Academic medicine |

Director of Texas Office of e-Health Coodination To Discuss Texas HIE Strategy in 3/14 HHS Sponsored Teleconference

March 14, 2012

On Wednesday, March 14, 2012 at 1 p.m. EDT, National eHealth Collaborative’s NeHC University will host Stephen Palmer, Director of the Office of e-Health Coordination at the Texas Health and Human Services Commission, to describe the HIE strategy being pursued by the state of Texas. Palmer will be joined by Kem McClelland of the Integrated Care Collaboration, Tony Gilman of the Texas Health Services Authority, and Bryan White of the North Texas Accountable Healthcare Partnership to showcase the Texas strategy in action and detail the progress that has been made on the ground.

To participate register and join NeHC University’s Spotlight on the Texas Statewide HIE Strategy.

For Help With Monitoring Developments, Compliance, Investigations Or Other Needs

You can get more information about her HIPAA and other experience here.

If you need assistance with these or other compliance concerns, wish to inquire about arranging for compliance audit or training, or need legal representation on other matters please contact Ms. Stamer at (469) 767-8872 or via e-mail here.

If you need help investigating or responding to a known or suspected compliance, litigation or enforcement or other risk management concern, assistance with reviewing, updating, administering or defending a current or proposed employment, employee benefit, compensation or other management practice, wish to inquire about federal or state regulatory compliance audits, risk management or training, or need legal representation on other matters please contact Ms Stamer here or at (469) 767-8872.

[1] The Breach Notification Rule also requires that covered entities report smaller breaches annually to OCR as part of a consolidated disclosure.

For more tips, see here.

For Help With Monitoring Developments, Compliance, Investigations Or Other Needs

You can get more information about her HIPAA and other experience here.

Other Recent Updates & Resources

If you found this information of interest, you also may be interested in the following recent updates on health care, health plan and employee benefits, human resources and other risk management and compliance matters. Recent examples on health care compliance and risk management matters include:

For additional resources and publications training materials by Ms. Stamer, see here.

If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information – including your preferred e-mail – by creating or updating your profile here. For important information concerning this communication click here. If you do not wish to receive these updates in the future, send an e-mail with the word “Remove” in the Subject to here.

[*] The Breach Notification Rule also requires that covered entities report smaller breaches annually to OCR as part of a consolidated disclosure.

Leave a Comment » | Academic medicine, ARRA, Disease Management, DME, Doctor, Durable Medical Equipment, Electronic Health Records, Electronic Medical Records, Employee Benefits, Employer, Health Care, Health Care Provider, Health Insurance Exchange, Health IT, Health Plan, Health Plans, HIPAA, HITECH Act, Home Health, Hospital, Hospital, Indian Health, Meaningful Use, Mental Heatlh, Pharmacy, Physician, Privacy | Tagged: Breach Notification, business associate, Health Care, Health Plan, HIPAA, HITECH Act, OCR | Permalink
Posted by Cynthia Marcotte Stamer

$1.5 Million HIPAA Settlement Reached To Resolve 1st OCR Enforcement Action Prompted By HITECH Act Breach Report

March 13, 2012

Resolution Agreement Also 1^st Announced With Health Plan

Health care providers, health plans and other covered entities beware and prepare! Reporting a large breach under the HITECH Act breach notification rules will trigger a Department of Health & Human Services (HHS) Office of Civil Rights (OCR) investigation into whether OCR should impose civil monetary penalties against the reporting covered entity under the Privacy and Security Rules of the Health Insurance Portability & Accountability Act of 1996 (HIPAA).

Blue Cross Blue Shield of Tennessee (BCBST) has agreed to pay OCR $1,500,000 and to take certain other actions specified in a corrective action plan to avoid civil monetary penalties for charges of HIPAA violations. The BCBST Resolution Agreement is particularly significant, both as:

The first reported enforcement action directly resulting from the filing by a covered entity of a breach report required by the Health Information Technology for Economic and Clinical Health (HITECH) Act Breach Notification Rule; and
The first reported resolution agreement reached with a covered entity that is a health plan.

These notable enforcement firsts show the HITECH Breach Notification Rule’s significance as an OCR HIPAA enforcement tool, the heightened exposure to an OCR opening a HIPAA civil monetary penalty (CMP) investigation following a report, as well as the willingness of OCR to sanction health plans as well as other covered entities that breach HIPAA’s Privacy or Security Rules.

BCBST Investigation Began In Response to HITECH Act Breach Notification Rule Report

The OCR investigation that lead to the BCBST settlement began in response to BCBST making a report required under the Breach Notification Rule of the theft of 57 unencrypted computer hard drives from a leased facility in Tennessee, which contained the protected health information (PHI) of over 1 million individuals. Read more details here.

The Breach Notification Rule enacted as part of amendments to HIPAA under the HITECH Act requires covered entities to report an impermissible use or disclosure of protected health information, or a “breach,” of 500 individuals or more to HHS and the media as well as an annual consolidated report of smaller breaches to HHS.[1] Along with the Breach Notification Rules, the HITECH Act also increased the civil monetary penalties (CMPs) that covered entities like BCBST can incur for HIPAA violations. When it imposed its first ever CMP last year, OCR imposed a $4.3 million CMP against Cignet Health of Prince George’s County, Md. (Cignet).

In an apparent effort to impose a potentially larger CMP assessment arising from the investigation of its breach report, BCBST greed to pay $1,500,000 and adopt other corrective actions detailed in a corrective action plan.

Enforcement Actions Highlight Growing HIPAA Exposures For Covered Entities

The BCBST Resolution Agreements, like the Cignet CMP and other high dollar Resolution Agreements OCR has announced against various health care providers highlight the significance of the HITECH Act amendments to HIPAA’s enforcement and CMP rules, as well as the significance of its Breach Notification Rule as a tool in OCR’s investigation and enforcement efforts.

“This settlement sends an important message that OCR expects health plans and health care providers to have in place a carefully designed, delivered, and monitored HIPAA compliance program,” said OCR Director Leon Rodriguez. “The HITECH Breach Notification Rule is an important enforcement tool and OCR will continue to vigorously protect patients’ right to private and secure health information.”

The BCBST Resolution Agreement provides yet another reminder to covered entities and their business associates of the need to carefully and appropriately manage their HIPAA responsibilities. See HIPAA Heats Up: HITECH Act Changes Take Effect & OCR Begins Posting Names, Other Details Of Unsecured PHI Breach Reports On Website. Covered entities are urged to heed these warning by strengthening their HIPAA compliance and adopting other suitable safeguards to minimize HIPAA exposures. Fortips, see here.

For Help With Monitoring Developments, Compliance, Investigations Or Other Needs

You can get more information about her HIPAA and other experience here.

[1] The Breach Notification Rule also requires that covered entities report smaller breaches annually to OCR as part of a consolidated disclosure.

For more tips, see here.

For Help With Monitoring Developments, Compliance, Investigations Or Other Needs

You can get more information about her HIPAA and other experience here.

Other Recent Updates & Resources

For additional resources and publications training materials by Ms. Stamer, see here.

[*] The Breach Notification Rule also requires that covered entities report smaller breaches annually to OCR as part of a consolidated disclosure.

ONC Releases Proposed Rules For Meaningful Use Stage 2

February 23, 2012

The Office of the National Coordinator for Health Information Technology (ONC) published its Notice of Proposed Rulemaking for Stage 2 Meaningful Use (Proposed Rule) in the Federal Register today (February 23).

The Proposed Rule available here outlines the next stage of meaningful use for the Electronic Health Record (EHR) Incentive Programs administered by CMS.

CMS has developed a fact sheet to give providers an overview of the rule and how Stage 2 expands upon Stage 1 of meaningful use. The fact sheet can be found here.

For More Information Or Assistance

If you need assistance reviewing or responding to these or other health care related technology, risk management, compliance, enforcement or management concerns, the author of this update, attorney Cynthia Marcotte Stamer, may be able to help. Vice President of the North Texas Health Care Compliance Professionals Association, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has more than 24 years experience advising health industry clients about these and other matters. Her experience includes advising hospitals, nursing home, home health, rehabilitation and other health care providers, health care technology and other health industry clients to set up and administer privacy and technology; workforce and staffing; operations; compliance and risk management policies; prevent, conduct and investigate, and respond to peer review and other quality concerns; and to respond to Board of Medicine, Department of Aging & Disability, Drug Enforcement Agency, OCR Privacy and Civil Rights, HHS, DOD and other health care industry investigation, enforcement and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns.

A popular lecturer and widely published author on health industry concerns, Ms. Stamer continuously advises health industry clients about compliance and internal controls, workforce and medical staff performance, quality, governance, reimbursement, technology, privacy, quality assurance and other risk management and operational matters. Ms. Stamer also publishes and speaks extensively on health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns. Her presentations and programs including a wide range of works on health care privacy and technology and other health industry matters.

Her insights on these and other related matters appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications. You can get more information about her health industry experience here. If you need assistance responding to concerns about the matters discussed in this publication or other health care concerns, wish to obtain information about arranging for training or presentations by Ms. Stamer, wish to suggest a topic for a future program or update, or wish to request other information or materials, please contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

If you or someone else you know would like to receive future updates about developments on these and other concerns from Ms. Stamer, see here.

About Solutions Law Press

Solutions Law Press™ provides business risk management, legal compliance, management effectiveness and other resources, training and education on human resources, employee benefits, compensation, data security and privacy, health care, insurance, and other key compliance, risk management, internal controls and other key operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press resources including:

THE FOLLOWING DISCLAIMER IS INCLUDED TO COMPLY WITH AND IN RESPONSE TO U.S. TREASURY DEPARTMENT CIRCULAR 230 REGULATIONS. ANY STATEMENTS CONTAINED HEREIN ARE NOT INTENDED OR WRITTEN BY THE WRITER TO BE USED, AND NOTHING CONTAINED HEREIN CAN BE USED BY YOU OR ANY OTHER PERSON, FOR THE PURPOSE OF (1) AVOIDING PENALTIES THAT MAY BE IMPOSED UNDER FEDERAL TAX LAW, OR (2) PROMOTING, MARKETING OR RECOMMENDING TO ANOTHER PARTY ANY TAX-RELATED TRANSACTION OR MATTER ADDRESSED HEREIN.

Leave a Comment » | Academic medicine, Affordable Care Act, ASC, Corporate Compliance, Doctor, E-Prescribing, Electronic Health Records, Electronic Medical Records, FDA, Federal Health Center, Grants, Health Care, Health Care Provider, Health Care Quality, Health Care Reform, Health IT, HIPAA, HITECH Act, Home Health, Hospital, Hospital, Licensing, Meaningful Use, Medicaid, Medicare Fee Schedule, OCR, OIG, Outcomes Data, Physician, Physician Licensing, Public Policy, Reimbursement, Rural Health Care, Substance Abuse | Tagged: EMR, Health Care, health care IT, health care technology, HIPAA, HITECH Act, Hospitals, Meaningful Use, Physicians, Privacy, Technology | Permalink
Posted by Cynthia Marcotte Stamer

Broad-Reaching Prosecution Of Individuals Participating In Operations Of Companies Convicted Of Fraud Shows Risks Of Participation

January 18, 2012

Convictions Show Growing Fraud Enforcement Risks Reach Broadly To Broad Range Of Actors

Health care owners and employees at all levels should heed the lesson shown from the continuing successful prosecution by the Justice Department against individuals ranging from owners to marketing employees for their participation in a Medicare fraud scheme allegedly orchestrated by the owners and operators of American Therapeutic Corporation (ATC); its management company, Medlink Professional Management Group Inc.; and the American Sleep Institute (ASI). The mounting guilty pleas and convictions obtained from individuals who participated in the execution of the scheme since the Justice Department secured guilty pleas from ATC, ASI and their owners shows that individuals electing to take part in aggressive Medicare referral or billing practices by their health care companies or other business partners stand a high risk of criminal prosecution if their organizations get caught engaging in health care fraud. The successful prosecutions shows the readiness of the Justice Department to prosecute individuals at all levels of organizations for their participation in health care fraud activities even after obtaining criminal convictions against the corporations and principles who were the primary actors in the scheme.

Health Care Fraud Scheme Prompts Continuing Series of Prosecutions

ATC and Medlink pleaded guilty in May 2011 to conspiracy to commit health care fraud. ATC also pleaded guilty to conspiracy to defraud the United States and to pay and receive illegal health care kickbacks. On Sept. 16, 2011, the two corporations were sentenced to five years of probation per count and ordered to pay restitution of $87 million. While both corporations have been defunct since their owners were arrested in October 2010, the Justice Department has continued its prosecution of a broad range of other individuals that it charges participated in the scheme.

