of access provision.

The access rule requires that patients be able to access their health information in a timely manner.

In its Resolution Agreement, Life Hope Labs agreed to pay $16,500 to resolve this investigation. In addition to the monetary settlement, Life Hope Labs also agreed to implement a corrective action plan that includes two years of monitoring by OCR.

In announcing its filing of the settlement, OCR warned other labs and health care providers to ensure their right of access compliance.

“Access to medical records, including lab results, empowers patients to better manage their health, communicate with their treatment teams, and adhere to their treatment plans. The HIPAA Privacy Rule gives individuals and personal representatives a right to timely access their medical records from all covered entities, including laboratories,” said OCR Director Melanie Fontes Rainer in OCR’s announcement of the settlement. “Laboratories covered by HIPAA must follow the law and ensure that they are responding timely to records access requests.”

More Information

About the Author

For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

About Solutions Law Press, Inc.™

IMPORTANT NOTICE ABOUT THIS COMMUNICATION

Leave a Comment » | ambulance, DME, Doctor, drug treatment, Electronic Health Records, Emergency Care, EMTALA, English as A Second Language, Health Care, Health Care, Health IT, Health Plan, Health Plans, HIPAA, home health, Hospice, Hospital, Hospital, hospitals, Indian Health, medical devices, Pharmaceudical, Pharmacy, Physician, Privacy | Permalink
Posted by Cynthia Marcotte Stamer

Chiropractor, Modern Vascular Office-Based Labs and Modern Vascular Corporate Entities Face False Claims Act Prosecution

December 19, 2022

Three consolidated False Claims Act (“FCA”) lawsuits against chiropractor Yury Gampel (“Gampel”), 15 Modern Vascular office-based labs owned primarily by Gampel located across the United States, and five Modern Vascular-affiliated companies owned by Gampel alert other chiropractic, physician and other medical providers using office-based labs send a clear warning to other health care providers and suppliers for services covered or billed to Medicare, Medicaid, TRICARE or other federal health care programs about the necessity to ensure their arrangements don’t involve illegal financial relationships or transactions.

False Claims Act Liability Arising From Participation In Or Filing Claims Involving Improper Inducements

The Justice Department suit against the defendants alleges the defendants both arose from the defendants participation in arrangements involving the offering and payment of illegal remuneration in violation of the federal Anti-Kickback Statute (“AKS”) and that the claims for benefits made to Medicare and other federal programs for care provided involving the arrangement violated the FCA.

The AKS generally prohibits any person or entity from soliciting, receiving, offering, or paying any direct or indirect prohibited remuneration as an inducement or reward for referring, recommending, ordering, or arranging for the purchase of any item or service for which payment may be made in whole or in part by a federal health care program. Parties violating the AKS commit a felony punishable with a fine of up to $100,000, imprisonment for up to 10 years or both.

In addition to any criminal liability arising under the AKS, filing claims derived or involving transactions prohibited by the AKS also can trigger liability for violation of the FCA. The FCA makes it unlawful for any person to submit, directly or indirectly, false or fraudulent claims for payment to the Government by among other things:

Knowingly presenting, or causing to be presented, a false or fraudulent claim for payment or approval in violation of 31 U.S.C. § 3729(a)(1)(A) (the “presentment provision”); or
Knowingly making, using, or causing to be made or used, a false record or statement material to a false or fraudulent claim in violation of 31 U.S.C. § 3729(a)(1)(B).

The FCA defines the term “knowingly” under the FCA very broadly. As defined, “knowingly” means that a person, with respect to information, (i) has actual knowledge of the information, (ii) acts in deliberate ignorance of the truth or falsity of the information, or (iii) acts in reckless disregard of the truth or falsity of the information. 31 U.S.C. § 3729(b). No proof of specific intent to defraud is required to show that a person acted knowingly under the FCA.

Violations of the FCA subject the defendant to mandatory civil penalties per FCA violation, plus three times the amount of damages that the Government sustains as a result of the defendant’s actions. 31 U.S.C. § 3729(a). Under 42 U.S.C. § 1320a-7(b)(7), health care providers submitting claims to Medicare or other federal health care programs also can face exclusion from participation in federal health care programs for FCA violations.

Health care providers filing claims for Medicare or other federal health plans can violate the FCA by knowingly presenting or causing to be presented claims for items or services that the person knew or should have known were not medically necessary, or were false or fraudulent. 42 U.S.C. §§ 1320a-7a(a)(1).

Moreover, health care providers under the Medicare statute have an affirmative duty to familiarize themselves with the statutes, regulations, and guidelines regarding coverage for the Medicare services. As a condition of program participation, Medicare regulations require providers and suppliers to certify that:

The provider or supplier meets, and will continue to meet, the requirements of the Medicare statute and regulations, 42 C.F.R. § 424.516(a)(1), including that any claims and underlying transactions made in a claim for Medicare comply with the Federal anti-kickback statute and the Stark law), and on the supplier’s compliance with all otherwise applicable conditions of participation in Medicare; and
The provider or supplier will not knowingly to present or cause to be presented a false or fraudulent claim for payment by Medicare, or to submit claims with deliberate ignorance or reckless disregard of their truth or falsity.

Additional certifications of continued compliance with these requirements also are required when claims are filed. Accordingly, since health care providers and suppliers are responsible for taking appropriate steps to familiarize themselves with the rules and regulations applicable to their claim and the transactions underlying it and certify in connection with the filing of the claim that the claim and its underlying transactions comply with the law, health care providers filing claims involving prohibited financial incentives or other transactions prohibited by law risk FCA liability.

Gampel, Modern Vascular FCA Complaint

Derived from the Justice Department’s assumption and consolidation of various qui tam lawsuits separately brought by various physicians, the United States filed its complaint in three consolidated lawsuits pending in the United States District Court for the District of Arizona under the qui tam, or whistleblower, provisions of the False Claims Act, 31 U.S.C. §§ 3729-3733 (“FCA”) which allow a private citizen to sue on behalf of the government and share in any recovery. The United States is also entitled to intervene in the lawsuits, as it did in these cases.

The resulting consolidated three consolidated Justice Department lawsuits seek to recover treble damages and civil penalties, and under common law and equitable theories of recovery from defendants for their billing of Medicare, TRICARE and other federal health care programs for claims resulting from transactions involving prohibited remuneration offered and provided in violation of the AKS under Gampel’s alleged schemes Nobility Management LLC; Modern Vascular LLC; Modern Vascular of South Florida LLC; Modern Vascular Management LLC; Modern Vascular Management – East LLC; Modern Vascular Management – West LLC; Modern Vascular Institute LLC; Modern Vascular of Mesa LLC; Modern Vascular of Glendale LLC; Modern Vascular of Sun City LLC; Modern Vascular of Tucson LLC; San Antonio Vascular Specialists Corp. dba Modern Vascular; Fort Worth Vascular Specialists Corp. dba Modern Vascular; Modern Vascular of Denver LLC; Modern Vascular – Navajo LLC; Modern Vascular of Fairfax LLC; Modern Vascular of Houston LLC; Modern Vascular of Indianapolis LLC; Modern Vascular of Southaven LLC; Modern Vascular of St. Louis LLC; and Modern Vascular of Kansas LLC.

The Justice Department complaint alleges Defendant Yury Gampel, a chiropractor, is the founder and former Chief Executive Officer (“CEO”) of a franchise of office-based labs (“OBL”) located in Arizona, New Mexico, Colorado, Texas, Indiana, Kansas, Mississippi, Missouri, Tennessee, and Virginia operating under the name Modern Vascular (collectively, the “Modern Vascular OBLs”). The Modern Vascular OBLs – each its own separate legal entity – focus on the treatment of peripheral arterial disease (“PAD”), particularly through an aggressive use of vascular intervention procedures, such as angioplasty and atherectomy. The complaint claims Gampel and the Modern Vascular defendants designed and promoted the franchises that incorporated a package of management and other services provided by various Modern Vascular defendant companies.

Defendant Nobility Management, LLC, provides management services to the Modern Vascular OBLs. Defendants Modern Vascular Management, LLC; Modern Vascular Management – East, LLC; and Modern Vascular Management – West, LLC, offer
IT and management support to Modern Vascular OBLs. Defendants Modern Vascular, LLC, and Modern Vascular of South Florida, LLC, are corporations controlled by Gampel that have various ownership interests in Modern Vascular OBLs. Through Modern Vascular, LLC, and Modern Vascular of South Florida, LLC, and in his own capacity, Gampel is the majority owner of the Modern Vascular OBLs. (These entities that own and manage the Modern Vascular OBLs are referred to collectively below as “Modern Vascular Corporate.”)

The complaint alleges that Gampel and Modern Vascular Corporate designed and implemented a fraud scheme at Modern Vascular OBLs at the expense of patients and federal payors from at least January 1, 2018 through June 30, 2022. Among other things, the complaint charges Gampel and the Modern Vascular defendants offered physicians the opportunity to invest in Modern Vascular office-based labs to induce them to refer their Medicare and TRICARE patients to Modern Vascular for the treatment of peripheral arterial disease. More specifically, Gampel and Modern Vascular Corporate opened Modern Vascular OBLs in new markets where referring physicians and vascular surgeons had established relationships. Prior to opening an OBL in a particular location, Gampel sought out up to 20 local physicians – usually podiatrists and pain management physicians – who traditionally referred to vascular surgeons and offered each up to a two percent ownership interest in the OBL in order to induce the physicians to refer to the OBL. Gampel and Modern Vascular Corporate selected these particular physicians (hereinafter “physician investors”) to offer ownership investment because Gampel and Modern Vascular Corporate identified them as potential high-referral sources. Once they invested in an OBL, Gampel and Modern Vascular Corporate further required the physician-investors to make referrals to Modern Vascular OBLs as a condition for remaining as a physician-investor. The complaint also alleges that Gampel pressured vascular surgeons and interventional radiologists employed at the Modern Vascular office-based labs to increase the number of invasive surgical procedures performed by tracking procedures and setting aggressive weekly and monthly goals for such procedures. In particular, Gampel and Modern Vascular Corporate provided remuneration to physician investors in Modern Vascular OBLs to induce those investors to refer patients to the Modern Vascular OBL.

The Justice Department charges that using this scheme, Defendants between January 1, 2018 and June 30, 2022 submitted, and caused to be submitted, tens of millions of dollars in false or fraudulent claims to Medicare, TRICARE and other federal health care programs by offering and providing illegal remuneration to health care providers to induce referrals to the Modern Vascular OBLs in violation of the Anti-Kickback Statute (“AKS”), 42 U.S.C. § 1320a-7b. To induce referrals, Gampel and Modern Vascular Corporate provided remuneration to physician-investors in the form of equity ownership interests in an OBL, which also included distributions, the prospect of future distributions, and/or the prospect of a cash-out of the equity ownership amounts when
the Modern Vascular OBLs were sold. During the relevant time period, the Justice Department also claims Modern Vascular
OBLs received over $50 million from Medicare Part B alone for claims submitted for patients referred by physician-investors in violation of the FCA.

Warning To Other Heath Care Providers & Suppliers

In announcing its filing of the Gambrel FCA lawsuit, the Justice Department warned other federal health program providers and suppliers and their business partners, investors, employees and agents from violating the AKS, FCA or both in the provision of or billing of health care services or supplies. “As part of our mission to protect the American people, the FBI remains committed to safeguarding patients who rely on our healthcare systems,” said Deputy Assistant Director Aaron Tapp of the FBI’s Criminal Investigative Division. “The FBI and our law enforcement partners will continue to investigate those who abuse our healthcare systems, place patients at risk, and waste taxpayer dollars.”

This warning, along with the ever-lengthening list of federal criminal and civil prosecutions, convictions and settlements by the Justice Department, the Department of Health & Human Services Office of Inspector General and other agencies provide a strong warning to health care providers, suppliers and others involved in creating or administering transactions and other arrangements for the delivery and billing for health are to be billed to Medicare, Medicaid, TRICARE and other health care arrangements covered by the AKS, the FCA or other federal or state health care fraud laws to take well documented care to ensure the care delivery arrangement does not involve transactions prohibited under the AKS or other federal or state health care fraud transactions and the care billed qualifies for reimbursement before submitting the claim. Parties who know or suspect that they may have participated in an arrangement prohibited under these laws or submitted prohibited claims should contact experienced legal counsel within the scope of attorney-client privilege for assistance in reviewing those concerns and exploring options for correction or mitigation.

For More Information

If your organization would like to learn more about the concerns discussed in this update or seeks assistance auditing, updating, administering or defending its human resources, compensation, benefits, corporate ethics and compliance practices, or other performance related concerns, contact management attorney and consultant Cynthia Marcotte Stamer.

An attorney Board Certified in Labor & Employment Law by Texas Board of Legal Specialization, Ms. Stamer is recognized for work helping organizations management people, operations and risk as a Fellow in the American College of Employee Benefit Counsel, a “Top Woman Lawyer,” “Top Rated Lawyer,” and “LEGAL LEADER™” in Labor and Employment Law and Health Care Law; a “Best Lawyers” in “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law.”

For 35 years, Ms. Stamer’s work has focused on advising and assisting businesses and business leaders with these and other employment and other staffing, employee benefit, compensation, risk, performance and compliance management and other operational solutions and concerns. Her experience includes helping management both manage performance and manage legal risk and compliance. While helping businesses define and manage the conduct and performance of their employees, contractors and vendors, she also assists employers and others about compliance with federal and state equal employment opportunity, compensation, health and other employee benefit, workplace safety, leave, and other labor and employment laws, advises and defends businesses against labor and employment, employee benefit, compensation, fraud and other regulatory compliance and other related audits, investigations and litigation, charges, audits, claims and investigations by the IRS, Department of Labor, Department of Justice, SEC, Federal Trade Commission, HUD, HHS, DOD, Departments of Insurance, and other federal and state regulators. Ms. Stamer also speaks, coaches management and publishes extensively on these and other related matters. For additional information about Ms. Stamer and her experience or to access other publications by Ms. Stamer see hereor contact Ms. Stamer directly.

Other Helpful Resources & Information

If you found this article of interest, you also may be interested in reviewing other Breaking News, articles and other resources available including:

If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information – including your preferred e-mail – by creating or updating your profile here. For important information concerning this communication click here. If you do not wish to receive these updates in the future, unsubscribe by updating your profile here.

NOTICE: Terms. These materials are for general informational and educational purposes only. They do not establish an attorney-client relationship, are not legal advice, a substitute for legal advice, an offer or commitment to provide legal advice or an admission. The information and statements in these materials may not address all relevant issues or apply to any situation or circumstances. The author reserves the right to qualify or retract any of these statements at any time. and does not necessarily address all relevant issues. Because the law evolves and in ways that subsequent developments could impact the currency and completeness of this discussion. The author disclaims and has no responsibility to provide any update or otherwise notify anyone any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers are urged to engage competent legal counsel for consultation and representation considering the specific facts and circumstances presented in their unique circumstance at any time. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication. Readers acknowledge and agree to the conditions of this Notice as a condition of their access of this publication. Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein. ©2022 Cynthia Marcotte Stamer. Nonexclusive right to republish granted to Solutions Law Press, Inc. All other rights reserved.

Leave a Comment » | Academic medicine, Anti-KickBack, ASC, billing, compensation, Conditions of Participation, Corporate Compliance, DME, Doctor, Durable Medical Equipment, Federal Health Center, Federal Sentencing Guidelines, Health Care, Health Care, Health Care Finance, Health Care Fraud, Health Care Provider, Health Care Quality, health care reimbursement, Health IT, Home Health, Hospice, Hospital, Hospital, Indian Health, Inpatient Rehabilitation Facility, Laboratory tests, Laws, long-term care, Medicaid, Medicaid Advantage, Medicare, Mergers and Acquisitions, nursing home, Outpatient, pain management, Pharmaceudical, Physician, Physician Licensing, Prescription Drugs, Reimbursement | Tagged: Anti-Kickback, Health Care Fraud, Health Care Reimbursement, Medicaid, Medicare, Office-based labs | Permalink
Posted by Cynthia Marcotte Stamer

CDC Eases Opiate Prescription Guidelines

November 3, 2022

The Centers for Disease Control released updated opiate prescription guidance today, loosening restrictions on prescription of the pain management narcotics under certain conditions.

Ironically the new guidance loosening opiate prescription guidelines comes on the heels of the announcement yesterday of sellements of opiate litigation against CVS and Walgreens brought by multiple states’ seeking to recover states’ costs arising from citizens ‘ addicted to opiates.

CDC’s revised opiate guidance is intended to give providers more flexibility to prescribe under various situations in response to criticism that the original more narrow guidelines harmed patients legitimately needing the pain management treatment.

Guideline changes are likely to implicate prescribing practices as well as some prescription drug coverages, as well as electronic recordkeeping and prescribing systems.

Slay tuned for more details about the new guidelines and other health care and life sciences relevant developments.

More Information

About the Author

Ms. Stamer’s work throughout her 30 plus year career has focused heavily on working with health care and managed care, health and other employee benefit plan, insurance and financial services and other public and private organizations and their technology, data, and other service providers and advisors domestically and internationally with legal and operational compliance and risk management, performance and workforce management, regulatory and public policy and other legal and operational concerns.

For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here.

IMPORTANT NOTICE ABOUT THIS COMMUNICATION

NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author and Solutions Law Press, Inc.™ reserve the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The author and Solutions Law Press, Inc.™ disclaim, and have no responsibility to provide any update or otherwise notify anyone any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication. Readers acknowledge and agree to the conditions of this Notice as a condition of their access of this publication.

Leave a Comment » | DEA, Direct Primary Care, Doctor, drug treatment, Health Care, home health, Hospital, Medical Malpractice, pain management, Pharmaceudical, Pharmacy, Physician Licensing, physician licensure, Prescription Drugs | Permalink
Posted by Cynthia Marcotte Stamer

Criminal IV Tampering Charges Against Anesthesiologist Highlight Exposures Providers And Their Facilities Can Face From Team Members Retaliatory or Other Misdeeds

September 15, 2022

The arrest and criminal charges against Dallas anesthesiologist Raynaldo Rivera Ortiz Jr. (“Dr. Ortiz”) announced September 15, 2022 highlight the advisability of health care facilities and providers to use care to use appropriate monitoring and other safeguards to protect patients and other critical operations against potential retaliatory misconduct during professional peer review or other investigation or discipline of health care professionals or other members of their workforces.

Dr. Ortiz was arrested in Plano, Texas on Wednesday, September 14, 2022 and is scheduled to make his initial court appearance on Friday, September 16, 2022 on federal felony criminal charges that he caused the death of a patient and surgical emergencies of other patients by intentionally tampering with a consumer product and intentional drug alteration.

According to the by Principal Deputy Assistant Attorney General Brian M. Boynton, head of the Justice Department’s Civil Division, and U.S. Attorney for the Northern District of Texas Chad E. Meacham, Dr. Ortiz was arrested and charged via criminal complaint with tampering with a consumer product causing death and intentional drug adulteration.

According the criminal complaint, on June 21, 2022, a 55-year-old female coworker of Dr. Ortiz, experienced a medical emergency and died immediately after treating herself for dehydration using an IV bag of saline taken from a Baylor Scott & White operated surgical center. An autopsy report revealed that she died from a lethal dose of bupivacaine, a nerve blocking agent that is rarely abused but is often used during the administration of anesthesia.

Two months later, on August 24, 2022, an 18-year-old male patient experienced a cardiac emergency during a routine sinus surgery. The teen was intubated and transferred to a local ICU. Chemical analysis of the fluid from a saline bag used during his surgery revealed the presence of bupivacaine, epinephrine (a stimulant), and lidocaine, drugs that could have caused the patient’s sudden symptoms.

According to the complaint, surgical center personnel concluded that the incidents involving both patients suggested a pattern of intentional adulteration of IV bags used at the surgical center.

The surgical center personnel also identified 10 additional unexpected cardiac emergencies that occurred during otherwise unremarkable surgeries between May and August 2022, which the criminal complaint alleges is an exceptionally high rate of complications over such a short period of time. According to the criminal complaint, medical personnel in each of those additional 10 cases only were able to stabilize the patient through use of emergency measures. Most of the incidents occurred during longer surgeries that used more than one IV bag, including one or more bags retrieved mid-surgery from a stainless steel bag warmer.

Surveillance video from the center’s operating room hallway allegedly also shows Dr. Ortiz placing IV bags into the stainless-steel bag warmer shortly before other doctors’ patients experienced cardiac emergencies. The complaint alleges that in one instance captured in the surveillance video, agents observed Dr. Ortiz walk quickly from an operating room to the bag warmer, place a single IV bag inside, visually scan the empty hallway, and quickly walk away. Just over an hour later, according to the complaint, a 56-year-old woman suffered a cardiac emergency during a scheduled cosmetic surgery after a bag from the warmer was used during her procedure. The complaint also states that in another instance, agents observed Dr. Ortiz exit his operating room carrying an IV bag concealed in what appeared to be a paper folder, swap the bag with another bag from the warmer, and walk away. Roughly half an hour later, a 54-year-old woman suffered a cardiac emergency during a scheduled cosmetic surgery after a bag from the warmer was used during her procedure.

According to the complaint, none of the cardiac incidents occurred during Dr. Ortiz’s surgeries, and that the series of emergencies began just two days after Dr. Oritz was notified of a disciplinary inquiry stemming from an incident during which he allegedly “deviated from the standard of care” during an anesthesia procedure when a patient experienced a medical emergency. The complaint alleges that all of the incidents occurred around the time Dr. Ortiz performed services at the facility, and no incidents occurred while Dr. Ortiz was on vacation.

The complaint further alleges that Dr. Ortiz, who had a history of disciplinary actions against him, expressed concern to other physicians over the disciplinary action at the facility and complained the center was trying to “crucify” him. A nurse who worked on one of Dr. Ortiz’s surgeries allegedly told law enforcement that Dr. Ortiz refused to use an IV bag she retrieved from the warmer, physically waving the bag off.

“Our complaint alleges this defendant surreptitiously injected heart-stopping drugs into patient IV bags, decimating the Hippocratic oath,” said U.S. Attorney Chad E. Meacham in the Department of Justice announcement of the charges. The criminal charges stemmed from these findings.

The Justice Department announcement reminds readers that a criminal complaint is merely an allegation of criminal conduct, not evidence. Dr. Ortiz is presumed innocent unless and until proven guilty beyond a reasonable doubt in a court of law. If convicted, however, Dr. Ortiz faces a maximum penalty of life in prison.

Both Dr. Ortiz and the surgical facility are exposed to potential liability as a result of the alleged charges. Aside from the pending criminal charges, Dr. Ortiz also almost certainly could face potential peer review and licensing board disciplinary investigation, as well as civil lawsuits.

In addition to these liability exposures for Dr. Ortiz, the surgical facility and other providers also could face civil or potentially even criminal liability.

It seems almost inevitable that the facility and potentially some other providers might be drawn into civil lawsuits brought by affected patients and their families allegedly injured or place at risk by the alleged actions by Dr. Ortiz, as well as licensing and/or accreditation investigation arising from the alleged events.

Because Dr. Ortez’s alleged Actions constitute federal felonies, the Federal Sentencing Guidelines sentencing and organizational liability rules apply. The Sentencing Guidelines will apply to determine the sentence imposed if Dr. Ortez ultimately is convicted. In addition, the Sentencing Guidelines organizational liability provisions also raise a risk of criminal charges against the facility or other parties with knowledge or other imputed responsibility. Under the organizational guidelines, organizations can have imputedliability for the criminal acts committed by the members of their workforce. However whether criminal charges will be pursued against the organization and the level of culpability and resulting liability is determined based upon both whether the organization took appropriate steps to prevent the misconduct before it happened and the extent to which the organization acted promptly in its investigation and redress of the conduct. The apparent actions of the surgical center and its leader ship to investigate, report, and cooperate in the investigation with federal officials are likely to mitigate if not resolve their criminal exposure.

Organizations and their leaders should treat the charges against Dr. Ortiz as a reminder, at minimum carefully to credential and monitor team members including doctors or other non-employer actors working in or with their facilities, to establish appropriate safeguards to prevent and identify quickly mistakes or intentional conduct, to monitor and enforce those safeguards, and to take appropriate prompt action to investigate concerns and redress and if necessary report misconduct with the advice of counsel.

When dealing with position performance and discipline concerns, facilities typically must carefully negotiate applicable contractual and workforce issues as well as the procedural and due process requirements of applicable medical staff bylaws and federal and state peer review and discipline statutes and regulations and medical staff discipline rules.

When a medical staff member protected by peer review or other procedural safeguards commits behaviors that raise a material and continuing threat to the health and safety of patients or the public, summary suspension may be necessary. When considering or taking an action to summarily suspend a healthcare provider, however, facilities and their medical staff leaders should document both the grounds for the patient safety concerns and need for immediate action and scrupulously follow the summary suspension procedures.

Along with seeking to prevent and mitigate these legal risks, Facilities and other providers also need to consider white reporting obligations they may bear under applicable statutes, regulations and contracts.

While managing these legal risks, facilities and other involved parties also need to anticipate media and public concern about the occurrences. Facilities and their leaders should anticipate and be prepared to work in conjunction with qualified legal counsel and experienced qualified public relations experts to decide when, what, and how to communicate with the public in the media about these types of events to avoid is there a bold minefield of traps created by privacy laws, evidentiary and other legal risk management concerns, and the management of relationships with other members of the medical staff and workforce, business partners, insurance, and the public.

More Information

About the Author

Ms. Stamer’s work throughout her 35 plus year career has focused heavily on working with health care and managed care, health and other employee benefit plan, insurance and financial services and other public and private organizations and their technology, data, and other service providers and advisors domestically and internationally with legal and operational compliance and risk management, performance and workforce management, regulatory and public policy and other legal and operational concerns. In the course of this work, she has worked extensively on workforce and medical staff credentialing, management, investigation, peer review and discipline, and reporting and remediation of criminal or other activity to regulatory officials.

For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here.

IMPORTANT NOTICE ABOUT THIS COMMUNICATION

NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author and Solutions Law Press, Inc.™ reserve the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The author and Solutions Law Press, Inc.™ disclaim, and have no responsibility to provide any update or otherwise notify anyone any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication. Readers acknowledge and agree to the conditions of this Notice as a condition of their access of this publication.

Leave a Comment » | Academic medicine, Ambulatory care, Anethesiology, Conditions of Participation, Corporate Compliance, Credentialing, Doctor, Employer, Employment law, FDA, Federal Sentencing Guidelines, Fiduciary Responsibility, Health Care, Health Care Provider, Health Care Quality, Home Health, home health, Hospice, Hospital, hospitals, nursing home, OIG, Physician, Physician Licensing, physician licensure, Prescription Drugs, quality repoting, retaliation, Skilled Nursing Facility, Whistleblower | Tagged: ortiz | Permalink
Posted by Cynthia Marcotte Stamer

Act Promptly To Comment On ONC’s Proposed Electronic Clinical Quality Measure Draft Changes

September 14, 2022

Health care providers, health plans and insurers and other stakeholders concerned about the Department of Health and Human Services Office of the National Coordinator for Healthcare Information (“ONC”) electronic clinical quality measures (“eCQMs”) have the opportunity to review and comment on draft changes to the eCQM specifications and supporting resources under consideration by ONC as part of ONC’s 2022 Change Review Process (CRP) for the ONC Project Tracking System. Interested stakeholders must monitor the posting of issues and act quickly to share their feedback, however, as stakeholders have only two weeks to comment after a ONC posts a new proposed eCQm change.

eCQMs As Measure of Health Care Quality

Electronic clinical quality measures or “eCQMs” are tools that ONC develops with stakeholder input to help Medicare and Medicaid measure and track the quality of health care services that eligible hospitals and critical access hospitals (CAHs) provide, as generated by a provider’s electronic health record (EHR). CMS Measuring and reporting eCQMs helps to ensure that our health care system is delivering effective, safe, efficient, patient-centered, equitable, and timely care. CMS’ eCQMs measure many aspects of patient care, including:

Patient and Family Engagement
Patient Safety
Care Coordination
Population/Public Health
Efficient Use of Healthcare Resources
Clinical Process/Effectiveness

To successfully participate in the Medicare and Medicaid Promoting Interoperability Programs, the Centers for Medicare and Medicaid Services (“CMS”) requires eligible providers, eligible hospitals, critical access hospitals and dual-eligible hospitals electronically to report on eCQMs determined by CMS that require the use of data from the provider’s certified electronic health record (“EHR”) technology (CEHRT) or other health information technology systems to measure and report quality measures in a standardized manner. For calendar year (CY) 2022, Medicare Promoting Interoperability Program participants are required to report on three self-selected eCQMs and the Safe Use of Opioids – Concurrent Prescribing eCQM from the set of nine available for at least three self-selected quarters of CY 2022 data. To report eCQMs successfully, health care providers must use an EHR and adhere to the requirements identified by the CMS quality program. Failing to meet these eCQM reporting requirements can prevent the provider from meeting meaningful use requirements and trigger reductions in reimbursements for care.

Health care quality, credentialing, accreditation, and other provider, health plan and other organizations also use the eCQMs data alone or with other quality measures and tools to set standards and assess and enforce quality goals and performances.

As the proposed changes on a relevant eCQM could materially impact the reporting responsibilities of the reporting providers, the quality and meaning of a proposed data measure, or both, impacted stakeholders should monitor the system for possible changes impacting the eCQMs used or applicable to their organizations and its activities and if appropriate, comment promptly.

2022 eCQMs Updates

Each year, CMS makes updates to the eCQMs approved for CMS programs to reflect changes in:

Evidence-based Medicine
Code Sets
Measure Logic

Conducted annually as part of OCN’s eCQM Issue Tracker project, the CRP provides eCQM users the opportunity to review and comment on draft changes to the eCQM specifications and supporting resources under consideration by the measure stewards. The goal of the CRP is for eCQM implementers to comment on the potential impact of draft changes to eCQMs so CMS and measure stewards can make improvements to meet CMS’s intent of minimizing provider and vendor burden in the collection, capture, calculation, and reporting of eCQMs.

Stakeholders with an account on the ONC Project Tracking System can monitor, review and comment on proposed eCQM changes through the eCQM Issue Tracker project during the two week period following the date the issue is posted in the eCQM Issue Tracker. To participate in the CRP, users must have an ONC Project Tracking System account. New users can create an account via the ONC Project Tracking System website.

The following table reflects the eCQM issues open on the eCQM Issue Tracker as of September 14, 2022 and their scheduled comment closing dates

Issues Open for Public Comment As of 9/14/2022

CMS eCQM Identifier and Measure Title	CRP Issue Title	Issue Number and Link	Issue Type	Goal of Review	Public Comment Open Date	Public Comment Close Date
Multiple measures	Incorporate ‘Diagnosis’ datatype to capture Hospice Care	CQM-5561	Logic; Value Set	Obtain clinical and technical feedback	09/07/2022	09/21/2022
CMS128: Anti-depressant Medication Management; CMS136: Follow-Up Care for Children Prescribed ADHD Medication (ADD); CMS156: Use of High-Risk Medications in Older Adults	Update Cumulative Medication Duration function to calculate maximum daily frequency	CQM-5562	Logic	Obtain technical feedback	09/07/2022	09/21/2022
Multiple measures	Expand codes using ‘Diagnosis’ datatype to capture Palliative Care	CQM-5563	Logic; Value Set	Obtain clinical and technical feedback	09/07/2022	09/21/2022
Multiple measures	Require 2 indications of frailty to meet exclusion	CQM-5564	Header; Logic; Measure Intent Clarification	Obtain clinical feedback	09/07/2022	09/21/2022
CMS127: Pneumococcal Vaccination Status for Older Adults	Expand numerator to allow for pneumococcal vaccination since 19 years of age	CQM-5565	Header; Logic; Measure Intent Clarification	Obtain clinical feedback	09/07/2022	09/21/2022

eCQM Issue Tracker Open Issues As Of September 14, 2022

As proposed eCQM changes are posted for public comment as CRP issues. ONC informs eCQM accountholders of the proposed change or eCQM issue by posting for review in the ONC Project Tracking System. Accountholders only have two weeks after ONC posts a proposed eCQM to comment on the posted issue. Stakeholders interested in commenting on a particular issue must submit their comment in accordance with the directions within this two week period.

More Information

About the Author

For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here.

IMPORTANT NOTICE ABOUT THIS COMMUNICATION

NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author and Solutions Law Press, Inc.™ reserve the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The author and Solutions Law Press, Inc.™ disclaim, and have no responsibility to provide any update or otherwise notify anyone any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication. Readers acknowledge and agree to the conditions of this Notice as a condition of their access of this publication.

Protect Remote Desktop Protocols From Malware Threat

July 1, 2022

As Americans prepare to celebrate the July 4th holiday, CISA, the Federal Bureau of Investigation (FBI), the Department of the Treasury (Treasury), and the Financial Crimes Enforcement Network (FinCEN) are warning of a cyber threat for Remote Desktop users. Health care, health plan, healthcare clearing houses, their business associates and other security sensitive organizations using remote access technology should perform and document their risk assessment and any corrective actions taken as part of their continuing Health Insurance Portability and Accountability Act (“HIPAA”), Fair and Accurate Credit Transactioms Act (FACTA”), government contracting, securities law, and other data security compliance.

The joint Cybersecurity Advisory (CSA), #StopRansomware: MedusaLocker, published July 1 alerts of the risk of MedusaLocker ransomware. MedusaLocker actors target vulnerabilities in Remote Desktop Protocol (RDP) to access victims’ networks.

CISA, FBI, Treasury and FinCEN are encouraging network defenders to examine their current cybersecurity posture and apply the recommended mitigations in this joint CSA, which include:

Prioritize remediating known exploited vulnerabilities.
Train users to recognize and report phishing attempts.
Enable and enforce multifactor authentication.

When assessing Remote Desktop protocol risks, covered entities, business associates and other security concerned organizations also should examine their exposures to other vulnerabilities.

A key resource for monitoring some of these vulnerabilities is the CISA Known Exploited Vulnerabilities Catalog, which lists exposures based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk federal enterprises. CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the Catalog that meet the specified criteria.

The Department of Health & Human Services Office of Civil Rights (‘“OCR”) guidance and enforcement makes clear covered entities and business associates must monitor and take appropriate actions to update their security in response to emerging cyber security threats.

Along with monitoring and responding to this and other security threats, covered entities also should add reviewing and updating their HI-AA practices in response to new guidance OCR issued this week in response to the Supreme Court Dobbs vs. Jackson Women’s Health Organization abortion ruling. The HIPAA Privacy Rule and Disclosures of Information Relating to Reproductive Health Care guidance generally addresses when the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule restricts or allows individuals’ private medical information (known as “protected health information” or “PHI”) relating to abortion and other sexual and reproductive health care. For more details, see here.

Beyond HIPAA, malware and other data or system security breaches and susceptibilities can create liability risks under tax, securities, government contracting, FACTA and a wide range of federal and state laws. For instance, with cybersecurity threats and compliance concerns growing, the SEC is prioritizing cybersecurity regulation, investigation and enforcement against public companies and other market participants for lack cybersecurity governance, safeguards or disclosures. See e.g., SEC Office of Compliance Inspections and Examinations Cybersecurity and Resiliency Observations. Along announcing its commitment to hold market involved and impacting regulated entities accountable for failing to maintain and enforce appropriate internal and external controls to prevent, detect and redress cybersecurity threats, including appropriate board governance and risk management, access rights and controls, data loss prevention, mobile security, incident response and resiliency, vendor management, training and awareness, investor disclosures and other practices.

Healthcare providers and other covered entities, their business associates and others with data security responsibilities or sensitivities should respond promptly and carefully document their risk analysis and response in response to these emerging concerns.

More Information

About the Author

For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here.

IMPORTANT NOTICE ABOUT THIS COMMUNICATION

NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author and Solutions Law Press, Inc.™ reserve the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The author and Solutions Law Press, Inc.™ disclaim, and have no responsibility to provide any update or otherwise notify anyone any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication. Readers acknowledge and agree to the conditions of this Notice as a condition of their access of this publication.

Leave a Comment » | Academic medicine, ambulance, ASC, Conditions of Participation, Cyber crime, data security, Doctor, Electronic Health Records, Emergency Care, Employer, ERISA, FDA, Federal Health Center, Federal Sentencing Guidelines, Fiduciary Responsibility, FTC, Health Care, Health care coding, Health Care Provider, Health Care Quality, Health Insurance, Health Insurance Exchange, Health IT, Health Plan, Health Plans, healthcare, HIPAA, HIPAA Cyber Crime, HITECH Act, Home Health, home health, Hospital, Medicaid Advantage, Medicare Advantage, NIST, nursing home, OCR, Privacy, Rural Health Care | Tagged: Cyber Security, Data Breach, Data Security, Health Care, HIPAA, Malware | Permalink
Posted by Cynthia Marcotte Stamer

6 Texas Physicians Face Federal Health Care Fraud Charges For Alleged Improper Kickbacks & Lab Testing Claims

May 29, 2022

The Department of Justice sent another strong warning to physicians and other health care provides not to violate the False Claims Act by making improper patient referrals in violation of the Anti-Kickback Statute and the Stark Law, billing federal health care programs for medically unnecessary laboratory testing or other services or both when charged six Texas physicians with federal health care fraud this week. The prosecution of the physicians for laboratory tests arranged and billed through management services organizations also reminds physicians and other providers that reliance upon management services or other third-party service providers generally does not protect a physician participating in prohibited laboratory or other testing, durable medical equipment, facility, physical therapy or other health care billing or referral arrangements from liability.

Charges Against Texas Physicians

This week, the Justice Department added the following six physicians as defendants to criminal charges filed in a False Claims Act complaint filed in January 2022 against former True Health Diagnostics LLC (THD) CEO Christopher Grottenthaler, former Boston Heart Diagnostics Corporation (BHD) CEO Susan Hertzberg, former LRH CEO Jeffrey Madison, and others:

Doyce Cartrett, Jr., M.D., of Silsbee, Texas, allegedly received over $320,000 from LRH and two management services organizations or “MSOs,” Ascend MSO of TX LLC (Ascend) and Eridanus MG LLC (Eridanus), in return for his referrals.
Elizabeth Seymour, M.D., of Corinth, Texas, allegedly received over $280,000 from two MSOs, Ascend and Eridanus, in return for her referrals.
Emanuel Paul “E.P.” Descant, II, M.D., of Spring, Texas, allegedly received over $125,000 from two MSOs, North Houston MSO and Tomball Medical Management Inc., in return for his referrals.
Frederick Brown, M.D., of Missouri City, Texas, allegedly received over $190,000 from two MSOs, Ascend and Indus MG LLC (Indus), in return for his referrals.
Heriberto Salinas, M.D., of Cleburne, Texas, allegedly received over $75,000 from two MSOs, Ascend and Herculis MG LLC (Herculis), in return for his referrals.
Hong Davis, M.D., of Lewisville, Texas, allegedly received over $70,000 from two MSOs, Ascend and Herculis, in return for her referrals.

The complaint in United States, et al. ex rel. STF, LLC v. True Health Diagnostics, LLC, et al., No. 4:16-cv-547 (E.D. Tex.) charges that small Texas hospitals including Rockdale Hospital dba Little River Healthcare (LRH), THD, BHD, the six physicians and others conspired to pay physicians to induce referrals to the hospitals for laboratory testing performed by THD or BHD. The charges stem from allegations made under the qui tam or whistleblower provisions of the False Claims Act by STF LLC by Felice Gersh, M.D. and Chris Riedel. The United States intervened in the qui tam action in December 2021.

The complaint alleges the charged hospitals paid a portion of their laboratory profits to recruiters, who in turn kicked back those funds to the referring physicians through MSOs allegedly set up by the recruiters to make payments to referring physicians. The Justice Department charges the alleged kickbacks were disguised as investment returns but actually were based on, and offered in exchange for, the physicians’ referrals. The complaint alleges that laboratory tests resulting from this referral scheme were billed to various federal health care programs, and that the claims not only were tainted by improper inducements but, in many cases, also involved tests that were not reasonable and necessary.

The Justice Department reports that before adding charges against the six physicians to the complaint this week, the Justice Department recovered more than $31 million relating to conduct involving BHD, THD and LRH, including False Claims Act settlements with 29 physicians, two health care executives and a laboratory company.

Health Care Fraud Liability Under False Claims Act, Anti-Kickback Statute, Stark Law

The Anti-Kickback Statute prohibits offering, paying, soliciting or receiving remuneration to induce referrals of items or services covered by Medicare, Medicaid and other federally-funded programs. The Stark Law forbids a hospital or laboratory from billing Medicare for certain services referred by physicians that have a financial relationship with the hospital or laboratory. The Anti-Kickback Statute and the Stark Law seek to ensure that medical providers’ judgments are not compromised by improper financial incentives and are instead based on the best interests of their patients.

The False Claims Act prohibits health care providers from billing federal health care programs for services resulting from referrals prohibited by the Anti-Kickback Statute or the Stark law.

Under the False Claims Act, a private party can file an action on behalf of the United States and receive a portion of the recovery. The False Claims Act also allows the Justice Department to intervene in such lawsuits and add claims and defendants, as happened in this litigation. The qui tam case is captioned United States, et al. ex rel. STF, LLC v. True Health Diagnostics, LLC, et al., No. 4:16-cv-547 (E.D. Tex.). If a defendant is found liable for violating the act, the United States may recover three times the amount of its losses plus applicable penalties.

The United States’ pursuit of this lawsuit illustrates the government’s emphasis on combating health care fraud generally with a special emphasis on physicians. For instance, U.S. Attorney Brit Featherston is quoted as saying, “Schemes that funnel health care referrals do not work without the participation of physicians. … They are not merely passive players in these elaborate schemes, but an integral part, without which the scheme could not exist. Our office is committed to rooting out health care fraud by pursuing all players involved the scheme, from the laboratories and their leaders to the marketers and the physicians who make it all possible. Naming these physicians in the complaint is evidence of that commitment.”

Given this clear warning, physicians and other prescribers, as well as recruiting, billing and management services organizations, laboratories and others involved in recruiting and marketing, providing or billing for laboratory or other services to double check the appropriateness of their referral and other practices keeping in mind that the Anti-Kickback Statute and Stark Law prohibitions against direct and indirect compensation can reach to a wide range of subtle value and benefits in addition to the obvious payment of cash or gifts delivered in a multitude of ways. The prosecution of these physicians for referrals made and compensation delivered under management services contracts also clearly warns physicians and other providers against expecting their reliance upon billing, management services or other staff or management service providers to shield them from liability if an improper referral or payment happens.

More Information

About the Author

For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here.

IMPORTANT NOTICE ABOUT THIS COMMUNICATION

NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author and Solutions Law Press, Inc.™ reserve the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The author and Solutions Law Press, Inc.™ disclaim, and have no responsibility to provide any update or otherwise notify anyone any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication. Readers acknowledge and agree to the conditions of this Notice as a condition of their access of this publication.

Leave a Comment » | Anti-KickBack, billing, Centers For Disease Control, Conditions of Participation, DME, Doctor, Durable Medical Equipment, E-Prescribing, false claims act, Federal Sentencing Guidelines, Health Care, Health care coding, Health Care Finance, Health Care Fraud, Health Care Provider, Health Care Quality, health care reimbursement, healthcare, HHS, Home Health, home health, Hospice, Hospital, Hospital, hospitals, Laboratory tests, Licensing, Medical Licensure, Medical Malpractice, Medicare, Medicare Advantage, Medicare Prescription Drug Program, Money Laundering, nursing home, OIG, Opiates, Pharmaceudical, Physician, Physician Licensing, Reimbursement, Stark, Substance Abuse | Tagged: Federal Sentencing Guidelines, Opiate, pain management, Physician | Permalink
Posted by Cynthia Marcotte Stamer

Federal Convictions Of Physicians Highlight Need For Care In Opiate & Other Pain Management Prescribing & Billing

March 4, 2022

Physicians and other health care prescribers must remain hyper vigilant when prescribing, documenting, billing and managing opiate and other pain management prescriptions and patients. That’s the clear message sent by the ever-growing wave of federal prosecutions and convictions like the March 2, 2022 federal conviction of Tennessee physician Mark Murphy and his wife, Jennifer Murphy and his wife for unlawfully distributing opioids, providing unnecessary services and defrauding insurers from their now-shuttered North Alabama Pain Services clinics (“NAPS”) and March 1, 2022 sentencing of former physician Patrick Titus to 20 years in prison for his conviction of unlawful distribution of opioid drug outside the usual scope of professional practice and not for legitimate medical purposes as part of the his internal medicine practice.

Tennessee Doctor & Wife Convicted of Pain Management Related Unlawful Opioid Distribution, Health Care Fraud & Other Criminal Charges

The March 2 federal jury conviction of Dr. and Ms. Murphy stemmed from their ownership and operation of their now-defunct pain management clinics resulted from evidence gathered through a joint investigation by the Federal Bureau of Investigation, the Department of Health & Human Services Office of Inspector General, the Internal Revenue Service, and the Drug Enforcement Agency.

During the resulting jury trial, federal prosecutors presented evidence that during the five-year period leading up to the clinic closing its Alabama locations in 2017, Dr. Murphy and Ms. Murphy, who was the office manager, caused over $50 million in fraudulent or unnecessary medical services to be charged to Medicare, TRICARE, Blue Cross Blue Shield of Alabama and others. Evidence at trial showed that NAPS provided pre-signed prescriptions to thousands of patients a month, including prescriptions written outside the usual course of professional practice without a legitimate medical purpose. Federal prosecutors also introduced evidence that the Murphys also solicited and received unlawful payments for referring fraudulent or unnecessary services to patients.

Based on the evidence, the jury found both Dr. and Ms. Murphy guilty on numerous criminal charges including:

Conspiracy to unlawfully distribute and unlawful distribution of controlled substances;
Conspiracy to commit and commission of health care fraud;
Conspiracy to defraud the United States; and
Receiving illegal kickbacks in violation of the Anti-Kickback Statute.

Ms. Murphy also was convicted of tax-related charges for underreporting clinic income.

Currently scheduled for sentencing in June, the Murphys each face a maximum of 20 years in prison for the drug charges and a maximum of 10 years in prison for the health care fraud charges. Both defendants also face a maximum of five years in prison for charges stemming from violations of the Anti-Kickback Statute, and Ms. Murphy faces up to three years in prison for the tax charges.

Former Delaware Doctor Sentenced to 20 Years in Prison for Unlawful Opioid Distribution

The Murphy’s jury conviction came one day after the sentencing of former to 20 years in prison for his July 2021 federal jury conviction on 13 counts of unlawfully distributing and dispensing controlled substances and one count of maintaining a drug-involved premises.

Federal prosecutors presented evidence in court documents and trial that Dr. Titus unlawfully distributed or dispensed opioid drugs including fentanyl, morphine, methadone, OxyContin and oxycodone outside the usual scope of professional practice and not for legitimate medical purposes as part of the his internal medicine practice. The Justice Department charged Dr. Titus frequently prescribed these dangerous controlled substances in high dosages, sometimes in combination with each other or in other dangerous combinations, mostly in exchange for cash. Evidence at trial showed he distributed over 1 million opioid pills without providing any meaningful medical care and to patients he knew were suffering from substance use disorder and/or who demonstrated clear signs that the prescribed drugs were being abused, diverted or sold on the street.

Health Care Fraud Task Force Targeting Opioid Distribution, Billing, & Related Misconduct

Both the Murphy and Titus prosecutions and convictions are two of a growing series of convictions resulted from investigations into opioid and other pain management prescribing conducted as part of efforts targeting physicians and other health care providers involved in prohibited the federal Health Care Fraud Strike Force Program. See e.g., Medical Director Convicted in $110 Million Addiction Treatment Fraud Scheme.

The Federal agencies made a point of warning to other physicians not to overprescribe, bill or engage in other prohibited dealings involving opioids or other controlled substances when announcing the Titus sentencing.

“As we continue the fight against the opioid crisis, this case serves as an important reminder that health care professionals have a duty to prescribe medication responsibly to ensure the well-being of individuals under their care. Failing to do so can endanger patients and undermines critical, ongoing public health measures,” said Special Agent in Charge Maureen Dixon of the U.S. Department of Health and Human Services, Office of the Inspector General (HHS-OIG). “HHS-OIG will continue to work with our law enforcement partners to hold bad actors accountable.”

“This sentence is a reminder that the Department of Justice will hold accountable those doctors who are illegitimately prescribing opioids and fueling the country’s opioid crisis,” said Assistant Attorney General Kenneth A. Polite Jr. of the Justice Department’s Criminal Division. “Doctors who commit these unlawful acts exploit their roles as stewards of their patients’ care for their own profit.”

“DEA-registered medical practitioners have an important role in our communities to treat patients compassionately and responsibly,” said DEA Administrator Anne Milgram. “Today’s sentencing makes clear that medical professionals who recklessly prescribe opioids and endanger the safety and health of patients will be held accountable.”

More Information

About the Author

For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here.

IMPORTANT NOTICE ABOUT THIS COMMUNICATION

NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author and Solutions Law Press, Inc.™ reserve the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The author and Solutions Law Press, Inc.™ disclaim, and have no responsibility to provide any update or otherwise notify anyone any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication. Readers acknowledge and agree to the conditions of this Notice as a condition of their access of this publication.

Leave a Comment » | billing, Centers For Disease Control, Conditions of Participation, Controlled Substances, Corporate Compliance, DEA, Doctor, drug treatment, E-Prescribing, Evidence Based Medicine, false claims act, FDA, Federal Sentencing Guidelines, Health Care, Health Care Finance, Health Care Fraud, Health Care Provider, Health Care Quality, health care reimbursement, Health Plan, Health Plans, healthcare, hemp, HHS, Home Health, home health, Hospice, Hospital, Hospital, hospitals, Licensing, managed care, marijuana, Medical Licensure, Medical Malpractice, Medical Records, Medicare, Medicare Advantage, Medicare Prescription Drug Program, Mental Heatlh, Money Laundering, Monopoly, OIG, Opiates, pain management, Physician, Physician Licensing, Prescription Drugs, Reimbursement, Substance Abuse | Tagged: Federal Sentencing Guidelines, Opiate, pain management, Physician | Permalink
Posted by Cynthia Marcotte Stamer

Biden-Harris Administration to Expand Vaccination Requirements for Health Care and Many Other Employers

September 9, 2021

All Medicare and Medicaid certified health care facilities, and a broad range of other employers must prepare to meet impending new federal COVID-19 vaccine mandates announced by the Biden-Harris Administration today.

According to today’s announcements all healthcare facilities participating in Medicare or Medicaid or employing 100 or more employees will be required to ensure all staff are vaccinated against COVID-19.

The Biden-Harris Administration says the new health industry COVID-19 vaccine mandates will be implemented through emergency regulations to be issued in October.

According to today’s announcement, the Centers for Medicare & Medicaid Service (“CMS”) in collaboration with the Centers for Disease Control (“CDC”) is developing an Interim Final Rule with Comment Period that will be issued in October that will extend vaccine mandates originally announced last month for all Medicare and Medicaid participating nursing home workers to include hospitals, dialysis facilities, ambulatory surgical settings, and home health agencies, among others, as a condition for participating in the Medicare and Medicaid programs. See CMS/CDC Mandating COVID Vaccination For All Nursing Home Staff.

The announcement of the vaccine mandates for healthcare workers coincides with the Biden-Harris Administration’s announcement of sweeping new vaccine mandates for all government workers, government contractors and employers employing more than 100 employees.

The two mandates will force most health care facilities to impose mask mandates for all staff in order to meet the requirement all staff be vaccinated.

CMS and CDC say the decision was based on the continued and growing spread of the virus in health care settings, especially in parts of the U.S. with higher incidence of COVID-19. They claim the action will protect patients of the 50,000 providers and over 17 million health care workers in Medicare and Medicaid certified facilities.

According to the CDC, nursing homes with an overall staff vaccination rate of 75% or lower experience higher rates of preventable COVID infection. In CMS’s review of available data, the agency is seeing lower staff vaccination rates among hospital and End Stage Renal Disease (ESRD) facilities. To combat this issue, CMS is using its authority to establish vaccine requirements for all providers and suppliers that participate in the Medicare and Medicaid programs. Vaccinations have proven to reduce the risk of severe illness and death from COVID-19 and are effective against the Delta variant.

In it’s announcement of the impending vaccination requirements, CDC urged health care facilities to prepare now to meet the new mandate in October. CMS expects certified Medicare and Medicaid facilities to act in the best interest of patients and staff by complying with new COVID-19 vaccination requirements.

CDC also urged any health care workers employed in these facilities who are not currently vaccinated are urged to begin the process immediately and facilities to use all available resources to support employee vaccinations, including employee education and clinics, as they work to meet new federal requirements.

While legal challenges to the mandate requirements are likely, most facilities that have not already adopted vaccine mandates are expected to adopt these mandates rather than risk losing eligibility for Medicare and Medicaid reimbursement and other sanctions.

Beyondprogram disqualification and attendant financial pressures, announcement of the new vaccine mandates adds vaccination to the list of safety safeguards that healthcare facilities as employers can expect to be required to enforce as part of the occupational safety rules of the Occupational Safety and Health Administration (”OSHA”).

OSHA already is sanctioning employers for violating COVID-19 related OSHA requirements. For instance, OSHA nailed Lakewood Resource and Referral Center Inc., dba Center for Education Medicine and Dentistry (CHEMED) with heavy fines for allegedly violating applicable COVID-19 safety guidelines in January, 2021.

In a July 23, 2021 citation letter, OSH proposes to fine CHEMED $273,064.00 for willfully violating OSHA by not providing a medical evaluation to determine each employee’s ability to use a N95 respirator, before the employee was fit tested or required to use the respirator in the workplace to protect against SARS-CoV-2 virus while testing suspected COVID-19 individuals.

In addition to the proposed fine, the citation also orders CHEMED to take a series of corrective actions and to post notices in the workplace informing workers of the violation.

Along with the CHEMED citation, OSH also cited a staffing agency contracted to provide nursing staffing to CHEMED, Homecare Therapies for also failing to conduct medical evaluations and fit tests. It received two violations and a proposed fine of $13,653.

In the face of these potential consequences, most covered health care facilities and other employers impacted by the mandate are likely to implement mandates unless and until these requirements are struct down by the courts or withdrawn.

Assuming the Administration follows appropriate procedures to adopt the rules, most legal commentators do not expect the legal challenges opposing the mandate orders to be successful in the courts particularly after the Supreme Court refused to overturn or hear arguments for overturning a unanimous decision of a three-judge panel of the United States Court of Appeals for the Seventh Circuit in Klassen v. Trustees of Indiana University that refused to enjoin a vaccine mandate imposed by Indiana University as a condition of student or staff in person participation in classes or other activities.

While most healthcare and other covered businesses are not expected to challenge the rules, compliance us likely to trigger backlash from some unvaccinated workers strongly opposed to becoming vaccinated. Employers may find that some employees will resign their employment or take other tactics to avoid becoming vaccinated. Even those who elect to become vaccinated to retain their employment are likely to express opposition and dissatisfaction that could create liability exposures for the employers if it becomes a basis for retaliation claim.

Employers in Texas and certain other states that have adopted rules restricting or prohibiting vaccine, mask or other mandates also may face challenges based on the state rules.

In light of these and other uncertainties and challenges, Healthcare and Other or Employers generally should seek legal advice and assistance from legal counsel experienced with the relevant health care, labor and employment, privacy and other concerns.

More Information

This article is republished by permission of the author, Cynthia Marcotte Stamer. To review the original work, see here.

Solutions Law Press, Inc. invites you to receive future updates by registering here and participating and contributing to the discussions in our Solutions Law Press, Inc. LinkedIn SLP Health Care Risk Management & Operations Group, HR & Benefits Update Compliance Group, and/or Coalition for Responsible Health Care Policy. If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here. For specific information about the these or other legal, management or public policy developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.

About the Author

Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years working as an on demand, special project, consulting, general counsel or other basis with domestic and international business, charitable, community and government organizations of all types, sizes and industries and their leaders on labor and employment and other workforce compliance, performance management, internal controls and governance, compensation and benefits, regulatory compliance, investigations and audits, change management and restructuring, disaster preparedness and response and other operational, risk management and tactical concerns.

Most widely recognized for her work with health care, life sciences, insurance and data and technology organizations, she also has worked extensively with health plan and insurance, employee benefits, financial, transportation, manufacturing, energy, real estate, accounting and other services, public and private academic and other education, hospitality, charitable, civic and other business, government and community organizations. and their leaders.