Following the announcement of a January 17, 2012 guilty plea from Miami-area health care marketing representative Sandra Jimenez, Federal officials credit the investigation and prosecution activities of the Health Care Fraud Task Force with netting guilty pleas or trial convictions from ATC, Medlink and nine of the individual defendants indicted in February 2011 for their involvement in the alleged health care fraud conspiracy that the Justice Department claims resulted in the submission of $200 million in fraudulent Medicare claims. Other defendants are scheduled for trial on April 9, 2012. In addition to the prosecution of the criminal indictments, the Justice Department’s Civil Division also has filed a related civil action.

The guilty pleas, criminal convictions and other ongoing prosecutions stem from charges made against ATC, Medlink, ASI, Jimenez and several other parties in indictments unsealed on February 15, 2011 in the Southern District of Florida. Jimenez was indicted along with ATC, Medlink, and various owners, managers, doctors, therapists, patient brokers and marketers of ATC, Medlink and ASI for various health care fraud, kickback, money laundering and other offenses in the February 15, 2011 indictments.

According to court filings, ATC, Medlink and ASI were all Florida corporations headquartered in Miami. ATC operated purported partial hospitalization programs (PHPs) – a form of intensive treatment for severe mental illness – in seven different locations throughout South Florida and Orlando. ASI purported to provide diagnostic sleep disorder testing. ATC’s owners and operators paid kickbacks to owners and operators of assisted living facilities (ALFs) and halfway houses and to patient brokers in exchange for delivering ineligible patients to ATC and ASI. In some cases, Justice Department officials say the patients received a portion of those kickbacks. Throughout the course of the ATC and ASI conspiracy, Justice Department officials say millions of dollars in kickbacks were paid in exchange for Medicare beneficiaries, who did not qualify for PHP services, to attend treatment programs that were not legitimate PHPs. ATC and ASI then billed Medicare for the medically unnecessary services. According to court filings, to obtain the cash required to support the kickbacks, the co-conspirators laundered millions of dollars of payments from Medicare.

Owners To Serve 91 Months To 50 Years In Prison & Ordered To Pay Millions In Restitution

Not surprisingly, the owners and principles of the convicted corporations were the first parties individually convicted for their involvement in the alleged scheme.

Co-conspirator Margarita Acevedo, pleaded guilty on April 7, 2011, for her role in the fraud scheme. Acevedo was sentenced to 91 months in prison followed by three years of supervised release and ordered to pay more than $72 million in restitution, jointly and severally with her co-defendants.

On August 23, 2011, a jury found co-conspirator Judith Negron, one of the owners of ATC, guilty of all 24 felony counts charged in the February 2011 superseding indictment.

In September, 2011, Marianella Valera, the owner of ATC, was sentenced to 35 years in prison and ordered to pay more than $87 million in restitution, jointly and severally with her co-defendants. Valera was also sentenced to three years of supervised release following her prison term. Meanwhile, another ATC owner, Lawrence Duran, was sentenced on Sept. 16, 2011, to 50 years in prison for his role in the fraud scheme. Duran’s sentence is the longest prison sentence ever imposed in a Medicare Fraud Strike Force case. The sentencing came after Valera pleaded guilty in April, 2011 to 21 felony counts and Duran to 38 felony counts, including conspiracy to commit health care fraud, health care fraud, conspiracy to pay and receive illegal health care kickbacks, conspiracy to commit money laundering, money laundering and structuring to avoid reporting requirements.

In pleading guilty, Duran and Valera admitted that they orchestrated and executed a scheme to defraud Medicare beginning in 2002 and continuing until they were arrested in October 2010. Duran and Valera submitted false and fraudulent claims to Medicare through ATC. Duran and Valera also admitted to using the related company, ASI, to submit fraudulent Medicare claims.

According to court documents, Duran, Valera and others paid bribes and kickbacks to recruit Medicare beneficiaries to attend ATC and ASI and billed Medicare for treatments purportedly provided to these recruited patients. According to court documents, the treatments were medically unnecessary or never provided at all. Duran and Valera supported the kickbacks through an extensive money laundering scheme that aimed to hide the illicit conversion of Medicare payments to cash. The defendants and their co-conspirators used advanced measures to hide their fraudulent activities from Medicare and from law enforcement.

As part of the fraud scheme, Duran, Valera and others paid kickbacks to owners and operators of assisted living facilities (ALFs) and halfway houses and to patient brokers in exchange for delivering ineligible patients to ATC and ASI. In some cases, the patients received a portion of those kickbacks. The defendants and their co-conspirators actively recruited ALF and halfway house owners and operators and patient brokers to take part in the scheme. Throughout the course of the ATC and ASI conspiracy, millions of dollars in kickbacks were paid in exchange for Medicare beneficiaries, who did not qualify for PHP services, to attend treatment programs that were not legitimate PHP programs so that ATC and ASI could bill Medicare for more than $205 million in medically unnecessary services.

According to the superseding indictment to which they pleaded guilty, Duran, Valera and others caused the alteration of patient files and therapist notes for the purpose of making it falsely seem that patients being treated by ATC qualified for PHP treatments. According to court documents, Duran and Valera also instructed employees and doctors to alter diagnoses and medication types and levels to make it falsely seem that ATC patients qualified for PHP services. Duran, Valera and co-conspirators caused doctors to refer ATC patients to ASI even though the patients did not qualify for sleep studies.

According to the superseding indictment to which they pleaded guilty, the defendants also engaged in a money laundering conspiracy to enrich themselves and to provide cash for the millions of dollars in kickbacks paid to recruit Medicare beneficiaries. According to court documents, Duran and Valera used another company they owned and operated, Medlink Professional Management Inc., to hide the health care fraud and kickbacks from Medicare and law enforcement. Once Medicare paid ATC and ASI for the fraudulently billed services, Duran, Valera and others transferred millions of dollars to Medlink. They and others opened phony corporations to receive checks and wire transfers from both ATC and Medlink to convert that money into cash for their personal enrichment and for the payment of kickbacks. According to court documents, Duran, Valera and others cashed checks at different bank branches and different locations to conceal the true purpose of their activities and to evade reporting requirements.

Referring Facility Owner Pompano Faces Up To 10 Years Imprisonment & $250,000 Fine At Sentencing

Previously in November, 2011, Justice Department officials announced that the owner and operator of a Florida assisted living facility, Joseph B. Williams, pleaded guilty for his role in the Medicare fraud kickback scheme associated with the ATC fraud scheme. Williams admitted that in exchange for illegal health care kickbacks, he agreed to provide Medicare beneficiaries who resided at Avondale to ATC for mental health treatment through partial hospitalization program services. According to court documents, Williams was paid approximately $30 per beneficiary per day the beneficiary attended ATC. In his plea, Williams knew that ATC fraudulently billed Medicare for the partial hospitalization program treatment that his referrals purportedly received. Williams also admitted that he billed Medicaid for assisted living services purportedly provided at Avondale when, in fact, those services were never provided. Justice Department allegations reflect Williams paid owners and operators of halfway houses to obtain the personal identifiers of Medicaid enrollees who resided in those halfway houses and used that information to bill Medicaid fraudulently and also also billed Medicaid for assisted living services provided to residents of Avondale at times when they were not receiving any services.

According to the plea agreement, Williams’s participation in the fraud resulted in more than $2 million in fraudulent billing to the Medicare and Medicaid programs. At sentencing, scheduled on February 8, 2012, Williams faces a maximum of 10 years in prison and a $250,000 fine for each count.

Starter House Owner Nash Faces Up To 10 Years Imprisonment and $250,000 Fine When Sentenced

Barry Nash, the owner and operator of the Broward County, Florida-area halfway house, Starter House, pleaded guilty on January 5, 2012 to one count of conspiracy to commit health care fraud for his role in funneling patients through a fraudulent mental health company under the alleged fraud scheme.

In his plea, Nash admitted that, in exchange for illegal health care kickbacks, he agreed to refer Medicare beneficiaries who resided at Starter House to ACT for purported intensive mental health treatment through a partial hospitalization program and to ATC for purported sleep treatment. Nash admitted that he knew that ATC and ASI would fraudulently bill Medicare for the PHP treatment and sleep studies that his referrals would purportedly receive.

According to the plea agreement, Nash’s participation in the fraud resulted in more than $959,901 in fraudulent billing to the Medicare program. At sentencing, scheduled for March 8, 2012, Nash faces a maximum of 10 years in prison and a $250,000 fine.

Marketing Representative Jimenez Faces Up To 15 Years In Prison When Sentenced

Most recently, the Justice Department, HHS and FBI jointly announced on January 17, 2012 that marketing representative Sandra Jimenez admitted she participated in the alleged fraud scheme involving ATC, ASI and Medlink when she pleaded guilty to one count of conspiracy to commit health care fraud and one count of conspiracy to defraud the United States and to pay and receive illegal health care kickbacks.

In pleading guilty, Jimenez admitted that while serving as a marketer for ATC and ASI, she solicited beneficiaries and paid kickbacks to assisted living facility owners in exchange for the beneficiaries. The amount of the kickback was based on the number of days each patient spent at ATC. Jimenez also admitted that she participated in a separate Medicare fraud scheme through Priority Home Health, a Miami home health agency that submitted fraudulent claims to Medicare for home health services . Jimenez and her co-conspirators recruited Medicare beneficiaries to Priority Home Health who did not qualify for home health services.

According to the plea agreement, Jimenez’s participation in the ATC fraud and the Priority Home Health fraud resulted in $46 million in fraudulent billings to the Medicare program.

Sentencing for Jimenez is scheduled for June 27, 2012. She faces up to 15 years in prison and a $250,000 fine after pleading guilty to participating in a Medicare fraud scheme that Justice Department officials say resulted in the submission of more than $200 million in fraudulent Medicare claims.

Prosecutions & Convictions Show Participants In Health Care Fraud Activities Face High Risks

The zealous prosecution by the Justice Department of these and other parties who participated in the operation and furtherance of the health care fraud scheme highlights the advisability for all health care organizations and each individual working in or with health care organizations to exercise care to fully understand, and avoid participation, in aggressive activities that could be considered health care fraud.

Act To Manage Risks

In response to the growing emphasis and effectiveness of Federal officials in investigating and taking action against health care providers and organizations and other individuals involved in their operations, health care providers covered by federal false claims, referral, kickback and other health care fraud laws as well as other parties who participate in their operations should act to manage their exposures.

Health care organizations should take clear steps to manage compliance. Their management should make clear by policy and action their organization’s commitment to compliance. They also should consider auditing the adequacy of existing practices, tightening training, oversight and controls on billing and other regulated conduct, reaffirming their commitment to compliance to workforce members and constituents and taking other appropriate steps to help prevent, detect and timely redress health care fraud exposures within their organization and to position their organization to respond and defend against potential investigations or charges.

Meanwhile, individuals also need to assume responsibility for managing their own involvement to avoid stepping into the potential health care fraud fire.

Individuals should not assume that the prosecution of their corporations or their management leaders will insulate them from prosecution for their own participation in potential fraudulent activities will escape notice or prosecution.

Parties participating in health care marketing, billing or other activities that may give rise to potential fraud activities should take steps to develop their own strong understanding of the types of conduct that HHS or federal or state fraud investigators or prosecutors are likely to consider fraud and to avoid participating in these activities. Participants should take steps to resolve concerns about potential activities before engaging in conduct that might expose them or their companies to criminal or civil prosecution.

Individuals and corporations who participate in the conduct of activities targeted for audit or enforcement scrutiny also should consider planning in advance for the possible need to defend their actions by documenting the appropriateness of their actions as well as planning for the costs of defense that are likely to arise if their actions are called into question by making arrangements for insurance, indemnification or other sources to adequately fund these costs.

For More Information Or Assistance

If you need assistance reviewing or responding to these or other health care related risk management, compliance, enforcement or management concerns, the author of this update, attorney Cynthia Marcotte Stamer, may be able to help. Vice President of the North Texas Health Care Compliance Professionals Association, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has more than 24 years experience advising health industry clients about these and other matters. Her experience includes advising hospitals, nursing home, home health, rehabilitation and other health care providers and health industry clients to establish and administer compliance and risk management policies; prevent, conduct and investigate, and respond to peer review and other quality concerns; and to respond to Board of Medicine, Department of Aging & Disability, Drug Enforcement Agency, OCR Privacy and Civil Rights, HHS, DOD and other health care industry investigation, enforcement and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns.

If you or someone else you know would like to receive future updates about developments on these and other concerns from Ms. Stamer, see here.