Ms. Stamer has extensive experience advising, representing, defending, and training domestic and international public and private business, charitable, community and governmental organizations and their leaders, employers, employee benefit plans, their fiduciaries and service providers, insurers, and others has published and spoken extensively on these concerns. As part of these involvements, she has worked, published and spoken extensively on these and other human resources, employee benefits, compensation, worker classification and other workforce and other services; insurance; health care; workers’ compensation and occupational disease; business reengineering, disaster and distress; and many other performance, risk management, compliance, public policy and regulatory affairs, and other operational concerns.

A former lead advisor to the Government of Bolivia on its pension project, Ms. Stamer also has worked internationally and domestically as an advisor to business, community and government leaders on these and other legislative, regulatory and other legislative and regulatory design, drafting, interpretation and enforcement, as well as regularly advises and represents organizations on the design, administration and defense of workforce, employee benefit and compensation, safety, discipline, reengineering, regulatory and operational compliance and other management practices and actions.

Ms. Stamer also serves in leadership of a broad range of professional and civic organizations and provides insights and thought leadership through her extensive publications, public speaking and volunteer service with a diverse range of organizations including as Chair of the American Bar Association (“ABA”) Intellectual Property Section Law Practice Management Committee, Vice Chair of the International Section Life Sciences and Health Committee, Past ABA RPTE Employee Benefits & Other Compensation Group Chair and Council Representative and current Welfare Benefit Committee Co-Chair, Past Chair of the ABA Managed Care & Insurance Interest Group, past Region IV Chair and national Society of Human Resources Management Consultant Forum Board Member, past Texas Association of Business BACPAC Chair, Regional Chair and Dallas Chapter Chair, former Vice President and Executive Director of the North Texas Health Care Compliance Professionals Association, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation and many others.

For more information about these concerns or Ms. Stamer’s work, experience, involvements, other publications, or programs, see www.cynthiastamer.com, on Facebook, on LinkedIn or Twitter or e-mail here.

About Solutions Law Press, Inc.™

Leave a Comment » | Accreditation, ambulance, Ambulatory care, Anethesiology, Biological Warfare, CDC, Centers For Disease Control, Child Care, Conditions of Participation, Coronavirus, Corporate Compliance, Covid, Direct Primary Care, Disease Management, DME, Doctor, early childhood education, Emergency Care, Employer, Employment law, Health Care, Health Care Provider, Health Care Quality, health care reimbursement, Health Plan, healthcare, HHS, Home Health, home health, Hospice, Hospital, hospitals, Indian Health, Laboratory tests, Life Sciences, Medicaid, Medicaid Advantage, Medical Licensure, Medicare, Medicare Advantage, Medicare Fee Schedule, Mental Heatlh, nursing home, occupational health, OSHA, Pandemic, Peer Review, Physician, Reimbursement, Union, vaccination | Tagged: ARRA, Corporate Compliance, Covid, DOJ, Health Care, Health Care Fraud, Health Care Provider, HEAT, Hospital, Medicaid, Medicare, Medicare Fraud Task Force, OCR, Pharma, pharmacist, pharmacy, Physician, Physicians, Privacy, Reimbursement, vaccine, vaccine mandate | Permalink
Posted by Cynthia Marcotte Stamer

Comment Now On CMS Electronic Clinical Quality Measures Review Process

September 9, 2021

Now is the time health care providers and others users can give the Centers for Medicare & Medicaid Services (CMS) feedback on its electronic clinical quality measures (eCQMs) using CMS’ 2021 Change Review Process (CRP).

Many physician and other healthcare providers complain misdirected or unrealistic eCQMS unfairly make them choose between quality care and reimbursement Aziz readings impact level of reimbursement Medicare and Medicaid provide to providers under Medicare‘s quality reporting and reimbursement system. Because of the impact on reimbursement and the claim of quality assurance, these readings also often have consequences well beyond reimbursement. In fact they can be used to trigger fraud and other quality investigations by government payers, private payers and facilities using these measures in their compliance and efficiency.

The goal of the CRP is for eCQM implementers to comment on the potential impact of draft changes to eCQMs so CMS and measure stewards can make improvements to meet CMS’s intent of minimizing provider and vendor burden in the collection, capture, calculation, and reporting.

The CRP provides eCQM users the opportunity to review and comment on draft changes to the eCQM specifications and supporting resources under consideration by the measure steward.

This latest installment of the CRP for eligible professional/eligible clinician and eligible hospital/critical access hospital issues will be conducted using the web-based public comment tools on the Office of the National Coordinator for Health Information Technology (ONC) Project Tracking System eCQM Issue Tracker during fall 2021.

A reminder that an ONC Project Tracking System account is required to post a question or comment. New users can create an account via the ONC Project Tracking System website.

CRP updates regarding issues available for public comment will be posted on the ONC Project Tracking System eCQM Issue Trackersummary page.

To subscribe to weekly CRP digest emails containing updates on CRP activities, please email CRP@mathematica-mpr.com.

To find out more about eCQMs, visit the Electronic Clinical Quality Improvement (eCQI) Resource Center. To report questions and comments regarding eCQMs, visit the eCQM Issue Tracker. To submit technical questions and issues related to the development and implementation of the Clinical Quality Language (CQL) standard, visit the CQL Issue Tracker.

More Information

This article is republished by permission of the author, Cynthia Marcotte Stamer. To review the original work, see here.

About the Author

About Solutions Law Press, Inc.™

Leave a Comment » | Academic medicine, Accreditation, Clinical pathway, Conditions of Participation, Corporate Compliance, Credentialing, Doctor, Electronic Medical Records, Evidence Based Medicine, Health Care, health care reimbursement, home health, Hospital, hospitals, managed care, Meaningful Use, Medicaid, Medicaid Advantage, Medical Licensure, Medical Malpractice, Medicare, Medicare Advantage, Medicare Fee Schedule, ONC, Outcomes Data, Peer Review, quality reporting, Reimbursement | Permalink
Posted by Cynthia Marcotte Stamer

CMS/CDC Mandating COVID Vaccination For All Nursing Home Staff

August 18, 2021

The Centers for Medicare & Medicaid Services (CMS), in collaboration with the Centers for Disease Control and Prevention (CDC), announced today plans to mandate COVID-19 vaccination for all Medicare and Medicaid-participating nursing home staff.

The joint announcement released today states the agencies are developing an emergency regulation requiring staff vaccinations within the nation’s more than 15,000 Medicare and Medicaid-participating nursing homes.

The agencies view the new requirement as a key component of protecting the health and safety of nursing home residents and staff.

Today’s action is in keeping with CMS’s authority to establish requirements to ensure the health and safety of individuals receiving care from all providers and suppliers participating in the Medicare and Medicaid programs. About 62% of nursing home staff are currently vaccinated as of August 8 nationally, and vaccination among staff at the state level ranges from a high of 88% to a low of 44%. The emergence of the Delta variant in the United States has driven a rise in cases among nursing home residents from a low of 319 cases on June 27, to 2,696 cases on August 8, with many of the recent outbreaks occurring in facilities located in areas of the United States with the lowest staff vaccination rates.

In May, the Agency issued new regulations that require Long-Term Care (LTC) facilities and Intermediate Care Facilities for Individuals with Intellectual Disabilities (ICFs/IID) to educate residents, clients, and staff about COVID-19 vaccination and, when available, offer a COVID-19 vaccine to these individuals. These regulations also mandate that LTC facilities report weekly COVID-19 vaccination data for residents and staff to the CDC’s National Healthcare Safety Network (NHSN).

Today’s announcement states the agencies will continue to analyze vaccination data for residents and staff from the CDC’s National Healthcare Safety Network (NHSN) data as an additional method of compliance monitoring and in keeping with current practice, as well as deploy the Quality Improvement Organizations (QIOs)—operated under the Medicare Quality Improvement Program—to educate and engage nursing homes with low rates of vaccinations.

Meanwhile, the announcement strongly encourages nursing home residents and staff members to get vaccinated as the Agency undergoes the necessary steps in the rule-making process over the course of the next several weeks. CMS expects nursing home operators to act in the best interest of residents and their staff by complying with these new rules, which the Agency expects to issue in September.

According to today’s announcement, CMS also expects nursing home operators to use all available resources to support employees in getting vaccinated, including employee education and vaccination clinics, as they work to meet this staff vaccination requirement.

More Information

This article is republished by permission of the author, Cynthia Marcotte Stamer. To review the original work, see here.

About the Author

About Solutions Law Press, Inc.™

Leave a Comment » | Academic medicine, Centers For Disease Control, Conditions of Participation, Covid, Doctor, Employer, Employment, Employment law, Federal Health Center, Health Care, Health Care Finance, Health Care Provider, Health Care Quality, health care reimbursement, Health Policy, healthcare, HHS, Hospice, Hospital, hospitals, Inpatient Rehabilitation, Inpatient Rehabilitation Facility, Licensing, long-term care, Medicaid, Medicaid Advantage, Medicare, Medicare Advantage, Mental Health, nursing home, OSHA, Physician, Public Policy, quality reporting, Reimbursement, Skilled Nursing Facility, substance abuse treatment, Whistleblower | Tagged: Health Care, Hospital, Covid, Long-term care, Medicare, nursing home, Physician, vaccination | Permalink
Posted by Cynthia Marcotte Stamer

California Medical Privacy Rules Eased. New 7/1/2021 rules allow greater flexibility on disclosures of breach and give agency more fine flexibility. https://www.cdph.ca.gov/Programs/OLS/CDPH%20Document%20Library/DPH-11-009-Final-Reg-Text-ADA.pdf?TSPD_101_R0=087ed344cfab2000e6180d5b948228963ad32da0f65608ac719d6195a6f27133d24ce863d99f043c0837b3f91e1430004ffeef0033a9cb5c891c837f86137a340f296f3e726ff679e108e054e92eb347c0a393522a8d745468b6d859b3ba0e76

August 3, 2021

California Medical Privacy Rules Eased. New 7/1/2021 rules allow greater flexibility on disclosures of breach and give agency more fine flexibility. https://www.cdph.ca.gov/Programs/OLS/CDPH%20Document%20Library/DPH-11-009-Final-Reg-Text-ADA.pdf?TSPD_101_R0=087ed344cfab2000e6180d5b948228963ad32da0f65608ac719d6195a6f27133d24ce863d99f043c0837b3f91e1430004ffeef0033a9cb5c891c837f86137a340f296f3e726ff679e108e054e92eb347c0a393522a8d745468b6d859b3ba0e76

Leave a Comment » | Academic medicine, ambulance, Corporate Compliance, Cyber crime, data breach, data security, Doctor, Electronic Health Records, Electronic Medical Records, Emergency Care, Employer, Genetic Information, GINA, Health Care, Health Care Provider, Health IT, Health Plan, Health Plans, healthcare, HIPAA, HIPAA Cyber Crime, Hospice, Hospital, hospitals, Life Sciences, managed care, Medical Privacy, Medical Records, NIST, nursing home, occupational health, OCR, ONC, Pharmacy, Physician, Physician Licensing, Privacy | Tagged: California, Data Breach, Health Care, Medical Privacy, Privacy | Permalink
Posted by Cynthia Marcotte Stamer

Dentists Face OSHA Retaliation Suit For Retaliating Against Workers Asking About COVID Safety

July 16, 2021

A new U.S. Department of Labor Occupational Safety and Health Administration (“OSHA”) lawsuit against two North Texas dentists warns health industry and other employers to tread carefully when dealing with employees about COVID-19 or other safety concerns.

The charges arises from the dental practice’s failure to reinstate a dental hygienist and a dental assistant who expressed concerns about the coronavirus safety measures the practice would implement when it reopened in Spring 2020. The lawsuit filed in the U.S. District Court for the Northern District of Texas, Fort Worth Division, names Roger H. Bohannan, DDS Inc. and owners Roger Bohannan and David Bohannan.

In March and April 2020, OSHA says Roger Bohannan and David Bohannan, owners of Roger H. Bohannan DDS Inc. furloughed their employees after the state of Texas prohibited specific dental procedures at the height of the pandemic. While furloughed, the two employees asked what safety measures would be in place once patients and employees returned. After receiving a call to return to work, the employer did not reinstate the hygienist after the employee cited guidance from the Centers for Disease Control and OSHA.

The dental assistant was contacted for rehiring but the employer rescinded the offer after the assistant inquired about what safety measures were in place for their protection.

An OSHA investigation found Bohannan Dentistry discriminated against the employees for exercising their rights under section 11(c) of the Occupational Safety and Health Act and for engaging in the protected activity of making a good faith health and safety complaint. The two employees were not rehired while all of the other staff members at the North Richland Hills practice were reinstated when the furlough ended.

OSHA charges that Bohannan Dentistry violated employees’ rights by terminating them for reporting concerns about unsafe working conditions.

The complaint asks the court to order the dental practice to:

Pay the complainant damages, plus interest, for all past and future lost wages and benefits resulting from the termination; reimbursement for costs and expenses; compensatory damages, including for compensation for emotional pain and distress and exemplary or punitive damages in an amount to be determined at trial.
Post a notice for employees stating that the defendants will not in any manner discriminate against any employee for engaging in activities protected by Section 11(c) of the OSH Act.

The lawsuit highlights the OSHA retaliation exposure employers could face if found to retaliate against employees for expressing concern about COVID or other safety. This is just one on the many minefields employers face dealing with employees in relation to COVID-19 safety concerns, leave, vaccination, remote work, return to work, benefits and other concerns. Health care and other employers are urged to work closely with experienced employment counsel to decide and administer their policies and responses.

More Information

If you are interested in a more information about the concerns discussed in this article or other concerns or developments, see here.

If you would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here. For specific information or counsel about the these or other legal, management or public policy developments, Ms. Stamer’s work, experience, involvements, other publications, or programs, contact Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297, follow her on Facebook, LinkedIn or Twitter or see Cynthia Marcotte Stamer, P.C. Website.

About the Author

Ms. Stamer has extensive experience advising, representing, defending and training domestic and international public and private health care and life sciences, charitable, community and governmental, and other business organizations and their leaders, employee benefit plans, their fiduciaries and service providers, insurers, and others. A widely published author and popular speaker, Ms. Stamer also has published and spoken extensively on wage and other and other health care, human resources, employee benefits and other workforce and services; insurance; workers’ compensation and occupational disease; business reengineering, disaster and distress; and many other compliance, governance, risk management, operational and public and regulatory affairs concerns.

A former lead advisor to the Government of Bolivia on its pension project, Ms. Stamer also has worked internationally and domestically as an advisor to health, managed care, insurance, and other business, community and government leaders on these and other legislative, regulatory and other legislative and regulatory design, drafting, interpretation and enforcement, as well as regularly advises and represents organizations on the design, administration and defense of workforce, employee benefit and compensation, safety, discipline, reengineering, regulatory and operational compliance and other management practices and actions.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here such as:

If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here. ©2021 Cynthia Marcotte Stamer. Non-exclusive right to republish granted to Solutions Law Press, Inc.™

Leave a Comment » | Academic medicine, CDC, Centers For Disease Control, Coronavirus, Corporate Compliance, COVID-19, Disability Discrimination, Discrimination, Disease Management, Doctor, Employee Benefits, Employer, Employment, Employment law, Health Care, Health Care Finance, home health, Hospital, OSHA, Pandemic, Physician, Uncategorized | Tagged: Covid, Dentist, Doctor, Health Care, OSHA, return to work, Safety | Permalink
Posted by Cynthia Marcotte Stamer

CMS Updates COVID-19 Accelerated and Advance Payments FAQs

July 8, 2021

Providers that received COVID-19 accelerated and advance payments should read the Centers for Medicare and Medicaid Services (“CMS”) updated FAQs (PDF) about repayment of COVID-19 accelerated and advance payments to learn how recoupment works and how it affects the provider’s Medicare claims payment amounts.

The new FAQ updates the Repayment of COVID-19 Accelerated and Advance Payments Began on March 30, 2021 (PDF) guidance.

For more information and to follow future updates, see the COVID-19 Accelerated and Advance Payments webpage or contact the author of this update.

More Information

If you are interested in a more detailed description of this or other developments discussed in this article, see here.

About the Author

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here such as:

Leave a Comment » | Academic medicine, American Rescue Plan Act of 2021, Anti-KickBack, billing, Centers For Disease Control, compensation, Conditions of Participation, Coronavirus, Corporate Compliance, COVID-19, Doctor, E-Prescribing, Emergency Care, Health Care, Health care coding, Health Care Finance, Health Care Fraud, Health Care Provider, Health Insurance, Health Plan, Health Plans, healthcare, HHS, Home Health, home health, Hospital, hospitals, Indian Health, Medicaid, Medicare, Medicare Advantage, Medicare Fee Schedule, OIG, Pandemic, Physician, public health, Reimbursement, Uncategorized | Tagged: COVID-19, Health Care, Health Care Fraud, Medicare, Physician, recoupment, Reimbursement | Permalink
Posted by Cynthia Marcotte Stamer

Biden-Harris Plan To Beat COVID-19 Includes Plan To Expand Medicare, Other Health Care Plans

January 21, 2021

Newly sworn in President Joe Biden chose to make an executive order outlining the core principles for his Administration’s policy for fighting COVID-19 the first signed in his new administration.

The text of the COVID-19: The Biden-Harris plan to beat COVID-19 reads as follows:

The American people deserve an urgent, robust, and professional response to the growing public health and economic crisis caused by the coronavirus (COVID-19) outbreak. President Biden believes that the federal government must act swiftly and aggressively to help protect and support our families, small businesses, first responders, and caregivers essential to help us face this challenge, those who are most vulnerable to health and economic impacts, and our broader communities – not to blame others or bail out corporations.

The Biden-Harris administration will always:

Listen to science
Ensure public health decisions are informed by public health professionals
Promote trust, transparency, common purpose, and accountability in our government
President Biden and Vice President Harris have a seven-point plan to beat COVID-19.

Ensure all Americans have access to regular, reliable, and free testing.

Double the number of drive-through testing sites.
Invest in next-generation testing, including at home tests and instant tests, so we can scale up our testing capacity by orders of magnitude.
Stand up a Pandemic Testing Board like Roosevelt’s War Production Board. It’s how we produced tanks, planes, uniforms, and supplies in record time, and it’s how we will produce and distribute tens of millions of tests.
Establish a U.S. Public Health Jobs Corps to mobilize at least 100,000 Americans across the country with support from trusted local organizations in communities most at risk to perform culturally competent approaches to contact tracing and protecting at-risk populations.
Fix personal protective equipment (PPE) problems for good.

President Biden is taking responsibility and giving states, cities, tribes, and territories the critical supplies they need.

Fully use the Defense Production Act to ramp up production of masks, face shields, and other PPE so that the national supply of personal protective equipment exceeds demand and our stores and stockpiles — especially in hard-hit areas that serve disproportionately vulnerable populations — are fully replenished.
Build immediately toward a future, flexible American-sourced and manufactured capability to ensure we are not dependent on other countries in a crisis.
Provide clear, consistent, evidence-based guidance for how communities should navigate the pandemic – and the resources for schools, small businesses, and families to make it through.

Social distancing is not a light switch. It is a dial. President Biden will direct the CDC to provide specific evidence-based guidance for how to turn the dial up or down relative to the level of risk and degree of viral spread in a community, including when to open or close certain businesses, bars, restaurants, and other spaces; when to open or close schools, and what steps they need to take to make classrooms and facilities safe; appropriate restrictions on size of gatherings; when to issue stay-at-home restrictions.
Establish a renewable fund for state and local governments to help prevent budget shortfalls, which may cause states to face steep cuts to teachers and first responders.
Call on Congress to pass an emergency package to ensure schools have the additional resources they need to adapt effectively to COVID-19.
Provide a “restart package” that helps small businesses cover the costs of operating safely, including things like plexiglass and PPE.
“THIS ISN’T ABOUT POLITICS. IT’S ABOUT SAVING LIVES.”

PRESIDENT BIDEN, SEPTEMBER 16, 2020
Plan for the effective, equitable distribution of treatments and vaccines — because development isn’t enough if they aren’t effectively distributed.

Invest $25 billion in a vaccine manufacturing and distribution plan that will guarantee it gets to every American, cost-free.
Ensure that politics plays no role in determining the safety and efficacy of any vaccine. The following 3 principles will guide the Biden-Harris administration: Put scientists in charge of all decisions on safety and efficacy; publicly release clinical data for any vaccine the FDA approves; and authorize career staff to write a written report for public review and permit them to appear before Congress and speak publicly uncensored.
Ensure everyone — not just the wealthy and well-connected — in America receives the protection and care they deserve, and consumers are not price gouged as new drugs and therapies come to market.
Protect older Americans and others at high risk.

President Biden understands that older Americans and others at high-risk are most vulnerable to COVID-19.

Establish a COVID-19 Racial and Ethnic Disparities Task Force, as proposed by Vice President Harris, to provide recommendations and oversight on disparities in the public health and economic response. At the end of this health crisis, it will transition to a permanent Infectious Disease Racial Disparities Task Force.
Create the Nationwide Pandemic Dashboard that Americans can check in real-time to help them gauge whether local transmission is actively occurring in their zip codes. This information is critical to helping all individuals, but especially older Americans and others at high risk, understand what level of precaution to take.
Rebuild and expand defenses to predict, prevent, and mitigate pandemic threats, including those coming from China.

Immediately restore the White House National Security Council Directorate for Global Health Security and Biodefense, originally established by the Obama-Biden administration.
Immediately restore our relationship with the World Health Organization, which — while not perfect — is essential to coordinating a global response during a pandemic.
Re-launch and strengthen U.S. Agency for International Development’s pathogen-tracking program called PREDICT.
Expand the number of CDC’s deployed disease detectives so we have eyes and ears on the ground, including rebuilding the office in Beijing.
Implement mask mandates nationwide by working with governors and mayors and by asking the American people to do what they do best: step up in a time of crisis.

Experts agree that tens of thousands of lives can be saved if Americans wear masks. President Biden will continue to call on:

Every American to wear a mask when they are around people outside their household.
Every Governor to make that mandatory in their state.
Local authorities to also make it mandatory to buttress their state orders.
Once we succeed in getting beyond this pandemic, we must ensure that the millions of Americans who suffer long-term side effects from COVID don’t face higher premiums or denial of health insurance because of this new pre-existing condition. The Biden-Harris Administration will work to ensure that the protections for those with pre-existing conditions that were won with Obamacare are protected. And, they will work to lower health care costs and expand access to quality, affordable health care through a Medicare-like public option.

As the new Administration and Congress get down to work, health industry organizations as well as all other U.S. organizations and communities, their leaders, and individual employees and citizens should carefully follow, and share their input to the Administration, members of Congress, and other federal, state and local officials on the actions and proposals taken to implement this and other policy that impact their interests. The need for careful attention and scrutiny is particularly important for health, managed care and insurance and management organizations as President Biden made clear throughout his campaign his intent to pursue legislative and regulatory reforms that would reverse actions of the previous administration as well as implement addition reforms to expand coverage and regulation of health care, workforce and other critical policies.

More Information

About the Author

An attorney board certified in labor and employment law by the Texas Board of Legal Specialization and Fellow in the American College of Employee Benefit Counsel, Ms. Stamer has worked as an on demand, special project, consulting, general counsel or other basis with health care providers, health insurers, employer and other management organizations, health and other employee benefit plans, their sponsors, insurers, administrators, providers and others and others has published and spoken extensively on these concerns.

A former lead advisor to the Government of Bolivia on its pension project, Ms. Stamer also has worked internationally and domestically as an advisor and advocate for employer and other plan sponsors, fiduciaries, administrators, insurers, technology and other service providers, managed care organizations, direct primary care and other health care providers and others on these and other legislative, regulatory and other legislative and regulatory design, drafting, interpretation and enforcement, as well as regularly advises and represents organizations on the design, administration and defense of workforce, employee benefit and compensation, safety, discipline, reengineering, regulatory and operational compliance and other management practices and actions.

For more information about these concerns or Ms. Stamer’s work, experience, involvements, other publications, or programs, see www.cynthiastamer.com or contact Ms. Stamer via e-mail here.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here such as:

Leave a Comment » | CDC, Centers For Disease Control, Consumer Driven Health Care, Coronavirus, Corporate Compliance, COVID-19, Cultural diversity, Direct Primary Care, Disability Discrimination, DME, Doctor, Emergency Care, Employee Benefits, Employer, Employment, Employment law, ERISA, Evidence Based Medicine, Fast Track Approval, FDA, Health Care, Health Care Finance, Health Care Fraud, Health Care Provider, Health Care Quality, Health Care Reform, health care reimbursement, Health Insurance, Health Plan, Health Plans, healthcare, HHS, home health, Hospice, Hospital, hospitals, Labor Law, Laws, managed care, Medicare, Medicare Advantage, Medicare Prescription Drug Program, Pandemic, Pharmaceudical, Physician, Reimbursement, Uncategorized | Tagged: Biden Administration, COVID-19, Health Care | Permalink
Posted by Cynthia Marcotte Stamer

Comment & Begin Preparation For Compliance With Proposed HIPAA Privacy Rule Changes

December 21, 2020

Health care providers, health plans and health insurers, health care clearinghouses (“Covered Entities”) and their business associates should budget and begin compliance plans, even as they comment on proposed changes to the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule announced by the Department of Health & Human Services Office of Civil Rights (“OCR”) in its December 10, 2020 Notice of Proposed Rulemaking (“Proposed Rule). While the official Federal Register publication date has yet to be announced, OCR already is accepting comments pending the official publication. To assure consideration, comments must be received by OCR no later than 60 days from that official Federal Register publication date.

More than 300 pages in length, the proposed HIPAA Privacy Rule changes include changes OCR intends to strengthen individuals’ rights to access their own electronic and other health information; improve information sharing for care coordination and case management for individuals; facilitate greater family and caregiver involvement in the care of individuals experiencing emergencies or health crises; enhance flexibilities for disclosures in the Opioid and COVID-19 public health emergencies or other emergency or threatening circumstances; and reduce administrative burdens on HIPAA covered health care providers and health plans. Highlights of some of the more significant proposed changes that the Proposed Rule will make if adopted as proposed include:

Individual Access Rights Expanded

The Proposed Rule includes a number of changes that if adopted as proposed, will increase significantly the burdens upon Covered Entities of complying with the individual access requirements of the Privacy Rule. Among other things, these include the following:

Responding To Access Requests. The Proposed Rule calls for:
Reducing the maximum period that Covered Entities have to respond to requests to “as soon as practicable,” but in no case later than 15 calendar days after receipt of the request” instead of current 30 calendar days;
Clarifying the current requirement for Covered Entities to provide PHI in the form and format requested by the individual if “readily producible” in that form and format by providing that “readily producible” includes secure, standards-based APIs using applications chosen by the individuals, such as a “personal health application” and protect individual’s rights to take notes, videos, and photographs, or use other personal resources to view or capture PHI in person;
Requiring Covered Entities to allow individuals access to inspect or obtain copies of their own PHI Free of charge when inspecting in person or accessing PHI on the internet, but continue to permit certain fees for labor, supplies, and postage for certain other means of access in accordance with Privacy Rules parameters. In acquiescence to the District Court’s January, 2020 holding that the prohibition against Covered Entities charging for third party copies in the current regulations exceeded its statutory authority in Ciox Health, LLC v. Azar, however the Proposed Rule would allow Covered Entities to charge limited fees to an individual directing transmission of an electronic copy of PHI to a third party under specified circumstances. The Proposed Rule also would require Covered Entities to provide advance notice of estimated fee schedules on their websites (if they have one) for common types of requests for copies of PHI and, upon request, provide individualized estimates of fees for copies and an itemized list of actual costs for requests for copies.
Right to Direct Copies to Third Parties. The Proposed Rule will require Covered Entities to transmit electronic PHI in an electronic health record to another Covered Entity as part of the individual’s access right. In addition, also in response to the Coix Health, LLC ruling, the Proposed Rule will limit the current right of an individual to direct a copy of PHI to a third party to an electronic copy and will specify that third party direction request need not be in writing as long as it is “clear, conspicuous, and specific.”
Verification. The Proposed Rule also would prohibit a Covered Entity from imposing “unreasonable” identity verification measures on an individual, including notarization of requests, requiring the individual to provide proof of identity in person when remove verification would be practicable, or requiring the individual to complete a full HIPAA authorization form for an access request.

Encouraging Care Coordination and Case Management Activities

The Proposed Rule also would make a number of changes that OCR believes will remove the barriers created in the current Privacy Rule to Covered Entities, whether a health care provider or health plan, engaging in individual-level care coordination and case management activities. Some of the key elements of these changes include the following:

Clarification of Rules For Individual-Level Care Coordination. The Proposed Rule would revise existing rules regarding sharing of information for individual-level care coordination to apply to Covered Entities involved in such coordination activities, whether or not the participating Covered Entity is participating in the actual care or treatment of the individual by:
- Revising the definition of “health care operations” in the current version of the Privacy Rule to clarify that the Privacy Rule allows sharing of PHI for individual-level care coordination among Covered Entities whether or not the participating Covered Entity is one involved in treatment or non-treatment involved Covered Entities such as health plans;
- Revises the current minimum necessary restriction on the disclosure of PHI for purposes of individual-level care coordination to treat all Covered Entities engaging in individual-based care coordination and case management activities the same, regardless of whether performing the activities under the “treatment” or “health care operations” functions as defined by HIPAA. Currently non-treatment involved Covered Entities participating in care coordination and case management can only receive and share the minimum necessary PHI as their lack of involvement in treatment disqualifies them for reliance upon the treatment exception to the Privacy Rule’s general requirement to limit disclosures to the minimum necessary.
- The Proposed Rule also would allow Covered Entities to disclose PHI to community-based organizations, home and community-based services (HCBS) providers, social services agencies, and other similar third parties providing health-related services for individual-level care coordination and case management without obtaining a valid authorization from the individual.

Required Updates To Notices of Privacy Practices

The Proposed Rule also would change the Privacy Rule Notice of Privacy Practices (“NPP”) requirements in a manner that would require most Covered Entities to update their NPPs and associated privacy policies. In the Proposed Rule, OCR proposes:

Replacing the requirement that certain Covered Entities that have a direct treatment relationship with an individual obtain, and retain copies of, written acknowledgements from that individual confirming their receipt of the NPP with a right for the individual to discuss the NPP with a designee of the Covered Entity.
- Modification of the required NPP content to include an additional description and instruction as to how individuals can exercise their access rights and a new, more detailed and instructive, required header meeting new specifications about the information the NPP provides to individuals with respect to their rights, how to exercise them, and the availability of the Covered Entity’s designated contact person.

Disclosures to Family Members and Other Caretakers in Certain Situations

Continuing a trend that OCR has followed over the past several years in its other guidance, the Proposed Rule also would modify the Privacy Rule under specified conditions to facilitate if not encourage health care providers more broadly to disclose PHI to family members or other caretakers of individuals with substance use disorders (SUD) or serious mental illness (SMI) and in emergency situations with less concern about exposing themselves to liability under HIPAA. The key elements of these changes are accomplished as follows:

The Proposed Rule would replace the current language that allows Covered Entities to make certain uses and disclosures of PHI based on their “exercise of professional judgment” with language allowing disclosure based on a Covered Entity’s “good faith belief” that the use or disclosure is in the best interests of the individual and add a presumption of good faith by the health care provider for this purpose.
- The Proposed Rule would enable Covered Entities to disclose PHI to avert a threat to the health or safety of a person or the public when a harm is “serious and reasonably foreseeable,” instead of the current stricter requirement that the Covered Entity see a “serious and imminent” threat to health or safety.

Clarification Regarding Disclosures to TRS Providers

The Proposed Rule also would amend the current Privacy Rules to remove telephone relay service providers (“TRS providers”) from the definition of “business associates” and expressly to allow disclosures to TRS communications assistants for persons who are deaf, hard of hearing, deaf-blind, or who have a speech disability.

Act Now

HIPAA Covered Entities, business associates and other concerned or impacted persons immediately should begin evaluating the Proposed Rule as soon as possible. As the current comment will end 60 days after the impending publication of the Proposed Rule in the Federal Register, concerned persons desiring a change to any provision of the Proposed Rule should prepare and submit appropriate comments to OCR in a timely fashion within the comment period. In addition, all Covered Entities and their business associates should review the rule in preparation for its provisions taking effect with a particular eye toward understanding the actions necessary to comply with the modified rules and to budget the financial and operational resources likely to be required to accomplish that compliance.

More Information

About the Author

Ms. Stamer is most widely recognized for her decades of pragmatic, leading edge work, scholarship and thought leadership on health and other privacy and data security and other health industry legal, public policy and operational concerns. This involvement encompasses helping health care systems and organizations, group and individual health care providers, health plans and insurers, health IT, life sciences and other health industry clients prevent, investigate, manage and resolve sexual assault, abuse, harassment and other organizational, provider and employee misconduct and other performance and behavior; manage Section 1557, Civil Rights Act and other discrimination and accommodation, and other regulatory, contractual and other compliance; vendors and suppliers; contracting and other terms of participation, medical billing, reimbursement, claims administration and coordination, Medicare, Medicaid, CHIP, Medicare/Medicaid Advantage, ERISA and other payers and other provider-payer relations, contracting, compliance and enforcement; Form 990 and other nonprofit and tax-exemption; fundraising, investors, joint venture, and other business partners; quality and other performance measurement, management, discipline and reporting; physician and other workforce recruiting, performance management, peer review and other investigations and discipline, wage and hour, payroll, gain-sharing and other pay-for performance and other compensation, training, outsourcing and other human resources and workforce matters; board, medical staff and other governance; strategic planning, process and quality improvement; meaningful use, EMR, HIPAA and other technology, data security and breach and other health IT and data; STARK, ant kickback, insurance, and other fraud prevention, investigation, defense and enforcement; audits, investigations, and enforcement actions; trade secrets and other intellectual property; crisis preparedness and response; internal, government and third-party licensure, credentialing, accreditation, HCQIA and other peer review and quality reporting, audits, investigations, enforcement and defense; patient relations and care; internal controls and regulatory compliance; payer-provider, provider-provider, vendor, patient, governmental and community relations; facilities, practice, products and other sales, mergers, acquisitions and other business and commercial transactions; government procurement and contracting; grants; tax-exemption and not-for-profit; privacy and data security; training; risk and change management; regulatory affairs and public policy; process, product and service improvement, development and innovation, and other legal and operational compliance and risk management, government and regulatory affairs and operations concerns. to establish, administer and defend workforce and staffing, quality, and other compliance, risk management and operational practices, policies and actions; comply with requirements; investigate and respond to Board of Medicine, Health, Nursing, Pharmacy, Chiropractic, and other licensing agencies, Department of Aging & Disability, FDA, Drug Enforcement Agency, OCR Privacy and Civil Rights, Department of Labor, IRS, HHS, DOD, FTC, SEC, CDC and other public health, Department of Justice and state attorneys’ general and other federal and state agencies; JCHO and other accreditation and quality organizations; private litigation and other federal and state health care industry actions: regulatory and public policy advocacy; training and discipline; enforcement; and other strategic and operational concerns.

Author of leading works on HIPAA and a multitude of other health care, health plan and other health industry matters, the American Bar Association (ABA) International Section Life Sciences Committee Vice Chair, a Scribe for the ABA Joint Committee on Employee Benefits (JCEB) Annual OCR Agency Meeting and a former Council Representative, Past Chair of the ABA Managed Care & Insurance Interest Group, former Vice President and Executive Director of the North Texas Health Care Compliance Professionals Association, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, and a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her extensive publications and thought leadership as well as leadership involvement in a broad range of other professional and civic organizations. For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here such as:

Leave a Comment » | 21st century cures act, Academic medicine, ambulance, ASC, Childrens Health Insurance Program, Coronavirus, Corporate Compliance, COVID-19, data breach, data security, Direct Primary Care, Disease Management, DME, Doctor, drug treatment, Electronic Medical Records, Emergency Care, Employee Benefits, Employer, FDA, Federal Health Center, Genetic Information, GINA, Health Care, Health Care Provider, Health Insurance, Health IT, Health Plan, Health Plans, healthcare, HIPAA, HITECH Act, Home Health, home health, Hospice, Hospital, Hospital, hospitals, Human Subjects Research, Inpatient Rehabilitation, Inpatient Rehabilitation Facility, Life Sciences, long-term care, managed care, medical devices, Medical Privacy, Medical Records, Medicare, Mental Health, Mental Heatlh, nursing home, occupational health, OCR, Pandemic, participating provider, Pharmaceudical, Pharmacy, Physician, Privacy, Psychiatric, public health, Rural Health Care, Skilled Nursing Facility, transplant, Uncategorized, Veterans Health Administration, Wellness | Permalink
Posted by Cynthia Marcotte Stamer

Pennsylvania OCR Settlement Warns Others Against Disability Or Other Civil Rights Discrimination In COVID-19 Resource Allocation & Other Response

April 30, 2020

OCR Says “No” To Allocating Respirators & Other Scarce COVID-19 Care Based On Pre-Existing Medical Conditions

This week’s Department of Health and Human Services (“HHS”) Office of Civil Rights (“OCR”) announcement of that the Pennsylvania Department of Health (PDH) has agreed to using a list of preexisting health care conditions to decide patient priority for access to respirators and other scarce resources during the COVID-19 health care emergency flags potential civil rights discrimination violations by the multitude of other State, local, tribal, and territorial public health policymakers, healthcare systems leadership, and other public emergency decision-makers and other public or private HHS funds recipients (collectively “COVID responders”) whose pandemic emergency response plans call for the use pre-existing health conditions or other civil rights act protected status of patients to ration scarce medical resources like ventilators or other scarce resources.

Coupled with other recent guidance warning COVID responders against discrimination and to provide all legally required accommodations for individuals with pre-existing conditions or disorders constituting disabilities, English as a second language, religion, age or other protected status under Section 504 of the Rehabilitation Act of 1973 (“Section 504”), Title II of the Americans with Disabilities Act (the “ADA”), Section 1557 of the Patient Protection and Affordable Care Act (“Section 1557”) and other federal civil rights laws, health care providers, public health authorities and other COVID-19 responders should act immediately to review and take any action needed to correct civil rights law deficiencies in their own COVID-19 emergency policies or operations.

PDH Enforcement Shows Agencies’ Serious About COVID-19 Civil Rights Enforcement

OCR’s April 28, 2020, OCR announcement of PDH’s agreement to revise its Interim Pennsylvania Crisis Standards of Care for Pandemic Guidelines (CSC Guidelines) to revolve an April 3, 2020 civil rights complaint that PDH’s COVID-19 pandemic response plan illegally discriminated against patients with disabilities by denying or lowing the care priority of patients with certain listed preexisting health conditions shows that OCR and other federal agencies are carrying through on promises to take quick enforcement action against COVID-19 responders that violate federal discrimination and other civil rights laws when dealing with the COVID-19 public health emergency in the March 14, 2020 Crisis Standards of Care and Civil Rights Laws guidance (“CSC Guidelines”) and in OCR’s March 28, 2020 Civil Rights, HIPAA, and the Coronavirus Disease 2019 Bulletin (the “Bulletin”).

The CSC Guidelines jointly issued by the Health Care Resilience Taskforce (composed of HHS, FEMA, and the Army Corps of Engineers) warned public health, health care providers and other pandemic decisionmakers against adopting or applying policies in for managing ventilators or other constricted resources during the COVID-19 or other emergencies that negatively impact vulnerable populations (e.g., older adults and persons with disabilities). After reminding state, local, tribal, and territorial policymakers, healthcare systems leadership, and other decision-makers that civil rights laws are not suspended or waived in times of disaster, the CSC Guidelines cautioned “Federal civil rights laws and regulations apply, and have not been suspended, during the COVID19 national health emergency. Federal fund recipients must comply with those requirements.”

OCR reaffirmed the CSC Guidelines warnings in its March 28, 2020 Bulletin reminding health care providers and other HHS fund recipients the laudable goal of providing care quickly and efficiently during the COVID-19 health care emergency still must comply with federal civil rights prohibitions against disability discrimination in HHS funded programs under Section 1557, Section 504, and other civil rights laws, stating:

“persons with disabilities should not be denied medical care on the basis of stereotypes, assessments of quality of life, or judgments about a person’s relative “worth” based on the presence or absence of disabilities or age. Decisions by covered entities concerning whether an individual is a candidate for treatment should be based on an individualized assessment of the patient based on the best available objective medical evidence.”

The PDH disability discrimination investigation and resolution announced April 28^th resulted from OCR’s investigation of a civil rights complaint filed less than a week after OCR released the Bulletin by Disability Rights Pennsylvania and other disability rights groups. Like many other regional and facility pandemic response plans, the CSC Guidelines listed specific impairments or disabilities that would lead to greater deprioritization of patients for care during a pandemic emergency. The April 3 complaint against PDH charged that Pennsylvania’s CSC Guidelines violated Section 504, Title II, and Section 1557 by unlawfully authorizing the denial of treatment to individuals with disabilities when prioritizing access to critical care and ventilators. The complaint also alleged that the guidelines did not require an individualized assessment, but instead used “preexisting conditions that are disabilities” to determine a priority score.

OCR PDH COVID-19 Civil Rights Investigation & Settlement

Consistent with the warning provided in the Bulletin, OCR moved with rare speed to investigate the complaint and notify PDH of its civil rights concerns. To resolve potential OCR civil rights charges, OCR announced April 28, 2020 that PDH agreed to accept technical assistance from OCR and make the following revisions to its CDC guidelines:

Remove criteria that automatically deprioritized persons on the basis of particular disabilities,
Require individualized assessments based on the best available, relevant, and objective medical evidence to support triaging decisions, and
Ensure at no one is denied care based on stereotypes, assessments of quality of life, or judgments about a person’s “worth” based on the presence or absence of disabilities.

Based on these “responsive actions and the revisions” to its guidelines in response to OCR’s concern, the OCR announcement states that OCR is closing its complaint investigation as satisfactorily resolved without a finding of liability while noting that this does not preclude future OCR enforcement in cases of potential discriminatory implementation of Pennsylvania’s policies by any covered health care provider.

Other Public Health, Health Care & Other COVID Responders Should Confirm COVID-19 Civil Rights Response Compliance

The PDH announcement provides a strong warning to health care providers, public health authorities and other COVID-19 responders to act quickly to evaluate and make any necessary adjustments to redress any questionable disability or other civil rights concerns in their own COVID-19 or other emergency response plans or practices.

Even before the COVID-19 health care emergency, disability and other civil rights law enforcment already was a high priority for OCR and other federal agencies. See e.g., Civil Rights Settlement Highlights Health Industry Discrimination Risks As OCR Prepares To Broaden Requirements; OCR’s Proposed Sex & Other Discrimination Rules Spell Headaches & New Risks For Health Care Providers, Insurers & Others; Check Defensibility Of Policies & Practices Given New HHS/DOJ Joint Disability Law Technical Assistance; Important Lessons For Health Care Providers From Michigan State Settlement Of OCR Larry Nassar Sexual Abuse Investigation; Cognitive Disability Exclusion from Heart Transplant List Placement Prohibited.

The PDH announcement clearly alerts other health care providers and COVID-19 responders that OCR does not plan to slacken civil rights discrimination investigation or enforcement against health care providers or others because of the COVID-19 health care emergency. Rather, the PDH investigaiton and resolution make clear that COVID-19 responders need to use particular care take the well-documented steps necessary to ensure they can defend their ongoing compliance with disability discrimination and other federal civil rights laws throughout the COVID-19 health care emergency.

In this respect, OCR’s PDH announcement makes a point of clearly warning other public health, health care providers and other recipients of HHS funding across the nation against using preexisting conditions or other prohibited stereotypes or classifications of patients without individual assessments to triage and prioritize access to care or other resources for purposes of their COVID-19 or other pandemic planning or response. To emphasize the importance of continued compliance with these civil rights laws, the Bulletin quotes OCR Director Roger Severino, as stating: “Triage decisions must be based on objective and individualized evidence, not discriminatory assumptions about the prognoses of persons with disabilities” and “we must ensure that triage decisions are free from discrimination both in their creation and their application, and we will remain vigilant in achieving that goal.”

These warnings and OCR’s quick enforcement action make clear that OCR’s commitment to hold health care providers, state and local public health, and other COVID-19 responders accountable for ensuring their COVID-19 pandemic plans and operations don’t impermissibly discriminate against individuals with or needing accommodations for disabilities, limited English skills, religious beliefs, age or other status protected by HHS’ civil rights rules. Meanwhile, OCR’s reported willingness to accept PHD’s prompt corrective action without imposing financial sanctions also signals the probable willingness of OCR to show similar leniency to other health care providers or COVID-19 responders that for acting promptly to self-identify and redress potentially questionable past COVID-19 restricted resource allocation practices in response to the PDH announcement and other COVID-19 civil rights compliance guidance.

Given the often multimillion dollar penalties and other heavy sanctions that OCR already regularly imposes against a long and ever-growing list of state and other health care, child care, elder care, insurance and other entities for violating its civil rights nondiscrimination and accommodation requirements and the often significant judgements awarded to private litigant victims, state and local public health, health care providers and other COVID providers generally will want to review and tighten as advisable their existing practices to reduce the risk of being incuring penalties or judgments, being sanctioned, excluded or a combination of these consequences for violation of these nondiscrimination and other civil rights requirements by among other things:

Auditing the adequacy of their pandemic response and other plans, policies, practices and actions for allocating scarce resources and care during the COVID-19 health emergency and in other scarce resource situations;
Developing a strategy and procedures for receiving, investigating and responding with appropriate documentation to complaints or other indicators of potential civil rights violations or risks;
Taking prompt, documented action to reform and strengthen civil rights policies, practices and controls, training, investigations and other compliance and risk management;
Explore potential strategies, if any, to mitigate potential liability exposure to OCR or private litigant investigations or enforcement from past, ongoing or future policies or actions; and
Other actions to maintain and demonstrate their organization-wide culture of compliance with applicable civil rights laws.

Since organization and their leaders likely will be required to uncover and discuss legally and politically sensitive information in the course of these activities, public health, health care and other COVID responders are encouraged to consider engaging qualified legal counsel with relevant experience to advise and guide them in conducting, maintaining and using attorney-client privilege and other procedures to safeguard sensitive analysis, discussions and work product from avoidable discovery and other processes to promote the legal effectiveness and defensibility of their actions.

More Information & Resources

We hope this update is helpful. If you need assistance reviewing or responding to these or other health care related risk management, compliance, enforcement or management concerns, the author of this update, attorney Cynthia Marcotte Stamer, may be able to help. In addition to this update, the author of this article also is extensively published and frequent speaker on pandemic and other infectious disease, and other health industry crisis preparedness and response, and many other regulatory compliance, risk management and operations, public policy and other concerns. For more information about the these or other health or other legal, management or public policy developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.

Solutions Law Press, Inc. also invites you receive future updates by registering on our Solutions Law Press, Inc. Website and participating and contributing to the discussions in our Solutions Law Press, Inc. LinkedIn SLP Health Care Risk Management & Operations Group, HR & Benefits Update Compliance Group, and/or Coalition for Responsible Health Care Policy.

About the Author

Cynthia Marcotte Stamer is a practicing attorney, management and regulatory affairs consultant, author and lecturer, who has worked extensively on pandemic and other crisis planning, preparedness and response and other business change, risk, compliance and operation management throughout her 30 plus year career.

Her experience includes extensive work domestically and internationally with hospitals, health care systems, clinics, skilled nursing and other long term care, rehabilitation and other health care facilities; physicians, medical staff and other health care providers and organizations; accreditation, peer review and quality committees and organizations; health care management and technology and other health and managed care industry clients; self-insured and insured health and other employee benefit plans, their sponsors, fiduciaries, administrators, insurers and service providers and other payers; employers; billing, utilization management, quality, management services organizations, group purchasing organizations; pharmaceutical, pharmacy, and prescription benefit management and organizations; consultants; investors; EHR, claims, payroll and other technology, billing and reimbursement and other services and product vendors; products and solutions consultants and developers; investors; health industry advocacy and other service providers and groups and other health and managed care industry clients as well as federal and state legislative, regulatory, investigatory and enforcement bodies and agencies.

Board Certified in Labor and Employment Law by the Texas Board of Legal Specialization and the author of “Privacy and the Pandemic Workshop” for the Association of State and Territorial Health Plans and a multitude of other publications and workshops on health and other disaster and other crisis preparedness, risk management and response, as well as a multitude of other health care, workforce and other management and regulatory affairs publications and presentations, Ms. Stamer also shares her thought leadership through her extensive and diverse involvement in a broad range of other professional and civic organizations. Examples of these involvements include her service as the current American Bar Association (ABA) International Section Life Sciences Committee Vice Chair, Scribe for the ABA Joint Committee on Employee Benefits (JCEB) Annual OCR Agency Meeting and a former JCEB Council Representative; past Chair of the ABA Health Law Section Managed Care & Insurance Interest Group; former ABA RPTE Employee Benefits & Other Compensation Group Chair and Past Chair and current Co-Chair of its Welfare Benefits Committee; former Vice President and Executive Director of the North Texas Health Care Compliance Professionals Association, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Member and Compliance Chair of the National Kidney Foundation of North Texas; former technical advisor to the National Physicians Council on Health Care Policy; former member of the Stem Cell Advisory Committee; and in a multitude of other professional, trade, civic and community service organizations . For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides consulting, publications and other information, education, coaching, training, tools and other resources on leadership, governance, health care, human resources, employee benefits, insurance, public policy and regulatory affairs, data security and privacy and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here such as:

If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here. ©2020 Cynthia Marcotte Stamer. Limited non-exclusive license to republish granted to SOlSolutions Law Press, Inc.™ All other rights reserved.

Leave a Comment » | 21st century cures act, ADA, air ambulance, Biological Wafar3e, Civil Rights, Consumer Driven Health Care, Coronavirus, Corporate Compliance, COVID-19, Cultural diversity, Diabetes, Disability Discrimination, Disease Management, DME, Doctor, drug treatment, ebola, Emergency Care, English as A Second Language, Health Care Provider, Health Care Quality, healthcare, HHS, Home Health, Hospice, Hospital, hospitals, Inpatient Rehabilitation, Inpatient Rehabilitation Facility, Life Sciences, long-term care, managed care, medical devices, Pandemic, Uncategorized | Permalink
Posted by Cynthia Marcotte Stamer

COVID-19 Telehealth Relief; CMS ESRD, General Practitioner Telehealth Toolkits Released

March 24, 2020

The U.S Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced Health Insurance Portability & Accountability Act Privacy Rule 2019 Novel Coronavirus (COVID-19) emergency enforcement relief for certain covered health care providers and their business associates participating in the operation of mobile, drive-through, or walk-up COVID-19 specimen collection and testing sites that only provide COVID-19 specimen collection or testing services to the public (Community-Based Testing Sites, or CBTS). The Notification of Enforcement Discretion ON CBTS During The COVID-19 Nationwide Public Health Emergency (“Notice”) expands upon the series of HIPAA enforcement relief and other flexibility OCR has granted to health care providers and other HIPAA-covered entities and business associates when dealing with the COVID-19 National Health Emergency declared by President Trump on March 13, 2020.

While welcome relief for those health care providers and business associates that qualify for this relief, it is critical that all health care providers, health plans, health care clearinghouses and their business associates do not overlook the importance of ensuring their HIPAA obligations are fulfilled amid the frenzy of coping with the ongoing COVID-19 crisis. Like OCR’s previously announced March 30, 2020 Notification of Enforcement Discretion for Telehealth Remote Communications During the COVID-19 Nationwide Public Health Emergency (“Telehealth Relief”) and the COVID-19 related flexibilities granted by OCR in its February 2020 Office for Civil Rights, U.S. Department of Health and Human Services BULLETIN: HIPAA Privacy and Novel Coronavirus (“OCR COVID-19 HIPAA Bulletin”), the CBTS Notice provides valuable flexibility and relief for HIPAA covered entities and business associates that qualify for the granted relief. While welcoming this relief, all covered entities and business associates need to keep in mind that the shifting of care locations, systems, affiliations and other arrangements to deal with the COVID-19 national health emergency generally are accompanied by changes in the collection, use, access, disclosure, storage and transmission of protected health information generally and electronic protected health information and its associated devices and systems. Except to the extent protected by COVID-19 or other specific disaster relief from OCR, covered entities and business associates need to use care to conduct appropriately documented risk assessments and take other necessary steps to maintain HIPAA compliance in these operations and systems throughout the emergency. See also COVID-19 Telehealth Relief; CMS ESRD, General Practitioner Telehealth Toolkits Released; OCR Grants HIPAA Telemedic ine Relief During COVID-19 Crisis.

April 9 HIPAA Enforcement Relief For Certain COVID-19 Testing Related Activities

According to Director Roger Severino, the limited enforcement relief in the Notice is intended “to encourage the growth of mobile testing sites so more people can get tested quickly and safely.” Under the April 9, 2020 Notice, OCR will not impose penalties for violations of HIPAA regulatory requirements committed by covered entities or business associates in connection with their good faith participation in the operation of COVID-19 testing sites during the COVID-19 nationwide public health emergency. The enforcement relief provided by the s retroactive to violations committed on or after March 13, 2020 even though just announced on April 9.

The enforcement relief applies to all HIPAA covered health care providers and their business associates when such entities are, in good faith, participating in the operation of a CBTS. According to the Notice, operation of a CBTS includes all activities that support the collection of specimens from individuals for COVID-19 testing. Covered entities and business associates intending to rely upon the enforcement relief need to understand its limited scope. The relief only applies to health care providers or their business associates when participating in CBTS related activities. It does not apply to non-CBTS related activities of health care providers or their business associates including the handling of PHI outside of the operation of a CBTS or to health plans, health care clearinghouses, or their business associates performing health plan and clearinghouse functions. To the extent that an entity performs both plan and provider functions, the Notice says the relief only applies to the entity in its role as a covered health care provider and only to the extent that it participates in a CBTS. Covered entities and business associates not covered by the CBTS relief provided by the Notice generally remain subject to all otherwise applicable HIPAA requirements except as otherwise provided in the Telehealth Relief or other COVID-19 related flexibilities granted by OCR in the OCR COVID-19 HIPAA Bulletin or other previously issued HIPAA guidance for dealing with public emergencies,

While committing that OCR will not take HIPAA enforcement action against covered entities or business associates for violating HIPAA’s regulatory requirements during the COVID-19 emergency, the Notice nevertheless encourages covered entities and business associates participating in the good faith operation of a CBTS to implement reasonable safeguards to protect the privacy and security of individuals’ PHI including:

Using and disclosing only the minimum PHI necessary except when disclosing PHI for treatment.
Setting up canopies or similar opaque barriers at a CBTS to provide some privacy to individuals during the collection of samples.
Controlling foot and car traffic to create adequate distancing at the point of service to minimize the ability of persons to see or overhear screening interactions at a CBTS. (A six foot distance would serve this purpose as well as supporting recommended social distancing measures to minimize the risk of spreading COVID-19.)
Establishing a “buffer zone” to prevent members of the media or public from observing or filming individuals who approach a CBTS, and posting signs prohibiting filming.
Using secure technology at a CBTS to record and transmit electronic PHI.
Posting a Notice of Privacy Practices (NPP), or information about how to find the NPP online, if applicable, in a place that is readily viewable by individuals who approach a CBTS.

While OCR says the Notice’s enforcement relief for CBTS related activity is not conditional upon adherence to these recommendations, CBTS involved covered entities and business associations should keep in mind that the OCR relief does not necessarily affect their otherwise applicable requirements, if any, to comply to these and other health or medical privacy, data security, confidentiality or other similar requirements applicable under otherwise applicable state statutory or common laws, regulations, accreditation or credentialing, contractual or other legally relevant requirements or standards.

Today, the Department of Health and Human Services (HHS) Centers for Medicare & Medicaid Services (CMS) released two comprehensive toolkits on telehealth:

The Telehealth Toolkit for General Practitioners available here;
The End-Stage Renal Disease Providers Toolkit available here .

The Toolkits’ release follows up on last week’s Centers for Medicare & Medicare Services (“CMS”) loosening of requirements for Medicare coverage of telehealth services and privacy and data security requirements so that beneficiaries can receive a wider range of services from their doctors without having to travel to a healthcare facility on a temporary and emergency basis under the 1135 waiver authority and Coronavirus Preparedness and Response Supplemental Appropriations Act.