About Solutions Law Press

Leave a Comment » | Academic medicine, Anti-KickBack, DME, Doctor, E-Prescribing, false claims act, Federal Sentencing Guidelines, Health Care, Health Care Fraud, Health Care Provider, Hospital, Licensing, Medical Licensure, Medical Malpractice, Money Laundering, OIG, Physician, Physician Licensing, Prescription Drugs, Substance Abuse | Tagged: controlled substance, DEA, Drug Testing, drugs, false claims act, Health Care, Health Care Compliance, Health Care Fraud, HEAT, licensure, Medicaid, Medical Board, Medicare, pain management, pharmacist, pharmacy, physical therapy, Physician | Permalink
Posted by Cynthia Marcotte Stamer

North Texas Medical Supply Company Owner Indicted For Health Care Fraud Now Also Charged With Immigration Fraud

December 27, 2011

A Plano, Texas man already indicted for health care fraud now also faces federal immigration fraud related changes. Justice Department officials announced the additional charges against Okey F. Nwagbara, (Nwagbara) on December 20, 2011. Although Nwagbara’s alleged actions reflect potential criminal misconduct in many areas, health care providers should keep in mind that the health care fraud task force participants are targeting health care fraud of all types, including those my health care providers not engaged in other types of criminal misconduct. As a result, all health care providers should tighten their health care billing and other practices to defend against possible scrutiny as part of the federal or state government’s widening fraud audit and investigation efforts.

Nwagbara Indicted For Health Care Fraud In October, 2011

Nwagbara 45 already is awaiting trial later in Spring, 2012 on health care fraud charges announced in October, 2011. According to the Justice Department, a North Texas grand jury indicted Nwagbara along with Jerry C. Bullard, 55, Mesquite, Texas, in October, 2011 on felony charges related to a health care fraud scheme they allegedly ran that defrauded Medicare of more than $500,000.

According to the Justice Department, Nwagbara is the owner/operator of Advanced MedEquip and Supplies Limited, located at 331 Melrose Drive in Richardson, Texas. Bullard is a former employee of Medistat Group Associates, P.A., an association of health care providers located in Desoto, Texas.

The October health care fraud indictment charges Nwagbara and Bullard each with one count of conspiracy to commit health care fraud and six substantive counts of health care fraud. The indictment alleges that from June 2008 through March 2010, Nwagbara and Bullard conspired together to defraud Medicare by submitting more than $500,000 in claims to the Medicare program for enternal nutrition DME, when in fact such DME was not medically necessary and in many cases, not provided.

According to the health care fraud indictment, Bullard worked in the Durable Medical Equipment (DME) section of Medistat where he was in charge of handling physicians’ prescriptions for equipment. Bullard and Nwagbara had a kickback arrangement and Bullard placed orders for DME with Nwagbara’s company, Advanced.

The indictment claims Bullard, using a Medistat physician’s name, would sign prescriptions, DME information forms and certificates of medical necessity for Medicare beneficiaries falsely indicating, among other things, that a beneficiary had a feeding tube when in fact, the beneficiary did not.

The enteral nutrition products which were billed to Medicare are consumed by a patient through a feeding tube. The associated feeding supply kits include tubing and syringes. The indictment claims that both the enteral formula and the kits that Advanced billed to Medicare were not medically necessary because the beneficiaries were not receiving nutrition through a feeding tube, the indictment claims. Instead, beneficiaries were receiving flavored nutritional supplements such as Ensure® and Glucerna® that would be consumed orally. Medicare does not reimburse orally ingested nutritional supplements.

In addition, the health care fraud indictment alleges that Nwagbara supplied only a fraction of the enternal products for which he billed Medicare and many of the beneficiaries never received the feeding supply kits for which he also billed Medicare.

The health care fraud case is being investigated by the Dallas Health Care Fraud Prevention and Enforcement Action Team (HEAT) Strike Force, which includes the U.S. Department of Health and Human Services – Office of Inspector General, the FBI and the Texas Attorney General’s Medicaid Fraud Control Unit. Prior to the announcement of the other charges, his trial on the health care fraud charges was scheduled for March, 2012. It is not clear whether the new charges will delay these proceedings.

New Immigration Charges

On December 20, 2011, the Justice Department announced that a North Texas grand jury now also has indicted Nwagbara for making misrepresentations in immigration and naturalization documents that misled the government and prevented the government from examining material facts that may have prevented his naturalization according to a December 20, 2011 Justice Department announcement.

According to the December 20, 2011 announcement by U.S. Attorney Sarah R. Saldaña, the immigration charges resulted from investigative work by the Dallas Health Care Fraud Strike Force, in concert with U.S. Immigration and Customs Enforcement’s Homeland Security Investigations and U.S. Citizenship and Immigration Services.

The new immigration indictment alleges that Nwagbara entered into a fraudulent marriage and provided false statements to obtain citizenship. On January 30, 2008, he made false statements on his application for naturalization that included:

Verifying that he had been married to and living with the same U.S. citizen for the last three years, when he was not living with his U.S. citizen spouse;
Indicating that he had no children, when in fact he had two children; and
Indicating that he had never previously claimed to be a U.S. citizen, when in fact, he falsely stated on a mortgage application in January 2006 that he was a U.S. citizen.

According to Saldaña, the immigration related indictment charges Nwagbara with three counts of making a false statement in an immigration document and three counts of unlawful procurement of naturalization. If convicted, each count carries a maximum statutory sentence of 10 years in federal prison and a $250,000 fine. Furthermore, should Nwagbara be convicted of unlawfully procuring his naturalization, his status as a U.S. citizen will be revoked by court order.

The Justice Department announcements reminds readers that an indictment is an accusation by a federal grand jury, and a defendant is entitled to the presumption of innocence unless proven guilty.

Health Care Fraud Charges Part of Ongoing National Anti-Health Care Fraud Campaign

The Medicare Fraud Strike Force operations are part of the Health Care Fraud Prevention & Enforcement Action Team (HEAT), a joint initiative between the Department of Justice and HHS to focus their efforts to prevent and deter fraud and enforce current anti-fraud laws around the country. The joint Department of Justice-HHS Medicare Fraud Strike Force is a multi-agency team of federal, state and local investigators designed to combat Medicare fraud through the use of Medicare data analysis techniques and an increased focus on community policing. Since its announcement, the Strike Force has used the combined resources of agents from the FBI, HHS-Office of Inspector General (HHS-OIG), multiple Medicaid Fraud Control Units, and other state and local law enforcement agencies to investigate and prosecute a rising number of organizations and individuals throughout the industry for alleged violations of Federal health care fraud prohibitions. In their September 7, 2011 announcement, HHS and DOJ credited Strike Force Operations in nine locations with resulting in charges against more than 1,140 defendants who the government charged collectively falsely billed the Medicare program for more than $2.9 billion.

In addition, the HHS Centers for Medicare and Medicaid Services, working in conjunction with the HHS-OIG, are using a wide range of new and old tools in their campaign against what they perceive as fraudulent providers and to deter other perceived aggressiveness by health care providers and organizations. See e.g., U.S. to use software to crack down on Medicare, Medicaid, CHIP fraud; Health Care Fraud Enforcement Packs New Heat; OIG Shares Key Insights On When Owners, Officers & Managers Face OIG Program Exclusion Based On Health Care Entity Misconduct; OIG Launch of Health Care Fraud “Most Wanted” List Sign of Enforcement Risks; CMS Delegated Lead Responsibility For Development of New Affordable Care Act-Required Medicare Self-Referral Disclosure Protocol; HHS announces Rules Implementing Tools Added By Affordable Care Act to Prevent Federal Health Program Fraud.

The effectiveness of these Federal efforts to deter, find and prosecute false claims and other perceived abuses of Federal health care law has been significantly strengthened since Congress passed the Patient Protection & Affordable Care Act (Affordable Care Act). Among other things, ACA empowered HHS to:

Suspend payments to providers and suppliers based on credible allegations of fraud in Medicare and Medicaid;
Impose a temporary moratorium on Medicare, Medicaid, and CHIP enrollment on providers and suppliers when necessary to help prevent or fight fraud, waste, and abuse without impeding beneficiaries’ access to care.
Strengthen and build on current provider enrollment and screening procedures to more accurately assure that fraudulent providers are not gaming the system and that only qualified health care providers and suppliers are allowed to enroll in and bill Medicare, Medicaid and CHIP;
Terminate providers from Medicaid and CHIP when they have been terminated by Medicare or by another state Medicaid program or CHIP;
Require provider compliance programs, now required under the Affordable Care Act, that will ensure providers are aware of and comply with CMS program requirements.

Act To Manage Risks

In response to the growing emphasis and effectiveness of Federal officials in investigating and taking action against health care providers and organizations, health care providers covered by federal false claims, referral, kickback and other health care fraud laws should consider auditing the adequacy of existing practices, tightening training, oversight and controls on billing and other regulated conduct, reaffirming their commitment to compliance to workforce members and constituents and taking other appropriate steps to help prevent, detect and timely redress health care fraud exposures within their organization and to prepare their organization to respond and defend against potential investigations or charges.

For More Information Or Assistance

Board Certified in Labor & Employment Law, Vice President of the North Texas Health Care Compliance Professionals Association, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has more than 23 years experience advising health industry clients.

Throughout her career, Ms. Stamer has advised and represented health care providers and other health industry clients. She helps health industry clients to establish and administer compliance and risk management policies and to respond to health care, human resources, tax, privacy, safety, antitrust, civil rights, and other laws as well as to handle public policy and government relations, peer review and credentialing, performance and discipline, training, internal investigation, litigation and enforcement and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns.

A popular lecturer and widely published author on health industry concerns, Ms. Stamer continuously advises health industry clients about compliance and internal controls, workforce and medical staff performance, quality, governance, reimbursement, and other risk management and operational matters. Ms. Stamer also publishes and speaks extensively on health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns including a number of programs and publications on health care fraud, privacy, and other rules and enforcement actions. Her insights on these and other related matters appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, World At Work, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications.

You can learn more information about Ms. Stamer’s health industry experience here. If you need assistance with these or other compliance concerns, wish to inquire about arranging for compliance audit or training, or need legal representation on other matters please contact Ms. Stamer at (469) 767-8872 or via e-mail here.

Other Resources

If you found this update of interest, you also may be interested in reviewing some of the other updates and publications authored by Ms. Stamer available including:

About Solutions Law Press

Leave a Comment » | Academic medicine, Anti-KickBack, ASC, Childrens Health Insurance Program, Corporate Compliance, DME, Doctor, Durable Medical Equipment, false claims act, Federal Health Center, Federal Sentencing Guidelines, Health Care, Health Care Finance, Health Care Fraud, Health Care Provider, Health Care Quality, Home Health, Hospital, Hospital, Medicaid, Medicare Advantage, Mental Heatlh, Money Laundering, OIG, Pharmacy, Physician, Reimbursement, Stark | Tagged: DOJ, Health Care, Health Care Fraud, Hospital, Medicare Fraud, OIG, Physician | Permalink
Posted by Cynthia Marcotte Stamer

DOL Proposes Tighter Overtime, Minimum Wage Rules For Home Care Workers, Continues Scrutiny Of Health Care Employers

December 15, 2011

The U.S. Department of Labor Wage and Hour Division (WHD) plans to propose new rules that would provide minimum wage and overtime protections for nearly two million workers who provide in-home care services for the elderly and infirm. WHD’s focus on home health workers is an extension of its expanded regulation and enforcement efforts targeting a broad range of health care industry employers. Home care and other health industry employers should act to manage their rising exposures to minimum wage, overtime and other federal and state wage and hour law risks. Additionally, health industry and other employers concerned about the potential cost or other implications of the proposed regulatory changes also should consider submitting comments to the WHD by the February comment deadline.

On December 15, 2011 the WHD announced that it will publish a Notice of Proposed Rulemaking [1] (NPRM) to revise the companionship and live-in worker regulations under the Fair Labor Standards Act (FLSA):

To more clearly define the tasks that may be performed by an exempt companion;
To limit the companionship exemption to companions employed only by the family or household using the services; and
To provide that third party employers, such as in-home care staffing agencies, could not claim the companionship exemption or the overtime exemption for live-in domestic workers, even if the employee is jointly employed by the third party and the family or household.

When Congress expanded protections to “domestic service” workers in 1974, it exempted casual babysitters and companions for the aged and inform from both the minimum wage and overtime pay requirements of the FLSA and exempted live-in domestic workers from the overtime pay requirement only. While WHD has left regulations governing this exemption substantially unchanged since first issued in 1975, it now believes the in-home care service industry. workers employed by in-home care staffing agencies are not the workers that Congress envisioned in enacting the companionship exemption (i.e., neighbors performing elder sitting).

As a result of these determines, WHD is moving to modify its existing rules to broaden protections for professionally employed home care workers as well as outreaching to inform employers and workers about the requirements that it perceives employers of these workers must meet.

The proposed tightening of regulations for home health workers follows a general toughening by WHD of its regulation and enforcement of wage and hour laws in the health care industry. See, e.g. Home health care company in Dallas agrees to pay 80 nurses more than $92,000 in back wages following US Labor Department investigation; US Department of Labor secures nearly $62,000 in back overtime wages for 21 health care employees in Pine Bluff, Ark.; US Department of Labor initiative targeted toward increasing FLSA compliance in New York’s health care industry; US Department of Labor initiative targeted toward residential health care industry in Connecticut and Rhode Island to increase FLSA compliance; Partners HealthCare Systems agrees to pay 700 employees more than $2.7 million in overtime back wages to resolve U.S. Labor Department lawsuit; US Labor Department sues Kentucky home health care provider to obtain more than $512,000 in back wages and damages for 22 employees; and Buffalo, Minn.-based home health care provider agrees to pay more than $150,000 in back wages following US Labor Department investigation.