COVID-19 Emergency TeleHealth Waivers & Rules

Under this temporary new waiver, Medicare can pay for office, hospital, and other visits furnished via telehealth across the country and including in patient’s places of residence starting March 6, 2020. The waiver applies to a range of providers, such as doctors, nurse practitioners, clinical psychologists, and licensed clinical social workers, will be able to offer telehealth to their patients.

New TeleHealth Toolkits

Each of the telehealth toolkits released today contains electronic links to reliable sources of information on telehealth and telemedicine, which will reduce the amount of time providers spend searching for answers and increase their time with patients. HHS intends these links to help providers choose learn about the general concept of telehealth, choose telemedicine vendors, initiate a telemedicine program, monitor patients remotely, and develop documentation tools. Additionally, the information contained within each toolkit also outlines temporary virtual services that could be used to treat patients during this specific period of time.

COVID-19 Temporary Limited Scope HIPAA Privacy Telehealth Relief

The HHS COVID-19 emergency teleheath waivers follow up on the HHS Office for Civil Rights (OCR) March 20, 2020 Notification of Enforcement Discretion on Telehealth Remote Communications (the “Notice”) announcing temporary, limited scope enforcement relief from some, but not all of the requirements of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy, Security and Breach Notification Rules for health care providers using “non-public facing” communication technologies to provide telemedicine services during the COVID-19 health care emergency

Intended to allow health care providers greater latitude under HIPAA to communicate with patients and provide telehealth services through remote communications technologies during the COVID-19 national emergency, the Notice allows covered health care providers wishing to use audio or video communication technology to provide telehealth to patients during the COVID-19 nationwide public health emergency the option to any availabe “non-public facing” remote communication product to communicate with patients if the platform by verifying the platform is HIPAA compliant and securing the necessary business associate agreement (“BAA”) with the communication provider.

Specifically the Notice announces OCR is exercising its enforcement discretion not to impose penalties for noncompliance with the HIPAA Rules in connection with the good faith provision of telehealth using non-public facing audio or video communication products during the COVID-19 nationwide public health emergency in accordance with the requirements set forth in the Notice. The non-enforcement policy applies to telehealth provided for any reason, regardless of whether the telehealth service is related to the diagnosis and treatment of health conditions related to COVID-19. During the COVID-19 emergency, this relief for non-public facing remote communications allows a health care providers the flexibility when it determines appropriate in his or her professional judgement to request to examine a patient using a video chat application connecting the provider’s or patient’s phone or desktop computer in order to assess a greater number of patients while limiting the risk of infection of other persons who would be exposed from an in-person consultation.

The relief does not apply to “public facing” remote communications however, Facebook Live, Twitch, TikTok, and similar video communication applications are considered “public facing.” The OCR bulletin states health care providers should not use any of these or other public facing remote communications to provide telehealth services under the Bulletin.

The Notice also alerts health care providers providing telemedicine services under the Notice need to ensure they have in place appropriate business associate agreements {“BAAs”) with each technology vendors used to conduct these communications and that the vendor is otherwise HIPAA compliant. The Notice lists the following as some vendors that have represented to OCR that they provide HIPAA-compliant video communication products and that they will enter into a HIPAA BAA include:

Skype for Business
Updox
VSee
Zoom for Healthcare
me
Google G Suite Hangouts Meet

Providers should note that the Notice also states that OCR does not endorse, recommend or certify any of these vendors or the adequacy of their BAAs. Consequently, providers intending to use any of thes platforms should conduct their own documented due diligence to confirm that the necessary HIPAA requirements are met. Providers also should keep in mind that the OCR Notice does not modify any otherwise applicable federal or state law, contractual or ethical requirements that may apply to their use of these telemedicine platforms. As many provider’s HIPAA notices may have included statements inconsistent with the use of these technologies, the provider should consider providing notification of the change of its practices that includes disclosures about potentially lower privacy protections. Because the relief is limited in scope and duration, providers relying on the relief also will need to closely monitor developments and adjust practices as necessary when the emergency waivers expire or are modified.

Covered Entities & Business Associates Should Conduct Documented Risk Assessment To Verify Compliance Taking Into Account COVID-19 Operational Changes & Relief

Health care providers, health plans, health care clearinghouses and their business associates hoping to rely upon the relief in the CBTS Notice, the Telehealth Relief, the OCR COVID-19 HIPAA Bulletin or other previously issued HIPAA guidance for dealing with public emergencies, need to verify their qualification and compliance with that guidance. In the meantime, all HIPAA covered entities and business associates also should be cognizant of the advisability of also conducting timely, documented risk assessments and taking other necessary steps to ensure that they can demonstrate that their ongoing operations, taking into account any COVID-19 specific changes in operations, systems, locations, business associates or other HIPAA relevant arrangements or operations, comply with all remaining relevant requirements of HIPAA or other relevant federal or state statutory, regulatory, common law, ethical, contractual or other requirements. This is particularly important with respect to modification locations, equipment, or other COVID-19 related changes may impact or disrupt usual operations or involve the use, access, disclosure, retention or transmission of protected health information or other sensitive data outside of processes, systems or location previously subject to a risk assessment to confirm and document adequate compliance with HIPAA or other relevant requirements. To the extent that any deficiencies may have occurred, timely action should be taken to conduct an appropriate documented investigation and risk assessment, and provide any necessary breach notification or other corrective action necessary to correct or mitigate those events. Because of the potential sensitivity of these activities, health care providers, health plans, health care clearinghouses and their business associations should consider contacting experienced legal counsel to arrange for those activities to be structured to preserve the possibility of using attorney-client privilege or other legal privileges to help defend sensitive communications or evaluations against discovery in the event of a future litigation or administrative investigation.

More Information & Resources

We hope this update is helpful. If you need assistance reviewing or responding to these or other health care related risk management, compliance, enforcement or management concerns, the author of this update, attorney Cynthia Marcotte Stamer, may be able to help. To learn more about Ms. Stamer, her services, experience, publications or involvements; to review or request other developments, publications, resources and tools; or to register for future updates, see www.cynthiastamer.com, see www.cynthiastamer.com; connect on LinkedIn or Facebook; or contact us via e-mail or via telephone at (214) 452 -8297

About The Author

IMPORTANT NOTICE ABOUT THIS COMMUNICATION

NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author and Solutions Law Press, Inc.™ reserve the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The author and Solutions Law Press, Inc.™ disclaim, and have no responsibility to provide any update or otherwise notify anyone any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication. Readers acknowledge and agree to the conditions of this Notice as a condition of their access of this publication. Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein. ©2020 Cynthia Marcotte Stamer. Limited non-exclusive right to republish granted to Solutions Law Press, Inc.™.

Leave a Comment » | Academic medicine, Centers For Disease Control, Childrens Health Insurance Program, Conditions of Participation, Coronavirus, COVID-19, Disease Management, Doctor, E-Prescribing, Electronic Health Records, Electronic Medical Records, Emergency Care, Employer, Health Care, Health Care Finance, Health Care Provider, Health Care Quality, Health Insurance, Health IT, Health Plan, HIPAA, Home Health, home health, Hospice, Hospital, hospitals, Indian Health, Inpatient Rehabilitation, Inpatient Rehabilitation Facility, Licensing, Meaningful Use, Medicaid, Medical Licensure, Medical Malpractice, Medical Privacy, Medical Records, Medicare, Medicare Advantage, Mental Health, Pandemic, Pharmaceudical, Pharmacy, Physician, Prescription Drugs, Prohibited Transaction, Reimbursement, Rural Health Care, Uncategorized, Veterans Health, Veterans Health Care | Permalink
Posted by Cynthia Marcotte Stamer

Gastroenterology Practices Pays $100K For HIPAA Noncompliance

March 3, 2020

The $100,000 settlement payment the medical practice of Steven A. Porter, M.D., has agreed to pay $100,000 to the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services to settle a potential violation of the Health Insurance Portability and Accountability Act (HIPAA) Security Rule Serves as a warning to other physicians and healthcare providers that they too could pay big bucks for failing to comply with HIPAA. The resolution agreement and corrective action plan may be found here.

Dr. Porter’s medical practice provides gastroenterological services to over 3,000 patients per year in Ogden, Utah.

OCR began investigating Dr. Porter’s medical practice after it filed a breach report with OCR related to a dispute with a business associate. OCR’s investigation determined that Dr. Porter had never conducted a risk analysis at the time of the breach report, and despite significant technical assistance throughout the investigation, had failed to complete an accurate and thorough risk analysis after the breach and failed to implement security measures sufficient to reduce risks and vulnerabilities to a reasonable and appropriate level.

Many physician and other small healthcare providers underestimate their responsibilities or their exposure for noncompliance. Many have never conducted the necessary risk analysis or initially adopted the requisite policies and procedures to comply. Furthermore, practices relying upon outsourced management or compliance services for their HIPAA compliance need to ensure that they have appropriate business associates agreements with those and all other service providers. While OCR typically takes into account efforts to obtain services as evidence of a culture of compliance, when breaches happen in the practice or at the business associate, A physician or other healthcare provider can expect OCR to investigate their compliance and potentially their culpability for the breach. physicians and other healthcare providers also should not assume that their engagement of a service HIPAA to comply with or provide HIPAA compliant services equates to making that service provider accountable for the quality in adequacy of the services.Typically service providers and consultants limit their liability contractually and otherwise when providing these services, often do not have adequate compliance themselves, or both. Licensing agreements and other services contracts typically include various provisions excusing or limiting the service provider from liability for deficiencies in compliance resulting from inadequacies in their procedures, operational noncompliance or both. In some instances, business associates may include provisions in their business associate agreement or other related agreements that actually obligate the healthcare provider to defend and indemnify the service provider for breaches and other liabilities arising out of HIPAA noncompliance. Since the cost of investigating and defending an alleged complaint can be very expensive even if no penalties are sought by OCR, most physicians and other healthcare providers should explore the availability of insurance coverage to help protect against these expenses.

“All health care providers, large and small, need to take their HIPAA obligations seriously,” said OCR Director Roger Severino. “The failure to implement basic HIPAA requirements, such as an accurate and thorough risk analysis and risk management plan, continues to be an unacceptable and disturbing trend within the health care industry.”

In addition to the monetary settlement, Dr. Porter will undertake a corrective action plan that includes two years of monitoring.

Physicians and other healthcare providers need to keep in mind that OCR penalties are not the only risk of HIPAA violations. Noncompliance with these requirements also commonly gives rise to licensing board, peer review, and other professional, employment or contractual consequences as well as negative publicity.

The resolution agreement demonstrates OCR requires physicians shouldn’t expect OCR to look the other way when they violate HIPAA. Given the potential professional and monetary liability risk that result from complaints and violations, physicians and other healthcare Should consult with qualified legal counsel for assistance with assessing the adequacy of their current clients within the scope of attorney-client privilege. Additionally, in the event of a complaint or threaten complaint, physicians and other healthcare providers should take appropriate steps to conduct a documentary investigation. As discussions and activities conducted in association with such investigations can involve sensitive communications and information, it also is advisable to consult with legal counsel at the beginning of an issue to determine whether the investigation or other activities should be conducted within the scope of attorney-client privilege so as to minimize exposure of sensitive communications as admissions or another discoverable evidence for administrative or litigation proceedings.

More Information

About the Author

This involvement encompasses helping health care systems and organizations, group and individual health care providers, health plans and insurers, health IT, life sciences and other health industry clients prevent, investigate, manage and resolve sexual assault, abuse, harassment and other organizational, provider and employee misconduct and other performance and behavior; manage Section 1557, Civil Rights Act and other discrimination and accommodation, and other regulatory, contractual and other compliance; vendors and suppliers; contracting and other terms of participation, medical billing, reimbursement, claims administration and coordination, Medicare, Medicaid, CHIP, Medicare/Medicaid Advantage, ERISA and other payers and other provider-payer relations, contracting, compliance and enforcement; Form 990 and other nonprofit and tax-exemption; fundraising, investors, joint venture, and other business partners; quality and other performance measurement, management, discipline and reporting; physician and other workforce recruiting, performance management, peer review and other investigations and discipline, wage and hour, payroll, gain-sharing and other pay-for performance and other compensation, training, outsourcing and other human resources and workforce matters; board, medical staff and other governance; strategic planning, process and quality improvement; meaningful use, EHR, HIPAA and other technology, data security and breach and other health IT and data; STARK, ant kickback, insurance, and other fraud prevention, investigation, defense and enforcement; audits, investigations, and enforcement actions; trade secrets and other intellectual property; crisis preparedness and response; internal, government and third-party licensure, credentialing, accreditation, HCQIA and other peer review and quality reporting, audits, investigations, enforcement and defense; patient relations and care; internal controls and regulatory compliance; payer-provider, provider-provider, vendor, patient, governmental and community relations; facilities, practice, products and other sales, mergers, acquisitions and other business and commercial transactions; government procurement and contracting; grants; tax-exemption and not-for-profit; privacy and data security; training; risk and change management; regulatory affairs and public policy; process, product and service improvement, development and innovation, and other legal and operational compliance and risk management, government and regulatory affairs and operations concerns. to establish, administer and defend workforce and staffing, quality, and other compliance, risk management and operational practices, policies and actions; comply with requirements; investigate and respond to Board of Medicine, Health, Nursing, Pharmacy, Chiropractic, and other licensing agencies, Department of Aging & Disability, FDA, Drug Enforcement Agency, OCR Privacy and Civil Rights, Department of Labor, IRS, HHS, DOD, FTC, SEC, CDC and other public health, Department of Justice and state attorneys’ general and other federal and state agencies; JCHO and other accreditation and quality organizations; private litigation and other federal and state health care industry actions: regulatory and public policy advocacy; training and discipline; enforcement; and other strategic and operational concerns.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here such as:

Leave a Comment » | ambulance, ASC, data security, Direct Primary Care, Doctor, drug treatment, Durable Medical Equipment, E-Prescribing, Electronic Health Records, Electronic Medical Records, Emergency Care, FACTA, Federal Health Center, Genetic Information, GINA, Health Care Fraud, Health Care Provider, Health IT, HHS, HIPAA, HIPAA Cyber Crime, HITECH Act, Home Health, home health, Hospice, Hospital, hospitals, Licensing, long-term care, Medical Privacy, Medical Records, OCR, participating provider, Pharmacy, Physician, Physician Licensing, Privacy, Substance Abuse, Uncategorized | Permalink
Posted by Cynthia Marcotte Stamer

ONC Adds Reducing Provider EHR Burdens & Promoting Electronic Health Data Use In Research To Health IT Priorities

February 25, 2020

Reducing health care providers burdens from using electronic health records (“EHRs”) and promoting the better uses of electronic medical data in medical research are the focus of two new health information technology (“health IT”) policy documents released this week by the Department of Health & Human Services (“HHS”) Office of the National Coordinator for Health Information Technology (“ONC”). Health care providers, health researchers, health plans, health care clearinghouses and other health data collectors or users, as well as health IT providers and other interested persons will want to evaluate carefully these new ONC releases for insights about policy and other efforts ONC is promoting to shape the use of health IT and data.

Reducing Health IT and EHR Burdens On Providers

On February 21, 2020, ONC moved forward on its efforts to implement “a comprehensive strategy to reduce the regulatory and administrative burden related to the use of health IT, including EHRs” by publishing its “Strategy on Reducing Regulatory and Administrative Burdens Relating to the Use of Health IT and EHRs” (the “EHR Report”) targets burdens tied to regulatory and administrative requirements that HHS can directly impact through the rulemaking process. A collaborative effort between ONC and the Centers for Medicare & Medicaid Services (CMS), the report’s strategies was developed in response to a Congressional mandate in the 21^st Century Cures Act, which directed HHS to develop a plan of action to reduce regulatory and administrative burden relating to the use of health IT and EHRs and finalizes the draft version of this strategy ONC released in November 2018. Based on stakeholder input, the final HER Report outlines three overarching goals designed to reduce clinician burden:

Reduce the effort and time required to record health information in EHRs for clinicians;
Reduce the effort and time required to meet regulatory reporting requirements for clinicians, hospitals, and healthcare organizations; and
Improve the functionality and ease of use of EHRs.

ONC says reducing unnecessary regulatory burden will alleviate time spent on administrative tasks. For example, during listening sessions with clinicians, we heard criticism that the documentation guidelines for Evaluation and Management (E/M) visits were a source of EHR-related burden and overly complicated. They told us these requirements result in “pajama time,” where physicians spend hours after clinic sessions and on weekends entering data to satisfy billing and quality reporting requirements. Poor usability features within EHRs can further exacerbate this issue, as clinicians find it difficult to navigate long records within the EHR interface. Based on this feedback, the report covers four key areas:

Clinical documentation
Health IT usability (or ease of use of health IT tools and systems)
Federal health IT and EHR reporting requirements
Public health reporting (including coordination with prescription drug reporting programs and electronic prescribing of controlled substances).

In addition to responding to the direction included in the EHR Report, health care and health IT providers also will want to continue to monitor and communicate with ONC. While moving forward on the implementation of the objectives identified in the EHR Report, ONC says it plans to continue to reach out and engage the clinician community and other key stakeholder communities and to monitor emerging and ongoing burdens related to the use of EHRs, such as burdens related to EHR inbox management and other efforts to enable further automation in health care, with a focus on prior authorization, quality reporting, and other aspects of our current system that can reduce time spent using health IT.

Leveraging Health IT For Research

On February 24, 2020, ONC followed up by releasing its National Health IT Priorities for Research: A Policy and Development Agenda. The Agenda articulates its latest vision of a health information technology infrastructure that supports alignment between the clinical and research ecosystems in research.

The Agenda identifies two overarching goals along with nine associated priority areas ONC believes stakeholders can take to achieve the respective visions more quickly and effectively:

Read the Agenda here.

More Information

The Agenda is the latest in a series of priorities, agendas and other initiatives adopted by ONC since its establishment in furtherance of its legislative mandate under the Health Information Technology for Economic and Clinical Health Act (HITECH Act) of 2009 to improve the health and well-being of individuals and communities through the use of technology and health information.

Health care providers, plans, technology vendors and providers and other stakeholders impacted by ONC and other electronic medical record or health IT systems should take into account the likely implications of these and other ONC pronouncements on their programs and practices when planning and updating them.

About the Author

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here such as:

Comments Off on ONC Adds Reducing Provider EHR Burdens & Promoting Electronic Health Data Use In Research To Health IT Priorities | Academic medicine, ambulance, Conditions of Participation, Consumer Driven Health Care, Corporate Compliance, Disease Management, DME, Doctor, drug treatment, Durable Medical Equipment, Electronic Health Records, Electronic Medical Records, Evidence Based Medicine, FDA, Health Care, Health care coding, Health Care Finance, Health Care Fraud, Health Care Provider, Health Care Quality, Health Care Reform, health care reimbursement, Health Insurance, Health IT, Health Plan, Health Plans, Health Policy, healthcare, HHS, HITECH Act, Home Health, home health, Hospice, Hospital, hospitals, Human Subjects Research, Meaningful Use, Medicare Advantage, Medicare Prescription Drug Program, Mental Health, NIOSH, occupational health, OCR, ONC, Outcomes Data, pain management, Pharmacy, Physician, Prescription Drugs, Prospective Payment, public health, Public Policy, quality reporting, Reimbursement, research, Technology, Telemedicine, Uncategorized, Veterans Health, Veterans Health Care, Wellness | Permalink
Posted by Cynthia Marcotte Stamer

New Texas Law Requiring Anti-Retaliation Policies For Nonprofit Healthcare Org’s Takes Effect 1/1

December 27, 2019

Nonprofit health organizations must develop anti-retaliation policies for doctors and submit biennial reports to the Texas Medical Board in response to a House Bill 1532 mandate that takes effect January 1, 2020.

Passed by the Texas Legislature on September 1, 2019, the Bill also amends the Medical Practice Act to require the Texas Medical Board to accept and process complaints against a certified nonprofit health organization in the same manner it would handle complaints against a health professional.

For More Information

We hope this update is helpful. For more information about this or other labor and employment developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.

About the Author

Ms. Stamer is most widely recognized for her decades-long leading edge work, scholarship and thought leadership on health and other privacy and data security and other health industry legal, public policy and operational concerns. This involvement encompasses helping health care systems and organizations, group and individual health care providers, health plans and insurers, health IT, life sciences and other health industry clients prevent, investigate, manage and resolve sexual assault, abuse, harassment and other organizational, provider and employee misconduct and other performance and behavior; manage Section 1557, Civil Rights Act and other discrimination and accommodation, and other regulatory, contractual and other compliance; vendors and suppliers; contracting and other terms of participation, medical billing, reimbursement, claims administration and coordination, Medicare, Medicaid, CHIP, Medicare/Medicaid Advantage, ERISA and other payers and other provider-payer relations, contracting, compliance and enforcement; Form 990 and other nonprofit and tax-exemption; fundraising, investors, joint venture, and other business partners; quality and other performance measurement, management, discipline and reporting; physician and other workforce recruiting, performance management, peer review and other investigations and discipline, wage and hour, payroll, gain-sharing and other pay-for performance and other compensation, training, outsourcing and other human resources and workforce matters; board, medical staff and other governance; strategic planning, process and quality improvement; meaningful use, EMR, HIPAA and other technology, data security and breach and other health IT and data; STARK, ant kickback, insurance, and other fraud prevention, investigation, defense and enforcement; audits, investigations, and enforcement actions; trade secrets and other intellectual property; crisis preparedness and response; internal, government and third-party licensure, credentialing, accreditation, HCQIA and other peer review and quality reporting, audits, investigations, enforcement and defense; patient relations and care; internal controls and regulatory compliance; payer-provider, provider-provider, vendor, patient, governmental and community relations; facilities, practice, products and other sales, mergers, acquisitions and other business and commercial transactions; government procurement and contracting; grants; tax-exemption and not-for-profit; privacy and data security; training; risk and change management; regulatory affairs and public policy; process, product and service improvement, development and innovation, and other legal and operational compliance and risk management, government and regulatory affairs and operations concerns. to establish, administer and defend workforce and staffing, quality, and other compliance, risk management and operational practices, policies and actions; comply with requirements; investigate and respond to Board of Medicine, Health, Nursing, Pharmacy, Chiropractic, and other licensing agencies, Department of Aging & Disability, FDA, Drug Enforcement Agency, OCR Privacy and Civil Rights, Department of Labor, IRS, HHS, DOD, FTC, SEC, CDC and other public health, Department of Justice and state attorneys’ general and other federal and state agencies; JCHO and other accreditation and quality organizations; private litigation and other federal and state health care industry actions: regulatory and public policy advocacy; training and discipline; enforcement; and other strategic and operational concerns.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here such as:

NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author reserves the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The author and Solutions Law Press, Inc. disclaim, and have no responsibility to provide any update or otherwise notify anyone any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.

©2019 Cynthia Marcotte Stamer. Non-exclusive right to republish granted to Solutions Law Press, Inc.™ For information about republication, please contact the author directly. All other rights reserved.

1 Comment | Corporate Compliance, Doctor, Employer, Health Care Fraud, Health Care Provider, Health Care Quality, health care reimbursement, healthcare, Home Health, Hospice, Hospital, hospitals, Inpatient Rehabilitation, Inpatient Rehabilitation Facility, Licensing, managed care, Nonprofits, participating provider, Peer Review, Physician, Physician Licensing, Provider contracting, retaliation, Uncategorized, Whistleblower | Permalink
Posted by Cynthia Marcotte Stamer

Omnicare & CVS Accused Of Health Care Fraud In Long Term Care Pharmacies

December 17, 2019

The Department of Justice today sued the nation’s largest long term care pharmacy provider, Omnicare, and its parent company, CVS Healthcare Corporation seeking seeks damages and civil penalties under the False Claims Act for fraudulently billing federal healthcare programs for hundreds of thousands of non-controlled prescription drugs DOJ says Omnicare illegally dispensed to elderly and disabled individuals in assisted living facilities, group homes, independent living communities, and other non-skilled residential long-term care facilities (“LTC facilities”).

In the civil health care fraud complaint the DOJ filed a New York Federal District Court, the Omnicare illegally dispensed and billed the federal government and patients for antipsychotics, anticonvulsants, and antidepressants to elderly and disabled residents in LTC facilities without proper prescriptions. DOJ’s lawsuit alleges that instead of obtaining new prescriptions from patients’ doctors after the old ones had expired or run out of refills, Omnicare just assigned a new number to the old prescription and kept on dispensing drugs for months, and sometimes years, after the prescriptions expired. DOJ’s complaint alleges that Omnicare internally referred to these renumbered expired prescriptions as “rollover” prescriptions. The DOJ complaint also charges that Omnicare also submitted, or caused to be submitted false claims for payment for medications dispensed based on invalid prescriptions it internally referred to as “rollover” prescriptions” to Medicare, Medicaid, and TRICARE in violation of the False Claims Act.

Omnicare is the country’s largest provider of pharmacy services to LTC facilities. It currently operates approximately 160 pharmacies in 47 states across the United States, which dispense tens of millions of prescription drugs to LTC facilities that serve elderly and disabled individuals. CVS acquired Omnicare in May 2015, and shortly thereafter assumed an active role in overseeing Omnicare’s operations, including pharmacy dispensing practices and systems.

According to the DOJ complaint failed today, from 2010 until 2018, Omnicare and CVS allowed Omnicare pharmacies to dispense non-controlled prescription drugs to tens of thousands of elderly and disabled individuals living in LTC facilities based on prescriptions that had expired, were out of refills, or were otherwise invalid. Omnicare repeatedly disregarded prescription refill limitations and expiration dates that required doctor visits to reevaluate whether the drug should be renewed. Instead of requesting new prescriptions when old ones expired, Omnicare allowed prescriptions to “roll over.” At Omnicare, “rolling over” a prescription meant that when a prescription expired, Omnicare’s computer systems would assign the old prescription a new number and the pharmacy would continue to dispense the drug indefinitely without the need for a prescription renewal. Depending on the computer system used, Omnicare also sometimes assigned a fake number of authorized refills to a prescription – usually 99 allowable refills for Medicare patients – to allow for continuous refilling. DOJ claims that Omnicare pharmacies “rolled over” prescriptions for elderly and disabled individuals living in more than 3,000 residential long-term care facilities, including assisted living facilities operated by the largest long-term care providers in the country, such as Brookdale Senior Living, Atria Senior Living, Sunrise Senior Living Services, and Five Star Senior Living. DOJ also claims Omnicare managers exerted pressure on overwhelmed pharmacy staff to fill prescriptions quickly so that Omnicare could submit claims and collect payments.

According to the DOJ, Senior management at Omnicare and CVS knew of the practices. The DOJ complaint charges among other things that the Omnicare’s Compliance Department succinctly acknowledged the problem in an internal April 2015 email in which one Regional Compliance Officer stated: “An issue that I am running into more and more in multiple states concerns the ability of our systems to allow prescriptions to continue to roll after a year to a new prescription number without any documentation or pharmacist intervention.” A compliance officer then forwarded the email to the head of Omnicare’s Third Party Audit group, who responded that she had a “potential solution (programmed last year) but no one is rolling it out now.”

DOJ says Omnicare’s practice of illegally dispensing drugs to elderly and disabled individuals living in LTC facilities exposed these vulnerable individuals to a significant risk of harm. In contrast to traditional skilled nursing homes, where residents have access to 24-hour medical care supervised by doctors, assisted living and other non-skilled residential facilities offer more limited medical care, or none at all. In particular, these LTC facilities generally do not have doctors on staff to oversee and monitor residents’ drug therapy.

Many of the prescription drugs dispensed by Omnicare without valid prescriptions treat serious, chronic conditions, such as dementia, depression, and heart disease. They include antipsychotics, anticonvulsants, cardiovascular medications, anti-depressants, and other drugs that can have dangerous side effects and need to be closely monitored by doctors, particularly when taken in combination with other drugs by elderly patients. By repeatedly dispensing potent drugs without current and valid prescriptions, Omnicare jeopardized the health and safety of tens of thousands of individuals who continued to take the same drugs for months, and sometimes years, without consulting their doctors to determine whether the medications were still clinically appropriate.

A large percentage of the long-term care residents served by Omnicare are beneficiaries of federal healthcare programs. By dispensing drugs without valid prescriptions, Omnicare presented, or caused to be presented, hundreds of thousands of false claims to Medicare, Medicaid, and TRICARE. These claims were ineligible for payment. In addition, Omnicare knowingly transmitted false information to these federal healthcare programs that made it appear that drug dispensations were supported by current, valid prescriptions from physicians when in fact they were not.

The DOJ lawsuit resulted from the DOJ’s intervention in whistleblower lawsuits filed by former employees.

In today’s announcement of the lawsuit, Manhattan U.S. Attorney Geoffrey S. Berman said: “As alleged, Omnicare put at risk the health of tens of thousands of elderly and disabled individuals living in assisted living and other residential long-term care facilities by dispensing drugs for months, and sometimes years, without obtaining current, valid prescriptions from doctors. A pharmacy’s fundamental obligation is to ensure that drugs are dispensed only under the supervision of treating doctors who monitor patients’ drug therapies. Omnicare blatantly ignored this obligation in favor of pushing drugs out the door as quickly as possible to make more money. This Office will continue to hold accountable those who put at risk people’s health and safety just to turn a profit.”

Meanwhile, HHS-OIG Special Agent in Charge Scott J. Lampert said: “Failing to consult doctors as to whether prescriptions should be refilled places patients’ health and medical care at serious risk. These automatic rollover refills could have significant consequences for vulnerable people in long term-care facilities. We will continue working with law enforcement partners to protect people depending on these taxpayer-funded government health programs.”

More information is expected to be forthcoming.

For More Information

Ms. Stamer is most widely recognized for her decades-long leading edge work, scholarship and thought leadership on health and other privacy and data security and other health industry legal, public policy and operational concerns. This involvement encompasses helping health care systems and organizations, group and individual health care providers, health plans and insurers, health IT, life sciences and other health industry clients prevent, investigate, manage and resolve fraud, substandard quality, safety, unprofessional conduct, sexual assault, abuse, harassment and other organizational, provider and employee misconduct and other performance and behavior; manage Section 1557, Civil Rights Act and other discrimination and accommodation, and other regulatory, contractual and other compliance; vendors and suppliers; contracting and other terms of participation, medical billing, reimbursement, claims administration and coordination, Medicare, Medicaid, CHIP, Medicare/Medicaid Advantage, ERISA and other payers and other provider-payer relations, contracting, compliance and enforcement; Form 990 and other nonprofit and tax-exemption; fundraising, investors, joint venture, and other business partners; quality and other performance measurement, management, discipline and reporting; physician and other workforce recruiting, performance management, peer review and other investigations and discipline, wage and hour, payroll, gain-sharing and other pay-for performance and other compensation, training, outsourcing and other human resources and workforce matters; board, medical staff and other governance; strategic planning, process and quality improvement; meaningful use, EMR, HIPAA and other technology, data security and breach and other health IT and data; STARK, antikickback, insurance, and other fraud prevention, investigation, defense and enforcement; audits, investigations, and enforcement actions; trade secrets and other intellectual property; crisis preparedness and response; internal, government and third-party licensure, credentialing, accreditation, HCQIA and other peer review and quality reporting, audits, investigations, enforcement and defense; patient relations and care; internal controls and regulatory compliance; payer-provider, provider-provider, vendor, patient, governmental and community relations; facilities, practice, products and other sales, mergers, acquisitions and other business and commercial transactions; government procurement and contracting; grants; tax-exemption and not-for-profit; privacy and data security; training; risk and change management; regulatory affairs and public policy; process, product and service improvement, development and innovation, and other legal and operational compliance and risk management, government and regulatory affairs and operations concerns. to establish, administer and defend workforce and staffing, quality, and other compliance, risk management and operational practices, policies and actions; comply with requirements; investigate and respond to Board of Medicine, Health, Nursing, Pharmacy, Chiropractic, and other licensing agencies, Department of Aging & Disability, FDA, Drug Enforcement Agency, OCR Privacy and Civil Rights, Department of Labor, IRS, HHS, DOD, FTC, SEC, CDC and other public health, Department of Justice and state attorneys’ general and other federal and state agencies; JCHO and other accreditation and quality organizations; private litigation and other federal and state health care industry actions: regulatory and public policy advocacy; training and discipline; enforcement; and other strategic and operational concerns.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here such as:

Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.

Leave a Comment » | Conditions of Participation, Controlled Substances, Corporate Compliance, DEA, Doctor, drug treatment, E-Prescribing, false claims act, FDA, Federal Sentencing Guidelines, Health Care, Health Care Finance, Health Care Fraud, Health Care Provider, Health Care Quality, health care reimbursement, Health Insurance, Health Plan, Health Plans, healthcare, HHS, Hospice, long-term care, Medicare Prescription Drug Program, OIG, Patient Empowerment, Pharmaceudical, Pharmacy, Prescription Drugs, Reimbursement, Uncategorized, Veterans Health, Veterans Health Administration, Veterans Health Care | Tagged: controlled substance, cvs, DEA, drugs, false claims act, Health Care, Health Care Fraud, Health Care Provider, HEAT, Medicaid, omnicare, pharmacist, pharmacy | Permalink
Posted by Cynthia Marcotte Stamer

Jackson Health System Nailed With $2.15 Million Plus Penalty For Violating HIPAA

October 23, 2019

Jackson Health System (JHS) has paid a heavy price for violating the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security and Breach Notification Rules between 2013 and 2016.

The $2,154,000 civil monetary penalty the Miami, Florida-based nonprofit academic medical system paid to the Department of Health & Human Services Office for Civil Rights (OCR) to settle OCR charges it violated the HIPAA Security & Breach Notifications= Rules makes clear the urgent need for other health care providers, health plans, healthcare clearinghouses and their business associates to verify the adequacy of their organizations with HIPAA’s privacy, security and breach notification rules currently and on an ongoing basis.

The $2.1 million plus payment was required to satisfy a civil monetary penalty assessment OCR imposed in a Notice of Proposed Determination and Notice of Final Determination made public by OCR on October 23, 2019 in response to findings from a series of investigations of HIPAA breach and compliance concerns raised between 2013 and 2016 raised by various HIPAA-mandated breach reports and media reports that raised concerns about improper access disclosure and use of patient PHI between 2013 and 2016. When JHS did not challenge the findings or determination became final. OCR reports JHS has paid the specified $2.154,000 civil monetary penalties.

JHS HIPAA Violations Found By OCR

JHS operates six major hospitals, a network of urgent care centers, multiple primary care and specialty care centers, long-term care nursing facilities, and corrections health services clinics, provides health services to approximately 650,000 patients annually, and employs about 12,000 individuals. The OCR investigation stemmed from a series of breach and media reports spanning several years and revealed a host of long standing violations of long-standing HIPAA requirements and a failure to accurately disclose or correct those or other violations of a nature that likely continue to exist in many health care systems and other covered entities.

On August 22, 2013, JHS submitted a breach report to OCR stating that its Health Information Management Department lost paper records containing the protected health information (PHI) of 756 patients in January 2013. JHS’s internal investigation determined that an additional three boxes of patient records also were lost in December 2012; however, JHS did not report the additional loss or the increased number of individuals affected to 1,436, until June 7, 2016.

In July 2015, OCR initiated an investigation following a media report that disclosed the PHI of a JHS patient. A reporter had shared a photograph of a JHS operating room screen containing the patient’s medical information on social media. JHS subsequently determined that two employees had accessed this patient’s electronic medical record without a job-related purpose.

On February 19, 2016, JHS submitted a breach report to OCR reporting that an employee had been selling patient PHI. The employee had accessed inappropriately over 24,000 patients’ records since 2011.

According to OCR Director Roger Severino, “OCR’s investigation revealed a HIPAA compliance program that had been in disarray for a number of years. …This hospital system’s compliance program failed to detect and stop an employee who stole and sold thousands of patient records; lost patient files without notifying OCR as required by law; and failed to properly secure PHI that was leaked to the media.”

These and other findings led to the OCR determination in the Notice of Proposed Determination and Notice of Final Determination that JHS failed to provide timely and accurate breach notification to the Secretary of HHS, conduct enterprise-wide risk analyses, manage identified risks to a reasonable and appropriate level, regularly review information system activity records, and restrict authorization of its workforce members’ access to patient ePHI to the minimum necessary to accomplish their job duties. OCR assessed the $2.1 million civil monetary penalty based on these determinations.

Lessons For Other Health Providers & HIPAA Covered Entities Likely Similarly Exposed

The JHS civil monetary penalty is the latest in a growing series of OCR enforcement and regulatory actions that drive home the perils HIPAA-covered health care, health plan, healthcare clearinghouse and business associates risk by failing to responsibly and effectively manage their HIPAA compliance. A review of the available JHS record reveals that like all too many HIPAA-covered entities, JHS never adequately implemented appropriate measures to operationally comply with many of the original HIPAA requirements and perpetuated those deficiencies despite the series of breaches. Sadly, many other health care systems and other HIPAA-covered entities are subject to the same practices. Failing to address these compliance issues makes these non-compliant entities susceptible to the same type of enforcement and other liabilities that JHS now has experienced.

OCR enforcement data documents a steady rise in OCR investigation and enforcement activity. OCR set all-time records for HIPAA Enforcement in 2018. Heavy enforcement activity has continued in 2019. Before its October 23, 2019 announcement of the JHS civil monetary penalties, OCR already had announced:

A $10,000 resolution agreement with a dental practice for improperly disclosing patient PHI on social media at the beginning of October;
Its first HIPAA right of access resolution agreement against a health care provider for violating HIPAA’s right of access rules on September 9, 2019 as part of its recently announced HIPAA access rule enforcement initiative;
A $100,000 resolution payment from an Indiana Medical Records Service resulting from a breach of electronic protected health information at a business associate;
The collection of a $3 million resolution payment collected from a Tennessee diagnostic medical imaging services company to settle HIPAA civil monetary penalty exposures arising from a breach that exposed the protected health information of more than 300,000 patients; and
A multitude of other audits and enforcement activities resolved through corrective action without collection of any resolution payment or civil monetary penalties.

Given these and other previously announced enforcement initiatives and actions, all HIPAA covered entities and their business associates are urged to maintain hyper-vigilance about their own HIPAA compliance with long standing as well as emerging HIPAA requirements taking into account old, recent, and emerging guidance and enforcement activities of OCR. Given the almost certain discovery or discussion of known or uncovered compliance concerns and other sensitive information, covered entities are cautioned that these activities generally should be undertaken under the guidance of an experienced attorney within the scope of attorney client privilege.

For More Information

Solutions Law Press, Inc. invites you receive future updates and join discussions about these and other human resources, health and other employee benefit and patient empowerment concerns by participating and contributing to the discussions in our Solutions Law Press Health Care Risk Management & Operations Group and registering for updates on our Solutions Law Press Website.

About the Author

As a primary focus of this work, Ms. Stamer has worked extensively with domestic and international hospitals, health care systems, clinics, skilled nursing, long term care, rehabilitation and other health care providers and facilities; medical staff, accreditation, peer review and quality committees and organizations; billing, utilization management, management services organizations, group purchasing organizations; pharmaceutical, pharmacy, and prescription benefit management and organizations; consultants; investors; technology, billing and reimbursement and other services and product vendors; products and solutions consultants and developers; investors; managed care organizations, insurers, self-insured health plans and other payers, health industry advocacy and other service providers and groups and other health industry clients as well as federal and state legislative, regulatory, investigatory and enforcement bodies and agencies.

Scribe for the ABA JCEB Annual Agency Meeting with OCR, Vice Chair of the ABA International Section Life Sciences Committee, past Chair of the ABA Health Law Section Managed Care & Insurance Interest Group, the ABA RPTE Employee Benefits & Other Compensation Group, Ms. Stamer is noted for her decades-long leading edge work, scholarship and thought leadership on health and other privacy and data security and other health industry legal, public policy and operational concerns. This involvement encompasses helping health care systems and organizations, group and individual health care providers, health plans and insurers, health IT, life sciences and other health industry clients prevent, investigate, manage and resolve sexual assault, abuse, harassment and other organizational, provider and employee misconduct and other performance and behavior; manage Section 1557, Civil Rights Act and other discrimination and accommodation, and other regulatory, contractual and other compliance; vendors and suppliers; contracting and other terms of participation, medical billing, reimbursement, claims administration and coordination, Medicare, Medicaid, CHIP, Medicare/Medicaid Advantage, ERISA and other payers and other provider-payer relations, contracting, compliance and enforcement; Form 990 and other nonprofit and tax-exemption; fundraising, investors, joint venture, and other business partners; quality and other performance measurement, management, discipline and reporting; physician and other workforce recruiting, performance management, peer review and other investigations and discipline, wage and hour, payroll, gain-sharing and other pay-for performance and other compensation, training, outsourcing and other human resources and workforce matters; board, medical staff and other governance; strategic planning, process and quality improvement; meaningful use, EMR, HIPAA and other technology, data security and breach and other health IT and data; STARK, antikickback, insurance, and other fraud prevention, investigation, defense and enforcement; audits, investigations, and enforcement actions; trade secrets and other intellectual property; crisis preparedness and response; internal, government and third-party licensure, credentialing, accreditation, HCQIA and other peer review and quality reporting, audits, investigations, enforcement and defense; patient relations and care; internal controls and regulatory compliance; payer-provider, provider-provider, vendor, patient, governmental and community relations; facilities, practice, products and other sales, mergers, acquisitions and other business and commercial transactions; government procurement and contracting; grants; tax-exemption and not-for-profit; privacy and data security; training; risk and change management; regulatory affairs and public policy; process, product and service improvement, development and innovation, and other legal and operational compliance and risk management, government and regulatory affairs and operations concerns. to establish, administer and defend workforce and staffing, quality, and other compliance, risk management and operational practices, policies and actions; comply with requirements; investigate and respond to Board of Medicine, Health, Nursing, Pharmacy, Chiropractic, and other licensing agencies, Department of Aging & Disability, FDA, Drug Enforcement Agency, OCR Privacy and Civil Rights, Department of Labor, IRS, HHS, DOD, FTC, SEC, CDC and other public health, Department of Justice and state attorneys’ general and other federal and state agencies; JCHO and other accreditation and quality organizations; private litigation and other federal and state health care industry actions: regulatory and public policy advocacy; training and discipline; enforcement; and other strategic and operational concerns.

Author of leading works on HIPAA and a multitude of other health care, health plan and other health industry matters, the American Bar Association (ABA) International Section Life Sciences Committee Vice Chair, a Scribe for the ABA Joint Committee on Employee Benefits (JCEB) Annual OCR Agency Meeting and a former Council Representative, Past Chair of the ABA Managed Care & Insurance Interest Group, former Vice President and Executive Director of the North Texas Health Care Compliance Professionals Association, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, and a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her extensive publications and thought leadership as well as leadership involvement in a broad range of other professional and civic organizations. For more information about Ms. Stamer or her health industry and other experience and involvements, see here or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here such as:

Leave a Comment » | Academic medicine, Conditions of Participation, continuing medical education (CME), Corporate Compliance, Cultural diversity, Discrimination, Doctor, Employer, Employment law, Federal Health Center, Federal Sentencing Guidelines, Health Care, Health Care Provider, Health Care Quality, Home Health, Hospital, hospitals, Immigration, Inpatient Rehabilitation, Labor Law, Laws, Life Sciences, Medical Privacy, Patient Empowerment, Peer Review, Psychiatric, Section 1557, Sexual Abuse, Sexual Assault, Sexual Harassment, Uncategorized | Permalink
Posted by Cynthia Marcotte Stamer

IRS Proposes Easing Disclosure Requirements For Certain Tax-Exempt Entities

October 9, 2019

December 10, 2019 is the deadline for charitable and other tax-exempt organizations to comment on proposed regulations the Internal Revenue Service (“IRS”) intends to use to implement clarify the reporting requirements generally applicable to tax-exempt organizations as they apply to returns filed after September 6, 2019.

The proposed regulations officially published by the IRS in the September 10, 2019 Federal Register implement changes in response to various statutory amendments and certain grants of reporting relief announced by the Treasury Department and the IRS in prior guidance to help many tax-exempt organizations generally find the reporting requirements in one place. Among other provisions, the proposed regulations incorporate the existing exception from having to file an annual return for certain organizations that normally have gross receipts of $50,000 or less, which is found in Revenue Procedure 2011-15.

In addition, the proposed regulations also reissue relief for certain tax-exempt entities from requirements to report contributor names and addresses on annual returns filed by certain tax-exempt organizations. Originally announced last year in Revenue Procedure 2018-38, the relief was invalidated by a district court ruling that the Treasury Department and the IRS failed to follow required notice and comment procedures. Under the proposed regulations, filing requirements for Section 501(c)(3) organizations and Section 527 political organizations remain unchanged, and all organizations are required to keep the contributor information and make it available to the IRS upon request.

Additionally, the IRS issued Notice 2019-47 (PDF) providing penalty relief for certain exempt organizations that, consistent with the 2018 guidance from the IRS, do not report the names and addresses of contributors on annual returns for tax years ending on or after December 31, 2018, but on or before July 30, 2019.

Need more information or help evaluating or responding to this or developments? Contact the author licensed attorney experienced in FDA and other health care and other regulatory affairs matters.

About the Author

Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years of health industry and other management work, public policy leadership and advocacy, coaching, teachings, and publications including extensive experience advising and representing health care systems and providers about sexual abuse, assault, harassment, discrimination and other personal and professional misconduct policies, training and other prevention and investigation, peer review and other discipline, mitigation and charges defense, as well extensively published and conducted workshops on “Sex, Drugs & Rock ‘N Role: Preventing and Addressing Personal Misconduct In Healthcare,” “What To Do When Your Employee’s Life Becomes Your Business,” and other educational training and publications for health industry clients and others on these concerns.

In these and other legal, management, governmental affairs work and speaking and publications, Ms. Stamer When working with these and other clients, Ms. Stamer merges a talent for creative problem solving with her detailed legal and operational knowledge and experience to help her clients develop and use legally defensible, pragmatic, client-centric law, performance and risk management tools and processes to manage people, performance, quality, compliance, risk and other operational needs on a real-time, “on demand” basis as well as outsourced general, operations, regulatory affairs or other special counsel capacity on an interim, special project, or ongoing basis. Her clients have included domestic and international hospitals, health care systems, clinics, skilled nursing, long term care, rehabilitation and other health care providers and facilities; medical staff, accreditation, peer review and quality committees and organizations; billing, utilization management, management services organizations, group purchasing organizations; pharmaceutical, pharmacy, and prescription benefit management and organizations; consultants; investors; technology, billing and reimbursement and other services and product vendors; products and solutions consultants and developers; investors; managed care organizations, insurers, self-insured health plans and other payers; and other health industry clients.

Her involvement encompasses helping health care systems and organizations, group and individual health care providers, health plans and insurers, health IT, life sciences and other health industry clients prevent, investigate, discipline and defend sexual assault, abuse, harassment and other organizational, provider and employee misconduct and other performance and behavior; manage Section 1557, Civil Rights Act and other discrimination and accommodation, and other regulatory, contractual and other compliance; vendors and suppliers; contracting and other terms of participation, medical billing, reimbursement, claims administration and coordination, Medicare, Medicaid, CHIP, Medicare/Medicaid Advantage, ERISA and other payers and other provider-payer relations, contracting, compliance and enforcement; Form 990 and other nonprofit and tax-exemption; fundraising, investors, joint venture, and other business partners; quality and other performance measurement, management, discipline and reporting; physician and other workforce recruiting, performance management, peer review and other investigations and discipline, wage and hour, payroll, gain-sharing and other pay-for performance and other compensation, training, outsourcing and other human resources and workforce matters; board, medical staff and other governance; strategic planning, process and quality improvement; meaningful use, EMR, HIPAA and other technology, data security and breach and other health IT and data; STARK, antikickback, insurance, and other fraud prevention, investigation, defense and enforcement; audits, investigations, and enforcement actions; trade secrets and other intellectual property; crisis preparedness and response; internal, government and third-party licensure, credentialing, accreditation, HCQIA and other peer review and quality reporting, audits, investigations, enforcement and defense; patient relations and care; internal controls and regulatory compliance; payer-provider, provider-provider, vendor, patient, governmental and community relations; facilities, practice, products and other sales, mergers, acquisitions and other business and commercial transactions; government procurement and contracting; grants; tax-exemption and not-for-profit; privacy and data security; training; risk and change management; regulatory affairs and public policy; process, product and service improvement, development and innovation, and other legal and operational compliance and risk management, government and regulatory affairs and operations concerns. to establish, administer and defend workforce and staffing, quality, and other compliance, risk management and operational practices, policies and actions; comply with requirements; investigate and respond to Board of Medicine, Health, Nursing, Pharmacy, Chiropractic, and other licensing agencies, Department of Aging & Disability, FDA, Drug Enforcement Agency, OCR Privacy and Civil Rights, Department of Labor, IRS, HHS, DOD, FTC, SEC, CDC and other public health, Department of Justice and state attorneys’ general and other federal and state agencies; JCHO and other accreditation and quality organizations; private litigation and other federal and state health care industry actions: regulatory and public policy advocacy; training and discipline; enforcement; and other strategic and operational concerns.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here such as:

NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author reserves the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The presenter and the program sponsor disclaim, and have no responsibility to provide any update or otherwise notify any participant of any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.

Leave a Comment » | Academic medicine, Conditions of Participation, continuing medical education (CME), Corporate Compliance, Cultural diversity, Discrimination, Doctor, Employer, Employment law, Federal Health Center, Federal Sentencing Guidelines, Form 990, Health Care, Health Care Finance, Health Care Provider, Health Care Quality, Home Health, Hospital, hospitals, Immigration, Inpatient Rehabilitation, Labor Law, Laws, Life Sciences, Medical Privacy, Patient Empowerment, Peer Review, Psychiatric, Rural Health Care, Section 1557, Sexual Abuse, Sexual Assault, Sexual Harassment, Tax, Tax-Exemption, Uncategorized | Permalink
Posted by Cynthia Marcotte Stamer

Important Lessons For Health Care Providers From Michigan State Settlement Of OCR Larry Nassar Sexual Abuse Investigation

August 12, 2019

Health care providers should review and tighten their policies and practices for conducting therapies or other procedures on children and other procedures on any patient involving the exposure of the breasts, genitalia or rectum where a patient is fully or partially disrobed as well as sexual assault, abuse and harassment policies and procedures in light of a resolution agreement between the Board of Trustees of Michigan State University (“MSU”) d/b/a Michigan State University and MSU HealthTeam (“MSU HealthTeam”) and MSU Health Care, Inc. (“MSU Health Care”) announced by the U.S. Department of Health and Human Services, Office for Civil Rights (“OCR”) arising from a civil rights compliance review OCR initiated after federal and state criminal investigations found that an osteopathic physician Larry Nassar sexually abused gymnasts and others while employed as an associate professor by MSU.

OCR opened a compliance review of MSU to determine if its doctors’ offices and clinics violated Title IX of the Education Amendments of 1972 (“Title IX”) and Section 1557 of the Patient Protection and Affordable Care Act (“Section 1557”) after federal and state criminal investigations found Nassar sexually abused hundreds of women and girls under his care over decades while an associate professor at MSU.

Considered alone or in conjunction with the growing awareness and concern fueled by the #me too movement, widespread publicity about the sexual misconduct of Nassar alleged Bill Cosby, billionaire Jeffrey Einstein, who died in prison while awaiting trial last Saturday and others, and OCR’s reaffirmation of its commitment to vigorously enforce civil rights laws in connection with its May 24, 2019 proposal of changes to its Section 1557 implementing regulations, the Resolution Agreement sends a strong signal to health care organizations and individual physician and other health care providers of the advisability of proactively preventing and managing their exposure to potential sexual abuse, assault and harassment complaints brought by patients, caregivers, employees and others.

The OCR investigation that led to the Resolution Agreement arose from a compliance review OCR started after Nassar was sentenced to 40 to 125 years in prison on February 5, 2018, after entering a guilty plea to seven counts of felony criminal sexual conduct in the first degree in Eaton County, Michigan. He also has been convicted to various other federal and state sexual offenses. Additionally, the former dean of MSU’s College of Osteopathic Medicine, William Strampel, was convicted of felony misconduct stemming from a charge that he used his public office to sexually harass students and a separate charge of willfully neglecting to monitor Nassar after an earlier investigation.

Title IX and Section 1557 are two of a multitude of federal laws prohibiting sex discrimination enforced by OCR, Title IX prohibits discrimination on the basis of sex in federally assisted education programs or activities while Section 1557 prohibits discrimination on the basis of sex, race, color, national origin, age and disability in certain health programs or activities.

The Resolution Agreement resolves potential additional enforcement action by OCR against MSU arising from the investigation commenced in response to the Nassar convictions as well as enforcement actions OCR had initiated against the MSU Entities for failing to comply with an earlier OCR resolution agreement.

In return for OCR’s agreement to close its investigation, the Resolution Agreement requires the MSU Entities to implement specific procedures for conducting examinations and procedures involving children as well as procedures and therapies conduct on patients of any age and gender s where the patient is disrobed, in full or in part, and there is exposure of the breasts, genitalia or rectum (“sensitive examinations”) as well as strengthen its other policies, notices and practices impacting the prevention, investigation and redress of sexual abuse, sexual assault, sexual harassment and other sex discrimination against patients, staff, employees and others.

Notably, to help safeguard patients from future sexual assault or abuse, the Resolution Agreement requires the MSU Entities to adopt, communicate to patients and staff and enforce specific policies patient privacy, chaperones and informed consent and patient privacy including

Requiring that staff always follow Universal Precautions with conducting “sensitive examinations,” which the Resolution Agreement defines as “procedures or therapies where the Patient is disrobed, in full or in part, and there is exposure of the breasts, genitalia or rectum);
Require that staff provide the patient with: an explanation of the required examination, procedure or therapy before beginning the procedure and secure informed consent from the patient or if the patient lacks decision making capacity, the consent of the patient’s guardian before conducting any sensitive examination;
Always honor the Patient’s request to have a parent, relative or friend present as a support person present during any sensitive examination;
Requiring a chaperone for all sensitive examinations;
For sensitive examinations of patients of 10 years of age or greater that the chaperone be an authorized member of the health care team and in other cases allow patients and/or their parent or other support person, as well as providers to request a chaperone at any time;
Require that physical examinations of an infant, toddler or child always be performed in the presence of a patient or guardian unless the parent or guardian or, if the parent is unavailable or in situations involving suspected abuse, mental health or other instances where the parental presence would interfere with the examination, another member of the health care team;
Require the use of a chaperone for sensitive examinations be documented in the patient record or where a patient declines or refuses a chaperone for an examination where one is required, require that the provider document the offer and its declination in the record and have the patient or guardian sign a waiver;
Always honor a patient’s request to have a chaperone present even when the patient also has a support person present when conducting a sensitive examination; and
Allow the patient’s wishes and comfort to determine the sex of the chaperone and accommodate, to the extent practicable, a patient’s request for a same sex chaperone

Moreover, the Resolution Agreement also dictates that the MSU Entities ensure that staff always provide patients undergoing sensitive examinations with an appropriate gown, privacy for undressing and dressing, and sensitive draping to maximize physical privacy.

In addition to these specified required procedures for the actual conduct of sensitive medical examinations, the Resolution Agreement also requires that the MSU Entities significantly strengthen their policies, notifications, procedures, and training regarding sexual assault, sexual abuse, sexual harassment and sex discrimination including to:

Revise their existing non-discrimination notices and sexual misconduct policies to clarify Title IX’s and Section 1557’s prohibitions against sex discrimination, including sex discrimination, sexual harassment, sexual abuse and sexual assault, against men and women;
In the revised non-discrimination notices and sexual misconduct policies clearly communicate that patient, staff or individuals who believe they are victims of sexual harassment, abuse, assault or other sexual harassment are “encouraged” to report their concerns to the designated MSU Entities’ Title IX and Section 1557 compliance team, the MSU police and OCR and explains the procedures for making those reports;
Conspicuously post and distribute the revised nondiscrimination and sexual misconduct policy notices which clearly communicate the clarified non-discrimination and sexual harassment policies;
Improve their processes for notifying students, staff, patients and others about reporting and for investigating and resolving Title IX and Section 1557 complaints (including for MSU-students, non-MSU-student patients, faculty and staff) including specific requirements concerning reporting to and coordination between MSU Entities’ compliance staff and law enforcement;
Designate a responsible official to coordinate the acceptance, investigation and resolution of Title IX and Section 1557 complaints;
Conduct all-staff training, planning and coordination between MSU Entities’ compliance and investigation teams and law enforcement, and provide bi-annual reports to OCR during the three year term of the agreement;
Require that all grievances or complaints alleging sexual assault, sexual abuse, sexual harassment or other sex discrimination filed by any patient, staff or other individual related to the MSU Health Team, be reviewed and investigated by, or under the supervision of, a dedicated independent health care investigator approved by OCR, who MSU may only terminate for cause with OCR’s consent.