Coupled with these and other enforcement efforts against health industry employers, WHD’s announcement of plans to tighten rules for home care givers. In connection with its announcement of the planned regulatory changes, for instance, WHD highlighted the following guidance about the wage and hour rules that employers of home care workers can anticipate being required to meet when employing these workers:

Violation of wage and hour laws exposes health care and other employers to significant back pay awards, substantial civil penalties and, if the violation is found to be willful, even potential criminal liability. Because states all have their own wage and hour laws, employers may face liability under either or both laws.

In light of the proposed regulatory changes and demonstrated willingness of WHD and private plaintiffs to bring actions against employers violating these rules, health care and others employing home care workers should take well-documented steps to manage their risks. These employers should both confirm the adequacy of their practices under existing rules, as well as evaluate and begin preparing to respond to the proposed modifications to these rules. In both cases, employers of home care or other health care workers are encouraged to critically evaluate their classification or workers, both with respect to their status as employees versus contractor or leased employees, as well as their characterization as exempt versus non-exempt for wage and hour law purposes. In addition, given the nature of the scheduled frequently worked by home care givers, their employers also generally should pay particular attention to the adequacy of practices for recordkeeping.

For More Information Or Assistance

Throughout her career, Ms. Stamer has advised and represented health care providers and other health industry clients to establish and administer compliance and risk management policies and to respond to health care, human resources, tax, privacy, safety, antitrust, civil rights, and other laws as well as with internal investigation, enforcement and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns. A popular lecturer and widely published author on health industry concerns, Ms. Stamer continuously advises health industry clients about compliance and internal controls, workforce and medical staff performance, quality, governance, reimbursement, and other risk management and operational matters. Ms. Stamer also publishes and speaks extensively on health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns including a number of programs and publications on OCR Civil Rights rules and enforcement actions. Her insights on these and other related matters appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, World At Work, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications. You can get more information about her health industry experience here. If you need assistance with these or other compliance concerns, wish to inquire about arranging for compliance audit or training, or need legal representation on other matters please contact Ms. Stamer at (469) 767-8872 or via e-mail here.

Other Resources

If you found this update of interest, you also may be interested in reviewing some of the other updates and publications authored by Ms. Stamer available including:

About Solutions Law Press

[1] WHD’s announcement of the planned rule notes that this draft shared December 15 remains subject to change before formally published in the Federal Register

Leave a Comment » | Academic medicine, Anti-KickBack, ASC, Childrens Health Insurance Program, Corporate Compliance, DME, Doctor, Durable Medical Equipment, false claims act, Federal Health Center, Federal Sentencing Guidelines, Health Care, Health Care Finance, Health Care Fraud, Health Care Provider, Health Care Quality, Home Health, Hospital, Hospital, Medicaid, Medicare Advantage, Mental Heatlh, Money Laundering, OIG, Pharmacy, Physician, Reimbursement, Stark | Tagged: DOJ, Health Care, Health Care Fraud, Home Care, home health, Hospital, Medicare Fraud, Minimum Wage, nurses, OIG, Overtime, Physician, Wage and Hour | Permalink
Posted by Cynthia Marcotte Stamer

Joint Commission Equal Visitation Rules & Guidance Supplement New Medicare Equal Visitation Requirements

November 13, 2011

Following on recently finalized Medicare regulations dictating that hospitals allow patients to control individuals who will be allowed to visit or exercise other patient representative rights , the Joint Commission of the Accreditation recently has released the following new guidance concerning its expectations concerning the responsibilities of hospitals and other accredited entities to create inclusive care enviromentments for lesbian, gay, bisexual and transgender (LGBT) patients and their families:

Joint Commission focuses on improving care for LGBT patients – A new field guide posted November 8, 2011- from The Joint Commission urges U.S. hospitals to create a more welcoming, safe and inclusive environment that contributes to improved health care quality for LGBT patients and their families.
Advancing Effective Communication, Cultural Competence, and Patient- and Family-Centered Care for the Lesbian, Gay, Bisexual, and Transgender (LGBT) Community – A new field guide from the Joint Commission urges US hospitals to create a more welcoming, safe, and inclusive environment that contributes to improved health care quality for lesbian, gay, bisexual, and transgender (LGBT) patients and their families.

Hospitals and others impacted by these rules should review and update visitation, patient representative, privacy, patient notification and consent and other policies and practices to comply with the new Medicare mandates and the applicable requirements of the new Joint Commission standards.

Learn more about these new requirements in the recent Modern Healthcare article Bumpy road for equal visitation.

For More Information Or Assistance

If you need assistance reviewing or responding to these or other health care related risk management, compliance, enforcement or management concerns, the author of this update, attorney Cynthia Marcotte Stamer, may be able to help. Ms. Stamer’s insights on the new Medicare visitation rules recently were quoted in Modern Healthcare. Vice President of the North Texas Health Care Compliance Professionals Association, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has more than 23 years experience advising health industry clients about these and other matters. Ms. Stamer has extensive experience advising and assisting health care providers and other health industry clients to establish and administer compliance and risk management policies and to respond to DEA and other health care industry investigation, enforcement and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns. A popular lecturer and widely published author on health industry concerns, Ms. Stamer continuously advises health industry clients about compliance and internal controls, workforce and medical staff performance, quality, governance, reimbursement, and other risk management and operational matters. Ms. Stamer also publishes and speaks extensively on health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns including a number of programs and publications on OCR Civil Rights rules and enforcement actions. Her insights on these and other related matters appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, World At Work, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications. You can get more information about her health industry experience here. If you need assistance with these or other compliance concerns, wish to inquire about arranging for compliance audit or training, or need legal representation on other matters please contact Ms. Stamer at (469) 767-8872 or via e-mail here.

Leave a Comment » | Academic medicine, Anti-KickBack, ASC, Childrens Health Insurance Program, Corporate Compliance, DME, Doctor, Durable Medical Equipment, false claims act, Federal Health Center, Federal Sentencing Guidelines, Health Care, Health Care Finance, Health Care Fraud, Health Care Provider, Health Care Quality, Home Health, Hospital, Hospital, Medicaid, Medicare Advantage, Mental Heatlh, Money Laundering, OIG, Pharmacy, Physician, Reimbursement, Stark | Tagged: DOJ, equal visitation, Health Care, Health Care Fraud, Hospital, Medicare Fraud, OIG, Physician | Permalink
Posted by Cynthia Marcotte Stamer

OCR Audit Program Kickoff Further Heats HIPAA Privacy Risks

November 9, 2011

The kickoff of a new compliance audit pilot program provides another reason for health care providers, health plans, healthcare clearinghouses and their business associates to get serious about compliance with the privacy, security and data breach requirements of the Health Insurance Portability and Accountability Act of 1996 (HIPAA).

OCR Pilot Audit Program Begins

On November 8, 2011, the Office of Civil Rights (OCR) of the Department of Health & Human Services (HHS) announced that it will begin auditing HIPAA compliance this month under a new pilot program.

As amended by the American Recovery and Reinvestment Act of 2009 in Section 13411 of the HITECH Act, requires HHS to provide for periodic audits to make sure covered entities and business associates are complying with the HIPAA Privacy and Security Rules and Breach Notification standards. To carry out this mandate, OCR is piloting a program to perform up to 150 audits of covered entities to assess privacy and security compliance between November 2011 and December 2012.

The commencement of OCR HIPAA compliance audits is yet another sign that covered entities and their business associates should get serious about HIPAA compliance. The audit program serves as a new part of OCR’s health information privacy and security compliance program. While OCR says that it presently views the pilot audits as primarily a compliance improvement tool, this does not mean violators should expect a free walk.

Even before the impending audits, HIPAA Privacy exposures of covered entities for failing to comply with HIPAA already had risen significantly. Earlier this year, OCR imposed a $4.3 Million Civil Money Penalty (CMP) against Cignet Health of Prince George’s County (Cignet) for violating HIPAA. Meanwhile, the Department of Justice has secured several criminal convictions or pleas under HIPAA’s criminal provisions. Under amendments made by the HITECH Act, state attorneys general also now are empowered to bring civil lawsuits against covered entities and business associates that commit HIPAA violations that injure citizens in their state under certain circumstances. Eventually, individuals injured by HIPAA violations also will get the right to share in a portion of certain HIPAA recoveries.

These and other audit and enforcement activities send a strong message that covered entities and their business associates need to get serious about HIPAA compliance. As stated by OCR Director Georgina Verdugo when announcing the Mass General Resolution Agreement, “To avoid enforcement penalties, covered entities must ensure they are always in compliance with the HIPAA Privacy and Security Rules,” Verdugo added, “A robust compliance program includes employee training, vigilant implementation of policies and procedures, regular internal audits, and a prompt action plan to respond to incidents.” Learn more here.

For Help With Monitoring Developments, Compliance, Investigations Or Other Needs

Vice President of the North Texas Health Care Compliance Professionals Association, a member of the American College of Employee Benefit Counsel, Past Chair of the ABA RPTE Employee Benefits & Other Compensation Arrangements Group, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has extensive experience advising and assisting health care providers, health plans, their business associates and other health industry clients to establish and administer medical privacy and other compliance and risk management policies. Ms. Stamer also regularly helps clients deal with OCR and other agencies, publishes and speaks extensively on medical and other privacy and data security, health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns. Her publications and insights appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, World At Work, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications. Her insights on the required “culture of compliance” with HIPAA are frequently included in medical privacy related publications of the Atlantic Information Service, Modern Health Care, HealthLeaders and many others. Among others, she has conducted privacy training for the Association of State & Territorial Health Plans (ASTHO), the Los Angeles Health Department, the American Bar Association, the Health Care Compliance Association, a multitude of health industry, health plan, employee benefit and other clients, trade and professional associations and others. You can get more information about her HIPAA and other experience here or may contact her at (469) 767-8872 or via e-mail here.

You can review other selected publications and resources and additional information about the employment, employee benefits and other experience of Ms. Stamer here.

About Solutions Law Press

Leave a Comment » | Academic medicine, ASC, Centers For Disease Control, Childrens Health Insurance Program, DEA, Disease Management, DME, Doctor, Durable Medical Equipment, E-Prescribing, Electronic Medical Records, Employee Benefits, Employer, FACTA, Genetic Information, GINA, Health Care, Health Care Provider, Health IT, Health Plan, Health Plans, HIPAA, HITECH Act, Home Health, Hospital, Hospital, Indian Health, Inpatient Rehabilitation Facility, Medicaid, Medicare, Mental Heatlh, OCR, Outpatient, Pharmacy, Physician, Prescription Drugs, Privacy, Rural Health Care | Tagged: Data Security, Doctor, Health Care Provider, HIPAA, HITECH, home health, Hospital, Physician, Privacy | Permalink
Posted by Cynthia Marcotte Stamer

UCLA Health Systems Payment of $865,500 To Settle HIPAA Charges Shows Rising HIPAA Risk

September 15, 2011

Health care providers, health plans, health care clearinghouses and their business associates got another wake up call about the growing importance of strengthening their policies, practices and safeguards of medical information and records that are “protected health information” under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy and Security Rules with the announcement on July 7 that the University of California at Los Angeles Health System (UCLAHS) has reached an agreement with the U.S. Department of Health & Human Services Office of Civil Rights (OCR) to pay $865,500 and act to strengthen its health information privacy and security practices to settle charges of HIPAA violations.

The latest in a series of recently announced high-dollar Resolution Agreements, the UCLAHS Resolution Agreement highlights the growing risks that covered entities and their business associates run by failing to adequately adopt and administer the policies, systems and other management controls and training necessary to ensure that their organizations and their employees and other members of their workforce actually operationally comply with HIPAA.

Increased penalties, tighter rules and recent enforcement actions by OCR make it more important than ever that covered entities tighten their compliance and risk management policies and procedures.

As a result of amendments enacted as part of the HITECH Act, Congress modified and expanded the HIPAA audit and enforcement obligations of OCR, amended and expanded the potential penalties, made business associates liable for violation of the privacy rules like covered entities, added an obligation for covered entities and business associates to provide notification of breaches of unsecured PHI and tightened other HIPAA obligations. The HITECH Act also gave state attorneys general to bring civil lawsuits against covered entities and business associates that commit HIPAA violations that injure citizens in their state under certain circumstances. Eventually, individuals injured by HIPAA violations will get the right to share in a portion of certain HIPAA recoveries. See HIPAA Heats Up: HITECH Act Changes Take Effect & OCR Begins Posting Names, Other Details Of Unsecured PHI Breach Reports On　Website.

OCR enforcement actions and statistics make clear that OCR is serious about investigation and enforcement of HIPAA violations. This Spring, OCR assessed its first civil monetary penalty (CMP) under HIPAA – a $4.3 million against Cignet Health of Prince George’s County, Md. (Cignet) and entered into a series of Resolution Agreements under which CVS Pharmacy, Inc., General Hospital Corporation and Massachusetts General Physicians Organization Inc., Rite Aid and others paid a million or more dollars as part of the required terms of settlement. See e.g., Rite Aid Pays $1 Million HIPAA Privacy Settlement As OCR Tightens HIPAA Regulations; HIPAA Risks Soar As CVS Agrees To Pay $2.25 Million To Resolve HIPAA Charges & Stimulus Bill Amends HIPAA; Providence To Pay $100,000 & Implement Other Safeguards To Settle HIPAA Penalty Exposures Under HIPAA. Meanwhile, as of January 1, 2011, OCR reported that it had referred more than 484 Privacy Rule breach investigations to the Department of Justice for consideration for potential criminal prosecution and required changes in privacy practices and other corrective actions as part of the requirements for resolution of an additional 12,781 of cases investigated. In addition to these civil enforcement actions by OCR, the Department of Justice has secured several criminal convictions or pleas under HIPAA’s criminal provisions. OCR data confirms that the covered entities involved in these actions included health care providers, health plans, and others. See, e.g., 2 New HIPAA Criminal Actions Highlight Risks From Wrongful Use/Access of Health　Information

Lax HIPAA and other practices for protection of medical and other confidential personal information also increasingly exposes covered entities and other organizations to liability under state laws. State courts allow individual plaintiffs to rely on violations of HIPAA as the basis for bringing state privacy, retaliation or other actions. See, e.g. Sorensen v. Barbuto, 143 P.3d 295 (Utah Ct. App. 2006), Acosta v. Byrum, 638 S.E. 2d 246 (N.C. Ct. App. 2006). Private plaintiffs employed by covered entities also claim HIPAA related misconduct as the basis for their retaliation claims. See, e.g.,　 Retaliation For Filing HIPAA Complaint Recognized As Basis For State Retaliatory Discharge Claim.

HIPAA-specific exposures, wrongful use, access or disclosure of medical information also can expose covered entities, members of their workforce and others improperly using, accessing or disclosing protected health information to liability under other federal or state laws. See, Cybercrime & Identity Theft: Health Information Security Beyond HIPAA; NY AG Cuomo Announcement of 1st Settlement For Violation of NY Security Breach Notification Law; Woman Who Revealed AIDs Info Gets A Year.

These and other developments make clear that covered entities and their business associates must get serious about HIPAA compliance and risk management. These organizations should review and tighten privacy policies, breach and other monitoring, training and other practices to mitigate against exposures in light of recently tightened requirements and new enforcement risks.

For More Details Or Help With HIPAA & Other Risk Management & Compliance Needs

To learn more about the UCLAHS Resolution Agreement and other risk management tips, see UCLA Health Systems Payment of $865,000 To Settle HIPAA Charges Shows Rising HIPAA Risk.

Ms. Stamer also regularly works with OCR and other agencies, publishes and speaks extensively on medical and other privacy and data security, health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns. Her publications and insights appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, World At Work, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications.　 For instance, On May 3, 2011, Ms. Stamer served as the appointed scribe for the ABA Joint Committee on Employee Benefits Agency meeting with OCR and will moderate a teleconference featuring comments by OCR’s Susan McAndrew for the Joint Committee on Employee Benefits scheduled for May 16. Her insights on the required “culture of compliance” with HIPAA also recently were quoted in medical privacy related publications of the Atlantic Information Service. Among others, she has conducted privacy training for the Association of State & Territorial Health Plans (ASTHO), the Los Angeles Health Department, the American Bar Association, the Health Care Compliance Association, a multitude of health industry, health plan, employee benefit and other clients, trade and professional associations and others. You can get more information about her HIPAA and other experience here. To ask for legal help with these or other compliance concerns, inquire about arranging for compliance audit or training, or matters please contact Ms. Stamer at (469) 767-8872 or via e-mail here. You can review other publications and resources and additional information about the employment, employee benefits and other experience of Ms. Stamer here and register to receive future updates about developments on these and other concerns from Ms. Stamer here. For important information concerning this communication click here.Solutions Law Press™ provides business risk management, legal compliance, management effectiveness and other resources, training and education on human resources, employee benefits, compensation, data security and privacy, health care, insurance, and other key compliance, risk management, internal controls and other key operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press resources available at www.solutionslawpress.com.

Leave a Comment » | Academic medicine, ASC, Disease Management, DME, Doctor, Durable Medical Equipment, E-Prescribing, Electronic Medical Records, Employee Benefits, Genetic Information, GINA, Health Care, Health Care Provider, Health IT, Health Plan, Health Plans, HIPAA, HITECH Act, Home Health, Hospital, Indian Health, Medicare Advantage, Mental Heatlh, OCR, Outpatient, Patient Empowerment, Pharmacy, Prescription Drugs, Rural Health Care | Tagged: business associate, Doctor, Health Care, Health Care Provider, Health Plans, HIPAA, Hospital, Physician | Permalink
Posted by Cynthia Marcotte Stamer

Indictment of 91 Shows Growing Health Care Fraud Enforcement Risk

September 8, 2011

A nationwide takedown by Medicare Fraud Strike Force operations in eight cities resulted in the Department of Justice filing criminal charges against 91 defendants, including doctors, nurses, and other medical professionals, for their alleged participation in Medicare fraud schemes involving approximately $295 million in false billing, Attorney General Eric Holder and Health and Human Services (HHS) Secretary Kathleen Sebelius jointly announced the charges on September 7, 2011.

The charges are provide yet another powerful reminder to health care providers, leaders and organizations of the advisability of tightening compliance practices and taking other steps to guard against ever expanding health care fraud exposures. Already a lead federal enforcement priority for more than a decade, HHS recently established the Center for Program Integrity within the Centers for Medicare & Medicaid Services (CMS) to focus on identifying and stopping fraud and acting swiftly to protect beneficiaries.

Charges Announced September 7 Show Strike Force Targeting Fraud Industry Wide

In announcing the most sweeping joint action to date, HHS and Justice Department officials warned that the latest charges demonstrate the willingness and commitment of federal officials to find and prosecute health care fraud throughout the health care industry. The actions are the latest in a series of strong reminders to providers, leaders and others in the health care industry of the need to tighten compliance and risk management to minimize the risk of getting caught up in the Federal government’s ever-tightening health care fraud investigation and enforcement net.

The charges made against the 91 defendants in the indictments announced cover nearly the entire spectrum of healthcare providers for a variety alleged fraudulent schemes. The defendants charged are accused of various health care fraud-related crimes, including conspiracy to defraud the Medicare program, health care fraud, violations of the anti-kickback statutes and money laundering. The charges are based on a variety of alleged fraud schemes involving various medical treatments and services such as home health care, physical and occupational therapy, mental health services, psychotherapy and durable medical equipment (DME). HHS and Justice Department Officials warned these latest sweeping charges clearly signal the resolve of the federal government to find and prosecute health care fraud throughout the industry. Learn more details about September here.

According to the Justice Department and HHS, 70 individuals were charged by Strike Force prosecutors in indictments unsealed on September 6 and September 7, 2011 in six cities. The indictments allege a variety of Medicare fraud schemes involving approximately $263.6 million in false billings. As part of takedown operations last week, 18 additional defendants were charged in Detroit and one defendant was charged in Miami in cases unsealed on September 1, 2011, for their alleged roles in Medicare fraud schemes involving approximately $29.4 million in fraudulent claims. Additionally, two individuals are scheduled to appear in court on September 7, 2011 on charges filed on August. 24, 2011, for their roles in a separate $2 million health care fraud scheme. According to the September 7 announcement, this coordinated takedown involved the highest amount of false Medicare billings in a single takedown in Strike Force history.

According to court documents, the defendants located in Miami, Houston, Baton Rouge, Los Angeles and Detroit allegedly participated in a diverse array of schemes to submit claims to Medicare for treatments that were medically unnecessary and oftentimes never provided. In many cases, indictments and complaints allege that patient recruiters, Medicare beneficiaries and other co-conspirators were paid cash kickbacks in return for supplying beneficiary information to providers, so that the providers could submit fraudulent billing to Medicare for services that were medically unnecessary or never provided. Collectively, the doctors, nurses, medical professionals, health care company owners and others charged in the indictments and complaints are accused of conspiring to submit a total of approximately $295 million in fraudulent billing. If convicted, the defendants face a broad range of criminal, civil and administrative sanctions including imprisonment, criminal penalties, civil sanctions, federal program disqualification, state licensing board disciplinary action and other consequences.

Charges Part of Ongoing National Anti-Health Care Fraud Campaign

Suspend payments to providers and suppliers based on credible allegations of fraud in Medicare and Medicaid;
Impose a temporary moratorium on Medicare, Medicaid, and CHIP enrollment on providers and suppliers when necessary to help prevent or fight fraud, waste, and abuse without impeding beneficiaries’ access to care.
Strengthen and build on current provider enrollment and screening procedures to more accurately assure that fraudulent providers are not gaming the system and that only qualified health care providers and suppliers are allowed to enroll in and bill Medicare, Medicaid and CHIP;
Terminate providers from Medicaid and CHIP when they have been terminated by Medicare or by another state Medicaid program or CHIP;
Require provider compliance programs, now required under the Affordable Care Act, that will ensure providers are aware of and comply with CMS program requirements.

Act To Manage Risks

In response to the growing emphasis and effectiveness of Federal officials in investigating and taking action against health care providers and organizations, health care providers covered by federal false claims, referral, kickback and other health care fraud laws should consider auditing the adequacy of existing practices, tightening training, oversight and controls on billing and other regulated conduct, reaffirming their commitment to compliance to workforce members and constituents and taking other appropriate steps to help prevent, detect and timely redress health care fraud exposures within their organization and to position their organization to respond and defend against potential investigations or charges.

For More Information Or Assistance

If you need assistance reviewing or responding to these or other health care related risk management, compliance, enforcement or management concerns, the author of this update, attorney Cynthia Marcotte Stamer, may be able to help. Vice President of the North Texas Health Care Compliance Professionals Association, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has more than 23 years experience advising health industry clients about these and other matters. Ms. Stamer has extensive experience advising and assisting health care providers and other health industry clients to establish and administer compliance and risk management policies and to respond to DEA and other health care industry investigation, enforcement and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns. A popular lecturer and widely published author on health industry concerns, Ms. Stamer continuously advises health industry clients about compliance and internal controls, workforce and medical staff performance, quality, governance, reimbursement, and other risk management and operational matters. Ms. Stamer also publishes and speaks extensively on health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns including a number of programs and publications on OCR Civil Rights rules and enforcement actions. Her insights on these and other related matters appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, World At Work, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications. You can get more information about her health industry experience here. If you need assistance with these or other compliance concerns, wish to inquire about arranging for compliance audit or training, or need legal representation on other matters please contact Ms. Stamer at (469) 767-8872 or via e-mail here.

About Solutions Law Press

Leave a Comment » | Academic medicine, Affordable Care Act, Anti-KickBack, ASC, Childrens Health Insurance Program, Corporate Compliance, Durable Medical Equipment, Federal Health Center, Federal Sentencing Guidelines, Health Care, Health Care Finance, Health Care Fraud, Health Care Provider, Health Care Quality, Health Care Reform, Health Plans, Hospital, Laws, Medicaid, Medicare, Medicare Advantage, Medicare Fee Schedule, Medicare Prescription Drug Program, Mental Heatlh, Money Laundering, OIG, Outpatient, Patient Protection and Affordable Care Act, Pharmacy, Physician, Prescription Drugs, Public Policy, Reimbursement, Rural Health Care, Stark, Substance Abuse | Tagged: Health Care Fraud, HEAT, Medicaid Fraud, Medicare, Medicare Fraud, Medicare Fraud Task Force | Permalink
Posted by Cynthia Marcotte Stamer

5/18 Deadline to Register For 5/19 CMS Provider Call on Medicare and Medicaid EHR Meaningful Use Incentive Programs

May 17, 2011

Wish you knew more about how to use electronic health records (EHRs) to earn incentive payments from the Centers for Medicare & Medicaid Services (CMS)? CMS plans to host a national provider education call to help you learn more about meaningful use on Thursday, May 19 at 2:30 p.m. EDT. During the call, CMS plans to discuss:

The definition of meaningful use
The requirements for Stage 1 of meaningful use (2011 and 2012)
How to attest to having met meaningful use
Overview of the meaningful use objectives specification sheets
- Stage 1 EHR Meaningful Use Specification Sheets for Eligible Professionals
- Stage 1 EHR Meaningful Use Specification Sheets for Eligible Hospitals
Q&A about meaningful use

In order to receive the call-in information, you must register for the call. It is important to note that if you are planning to sit in with a group, only one person needs to register to receive the call-in data. This registration is solely to reserve a phone line, NOT to allow participation. Registration will close at 2:30 p.m. EDT on May 18, 2011, or when available space has been filled. No exceptions will be made, so please be sure to register prior to this time. In order to register, you should:

Visit the registration page.
Fill in all required information and click “Register.”
You will be taken to the “Thank you for registering” page and will receive a confirmation email shortly thereafter. Please save this page in case your server blocks the confirmation emails. (If you do not receive the confirmation email, check your spam/junk mail filter as it may have been directed there.)
If assistance for hearing impaired services is needed, please email medicare.ttt@palmettogba.com no later than three business days before the call.