While neither exhaustive nor binding on any other health care providers, the conditions (CR imposed against MSU under the Resolution Agreement are concrete steps other health care organizations and providers, academic institutions and other organizations and individuals at risk of claims directly or vicariously should consider using as part of their efforts to prevent and defend themselves against potential exposures to sexual misconduct charges.

With the #metoo movement and other widespread media coverage of the Nassar, Jeffery Epstein, Bill Cosby and other sex scandals fueling growing awareness and discussion about sexual abuse, assault and harassment, physicians and other individual health care providers as well as the health care systems, clinics and other health industry organizations, educational institutions and businesses generally face heightened risks of accusations by patients, caregivers, employees, and others of sexual misconduct. Whether founded in fact, hypersensitivity, or independent agenda, recent history proves the potentially financially costly civil judgments or settlements, as well as career if not freedom ending consequences health care providers and institutions if unable to defend these claims. In addition to the criminal sentences imposed upon Nassar and, for instance, MSU previous entered into a civil settlement with more than 300 alleged victims of 332 women and girls who alleged they were Nassar sexual assault victims. See MSU reaches $500M settlement with Nassar victims. This huge civil liability and the fact that MSU accepteed it rather than risk a potential jury verdict reflects the significance of the this liability risk.

About the Author

Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years of health industry and other management work, public policy leadership and advocacy, coaching, teachings, and publications including extensive experience advising and representing health care systems and providers about sexual abuse, assault, harassment, discrimination and other personal and professional misconduct policies, training and other prevention and investigation, peer review and other discipline, mitigation and charges defense, as well extensively published and conducted workshops on “Sex, Drugs & Rock ‘N Role: Preventing and Addressing Personal Misconduct In Healthcare,” “What To Do When Your Employee’s Life Becomes Your Business,” and other educational training and publications for health industry clients and others on these concerns.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here such as:

NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author reserves the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The presenter and the program sponsor disclaim, and have no responsibility to provide any update or otherwise notify any participant of any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.

New Pharma Transparency Rules Mean More Work For Providers

May 9, 2019

Physicians, pharmacists and pharmacies, prescription benefit management companies and other health industry participants should begin preparing for new questions and other responsibilities likely to arise from the Department of, Health and Human Services(“HHS”) Medicare and Medicaid Programs; Regulation to Require Drug Pricing Transparency Final Rule (the “Rule”) announced on Wednesday, May 8 and scheduled for official publication in the May 10, 2019 Federal Register.

Under the Rule, the Centers for Medicare & Medicaid Services (“CMS”) will require direct-to-consumer television advertisements for prescription pharmaceuticals covered by Medicare or Medicaid to include the list price – the Wholesale Acquisition Cost – if that price is equal to or greater than $35 for a month’s supply or the usual course of therapy. Basically this means the required price information will be added to the disclosures pharmaceutical manufacturers provide during their television advertisements.

Part of President Trump’s American Patients First blueprint, the 102 page Rule seeks to increase transparency for patients and bring down overall drug costs both for patients and for the Medicare and Medicaid programs with the prices updated quarterly.

According to CMS, the 10 most commonly advertised drugs have list prices ranging from $488 to $16,938 per month or usual course of therapy. CMS believes patients should know what a drug costs as they discuss their options with their doctor.

While pharmaceutical drug manufactures generally must obtain approval from the FDA Office of Prescription Drug Promotion (ODPD) for advertising, OPDP does not review price information in prescription drug advertisements. Consequently, HHS says ODPD will not require a manufacturer that simply adds price information to a direct-to-consumer advertisement as required by § 403.1202 of the Rule unless the price information explicitly or implicitly incorporates safety or efficacy information about the drug, or makes express or implied claims about the safety or efficacy of the drug.

In addition to the Rule, HHS continues to review a number of other rules and proposals it hopes to further advance the American Patients First blueprint initiative to improve drug price transparency and inform consumer decision making by fixing opaque systems, changing incentives that drive costs or other undesirable behaviors by pharmaceutical companies, prescription benefit management (“PBM”) companies, health insurers and plans, providers and patients.

While physicians and other health care providers, health plans and their employer sponsors and other health industry organizations have urged greater transparency and other reforms to impact skyrocketing pharmaceutical costs and other concerns, health care providers and health plans need to prepare for a wave of new questions from patients and their caregivers that the new information on pricing likely will fuel and the resulting scrutiny of their own activities and processes relation to the selection of prescription drugs. Physicians and other health care providers should anticipate that more patients and caregivers will question provider prescription of higher cost drugs and ask providers to justify their choices. Providers not only should be prepared to explain their own choices and also to chart their advice to help defend potential challenges. Meanwhile hospitals and other health care entities, health plans, health insurers, PBMs and other health industry players using internal pharmaceutical cost management programs also can anticipate those practices also will come under added scrutiny. In anticipating this added scrutiny, health and health plan players should resist the temptation of assuming that the availability of the additional price information will facilitate discussions with patients or their caregivers about prescription drugs, their selection and comparability for treatment choices and other related concerns. Rather, health care providers and plans alike should anticipate that the added discussions the new price transparency rules are intended to fuel will result in more questioning and require greater care in responding to and justifying their recommendations to patients and plan members. Prayers and providers alike need to anticipate these demands and make the necessary arrangements to prepare for these discussions, by budgeting and setting aside the required time, preparing defensible explanations for the recommendations, and creating the necessary documentation to defend these activities.

If you have questions or would like more information about the new Rule or other developments impacting your health plan design or administration, please contact the author directly. You also are invited to stay abreast of these and other health care developments by participating in our Solutions Law Press, Inc. Linkedin SLP Health Care Risk Management & Operations Group or COPE: Coalition On Patient Empowerment Group or Project COPE: Coalition on Patient Empowerment Facebook Page.

About the Author

Ms. Stamer’s legal, management, governmental affairs work and speaking and publications have focused on helping health industry, health benefit and other organizations and their management use the law, performance and risk management tools and process to manage people, performance, quality, compliance, operations and risk.

Highly valued for her rare ability to find pragmatic client-centric solutions by combining her detailed legal and operational knowledge and experience with her talent for creative problem-solving, Ms. Stamer’s clients include public and private, domestic and international hospitals, health care systems, clinics, skilled nursing, long term care, rehabilitation and other health care providers and facilities; medical staff, accreditation, peer review and quality committees and organizations; billing, utilization management, management services organizations, group purchasing organizations; pharmaceutical, pharmacy, and prescription benefit management and organizations; consultants; investors; technology, billing and reimbursement and other services and product vendors; products and solutions consultants and developers; investors; managed care organizations, insurers, self-insured health plans and other payers; and other health industry clients as well as a diverse array of other business and government entities. Ms. Stamer’s health industry clients include public health organizations; public and private hospitals, healthcare systems, clinics and other health care facilities; physicians, physician practices, medical staff, and other provider organizations; skilled nursing, long term care, assisted living, home health, ambulatory surgery, dialysis, telemedicine, DME, Pharma, clinics, and other health care providers; billing, management and other administrative services organizations; insured, self-insured, association and other health plans; PPOs, HMOs and other managed care organizations, insurance, claims administration, utilization management, and other health care payers; public and private peer review, quality assurance, accreditation and licensing; technology and other outsourcing; healthcare clearinghouse and other data; research; public and private social and community organizations; real estate, technology, clinical pathways, and other developers; investors, banks and financial institutions; audit, accounting, law firm; consulting; document management and recordkeeping, business associates, vendors, and service providers and other professional and other health industry organizations; academic medicine; trade associations; legislative and other law making bodies and others.

Ms. Stamer supports these organizations and their leaders on both a real-time, “on demand” basis as well as outsourced operations or special counsel on an interim, special project, or ongoing basis with operational compliance and risk management; strategic planning; product and services development and innovation; workforce and operations management: crisis preparedness and response; public and regulatory affairs and host of other concerns.

As part of this work, Ms. Stamer continuously advises clients about compliance and internal controls, workforce and medical staff performance, quality, governance, reimbursement, privacy and data security, and other risk management and operational matters. She helps clients to establish and administer compliance and risk management policies; comply with requirements, investigate and respond to Board of Medicine, Health, Nursing, Pharmacy, Chiropractic, and other licensing agencies, Department of Aging & Disability, FDA, Drug Enforcement Agency, OCR Privacy and Civil Rights, Department of Labor, IRS, HHS, DOD, FTC, SEC, CDC and other public health, Department of Justice and state attorneys’ general and other federal and state agencies; JCHO and other accreditation and quality organizations; private litigation and other federal and state health care industry investigation, enforcement including insurance or other liability management and allocation; process and product development, contracting, deployment and defense; evaluation, commenting or seeking modification of regulatory guidance, and other regulatory and public policy advocacy; training and discipline; enforcement, and a host of other related concerns for public and private health care providers, health insurers, health plans, technology and other vendors, employers, and others.and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns. She also helps health industry, health plans and insurers, health IT, life sciences and other health industry clients manage regulatory, contractual and other legal and operational compliance; vendors and suppliers; Medicare, Medicaid, CHIP, Medicare/Medicaid Advantage, ERISA and other private payer and other terms of participation, medical billing, reimbursement, claims administration and coordination, and other provider-payer relations, contracting, compliance and enforcement; Form 990 and other nonprofit and tax-exemption; fundraising, investors, joint venture, and other business partners; quality and other performance measurement, management, discipline and reporting; physician and other workforce recruiting, performance management, peer review and other investigations and discipline, wage and hour, payroll, gain-sharing and other pay-for performance and other compensation, training, outsourcing and other human resources and workforce matters; board, medical staff and other governance; strategic planning, process and quality improvement; meaningful use, EMR, HIPAA and other technology, data security and breach and other health IT and data; STARK, antikickback, insurance, and other fraud prevention, investigation, defense and enforcement; audits, investigations, and enforcement actions; trade secrets and other intellectual property; crisis preparedness and response; internal, government and third-party licensure, credentialing, accreditation, HCQIA and other peer review and quality reporting, audits, investigations, enforcement and defense; patient relations and care; internal controls and regulatory compliance; payer-provider, provider-provider, vendor, patient, governmental and community relations; facilities, practice, products and other sales, mergers, acquisitions and other business and commercial transactions; government procurement and contracting; grants; tax-exemption and not-for-profit; 1557 and other Civil Rights; privacy and data security; training; risk and change management; regulatory affairs and public policy; process, product and service improvement, development and innovation, and other legal and operational compliance and risk management, government and regulatory affairs and operations concerns.

Past Chair of the ABA Managed Care & Insurance Interest Group and, a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also has extensive health care reimbursement and insurance experience advising and defending health care providers, payers, and others about Medicare, Medicaid, Medicare and Medicaid Advantage, Tri-Care, self-insured group, association, individual and group and other health benefit programs and coverages including but not limited to advising public and private payers about coverage and program design and documentation, advising and defending providers, payers and systems and billing services entities about systems and process design, audits, and other processes; provider credentialing, and contracting; providers and payer billing, reimbursement, claims audits, denials and appeals, coverage coordination, reporting, direct contracting, False Claims Act, Medicare & Medicaid, ERISA, state Prompt Pay, out-of-network and other nonpar insured, and other health care claims, prepayment, post-payment and other coverage, claims denials, appeals, billing and fraud investigations and actions and other reimbursement and payment related investigation, enforcement, litigation and actions.

Heavily involved in health care and health information technology, data and related process and systems development, policy and operations innovation and a Scribe for ABA JCEB annual agency meeting with OCR for many years who has authored numerous highly-regarded works and training programs on HIPAA and other data security, privacy and use, Ms. Stamer also is widely recognized for her extensive work and leadership on leading edge health care and benefit policy and operational issues including meaningful use and EMR, billing and reimbursement, quality measurement and reimbursement, HIPAA, FACTA, PCI, trade secret, physician and other medical confidentiality and privacy, federal and state data security and data breach and other information privacy and data security rules and many other concerns. Her work includes both regulatory and public policy advocacy and thought leadership, as well as advising and representing a broad range of health industry and other clients about policy design, drafting, administration, business associate and other contracting, risk assessments, audits and other risk prevention and mitigation, investigation, reporting, mitigation and resolution of known or suspected violations or other incidents and responding to and defending investigations or other actions by plaintiffs, DOJ, OCR, FTC, state attorneys’ general and other federal or state agencies, other business partners, patients and others.

As part of this work, Ms. Stamer has worked extensively with health care providers, health plans, health care clearinghouses, their business associates, employers and other plan sponsors, banks and other financial institutions, and others on risk management and compliance with HIPAA, FACTA, trade secret and other information privacy and data security rules, including the establishment, documentation, implementation, audit and enforcement of policies, procedures, systems and safeguards, investigating and responding to known or suspected breaches, defending investigations or other actions by plaintiffs, OCR and other federal or state agencies, reporting known or suspected violations, business associate and other contracting, commenting or obtaining other clarification of guidance, training and and enforcement, and a host of other related concerns. Her clients include public and private health care providers, health insurers, health plans, technology and other vendors, and others. In addition to representing and advising these organizations, she also has conducted training on Privacy & The Pandemic for the Association of State & Territorial Health Plans, as well as HIPAA, FACTA, PCI, medical confidentiality, insurance confidentiality and other privacy and data security compliance and risk management for Los Angeles County Health Department, MGMA, ISSA, HIMMS, the ABA, SHRM, schools, medical societies, government and private health care and health plan organizations, their business associates, trade associations and others.

Author of leading works on a multitude of these and other concerns, the American Bar Association (ABA) International Section Life Sciences Committee Vice Chair, a Scribe for the ABA Joint Committee on Employee Benefits (JCEB) Annual OCR Agency Meeting, former Vice President of the North Texas Health Care Compliance Professionals Association, past Chair of the ABA Health Law Section Managed Care & Insurance Section, past ABA JCEB Council Representative and CLE and Marketing Committee Chair, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, and Board Certified by the Texas Board of Legal Specialization in Labor and Employment Law, Ms. Stamer also shares her thought leadership, experience and advocacy on these and other related concerns by her service in the leadership of the Solutions Law Press, Inc. Coalition for Responsible Health Policy, its PROJECT COPE: Coalition on Patient Empowerment, and a broad range of other professional and civic organizations including North Texas Healthcare Compliance Association, a founding Board Member and past President of the Alliance for Healthcare Excellence, past Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; former Board President of the early childhood development intervention agency, The Richardson Development Center for Children (now Warren Center For Children); current Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee, current Vice Chair of Policy for the Life Sciences Committee of the ABA International Section, Past Chair of the ABA Health Law Section Managed Care & Insurance Section, a current Defined Contribution Plan Committee Co-Chair, former Group Chair and Co-Chair of the ABA RPTE Section Employee Benefits Group, past Representative and chair of various committees of ABA Joint Committee on Employee Benefits; a ABA Health Law Coordinating Council representative, former Coordinator and a Vice-Chair of the Gulf Coast TEGE Council TE Division, past Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee, a former member of the Board of Directors of the Southwest Benefits Association and others.

For more information about Ms. Stamer or experience publications, speaking, public advocacy or other involvements, see here or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources here.

NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advise or an admission. The author reserves the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The presenter and the program sponsor disclaim, and have no responsibility to provide any update or otherwise notify any participant of any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.

Leave a Comment » | Academic medicine, Conditions of Participation, Consumer Driven Health Care, continuing medical education (CME), Corporate Compliance, DEA, Direct Primary Care, Doctor, drug treatment, E-Prescribing, Employer, Evidence Based Medicine, FDA, Health Care, Health Care Provider, Health Care Quality, Health Care Reform, health care reimbursement, Health Insurance, Health Plan, Health Plans, healthcare, home health, Hospice, Hospital, hospitals, Indian Health, Medicaid, Medicaid Advantage, Medical Licensure, Medical Malpractice, Medicare, Medicare Advantage, Medicare Fee Schedule, Pharmaceudical, Pharmacy, Physician, Physician Licensing, Prescription Drugs, Public Policy, Reimbursement, Uncategorized | Permalink
Posted by Cynthia Marcotte Stamer

VA Offers Free Online Provider Training on Chronic Multisymptom Illness & Other Veteran Care Topics

May 1, 2019

Health care providers treating veterans should check out the free training on “Chronic multisymptom illness,” and other topics offered by the War Related Illness and Injury Study Center (WRIISC).

A national program and foundational service of Post Deployment Health Services (PDHS) within the Veterans Health Administration, WRIISC offers the “ON Demand” training for health care providers at no cost to community providers.

The trainings are designed to equip community affiliates with the knowledge needed to address Veterans unique health concerns and provide recommendations for Veteran care and management via one of the most widely used national learning management platforms, the Training Finder Real-Time Affiliate-Integrated Network (TRAIN) website. Continuing education credit for VA and community providers is offered and accredited by the following disciplines: ACCME, ACCME-NP, ANCC, APA, ASWB, NYSED and NBCC.

WRIISC just announced its release of the latest online training module on “Chronic multisymptom illness,” which it says offers healthcare professionals an opportunity to gain insight into chronic multi-symptom illness including the incidence in civilian and military populations, defining characteristics and the latest resources and management strategies to consider for care. See On TRAIN: ID: 1084440 – WRIISC Mod 4: Chronic Multi-symptom Illness (CMI)

On TMS: ID: 38029 – WRIISC Mod 4: Chronic Multi-symptom Illness.

Other previously also released Modules available via accessing the platforms include:

Module 1: Assessing Deployment Related Environmental Exposures

Module 2: Airborne Hazards

Module 3: Gulf War Illness

WRIISC says curriculums are designed to ensure that both VA and community providers learn of, and increase their expertise in, issues which are unique to Veteran care. Subsequent E-Learning education Modules in the series will focus on Depleted Uranium, Embedded Fragments and non-deployment exposures.

To access the training on TMS log into TMS and click on “browse the catalog” in the left hand corner of the page. Then, search for “WRIISC”.

Visit http://www.WarRelatedIllness.va.gov/education/ to learn more about WRIISC Education.

About the Author

Highly valued for her rare ability to find pragmatic client-centric solutions by combining her detailed legal and operational knowledge and experience with her talent for creative problem-solving, Ms. Stamer supports these organizations and their leaders on both a real-time, “on demand” basis as well as outsourced operations or special counsel on an interim, special project, or ongoing basis with strategic planning and product and services development and innovation; workforce and operations management, crisis preparedness and response as well as to prevent, stabilize and cleanup legal and operational crises large and small that arise in the course of operations.

As core components of this work, Ms. Stamer helps health industry, health plans and insurers, health IT, life sciences and other health industry clients manage regulatory, contractual and other compliance; vendors and suppliers; Medicare, Medicaid, CHIP, Medicare/Medicaid Advantage, ERISA and other private payer and other terms of participation, medical billing, reimbursement, claims administration and coordination, and other provider-payer relations, contracting, compliance and enforcement; Form 990 and other nonprofit and tax-exemption; fundraising, investors, joint venture, and other business partners; quality and other performance measurement, management, discipline and reporting; physician and other workforce recruiting, performance management, peer review and other investigations and discipline, wage and hour, payroll, gain-sharing and other pay-for performance and other compensation, training, outsourcing and other human resources and workforce matters; board, medical staff and other governance; strategic planning, process and quality improvement; meaningful use, EMR, HIPAA and other technology, data security and breach and other health IT and data; STARK, antikickback, insurance, and other fraud prevention, investigation, defense and enforcement; audits, investigations, and enforcement actions; trade secrets and other intellectual property; crisis preparedness and response; internal, government and third-party licensure, credentialing, accreditation, HCQIA and other peer review and quality reporting, audits, investigations, enforcement and defense; patient relations and care; internal controls and regulatory compliance; payer-provider, provider-provider, vendor, patient, governmental and community relations; facilities, practice, products and other sales, mergers, acquisitions and other business and commercial transactions; government procurement and contracting; grants; tax-exemption and not-for-profit; 1557 and other Civil Rights; privacy and data security; training; risk and change management; regulatory affairs and public policy; process, product and service improvement, development and innovation, and other legal and operational compliance and risk management, government and regulatory affairs and operations concerns.

Her clients include public and private, domestic and international hospitals, health care systems, clinics, skilled nursing, long term care, rehabilitation and other health care providers and facilities; medical staff, accreditation, peer review and quality committees and organizations; billing, utilization management, management services organizations, group purchasing organizations; pharmaceutical, pharmacy, and prescription benefit management and organizations; consultants; investors; technology, billing and reimbursement and other services and product vendors; products and solutions consultants and developers; investors; managed care organizations, insurers, self-insured health plans and other payers; and other health industry clients to establish and administer compliance and risk management policies; comply with requirements, investigate and respond to Board of Medicine, Health, Nursing, Pharmacy, Chiropractic, and other licensing agencies, Department of Aging & Disability, FDA, Drug Enforcement Agency, OCR Privacy and Civil Rights, Department of Labor, IRS, HHS, DOD, FTC, SEC, CDC and other public health, Department of Justice and state attorneys’ general and other federal and state agencies; JCHO and other accreditation and quality organizations; private litigation and other federal and state health care industry investigation, enforcement including insurance or other liability management and allocation; process and product development, contracting, deployment and defense; evaluation, commenting or seeking modification of regulatory guidance, and other regulatory and public policy advocacy; training and discipline; enforcement, and a host of other related concerns for public and private health care providers, health insurers, health plans, technology and other vendors, employers, and others.and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns.

Author of leading works on a multitude of health care, health plan and other health industry matters, the American Bar Association (ABA) International Section Life Sciences Committee Vice Chair, a Scribe for the ABA Joint Committee on Employee Benefits (JCEB) Annual OCR Agency Meeting, former Vice President of the North Texas Health Care Compliance Professionals Association, past Chair of the ABA Health Law Section Managed Care & Insurance Section, past ABA JCEB Council Representative and CLE and Marketing Committee Chair, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer’s health industry clients include public health organizations; public and private hospitals, healthcare systems, clinics and other health care facilities; physicians, physician practices, medical staff, and other provider organizations; skilled nursing, long term care, assisted living, home health, ambulatory surgery, dialysis, telemedicine, DME, Pharma, clinics, and other health care providers; billing, management and other administrative services organizations; insured, self-insured, association and other health plans; PPOs, HMOs and other managed care organizations, insurance, claims administration, utilization management, and other health care payers; public and private peer review, quality assurance, accreditation and licensing; technology and other outsourcing; healthcare clearinghouse and other data; research; public and private social and community organizations; real estate, technology, clinical pathways, and other developers; investors, banks and financial institutions; audit, accounting, law firm; consulting; document management and recordkeeping, business associates, vendors, and service providers and other professional and other health industry organizations; academic medicine; trade associations; legislative and other law making bodies and others.

Ms. Stamer has worked extensively with health care providers, health plans, health care clearinghouses, their business associates, employers and other plan sponsors, banks and other financial institutions, and others on risk management and compliance with HIPAA, FACTA, trade secret and other information privacy and data security rules, including the establishment, documentation, implementation, audit and enforcement of policies, procedures, systems and safeguards, investigating and responding to known or suspected breaches, defending investigations or other actions by plaintiffs, OCR and other federal or state agencies, reporting known or suspected violations, business associate and other contracting, commenting or obtaining other clarification of guidance, training and and enforcement, and a host of other related concerns. Her clients include public and private health care providers, health insurers, health plans, technology and other vendors, and others. In addition to representing and advising these organizations, she also has conducted training on Privacy & The Pandemic for the Association of State & Territorial Health Plans, as well as HIPAA, FACTA, PCI, medical confidentiality, insurance confidentiality and other privacy and data security compliance and risk management for Los Angeles County Health Department, MGMA, ISSA, HIMMS, the ABA, SHRM, schools, medical societies, government and private health care and health plan organizations, their business associates, trade associations and others.

A former lead consultant to the Government of Bolivia on its Pension Privatization Project with extensive domestic and international public policy concerns in Pensions, healthcare, workforce, immigration, tax, education and other areas.

A popular lecturer and widely published author on health industry concerns, Ms. Stamer continuously advises health industry clients about compliance and internal controls, workforce and medical staff performance, quality, governance, reimbursement, privacy and data security, and other risk management and operational matters. Ms. Stamer also publishes and speaks extensively on health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns.

A Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her thought leadership, experience and advocacy on these and other related concerns by her service in the leadership of the Solutions Law Press, Inc. Coalition for Responsible Health Policy, its PROJECT COPE: Coalition on Patient Empowerment, and a broad range of other professional and civic organizations including North Texas Healthcare Compliance Association, a founding Board Member and past President of the Alliance for Healthcare Excellence, past Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; former Board President of the early childhood development intervention agency, The Richardson Development Center for Children (now Warren Center For Children); current Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee, current Vice Chair of Policy for the Life Sciences Committee of the ABA International Section, Past Chair of the ABA Health Law Section Managed Care & Insurance Section, a current Defined Contribution Plan Committee Co-Chair, former Group Chair and Co-Chair of the ABA RPTE Section Employee Benefits Group, past Representative and chair of various committees of ABA Joint Committee on Employee Benefits; a ABA Health Law Coordinating Council representative, former Coordinator and a Vice-Chair of the Gulf Coast TEGE Council TE Division, past Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee, a former member of the Board of Directors of the Southwest Benefits Association and others.

For more information about Ms. Stamer or her health industry and other experience and involvements, see here or contact Ms. Stamer via telephone at (469) 767-8872 or via e-mail here.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources here.

NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advise or an admission. The author reserves the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The presenter and the program sponsor disclaim, and have no responsibility to provide any update or otherwise notify any participant of any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.

Leave a Comment » | Biological Warfare, continuing medical education (CME), Disease Management, Doctor, Health Care, Health Care Provider, home health, Hospital, Physician, Uncategorized, Veterans Health, Veterans Health Care | Permalink
Posted by Cynthia Marcotte Stamer

Beef Up Patient Education & Management Tools With Diabetes Alert Day Resources

March 26, 2019

Physicians and other health care providers concerned about helping patients and others prevent and deal with Type 2 Diabetes should use today’s annual Diabetes Awareness Day observances and resources to beef up their Diabetes screening and management efforts and toolkits.

With 1 in 3 adult Americans at risk for Type 2 diabetes, the Centers for Disease Control (“CDC”) and other public and private organizations partnering in The National Diabetes Prevention Program are urging all physicians and other health care providers to partner in their efforts to prevent, delay and manage Type 2 diabetes.

Celebrated every year on the fourth Tuesday in March, Diabetes Alert Day promotes awareness of the prevalence and risks of undiagnosed or unmanaged Type 2 Diabetes to Americans, American taxpayers, health benefit programs and their communities.

More than 30 million people in the United States have diabetes and an additional 84 million adults—over a third—have prediabetes, and 90% of them don’t know they have it.
Diabetes is the 7th leading cause of death in the United States (and may be underreported).
Type 2 diabetes accounts for about 90% to 95% of all diagnosed cases of diabetes; type 1 diabetes accounts for about 5%.
In the last 20 years, the number of adults diagnosed with diabetes has more than tripled as the American population has aged and become more overweight or obese
Undiagnosed or unmanaged Type 2 diabetes threatens serious and disabling medical risks for afflicted individuals that also are financially costly for patients and their families, their health plans, taxpayers and communities.

While Type 2 Diabetes and its costs often can be prevented or minimized through appropriate diagnosis and treatment, Type 2 diabetes symptoms often develop over several years and go on for a long time without being noticed. Health care providers generally recognize the need to screen patients for Type 2 Diabetes as well as educating patients to recognize the factors for Type 2 Diabetes and to contact their physician promptly when experiencing these symptoms, but often have limited time and resources to help educate patients and their families.

To start with, the CDC and its partners are encouraging all health care providers to urge their patients to take the online Type 2 Diabetes Risk, screen and educate patients and promote use of CDC-recognized lifestyle change programs to individuals suffering or at risk for Type 2 diabetes.