Prior to the call, presentation materials will be made available in the “Upcoming Events” section of the Spotlight page on the CMS EHR website.

Want more information about the EHR Incentive Programs?
Make sure to visit the EHR Incentive Programs website for the latest news and updates on the EHR Incentive Programs.

Sixty-two Regional Extension Centers (RECs) across the nation are prepared to offer customized, on-the-ground assistance for eligible professionals and hospitals registering for the CMS EHR Incentive Programs. To locate an REC near you, visit http://www.healthit.

In addition to the May 10 call, recordings of various other recent health information privacy and data security training offered by agencies within the Department of Health and Human Services also now is avaialble on the web. For instance, the National Institute of Standards and Technology (NIST) and the Office for Civil Rights (OCR) are making presentations from the 4th annual conference on “Safeguarding Health Information: Building Assurance through HIPAA Security” co-hosted in Washington, D.C. on May 10 & 11, 2011 available on line for review. The training is part of a series of continuing efforts by the agencies to outreach to various parties on the Privacy and Security Rules of the Health Insurance Portability & Accountability Act of 1996, as amended (HIPAA). Meanwhile, OCR’s Susan McAndrew on Monday shared insights on OCR’s HIPAA regulatory and enforcement agenda at a teleconference to be hosted by the American Bar Association Joint Committee on Employee Benefits at Noon Central on May 16, 2011. Recordings of these presentations are or will be accessible on the sponsoring organizations from their websites. For details about reviewing the May 10-11 presentations, see the 2011 HIPAA Conference website here. For details about the May 16 teleconference, see here.

For Help With Monitoring Developments, Compliance, Investigations Or Other Needs

If you need assistance monitoring federal health reform, policy or enforcement developments, or to review or respond to these or other health care or health IT related risk management, compliance, enforcement or management concerns, the author of this update, attorney Cynthia Marcotte Stamer, may be able to help. Vice President of the North Texas Health Care Compliance Professionals Association, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has more than 23 years experience advising health industry clients about these and other matters. Ms. Stamer has extensive experience advising and assisting health care providers and other health industry clients to establish and administer medical privacy and other compliance and risk management policies, to health care industry investigation, enforcement and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns. A popular lecturer and widely published author on health industry concerns, Ms. Stamer continuously advises health industry clients about compliance and internal controls, workforce and medical staff performance, quality, governance, reimbursement, and other risk management and operational matters. On May 3, 2011, Ms. Stamer served as the appointed scribe for the ABA Joint Commitee on Employee Benefits Agency meeting with OCR and will moderate a teleconference featuring comments by OCR’s Susan McAndrew for the Joint Committee on Employee Benefits scheduled for May 16. Ms. Stamer also publishes and speaks extensively on health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns/ She also regularly designs and presents risk management, compliance and other training for health care providers, professional associations and others including highly popular programs on “Sex Drugs & Rock ‘N Role: Managing Personal Misconduct in Health Care,” “Managing Physician Performance” and others.. Her publications and insights appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, World At Work, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications. You can get more information about her health industry experience here. If you need assistance with these or other compliance concerns, wish to inquire about arranging for compliance audit or training, or need legal representation on other matters please contact Ms. Stamer at (469) 767-8872 or via e-mail here.

About Solutions Law Press

Leave a Comment » | Academic medicine, ASC, DEA, Disease Management, DME, Doctor, Electronic Health Records, Electronic Medical Records, Employer, Genetic Information, GINA, Health Care Provider, Health IT, Health Plan, HIPAA, HITECH Act, Hospital, Medicaid, Medicare, Medicare Advantage, Medicare Fee Schedule, Mental Heatlh, OCR, Physician | Tagged: Health Care, HIPAA, Medical Confidentiality, OCR< Privacy, Security | Permalink
Posted by Cynthia Marcotte Stamer

OCR/NIST Share Training Online, OCR’s McAndrew To Speak On May 16 Teleconference

May 10, 2011

The National Institute of Standards and Technology (NIST) and the Department of Health and Human Services (HHS), Office for Civil Rights (OCR) are making presentations from the 4th annual conference on “Safeguarding Health Information: Building Assurance through HIPAA Security” co-hosted in Washington, D.C. on May 10 & 11, 2011 available on line for review. The training is part of a series of continuing efforts by the agencies to outreach to various parties on the Privacy and Security Rules of the Health Insurance Portability & Accountability Act of 1996, as amended (HIPAA). Meanwhile, OCR’s Susan McAndrew is scheduled to share insights on OCR’s HIPAA regulatory and enforcement agenda at a teleconference to be hosted by the American Bar Association Joint Committee on Employee Benefits at Noon Central on May 16, 2011.

The Security Rule sets federal standards to protect the confidentiality, integrity and availability of electronic protected health information by requiring HIPAA covered entities and their business associates to implement and maintain administrative, physical and technical safeguards. Presentations cover a variety of current topics including updates on HHS health information privacy and security initiatives, OCR’s enforcement of health information privacy and security activities, integrating security safeguards into health IT and security automation, insider threat trends and safeguards, and more.

The conference is designed to explore the current health information technology security landscape and the Health Insurance Portability and Accountability Act (HIPAA) Security Rule, the agencies share their practical strategies, tips and techniques for implementing the HIPAA Security Rule.

For details about reviewing the May 10-11 presentations, see the 2011 HIPAA Conference website here. For details about the May 16 teleconference, see here.

For Help With Monitoring Developments, Compliance, Investigations Or Other Needs

About Solutions Law Press

CMS Finalizes Allotments To States To Pay Medicaid Part B Premiums For Qualifying Individuals

March 19, 2011

Charts showing the final allotments made by the Centers for Medicare & Medicaid Services (CMS) to States of funds to use to pay the Medicare Part B premiums for Qualifying Individuals (QIs) for the Federal fiscal year (FY) 2010 and the preliminary QI allotments for FY 2011 appear in the March 19, 2011 Federal Register.

The funds allotted are funds authorized by Congress pursuant to Section 111 of the Medicare Improvements for Patients and Providers Act of 2008, (MIPPA), Section 2 of the QI Program Supplemental Funding Act of 2008 (the SFA), Section 5005 of the American Recovery and Reinvestment Act of 2009 (ARRA), the “Emergency Aid to American Survivors of the Haiti Earthquake Act” (Haiti Earthquake Act). The final QI allotments for payment of Medicare Part B premiums for FY 2010 are effective October 1, 2009. The preliminary QI allotments for FY 2011 are effective October 1, 2010.

Review the charts here.

For Help With Monitoring Developments or With Compliance, Investigations, Training Or Other Needs

If you need assistance monitoring federal health policy or enforcement developments, or to review or respond to these or other health care related risk management, compliance, enforcement or management concerns, the author of this update, attorney Cynthia Marcotte Stamer, may be able to help. Vice President of the North Texas Health Care Compliance Professionals Association, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has more than 23 years experience advising health industry clients about these and other matters. Ms. Stamer has extensive experience advising and assisting health care providers and other health industry clients to establish and administer medical privacy and other compliance and risk management policies, to health care industry investigation, enforcement and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns. A popular lecturer and widely published author on health industry concerns, Ms. Stamer continuously advises health industry clients about compliance and internal controls, workforce and medical staff performance, quality, governance, reimbursement, and other risk management and operational matters. Ms. Stamer also publishes and speaks extensively on health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns. She also regularly designs and presents risk management, compliance and other training for health care providers, payers, employers, professional associations and others. Her publications and insights appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, World At Work, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications. You can get more information about her health industry experience here. If you need assistance with these or other compliance concerns, wish to inquire about arranging for compliance audit or training, or need legal representation on other matters please contact Ms. Stamer at (469) 767-8872 or via e-mail here.

About Solutions Law Press

Leave a Comment » | Academic medicine, Affordable Care Act, Childrens Health Insurance Program, Health Care, Health Care Finance, Health Care Reform, Health Plans, Laws, Medicaid, Medicare, Medicare Fee Schedule, Patient Protection and Affordable Care Act, Public Policy | Tagged: Affordable Care Act, ARRA, CMS, Health Care Reform, Medicaid, Medicare, Medicare Part B, Premium Subsidies, Qualitying Individuals | Permalink
Posted by Cynthia Marcotte Stamer

Health Care Providers Brace For New HIPAA Enforcement As OCR Announces Hospital Resolution Agreement Requiring $1 Million Settlement Payment

February 25, 2011

Announcement Made 2 Days After OCR Announces $4.3 Million HIPAA Civil Penalty Against Cignet

General Hospital Corporation and Massachusetts General Physicians Organization Inc. (Mass General) has agreed to pay the U.S. government $1,000,000 to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy Rule. The incident giving rise to the agreement involved the loss of protected health information (PHI) of 192 patients of Mass General’s Infectious Disease Associates outpatient practice The U.S. Department of Health and Human Services (HHS) Office of Civil Rights (OCR) announced the Resolution Agreement two days after announcing that its first official assessment of a civil monetary penalty CMP under HIPAA – a $4.3 million against Cignet Health of Prince George’s County, Md., (Cignet). Read more details here

HIPAA Privacy Rule restricts the use, access and disclosure by covered entities of PHI and other individually identifiable health care information to those outlined within the Rules. Under HIPAA covered entities also are responsible for establishing and enforcing policies and procedures that safeguard PHI against improper use, access or disclosure by employees, business associates, and other third parties. Noncompliance with the Privacy and Security Rules exposes a covered entity to criminal prosecution and penalties, civil penalties or both. The Privacy Rule requires health plans, health care clearinghouses and most health care providers (covered entities) to safeguard the privacy of patient information, including such information during its disposal. Under amendments to HIPAA enacted under the HITECH Act, business associates now also are accountable and subject to direct liability for failing to comply with HIPAA’s requirements. Amendments to HIPAA under the HITECH Act, further expand the risks and responsibilities of health care providers and other covered entities.

Announced just two days before the Mass General Resolution Agreement, the Cignet CMP announced February 22, 2011 is the first CMP ever assessed by OCR under the HIPAA Privacy Rule. The assessment resulted after OCR found Cignet violated 41 patients’ HIPAA rights and committed other HIPAA violations. The $4.3 million CMP against Cignet applies the expanded HIPAA violation categories and increased HIPAA civil monetary penalty amounts authorized by HIPAA amendments made by Section 13410(d) of the Health Information Technology for Economic and Clinical Health (HITECH) Act. Read more details.

Even before the Mass General Resolution Agreement and Cignet CMP announcements, HIPAA Privacy exposures of covered entities for failing to comply with HIPAA already had risen significantly. While OCR had not assessed any civil monetary penalties against any covered entity for violation of HIPAA before Cignet, OCR’s collection of $1 Million from Rite Aid in a 2010 Resolution Agreement, $2.25 million from CVS Pharmacy, Inc. under a 2009 Resolution Agreement and $100,000 from Providence Health & Services under a 2008 Resolution Agreement demonstrated that covered entities could face significant civil liability for willful violations of the Privacy Rules. In addition to these civil enforcement actions by OCR, the Department of Justice has secured several criminal convictions or pleas under HIPAA’s criminal provisions. OCR data confirms that the covered entities involved in these actions included health care providers, health plans, and others. Coupled with the HITECH Act changes, these and other enforcement actions signal growing potential hazards for covered entities and their business associates that fail to properly manage their HIPAA compliance obligations and risks.

The Mass General and Cignet announcements and other enforcement actions demonstrate that OCR is moving forward on its announced plans to hold health plans, health care providers, health care clearinghouses (covered entities) and their business associates that violate HIPAA accountable. Added to other recent developments, the Mass General and Cignet enforcement actions demonstrate that OCR’s commitment to enforcing HIPAA and illustrate the significant exposures that covered entities and business associates risk by disregarding their HIPAA obligations.

As stated by OCR Director Georgina Verdugo when announcing the Mass General Resolution Agreement, stating, “We hope the health care industry will take a close look at this agreement and recognize that OCR is serious about HIPAA enforcement. It is a covered entity’s responsibility to protect its patients’ health information.”

“To avoid enforcement penalties, covered entities must ensure they are always in compliance with the HIPAA Privacy and Security Rules,” Verdugo added, “A robust compliance program includes employee training, vigilant implementation of policies and procedures, regular internal audits, and a prompt action plan to respond to incidents.”

Covered entities are urged to heed these warning by strengthening their HIPAA compliance and adopting other suitable safeguards to minimize HIPAA exposures. Health plans and other covered entities as well as their business associates should tighten privacy policies, breach and other monitoring, training and other practices to mitigate against exposures in light of recently tightened requirements and new enforcement risks. To minimize the potential that the health plan’s sharing of information with the employer will create or spread HIPAA or other privacy risks to the employer or members of its workforce, employers and other plan sponsors and members of their workforce also should take steps to ensure not only that their health plan documents, policies and procedures, as well as those policies and practices applicable to the employer, its human resources, and benefits advisors when accessing or handling health plan or other medical information on behalf of the employer, rather than the plan, are appropriately designed and administered.

Act To Manage HIPAA Exposures

In response to these expanding exposures, covered entities and their business associates should review the adequacy of their current HIPAA Privacy and Security compliance policies, monitoring, training, breach notification and other practices taking into consideration the Cignet, Rite Aid, Provident and CVS enforcement actions, emerging litigation and other enforcement data; their own and reports of other security and privacy breaches and near misses, and other developments to determine if additional steps are necessary or advisable. As part of these compliance and risk management efforts, most covered entities and their business associates will find it advisable to devote significant attention to the business associate relationship and its associated business associate agreements.

For Help With Investigations, Policy Review & Updates Or Other Needs

If you need assistance in auditing or assessing, updating or defending your HIPAA, or other health or other employee benefit, labor and employment, compensation, privacy and data security, or other internal controls and practices, please contact the author of this update, attorney Cynthia Marcotte Stamer at cstamer@solutionslawyer.net or at (469)767-8872.

The Chair of the American Bar Association (ABA) RPTE Employee Benefits & Other Compensation Committee, a Council Representative on the ABA Joint Committee on Employee Benefits, Government Affairs Committee Legislative Chair for the Dallas Human Resources Management Association, and past Chair of the ABA Health Law Section Managed Care & Insurance Interest Group, Ms. Stamer works, publishes and speaks extensively on HIPAA and other privacy and data security, health plan, health care and other human resources and workforce, employee benefits, compensation, internal controls and related matters.

For more than 23 years, Ms. Stamer has counseled, represented and trained employers and other employee benefit plan sponsors, plan administrators and fiduciaries, insurers and financial services providers, third party administrators, human resources and employee benefit information technology vendors and others privacy and data security, fiduciary responsibility, plan design and administration and other compliance, risk management and operations matters. She also is recognized for her publications, industry leadership, workshops and presentations on privacy and data security and other human resources, employee benefits and health care concerns. Her many highly regarded publications on privacy and data security concerns include “Privacy Invasions of Medical Care-An Emerging Perspective.” ERISA Litigation Manual. BNA, 2003-2009; “Privacy & Securities Standards-A Brief Nutshell.” BNA Tax Management and Compliance Journal. February 4, 2005; “Cybercrime and Identity Theft: Health Information Security beyond HIPAA.” ABA Health eSource. May, 2005 and many others. She also regularly conducts training on HIPAA and other privacy and data security compliance and other risk management matters for a broad range of organizations including the Association of State and Territorial Healthcare Organizations (ASTHO), the Los Angeles County Health Department, a multitude of health plans and their sponsors, health care providers, the American Bar Association, SHRM, the Society for Professional Benefits Administrators and many others. Her insights on these and other matters appear in the Bureau of National Affairs, Spencer Publications, the Wall Street Journal, the Dallas Business Journal, the Houston Business Journal, and many other national and local publications. For additional information about Ms. Stamer and her experience or to access other publications by Ms. Stamer see www.CynthiaStamer.com or contact Ms. Stamer directly.

About Solutions Law Press

Solutions Law Press™ provides business risk management, legal compliance, management effectiveness and other resources, training and education on human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also may be interested reviewing some of our other Solutions Law Press resources available at http://www.solutionslawpress.com including:

Leave a Comment » | Academic medicine, ASC, Childrens Health Insurance Program, Doctor, Electronic Medical Records, Employment, Federal Health Center, Federal Sentencing Guidelines, Genetic Information, GINA, Health Care, Health Care Provider, Health Plan, Health Plans, HIPAA, HITECH Act, Hospital, Hospital, Indian Health, Medicare Advantage, Mental Heatlh, OCR, Pharmacy, Physician, Privacy, Rural Health Care | Tagged: Civil Monetary Penalties, HIPAA, Mass General, OCR, PHI, Privacy | Permalink
Posted by Cynthia Marcotte Stamer

HHS Imposes 1st HIPAA Privacy Civil Penalty of $4.3 million

February 22, 2011

Health Care Providers Should Strengthen HIPAA Compliance & Defenses As Risks Rise

$4.3 million is the amount of the civil monetary penalty (CMP) that the U.S. Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) has ordered Cignet Health of Prince George’s County, Md., (Cignet) to pay for violating the Health Insurance Portability & Accountability Act (HIPAA) Privacy Rule.

The first CMP ever assessed by OCR under the HIPAA Privacy Rule, the Cignet CMP assessment is the latest in a series of developments documenting the rising risks that health care providers, health plans, health care clearinghouses and their business associates (“covered entities”) face for violations of HIPAA. Covered entities and their business associates should tighten privacy policies, breach and other monitoring, training and other practices to mitigate against exposures in light of recently tightened requirements and new enforcement risks. Read more details.

Even before the announcement of the Cignet CMP, the HIPAA Privacy exposures of covered entities for failing to comply with HIPAA already had risen significantly. As of January 1, 2011, OCR reports that 12,781 of the cases it has investigated have been resolved by requiring changes in privacy practices and other corrective actions by the covered entities and has referred more than 484 Privacy Rule breach investigations to the Department of Justice for consideration for potential criminal prosecution.

While OCR had not assessed any civil monetary penalties against any covered entity for violation of HIPAA before Cignet, OCR’s collection of $2.25 million from CVS Pharmacy, Inc. under a 2009 Resolution Agreement and $100,000 from Providence Health & Services under a 2008 Resolution Agreement demonstrated the willingness of OCR to pursue significant civil remedies against covered entities that it determined willfully violated the Privacy Rules.

For Help With Compliance, Investigations Or Other Needs

If you need assistance auditing or tightening your existing HIPAA and other confidentiality practices or addressing other health care related risk management, compliance, enforcement or management concerns, the author of this update, attorney Cynthia Marcotte Stamer, may be able to help. Vice President of the North Texas Health Care Compliance Professionals Association, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has more than 23 years experience advising health industry clients about these and other matters. Ms. Stamer has extensive experience advising and assisting health care providers and other health industry clients to establish and administer medical privacy and other compliance and risk management policies and to respond to OCR, FTC, medical board and other health care industry investigation, enforcement and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns. A popular lecturer and widely published author on health industry concerns, Ms. Stamer continuously advises health industry clients about compliance and internal controls, workforce and medical staff performance, quality, governance, reimbursement, and other risk management and operational matters. Ms. Stamer also publishes and speaks extensively on health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns including a number of programs and publications on Medicare quality and other compliance concerns. Her publications and insights on HIPAA and other related matters appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, World At Work, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications. You can get more information about her health industry experience here. If you need assistance with these or other compliance concerns, wish to inquire about arranging for compliance audit or training, or need legal representation on other matters please contact Ms. Stamer at (469) 767-8872 or via e-mail here.

About Solutions Law Press

Leave a Comment » | Academic medicine, ARRA, ASC, Centers For Disease Control, Disease Management, DME, Doctor, E-Prescribing, Electronic Health Records, Electronic Medical Records, Federal Health Center, Genetic Information, Health Care, Health Care Provider, Health Care Quality, Health IT, Health Plans, HIPAA, HITECH Act, Hospital, Hospital, Indian Health, Medicaid, Medical Licensure, Medicare, Medicare Advantage, Medicare Fee Schedule, Mental Heatlh, OCR, Peer Review, Pharmacy, Physician, Privacy, Reimbursement, Telemedicine | Tagged: covered entity, Health Care, HIPAA, Hospital, Medical Confidentiality, OCR, Physician, Privacy Rule, Security Rule | Permalink
Posted by Cynthia Marcotte Stamer

Health Care Employer’s NLRB Settlement Shows Care Necessary When Using Social Networking & Other Policies Restricting Employee Communications

February 7, 2011

Health care and other employers should exercise caution when drafting and applying policies regulating employee Facebook or other social networking site, e-mail, or other communications to avoid violating Federal labor laws protecting worker organization rights, as illustrated by a February 7, 2011 settlement agreement reached between a Connecticut ambulance service operator and the National Labor Relations Board (NLRB).

According to the NLRB, Connecticut ambulance service provider American Medical Response (AMR) and the NLRB have agreed to settle a complaint filed on October 27, 2010 that charged AMI with violating the National Labor Relations Act (NLRA) by firing an employee for making derogatory comments about her supervisor on Facebook.

In its complaint against AMR, the NLRB charged that AMR’s termination of an employee for making derogatory statements about her supervisor on Facebook violated the NLRA because the employee was engaged in protected activity under the NLRA when she posted the comments about her supervisor, and responded to further comments from her co-workers. The NLRB complaint also charged AMR maintained overly-broad rules in its employee handbook regarding blogging, Internet posting, and communications between employees, and that it had illegally denied union representation to the employee during an investigatory interview shortly before the employee posted the negative comments on her Facebook page.

Under the terms of AMI’s settlement with the NLRB[i] approved February 7, 2011, AMI agreed:

To revise its employee handbook rules to avoid improperly restricting employees from discussing their wages, hours and working conditions with co-workers and others while not at work in violation of the NLRA;
Not to discipline or discharge employees for engaging in such discussions; and
Not to deny employee requests for union representation or threaten employees for requesting union representation in the future.

Federal labor law requires that employers tread carefully when dealing with communications by employees concerning terms and conditions of employment and other union or other organizational activity. Existing federal law limits the actions that employers can take to deter or influence employee choices about whether to support or oppose a union certification campaign, to influence the certification of one union representative over another and to deter or penalize employees for communicating about terms and conditions of employment.

Under the NLRA, for instance, employees generally may discuss the terms and conditions of their employment with coworkers. The protections afforded by the NLRB to employee communications about terms and conditions of employment can apply to both unionized and non-unionized employees and workforces. Subject to certain reasonable restrictions on communications within the workplace allowed by the NLRA, the NLRA generally restricts the ability of an employer to prohibit employees from communicating about terms and conditions of employment.

Worker awareness of these protections has grown in many workplaces as a result of a new policy requiring employers that are government contractors to post notification of NLRA rights in the workplace implemented by the Obama Administration in May, 2010, aggressive union organization efforts in the health care and certain other industries and other developments. As a consequence, health industry and other employers need to exercise care to avoid violating the NLRA and other federal labor laws when designing, communicating and applying social networking, e-mail, internet, and other policies that regulate on or off-duty communications by employees.

To minimize liability risks under the NLRA, health industry and other employers should consult with qualified labor and employment counsel before discussing or taking other action in response to these activities to minimize risks of unintentionally running afoul of these requirements. Employers should exercise care even if the communication restraint adopted to comply with legally mandated restrictions on communications such as those required by the privacy and security mandates of laws such as the Health Insurance Portability & Accountability Act (HIPAA). While the NLRA generally permits restrictions on communications required to comply with law, health industry and other employers should be prepared to demonstrate the legitimacy of the legal need and their tailoring of restrictions on employee communications to meet that need.

For Advice or Other Information

If your organization needs advice or assistance in responding to labor and employment issues in your health care organization or other health care matters, consider contacting the author of this article, Cynthia Marcotte Stamer at (469) 767-8872 or via e-mail here.

Board Certified in Labor & Employment Law by the Texas Board of Legal Specialization, Ms. Stamer is nationally known for her more work, training and presentations, and publications on health industry and other staffing and employment, compensation, regulatory, and other operations, risk management and compliance matters.

Vice President of the North Texas Health Care Compliance Professionals Association, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has more than 23 years experience advising health industry clients about these and other matters. A popular lecturer and widely published author on health industry and human resources matters, Ms. Stamer also publishes and speaks extensively on health and managed care industry regulatory, staffing and human resources, compensation and benefits, and other operations and risk management concerns. Her insights on these and other related matters appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, World At Work, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications. For additional information about Ms. Stamer, her experience, involvements, programs or publications, see here.

About Solutions Law Press

Solutions Law Press™ provides business risk management, legal compliance, management effectiveness and other resources, training and education on health care, human resources, employee benefits, data security and privacy, insurance, and other key compliance, risk management, internal controls and other key operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press resources including:

Leave a Comment » | Academic medicine, ASC, Discrimination, DME, Doctor, Durable Medical Equipment, Employer, Employment, Federal Health Center, Health Care, Health Care Provider, Health IT, HIPAA, HITECH Act, Hospital, Hospital, Pharmacy, Physician, Physician Licensing | Tagged: Health Care, HIPAA, Labor, NLRA, unfair labor practice, Union, wrongful discharge | Permalink
Posted by Cynthia Marcotte Stamer

OIG Launch of Health Care Fraud “Most Wanted” List Sign of Enforcement Risks

February 4, 2011

Health care providers got another reminder of the importance of guarding against getting caught in the federal government’s health care fraud net this week. The Office of Inspector General (OIG) of the Department of Health & Human Services on February 3, 2011 expanded outreach to the public for help hunting down individuals wanted for health care fraud by launching its Most Wanted Fugitives List, OIG’s first-ever list of individuals sought by authorities on charges of health care fraud and abuse—to focus public attention on its most-wanted fugitives on February 3, 2011.

The Most Wanted Fugitives List here on the OIG Web site includes photos and profiles of each featured fugitive, an online fugitive tip form and the OIG hotline number to report fugitive-related information in either English or Spanish and details about changes to a fugitive’s status. According to OIG, the 10 individuals on this initial Most Wanted Health Care Fugitives List have allegedly cost taxpayers more than $124 million in fraud. In all, OIG says it is seeking more than 170 fugitives on charges related to health care fraud and abuse.

Yet another signal of the heightened health care fraud enforcement emphasis and arsenal of OIG and the Department of Justice (DOJ), the Most Wanted Fugitives List is another reminder to health care providers of the advisability of tightening compliance practices and taking other steps to guard against ever expanding health care fraud exposures. Already a lead federal enforcement priority for more than a decade, HHS recently established the Center for Program Integrity within the Centers for Medicare & Medicaid Services (CMS) to focus on identifying and stopping fraud and acting swiftly to protect beneficiaries. CMS and OIG also have been working to interpret, implement and use expanded investigation, enforcement and penalties powers created under the Patient Protection & Affordable Care Act (Affordable Care Act). See here.

Health care providers covered by federal false claims, referral, kickback and other health care fraud laws should consider auditing the adequacy of existing practices, tightening training, oversight and controls on billing and other regulated conduct, reaffirming their commitment to compliance to workforce members and constituents and taking other appropriate steps to help prevent, detect and timely redress health care fraud exposures within their organization and to position their organization to respond and defend against potential investigations or charges.

For More Information Or Assistance

If you need assistance reviewing or responding to these or other health care related risk management, compliance, enforcement or management concerns, the author of this update, attorney Cynthia Marcotte Stamer, may be able to help. Vice President of the North Texas Health Care Compliance Professionals Association, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has more than 23 years experience advising health industry clients about these and other matters. Ms. Stamer has extensive experience advising and assisting health care providers and other health industry clients to establish and administer compliance and risk management policies and to respond to DEA and other health care industry investigation, enforcement and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns. A popular lecturer and widely published author on health industry concerns, Ms. Stamer continuously advises health industry clients about compliance and internal controls, workforce and medical staff performance, quality, governance, reimbursement, and other risk management and operational matters. Ms. Stamer also publishes and speaks extensively on health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns including a number of programs and publications on OCR Civil Rights rules and enforcement actions. Her insights on these and other related matters appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, World At Work, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications. You can get more information about her health industry experience here. If you need assistance with these or other compliance concerns, wish to inquire about arranging for compliance audit or training, or need legal representation on other matters please contact Ms. Stamer at (469) 767-8872 or via e-mail here.

For Help With Compliance, Investigations Or Other Needs

If you need assistance reviewing or responding to these or other health care related risk management, compliance, enforcement or management concerns, the author of this update, attorney Cynthia Marcotte Stamer, may be able to help. Vice President of the North Texas Health Care Compliance Professionals Association, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has more than 23 years experience advising health industry clients about these and other matters. Ms. Stamer has extensive experience advising and assisting health care providers and other health industry clients to establish and administer compliance and risk management policies and to respond to DEA and other health care industry investigation, enforcement and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns. A popular lecturer and widely published author on health industry concerns, Ms. Stamer continuously advises, trains and defends health industry clients about compliance and internal controls, workforce and medical staff performance, quality, governance, reimbursement, and other risk management and operational matters. Ms. Stamer also publishes and speaks extensively on health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns including her highly popular programs on “Sex Drugs & Rock ‘N Role: Managing Personal Misconduct in Health Care,” “Managing Physician Performance” and others. Her insights on these and other related matters appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, World At Work, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications. You can get more information about her health industry experience here. If you need assistance with these or other compliance concerns, wish to inquire about arranging for compliance audit or training, or need legal representation on other matters please contact Ms. Stamer at (469) 767-8872 or via e-mail here.

About Solutions Law Press

Leave a Comment » | Academic medicine, Anti-KickBack, ASC, Centers For Disease Control, false claims act, FDA, Federal Health Center, Federal Sentencing Guidelines, Health Care, Health Care Finance, Health Care Fraud, Health Care Provider, Medicare, Medicare Advantage, Medicare Fee Schedule, Money Laundering, OCR, OIG, Physician | Tagged: clinic, Doctor, Health Care Fraud, Hospital, Medicaid, Medicare, most wanted, OIG, Physician | Permalink
Posted by Cynthia Marcotte Stamer

Supreme Court Ruling Medical Resident Stipend Are Wages Highlights Advisability of Compliance Review

January 12, 2011

Stipends paid to medical residents to provide on patient care and other medical services for 40 or more hours per week as part of an accredited graduate medical education program are wages paid to employees for Federal Insurance Contributions Act (FICA) payroll taxes purposes and do not qualify as exempt from FICA tax or withholding as student stipends according to January 11, 201 U.S. Supreme Court ruling in Mayo Foundation v. U.S. Joining a growing series of rulings enforcing changing treatment of doctors and other healthcare workers, the decision is the latest reminder to health care providers and others of the need to critically review and update as necessary their organizations existing worker and wage characterization in light of evolving interpretations and the growing success of regulators and private plaintiffs in challenging these classifications.

In Mayo Foundation, the U.S. Supreme Court denied the plea of Mayo Foundation For Medical Education And Research (Mayo) that it overrule an Internal Revenue Service (IRS) Regulation that provides that medical students or others providing full-time services as part of their course of instruction do not qualify as “students” for purposes of the “student” exemption of Code § 3121(b)(10) regardless of whether “the services performed . . . may have an educational, instructional, or training aspect.” See Treas. Reg. §31.3121(b)(10)–2(d)(3)(iii). Mayo Foundation, the Supreme Court ruled against Mayo Foundation. It ruled the IRS’ regulation construing Code § 3121(b)(1) as inapplicable to medical students or other workers providing full-time services as part of a residency or other educational program should stand as Congress has not directly spoken to foreclose that interpretation and because the Treasury Department’s rule is a reasonable construction of what Congress has said.

Beyond its specific holding, the Mayo Foundation decision also serves as another reminder that health industry and other employers should not take the defensibility of their worker classification and associated income and payroll tax, employee benefit, employment and other practices for granted.

Recent developments send a clear message that health industry and other employers must remain constantly diligent about confirming and documenting the defensibility of their worker classifications and other associated practices in light of evolving rules and standards, enforcement, the growing frequency and success of regulators and private plaintiff challenges, and changing workforce practices of workers generally, and health care employers specifically. See e.g. Review of Worker Classification Needed As Classification Scrutiny Rises;Minimum Wage, Overtime Risks Highlighted By Labor Department Strike Force Targeting Residential Care & Group Homes; Review & Strengthen Defensibility of Existing Worker Classification Practices In Light of Rising Congressional & Regulatory Scrutiny; 250 New Investigators, Renewed DOL Enforcement Emphasis Signal Rising Wage & Hour Risks For Employers; Quest Diagnostics, Inc. To Pay $688,000 In Overtime Backpay.

The IRS, Department of Labor and other federal and state regulators are stepping up scrutiny of and enforcement of worker classifications and claims of exemption from applicable employment, tax and other requirements. In light of these and other developments, health industry and other employers should take reasonable steps to guard against these and other growing risks of worker misclassification and associated non-compliance. Health industry practices have been specifically targeted as part of many of these regulatory initiatives.

To minimize their potential exposure, health industry and other employers should consult with qualified legal counsel for advice within the scope of attorney-client privilege concerning the need to audit or otherwise act to strengthen the defensibility of their existing worker classification, employee benefit, fringe benefit, employment, wage and hour, and other workforce policies to mitigate exposures to potential IRS, Labor Department or other risks of worker misclassification or the handling of associated payroll, employment or other responsibilities.

For Help With Investigations, Policy Updates Or Other Needs

If you need assistance in conducting a risk assessment of or responding to IRS, Labor Department or other legal challenges to your health care organization’s existing workforce classification or other health care related risk management or compliance concerns, please contact the author of this update, attorney Cynthia Marcotte Stamer.

Vice President of the North Texas Health Care Compliance Professionals Association, Past Chair of the ABA Health Law Section Managed Care & Insurance Section, the former Board Compliance Chair of the National Kidney Foundation of North Texas, and Board Certified In Labor & Employment Law, Ms. Stamer has more than 23 years experience advising health industry clients about these and other matters. Ms. Stamer has extensive experience advising and assisting health care providers and other health industry clients to establish and administer compliance and risk management policies and to respond to health care industry investigation, enforcement and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns. A popular lecturer and widely published author on health industry concerns, Ms. Stamer continuously advises health industry clients about compliance and internal controls, workforce and medical staff performance, quality, governance, reimbursement, and other risk management and operational matters. Ms. Stamer also publishes and speaks extensively on health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns. Her insights on these and other related matters appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, World At Work, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications. You can get more information about her health industry experience here. If you need assistance with these or other compliance concerns, wish to inquire about arranging for compliance audit or training, or need legal representation on other matters please contact Ms. Stamer at (469) 767-8872 or via e-mail here.

About Solutions Law Press

Leave a Comment » | Academic medicine, Corporate Compliance, Doctor, Employment, Health Care, Hospital, Hospital, Laws, Physician, Tax | Tagged: academic medicine, Doctor, fica, graduate medical education, Hospital, income taxes, payroll tax, residency programs, stipend, student, Worker Classification | Permalink
Posted by Cynthia Marcotte Stamer

Director of Texas Office of e-Health Coodination To Discuss Texas HIE Strategy in 3/14 HHS Sponsored Teleconference

$1.5 Million HIPAA Settlement Reached To Resolve 1st OCR Enforcement Action Prompted By HITECH Act Breach Report

ONC Releases Proposed Rules For Meaningful Use Stage 2

Broad-Reaching Prosecution Of Individuals Participating In Operations Of Companies Convicted Of Fraud Shows Risks Of Participation

North Texas Medical Supply Company Owner Indicted For Health Care Fraud Now Also Charged With Immigration Fraud

DOL Proposes Tighter Overtime, Minimum Wage Rules For Home Care Workers, Continues Scrutiny Of Health Care Employers

Joint Commission Equal Visitation Rules & Guidance Supplement New Medicare Equal Visitation Requirements

OCR Audit Program Kickoff Further Heats HIPAA Privacy Risks

UCLA Health Systems Payment of $865,500 To Settle HIPAA Charges Shows Rising HIPAA Risk

Indictment of 91 Shows Growing Health Care Fraud Enforcement Risk

5/18 Deadline to Register For 5/19 CMS Provider Call on Medicare and Medicaid EHR Meaningful Use Incentive Programs

OCR/NIST Share Training Online, OCR’s McAndrew To Speak On May 16 Teleconference

CMS Finalizes Allotments To States To Pay Medicaid Part B Premiums For Qualifying Individuals

Health Care Providers Brace For New HIPAA Enforcement As OCR Announces Hospital Resolution Agreement Requiring $1 Million Settlement Payment

HHS Imposes 1st HIPAA Privacy Civil Penalty of $4.3 million

Health Care Providers Should Strengthen HIPAA Compliance & Defenses As Risks Rise

Health Care Employer’s NLRB Settlement Shows Care Necessary When Using Social Networking & Other Policies Restricting Employee Communications

OIG Launch of Health Care Fraud “Most Wanted” List Sign of Enforcement Risks

Supreme Court Ruling Medical Resident Stipend Are Wages Highlights Advisability of Compliance Review

Recent Posts

Archives

About Cynthia Marcotte Stamer

Share this blog

Archives

Solutions Law Press Health Care Update

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Health Care Providers Should Strengthen HIPAA Compliance & Defenses As Risks Rise

Share this:

Share this:

Share this:

Recent Posts

Archives

About Cynthia Marcotte Stamer

Share this blog

Archives

Solutions Law Press Health Care Update