To help health care providers participate more effectively in the fight to prevent, detect and manage Type 2 Diabetes, the CDC and its partners provide a number of Diabetes screening and management resources for physicians and other health care providers. These resources include a variety of patient education and screening tools, resources on Medicare and other coverage for diabetes screening and management, a list of

Physicians and other health care providers should check out the resources available from the CDC and take advantage of some of these resources to beef up their Type 2 and other Diabetes patient education, prevention, screening and management efforts, a directory of CDC-recognized lifestyle change programs and more

Learn more about Type 2 Diabetes cost modeling, screening, prevention and other health care resources Project Cope: Coalition for Patient Empowerment Newsletter and share your own resources and ideas on diabetes and management and other health care best practices, challenges, policies and concerns by participating in our Linkedin SLP Health Care Risk Management & Operations Group or COPE: Coalition On Patient Empowerment Group or Project COPE: Coalition on Patient Empowerment Facebook Page

About the Author

Highly valued for her rare ability to find pragmatic client-centric solutions by combining her detailed legal and operational knowledge and experience with her talent for creative problem-solving, Ms. Stamer supports these organizations and their leaders on both a real-time, “on demand” basis as well as outsourced operations or special counsel on an interim, special project, or ongoing basis with strategic planning and product and services development and innovation; workforce and operations management, crisis preparedness and response as well as to prevent, stabilize and cleanup legal and operational crises large and small that arise in the course of operations.

For more information about Ms. Stamer or her health industry and other experience and involvements, see here or contact Ms. Stamer via telephone at (469) 767-8872 or via e-mail here.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources here such as:

NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advise or an admission. The author reserves the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The presenter and the program sponsor disclaim, and have no responsibility to provide any update or otherwise notify any participant of any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.

Leave a Comment » | ambulance, Centers For Disease Control, Childrens Health Insurance Program, Clinical pathway, Conditions of Participation, Consumer Driven Health Care, Corporate Compliance, Diabetes, Disease Management, Doctor, drug treatment, Emergency Care, Employee Benefits, Health Care, Health Care Finance, Health Care Provider, Health Care Quality, Health Care Reform, health care reimbursement, Health Insurance, Health Plan, Health Plans, Health Policy, healthcare, home health, Hospital, hospitals, Human Subjects Research, Joint Commission, Life Sciences, managed care, Medicare Fee Schedule, participating provider, Patient Empowerment, Pharmacy, Physician, Provider contracting, public health, Reimbursement, surprise billing, Uncategorized | Tagged: Diabetes, Disease Management, Health Care, Patient Empowerment, Physicians, Wellness | Permalink
Posted by Cynthia Marcotte Stamer

Cognitive Disability Exclusion from Heart Transplant List Placement Prohibited

February 13, 2019

Exclusion of a cognitively impaired patient from its heart transplant list landed University of North Carolina Healthcare System (“UNC Healthcare”) in hot water with the Department of Health and Human Services Office of Civil Rights (OCR). The OCR enforcement action highlights the need for health care organizations to re-evaluate long-standing practices for limiting or denying access to transplants, research or other restricted treatment based on cognitive, mental or other impairments of the patient.

OCR announced February 12 that it resolved a complaint against UNC Health Care alleging that it unlawfully denied an individual the opportunity to be placed on the United Network for Organ Sharing (UNOS) list on the basis of their disability. UNC Health Care is a public academic medical center comprised of North Carolina Memorial Hospital, North Carolina Children’s Hospital, North Carolina Neurosciences Hospital, and North Carolina Women’s Hospital.

Federal law generally prohibits health care providers from discriminating against patients based on disability. Section 504 of the Rehabilitation Act of 1973, 29 U.S.C. § 794 (“Section 504”) prohibits discrimination on the basis of disability by recipients of Federal financial assistance.

In addition, the Americans with Disabilities Act of 1990, 42 U.S.C. § 12101 et seq. (“ADA”), prohibits discrimination on the basis of disability by both public and private entities, whether or not they receive Federal financial assistance. Providers covered by Section 504 and/or the ADA may not deny benefits or services to qualified individuals with disabilities or provide lesser benefits than they provide to others. In general, an individual with a disability is “qualified” if that person meets the essential eligibility requirements for receipt of services or participation in the program or activity with or without reasonable modification to rules, policies or practices. The purpose of these laws is to ensure that covered programs are as accessible to persons with disabilities as they are to nondisabled individuals.

In September 2018, OCR received a complaint alleging that an individual with an intellectual disability was in need of a heart transplant, but a doctor on staff at UNC Health Care determined that they were not a good candidate for heart transplant because of their developmental learning disabilities and because they do not live independently. The complainant asserted that without the transplant, they would eventually die.

OCR used the Early Complaint Resolution (ECR) process to achieve a successful resolution of this matter. ECR is a facilitated negotiation between the parties to an OCR complaint with the goal of achieving a resolution that quickly provides a remedy to the individual that has been allegedly discriminated against as well as securing additional measures that can be implemented to reduce the likelihood of future incidents of alleged discrimination.

In January 2019, UNC Health Care agreed that the individual’s medical records will be amended to clarify that they are eligible to be considered for placement on the UNOS transplant list. OCR will provide technical assistance to UNC Health Care in the development of their transplant eligibility policy.

The UNC Healthcare enforcement and resolution is the latest in a lengthy and growing list of disability discrimination enforcement actions OCR has taken against health care providers and plans. Cognitive disorders and mental disabilities are frequently the basis of these actions. Additionally health care providers and health plans also can incur liability from private lawsuits for prohibited discrimination. In the light of growing awareness and enforcement of these disability discrimination prohibitions, health care providers should review and correct procedures to mitigate risks.

About the Author

Past Chair of the ABA Managed Care & Insurance Interest Group and, a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer has been continuously involved the design, regulation, administration and defense of managed care and other health and employee benefit, health care, human resources and other staffing and workforce arrangements, contracts, systems, and processes. As a continuous component of this work, Ms. Stamer has worked closely with these and other clients on the design, development, administration, defense, and breach and data recovery of health care, workforce, insurance and financial services, trade secret and other information technology, data and related process and systems development, policy and operations throughout her career.

Scribe of the ABA JCEB annual Office of Civil Rights agency meeting, Ms. Stamer also is widely recognized for her extensive work and leadership on leading edge health care and benefit policy and operational issues.

Ms. Stamer’s clients include public and private, domestic and international hospitals, health care systems, clinics, skilled nursing, long-term care, rehabilitation and other health care providers and facilities; medical staff, health care accreditation, peer review and quality committees and organizations; employers and other workforce management organizations; employer, union, association, government and other insured and self-insured health and other employee benefit plan sponsors, benefit plans, fiduciaries, administrators, and other plan vendors; managed care organizations, insurers, self-insured health plans and other payers and their management; managed care organizations, insurers, third-party administrative services organizations and other payer organizations; billing, utilization management, management services organizations; group purchasing organizations; pharmaceutical, pharmacy, and prescription benefit management and organizations; claims, billing and other health care and insurance technology and data service organizations; other health, employee benefit, insurance and financial services product and solutions consultants, developers and vendors; and other health, employee benefit, insurance, technology, government and other management clients.

A former lead consultant to the Government of Bolivia on its Pension Privatization Project with extensive domestic and international public policy concerns in pensions, healthcare, workforce, immigration, tax, education and other areas, Ms. Stamer has been extensively involved in U.S. federal, state and local health care and other legislative and regulatory reform impacting these concerns throughout her career. Her public policy and regulatory affairs experience encompasses advising and representing domestic and multinational private sector health, insurance, employee benefit, employer, staffing and other outsourced service providers, and other clients in dealings with Congress, state legislatures, and federal, state and local regulators and government entities, as well as providing advice and input to U.S. and foreign government leaders on these and other policy concerns.

Beyond her public policy and regulatory affairs involvement, Ms. Stamer also has extensive experience helping these and other clients to design, implement, document, administer and defend workforce, employee benefit, insurance and risk management, health and safety, and other programs, products and solutions, and practices; establish and administer compliance and risk management policies; comply with requirements, investigate and respond to government; accreditation and quality organizations; private litigation and other federal and state health care industry investigations and enforcement actions; evaluate and influence legislative and regulatory reforms and other regulatory and public policy advocacy; training and discipline; enforcement, and a host of other related concerns. Ms. Stamer’s experience in these matters includes supporting these organizations and their leaders on both a real-time, “on demand” basis with crisis preparedness, intervention and response as well as consulting and representing clients on ongoing compliance and risk management; plan and program design; vendor and employee credentialing, selection, contracting, performance management and other dealings; strategic planning; policy, program, product and services development and innovation; mergers, acquisitions, and change management; workforce and operations management, and other opportunities and challenges arising in the course of their operations.

Ms. Stamer also has extensive health care reimbursement and insurance experience advising and defending plan sponsors, administrators, insurance and managed care organizations, health care providers, payers, and others about Medicare, Medicaid, Medicare and Medicaid Advantage, Tri-Care, self-insured group, association, individual and employer and association group and other health benefit programs and coverages including but not limited to advising public and private payers about coverage and program design and documentation, advising and defending providers, payers and systems and billing services entities about systems and process design, audits, and other processes; provider credentialing, and contracting; providers and payer billing, reimbursement, claims audits, denials and appeals, coverage coordination, reporting, direct contracting, False Claims Act, Medicare & Medicaid, ERISA, state Prompt Pay, out-of-network and other nonpar insured, and other health care claims, prepayment, post-payment and other coverage, claims denials, appeals, billing and fraud investigations and actions and other reimbursement and payment related investigation, enforcement, litigation and actions. Scribe for the ABA JCEB annual agency meeting with HHS OCR, she also has worked extensively on health and health benefit coding, billing and claims, meaningful use and EMR, billing and reimbursement, quality measurement and reimbursement, HIPAA, FACTA, PCI, trade secret, physician and other medical, workforce, consumer financial and other data confidentiality and privacy, federal and state data security, data breach and mitigation, and other information privacy and data security concerns.

Author of leading works on a multitude of health care, health plan and other health industry matters, the American Bar Association (ABA) International Section Life Sciences Committee Vice Chair, a Scribe for the ABA Joint Committee on Employee Benefits (JCEB) Annual OCR Agency Meeting, former Vice President of the North Texas Health Care Compliance Professionals Association, past Chair of the ABA Health Law Section Managed Care & Insurance Section, past ABA JCEB Council Representative and CLE and Marketing Committee Chair, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer’s health industry clients include public health organizations; public and private hospitals, healthcare systems, clinics and other health care facilities; physicians, physician practices, medical staff, and other provider organizations; skilled nursing, long-term care, assisted living, home health, ambulatory surgery, dialysis, telemedicine, DME, Pharma, clinics, and other health care providers; billing, management and other administrative services organizations; insured, self-insured, association and other health plans; PPOs, HMOs and other managed care organizations, insurance, claims administration, utilization management, and other health care payers; public and private peer review, quality assurance, accreditation and licensing; technology and other outsourcing; healthcare clearinghouse and other data; research; public and private social and community organizations; real estate, technology, clinical pathways, and other developers; investors, banks and financial institutions; audit, accounting, law firm; consulting; document management and recordkeeping, business associates, vendors, and service providers and other professional and other health industry organizations; academic medicine; trade associations; legislative and other law making bodies and others.

A popular lecturer and widely published author on health industry concerns, Ms. Stamer continuously advises health industry clients about contracting, credentialing and quality assurance, compliance and internal controls, workforce and medical staff performance, quality, governance, reimbursement, privacy and data security, and other risk management and operational matters. Author of works on Payer and Provider Contracting and many other managed care concerns, Ms. Stamer also publishes and speaks extensively on health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns.

A Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her thought leadership, experience and advocacy on these and other related concerns by her service in the leadership of the Solutions Law Press, Inc. Coalition for Responsible Health Policy, its PROJECT COPE: Coalition on Patient Empowerment, and a broad range of other professional and civic organizations including North Texas Healthcare Compliance Association, a founding Board Member and past President of the Alliance for Healthcare Excellence, past Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; former Board President of the early childhood development intervention agency, The Richardson Development Center for Children (now Warren Center For Children); current Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee, current Vice Chair of Policy for the Life Sciences Committee of the ABA International Section, Past Chair of the ABA Health Law Section Managed Care & Insurance Section, a current Defined Contribution Plan Committee Co-Chair, former Group Chair and Co-Chair of the ABA RPTE Section Employee Benefits Group, past Representative and chair of various committees of ABA Joint Committee on Employee Benefits; an ABA Health Law Coordinating Council representative, former Coordinator and a Vice-Chair of the Gulf Coast TEGE Council TE Division, past Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee, a former member of the Board of Directors of the Southwest Benefits Association and others.

For more information about Ms. Stamer or her health industry and other experience and involvements, see here or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources here such as:

NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advise or an admission. The author reserves the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The presenter and the program sponsor disclaim, and have no responsibility to provide any update or otherwise notify any participant of any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.

©2019. Cynthia Marcotte Stamer. Non-exclusive right to republish granted to Solutions Law Press, Inc.™ For information about republication, please contact the author directly. All other rights reserved.

Leave a Comment » | Academic medicine, ADA, ASC, Conditions of Participation, Cultural diversity, Disability Discrimination, Discrimination, DME, Doctor, Employer, Health Care, Health Care Provider, Health Care Quality, HHS, Home Health, home health, Hospice, Hospital, hospitals, Mental Health, OCR, Pharmaceudical, Pharmacy, Physician, research, transplant, Uncategorized | Permalink
Posted by Cynthia Marcotte Stamer

Year-End $3 Million HIPAA Settlement Pushes 2018 OCR HIPAA Recoveries Over $28 Million; Act Promptly To Strengthen Compliance & Share Ideas For Simplification

February 7, 2019

Health care providers, health plans, health care clearinghouse and their business associates (“Covered Entities”) should reconfirm the adequacy of their organization’s Health Insurance Portability and Accountability Act (“HIPAA”) compliance in light the U.S Department of Health and Human Services Office of Civil Rights (“OCR”) February 7, 2019 announcement that OCR reached a 2018 year-end $3 Million Resolution Agreement with California-based Cottage Health that pushed OCR’s already record-setting 2018 enforcement HIPAA recoveries to more than $28.7 million in a year already distinguished by OCR’s record-setting $16 million resolution payment collection from Anthem.

Along with acting to ensure their own organization’s ability to defend their HIPAA compliance, Covered Entities and their leaders also should take advantage of the opportunity to provide input to OCR on opportunities for simplifying and improving OCR’s HIPAA regulations and enforcement by submitting relevant comments by February 12, 2019 in response to a Request for Information published by OCR in December that invites public input.

Learn more de

2018 Cottage Health Resolution Agreement

According to OCR’s February 7, 2019 announcement, Cottage Health agreed in OCR’s final settlement of 2017 to pay OCR $3 million and to adopt a substantial corrective action plan to settle charges of HIPAA violations resulting from OCR’s investigations into two HIPAA Breach notifications Cottage Health filed regarding breaches of unsecured electronic protected health information (ePHI) affecting over 62,500 individuals.

A December 2, 2013 breach notification that the removal of electronic security protections by a Cottage Health contractor rendered ePHI such as patient names, addresses, dates of birth, diagnoses/conditions, lab results and other treatment information of 33,349 individuals on a Cottage Health server accessible for download without a username or password from the internet to anyone outside Cottage Health. In an update to its original report filed on July 2, 2014, Cottage Health increased the number of individuals affected by this breach to 50,917. OCR’s investigation determined that security configuration settings of the Windows operating system permitted access to files containing ePHI without requiring a username and password. As a result, patient names, addresses, dates of birth, diagnoses, conditions, lab results and other treatment information were available to anyone with access to Cottage Health’s server.
A December 1, 2015, that the misconfiguration of a server following an IT response to a troubleshooting ticket, exposed unsecured ePHI including patient names, addresses, dates of birth, social security numbers, diagnoses, conditions, and other treatment information of 11,608 individuals over the internet.

Based upon its investigation into the two breach reports, OCR concluded Cottage Health violated HIPAA by failing to conduct an accurate and thorough assessment of the potential risks and vulnerabilities to the confidentiality, integrity, and availability of the ePHI; failed to implement security measures sufficient to reduce risks and vulnerabilities to a reasonable and appropriate level; failed to perform periodic technical and non-technical evaluations in response to environmental or operational changes affecting the security of ePHI; and failed to obtain a written business associate agreement with a contractor that maintained ePHI on its behalf.

To resolve its exposure to potentially must greater civil monetary sanctions that OCR might seek for such potential violations under HIPAA’s civil monetary sanction rules, Cottage Health entered into December, 2018 Resolution Agreement to pay the $3 million settlement and undertake what OCR characterizes as “a robust corrective action plan to comply with the HIPAA Rules.” Among other things, the corrective action plan requires Cottage Health to:

Conduct an enterprise-wide risk analysis of the potential risks and vulnerabilities to the confidentiality, integrity, and availability of ePHI held by Cottage Health (“Risk Analysis”) that OCR views as satisfactory to meet the requirements of 45 CFR 164.308(a)(1)(ii)(A);
Develop and implement a risk management plan to address and mitigate any security risks and vulnerabilities identified in the Risk Analysis acceptable to OCR;
Implement a process for regularly evaluating environmental and operational changes that affect the security of Cottage Health’s ePHI;
Develop, maintain, and revise, as necessary, written policies and procedures to comply with the Federal standards that govern the privacy and security of individually identifiable health information under 45 C.F.R. Part 160 and Subparts A, C, and E of Part 164 (the “Privacy Rule” and “Security Rule”).
Distribute to and conduct training on the HIPAA policies and procedures from all existing and new members of the Cottage Health workforce with access to PHI. Additionally, Cottage Health require all workforce members that have access to PHI to certify their receipt of, understanding and commitment to comply with the HIPAA Policies before allowing access to PHI and must deny access to PHI to any workforce member that has not provided the required certification.
Submit to ongoing notification and reporting requirements to keep OCR informed about its compliance efforts.

2018 Record Setting HIPAA Enforcement Year

The final Resolution Agreement negotiated by OCR in 2018, the $3 million Cottage Health Resolution Agreement signed on December 11, 2018 added to an already record-setting year of HIPAA enforcement recoveries by OCR. In addition to recovering the single largest individual HIPAA settlement in history of $16 million with Anthem, Inc. OCR’s recovery of the following HIPAA settlements and fines totaling nearly $28.7 million surpassed its previous 2016 record of $23.5 million by 22 percent.

Date	Name	Amount
Jan. 2018	Filefax, Inc (settlement)	$ 100,000
Jan. 2018	Fresenius Medical Care North America (settlement)	$ 3,500,000
June 2018	MD Anderson (judgment)	$ 4,348,000
Aug. 2018	Boston Medical Center (settlement)	$ 100,000
Sep. 2018	Brigham and Women’s Hospital (settlement)	$ 384,000
Sep. 2018	Massachusetts General Hospital (settlement)	$ 515,000
Sep. 2018	Advanced Care Hospitalists (settlement)	$ 500,000
Oct. 2018	Allergy Associates of Hartford (settlement)	$ 125,000
Oct. 2018	Anthem, Inc (settlement)	$ 16,000,000
Nov. 2018	Pagosa Springs (settlement)	$ 111,400
Dec. 2018	Cottage Health (settlement)	$ 3,000,000
Total (settlements and judgment)		$ 28,683,400

Aside from the previously discussed Cottage Health Resolution Agreement OCR announced on February 7, 2019, these OCR 2018 enforcement recoveries included:

FileFax Resolution Agreement. In January 2018, OCR settled for $100,000 with Filefax, Inc., a medical records maintenance, storage, and delivery services provider. OCR’s investigation found that Filefax impermissibly disclosed protected health information (PHI) by leaving the PHI in an unlocked truck in the Filefax parking lot, or by granting permission to an unauthorized person to remove the PHI from Filefax, and leaving the PHI unsecured outside the Filefax facility.
Fresenius Medical Care North America Resolution Agreement. In January 2018, OCR also settled for $3.5 million with Fresenius Medical Care North America (FMCNA), a provider of products and services for people with chronic kidney failure. FMCNA filed five breach reports for separate incidents occurring between February 23, 2012 and July 18, 2012, implicating the electronic protected health information (ePHI) of five FMCNA owned covered entities. OCR’s investigation revealed that FMCNA failed to conduct an accurate and thorough risk analysis of potential risks and vulnerabilities to the confidentiality, integrity, and availability of all of its ePHI. Additional potential violations included failure to implement policies and procedures and failure to implement a mechanism to encrypt and decrypt ePHI, when it was reasonable and appropriate to do so under the circumstances.
MD Anderson ALJ Ruling. In June 2018, an HHS Administrative Law Judge ruled in favor of OCR and required The University of Texas MD Anderson Cancer Center (MD Anderson), a Texas cancer center, to pay $4.3 million in civil money penalties for HIPAA violations. OCR investigated MD Anderson following three separate data breach reports in 2012 and 2013 involving the theft of an unencrypted laptop from the residence of an MD Anderson employee and the loss of two unencrypted universal serial bus (USB) thumb drives containing the unencrypted ePHI of over 33,500 individuals. OCR’s investigation found that MD Anderson had written encryption policies going back to 2006 and that MD Anderson’s own risk analyses had found that the lack of device-level encryption posed a high risk to the security of ePHI. Despite the encryption policies and high risk findings, MD Anderson did not begin to adopt an enterprise-wide solution to encrypt ePHI until 2011, and even then it failed to encrypt its inventory of electronic devices containing ePHI between March 24, 2011 and January 25, 2013. This matter is under appeal with the HHS Departmental Appeals Board.
MMC/BWH/MGH Resolution Agreements. In September 2018, OCR announced that it has reached separate settlements totaling $999,000, with Boston Medical Center (BMC), Brigham and Women’s Hospital (BWH), and Massachusetts General Hospital (MGH) for compromising the privacy of patients’ PHI by inviting film crews on premises to film an ABC television network documentary series, without first obtaining authorization from patients.
ACH Resolution Agreement. In September 2018, OCR also settled with Advanced Care Hospitalists (ACH), a contractor physician group, for $500,000. ACH filed a breach report confirming that ACH patient information was viewable on a medical billing services’ website. OCR’s investigation revealed that ACH never had a business associate agreement with the individual providing medical billing services to ACH, and failed to adopt any policy requiring business associate agreements until April 2014. Although ACH had been in operation since 2005, it had not conducted a risk analysis or implemented security measures or any other written HIPAA policies or procedures before 2014.
Allergy Associates Resolution Agreement. In October 2018, OCR settled with Allergy Associates, a health care practice that specializes in treating individuals with allergies, for $125,000. In February 2015, a patient of Allergy Associates contacted a local television station to speak about a dispute that had occurred between the patient and an Allergy Associates’ doctor. OCR’s investigation found that the reporter subsequently contacted the doctor for comment and the doctor impermissibly disclosed the patient’s PHI to the reporter.
Anthem Resolution Agreement. In October 2018, Anthem, Inc. also paid $16 million to OCR and agreed to take substantial corrective action to settle potential violations of the HIPAA Rules after a series of cyberattacks led to the largest U.S. health data breach in history. Anthem filed a breach report after discovering cyber-attackers had gained access to their IT system via an undetected continuous and targeted cyberattack for the apparent purpose of extracting data, otherwise known as an advanced persistent threat attack. After filing their breach report, Anthem discovered cyber-attackers had infiltrated their system through spear phishing emails sent to an Anthem subsidiary after at least one employee responded to the malicious email and opened the door to further attacks. OCR’s investigation revealed that between December 2, 2014 and January 27, 2015, the cyber-attackers stole the ePHI of almost 79 million individuals, including names, social security numbers, medical identification numbers, addresses, dates of birth, email addresses, and employment information.
Pegosa Springs Medical Center. In November 2018, Pagosa Springs Medical Center (PSMC), a critical access hospital, paid $111,400 to OCR to resolve potential violations concerning a former PSMC employee that continued to have remote access to PSMC’s web-based scheduling calendar, which contained patients’ ePHI, after separation of employment. OCR’s investigation revealed that PSMC impermissibly disclosed the ePHI of 557 individuals to its former employee and to the web-based scheduling calendar vendor without a business associate agreement in place.

These 2018 Resolution Agreements reaffirm the growing risks that Covered Entities and their business associates run by failing to take adequate steps to prevent and respond to breaches of ePHI and otherwise to maintain their compliance with HIPAA. Covered entities and business associates and their leaders should recognize and respond to these growing risks by reevaluating and strengthening their HIPAA compliance and risk management efforts to minimize the likelihood of violations and enhance their ability to mitigate potential liability that can result from breaches of HIPAA by responding efficiently and effectively.

Other Regulatory & Enforcement Developments

In addition to reaffirming their ongoing compliance with the longstanding requirements of HIPAA and other related federal and state laws, Covered Entities also should use care to carefully monitor and respond to new regulatory and other developments that might create new responsibilities or new opportunities to simplify their HIPAA compliance. In this respect, Covered Entities should take note of the 2018 and ongoing efforts by OCR to develop and publish new rules and other guidance intended to help health care providers and other Covered Entities, patients and caregivers and others understand their rights and responsibilities when dealing with protected health information in relation to patients afflicted with substance abuse and mental illness. Undertaken as part of the Trump Administration’s broader effort to combat opiate and other substance abuse within the United States, OCR in October published a package of guidance on How HIPAA Allows Doctors To Respond To The Opioid Crisis. Covered Entities and others concerned with the management of patients afflicted with substance abuse and mental illness should evaluate this guidance to understand and tailor their practices to respond to OCR’s perspectives of how HIPAA impacts the use, access and disclosure of protected health information as part of these efforts.

Covered Entities and others concerned about HIPAA compliance and interpretation also should carefully monitor and provide appropriate and timely input on developing HIPAA guidance that could impact their operations. In this regard, Covered Entities with ideas about opportunities for improving existing HIPAA guidance are encouraged to submit comments to OCR by February 12, 2019 in response to its Request for Information on improving care coordination and reducing the regulatory burdens of the HIPAA Rules published on December 12, 2018. In that RFI, OCR invites input from the public on how the HIPAA Privacy Rule, could be modified to:

Encourage information-sharing for treatment and care coor

More Information

About the Author

About Solutions Law Press, Inc.™

IMPORTANT NOTICE ABOUT THIS COMMUNICATION

Share this:

Like this:

More Information

About the Author

About Solutions Law Press, Inc.™

IMPORTANT NOTICE ABOUT THIS COMMUNICATION

Share this:

Like this:

Biden Marijuanna Pardons

Potential Employer Challenges

More Information

About the Author

About Solutions Law Press, Inc.™

IMPORTANT NOTICE ABOUT THIS COMMUNICATION

Share this:

Like this:

Banner Health Settlement

More Information

About the Author

About Solutions Law Press, Inc.™

IMPORTANT NOTICE ABOUT THIS COMMUNICATION

Share this:

Like this:

More Information

About the Author

About Solutions Law Press, Inc.™

IMPORTANT NOTICE ABOUT THIS COMMUNICATION

Share this:

Like this:

False Claims Act Liability Arising From Participation In Or Filing Claims Involving Improper Inducements

Gampel, Modern Vascular FCA Complaint

Warning To Other Heath Care Providers & Suppliers

For More Information

Other Helpful Resources & Information

Share this:

Like this:

More Information

About the Author

About Solutions Law Press, Inc.™

IMPORTANT NOTICE ABOUT THIS COMMUNICATION

Share this:

Like this:

More Information

About the Author

About Solutions Law Press, Inc.™

IMPORTANT NOTICE ABOUT THIS COMMUNICATION

Share this:

Like this:

eCQMs As Measure of Health Care Quality

2022 eCQMs Updates

More Information

About the Author

About Solutions Law Press, Inc.™

IMPORTANT NOTICE ABOUT THIS COMMUNICATION

Share this:

Share this:

Like this:

More Information

About the Author

About Solutions Law Press, Inc.™

IMPORTANT NOTICE ABOUT THIS COMMUNICATION

Share this:

Like this:

More Information

About the Author

About Solutions Law Press, Inc.™

IMPORTANT NOTICE ABOUT THIS COMMUNICATION

Share this:

Like this:

More Information

About the Author

About Solutions Law Press, Inc.™

IMPORTANT NOTICE ABOUT THIS COMMUNICATION

Share this:

Like this:

Share this: