Health Care Fraud |

Sibley Hospital & Johns Hopkins Health System Pay $5 Million To Settle Stark Violations

April 19, 2023

Sibley Hospital (“Sibley”) and its parent company, Johns Hopkins Health System (“Johns Hopkins”) will pay the United States $5 million to resolve Physician Self-Referral Law, (commonly known as the “Stark Law”) allegations arising from claims that Sibley submitted to the Medicare Program, the Justice Department announced today.

The Stark Law prohibits a hospital from billing Medicare for certain services referred by physicians with whom the hospital has a financial relationship, unless that relationship satisfies one of the law’s statutory or regulatory exceptions. It is intended to ensure that medical decision-making is not influenced by improper financial incentives and instead is based on the best interests of the patient.

The new settlement resolves allegations that, from 2008 through 2011, Sibley violated the Stark Law by billing Medicare for services referred by ten cardiologists to whom Sibley was paying compensation that exceeded the fair market value of the services provided. These allegations arose out of conduct that Sibley and Johns Hopkins self-disclosed to the United States.

“Improper financial arrangements between hospitals and physicians can influence the type and amount of health care that is provided,” said Principal Deputy Assistant Attorney General Brian M. Boynton, head of the Justice Department’s Civil Division. “The department is committed to holding accountable those who violate prohibitions designed to protect the integrity of physician decision-making.”

The high dollar settlement reminds other health care providers to ensure their own relationships with other health care providers comply with Stark, anti-kickback and other federal and state health care fraud laws.

More Information

We hope this update is helpful. For more information about these or other health or other legal, management or public policy developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.

Solutions Law Press, Inc. invites you to receive future updates by registering on our Solutions Law Press, Inc. Website and participating and contributing to the discussions in our Solutions Law Press, Inc. LinkedIn SLP Health Care Risk Management & Operations Group, HR & Benefits Update Compliance Group, and/or Coalition for Responsible Health Care Policy.

About the Author

A Fellow in the American College of Employee Benefit Counsel, Chair of the American Bar Association (“ABA”) International Section Life Sciences and Health Committee, Chair-Elect of the ABA TIPS Section Medicine & Law Committee, Past Chair of the ABA Managed Care & Insurance Interest Group, Scribe for the ABA JCEB Annual Agency Meeting with HHS-OCR, past chair of the ABA RPTE Employee Benefits & Other Compensation Group and current co-Chair of its Welfare Benefit Committee, Ms. Stamer is most widely recognized for her decades of pragmatic, leading-edge work, scholarship and thought leadership on health and managed care and employer benefits legal, public policy and operational concerns in the healthcare, employer benefits, and insurance and financial services industries. She speaks and publishes extensively on HIPAA and other related compliance issues.

Ms. Stamer’s work throughout her career has focused heavily on working with health care and managed care, health and other employee benefit plan, insurance and financial services and other public and private organizations and their technology, data, and other service providers and advisors domestically and internationally with legal and operational compliance and risk management, performance and workforce management, regulatory and public policy and other legal and operational concerns.

For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested in reviewing some of our other Solutions Law Press, Inc.™ resources available here such as:

IMPORTANT NOTICE ABOUT THIS COMMUNICATION

NOTICE: These statements and materials are for general informational and educational purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstances at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author and Solutions Law Press, Inc.™ reserve the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules make it highly likely that subsequent developments could impact the currency and completeness of this discussion. The author and Solutions Law Press, Inc.™ disclaim, and have no responsibility to provide any update or otherwise notify anyone of any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication. Readers acknowledge and agree to the conditions of this Notice as a condition of their access to this publication.

Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.

Leave a Comment » | Academic medicine, Anti-KickBack, ASC, billing, Child Care, Childcare, Childrens Health Insurance Program, Conditions of Participation, Corporate Compliance, DME, Doctor, E-Prescribing, false claims act, Grants, Health Care, Health Care Finance, Health Care Fraud, Health Care Provider, home health, Hospital, Laws, Life Sciences, Medicaid, Medicare, Medicare Advantage, OIG, pharmaceutical, Prescription Drugs | Permalink
Posted by Cynthia Marcotte Stamer

4/21 Deadline For Comments On Proposed HIPAA Administrative Simplification Adoption of Standards for Health Care Attachments Transactions and Electronic Signatures, and Modification To Referral Certification and Authorization Transaction Standard

April 19, 2023

April 21 is the deadline to comment on the Centers for Medicare & Medicaid Services (CMS) National Standards Group (NSG) proposed rule that, if finalized, would adopt standards for “health care attachments” transactions, a standard for electronic signatures to be used in conjunction with health care attachments transactions, and a modification to the standard for the referral certification and authorization transaction (X12 278) published last December.

The April 21, 2023 deadline reflects a 30-day extension from the original deadline date of March 21, 2023. Comments must be received no later than 5 p.m. on April 21.

More Information

About the Author

For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

About Solutions Law Press, Inc.™

IMPORTANT NOTICE ABOUT THIS COMMUNICATION

FY 2022 Medicaid Fraud Conviction Increase, Other Data Shows Continued Robustness of Federal Medicaid Enforcement

March 10, 2023

Department of Health & Human Services Office of Inspector General (“OIG”) data showing a rise in Medicaid criminal convictions arising from fraud and patient abuse or neglect investigations and prosecutions during the 2022 fiscal year (“FY”) confirms the continued robustness of its Medicaid Fraud Control Units (MFCUs).

According to the just-released Medicaid Fraud Control Units Fiscal Year 2022 Annual Report convictions both for fraud and for patient abuse or neglect increased since FY 2020. In FY 2022, MFCUs achieved:

1,327 criminal convictions, an increase over the previous 2 years, but resulted in criminal recoveries of only $416 million; and
553 civil settlements and judgments resulting in civil recoveries of $641 million.

A Statistical Chart included in the Report provides a breakdown by state of the civil and criminal convictions and recoveries by nature of the offense.

While the Report reveals that civil and criminal recoveries from Medicaid criminal and civil enforcement dropped in FY 2022, the increase in convictions and other data sends a clear warning to health care providers and others that Medicaid fraud investigation and enforcement remains a key priority of the OIG and federal prosecutors.

Criminal Convictions

Total convictions resulting from MFCU cases continued to increase from the FY 2020 level but remained lower than in FY 2019. In FY 2022, MFCU cases resulted in 946 convictions for fraud and 381 convictions for patient abuse or neglect.
Exhibit 2 shows the total number of convictions during FYs 2018 through 2022. Although the proportion of patient abuse or neglect convictions to fraud convictions was similar to that in previous years, the total number of patient abuse or neglect
convictions also continued to increase from the FY 2020 level.

As in previous years, significantly more convictions for fraud involved Personal Care Services (PCS) attendants than any other provider type with fraud convictions of PCS attendants, accounting for 44 percent of the fraud convictions.

MFCU convictions related to the fraudulent billing of Medicaid, fraudulent activities of Medicaid providers involving drugs diverted from legal and medically necessary uses, regardless of whether Medicaid itself was billed and other “drug diversion” cases continued to increase from the FY 2020 level. Associated criminal recoveries from drug diversion cases totaled $18 million in FY 2022. Two States, Pennsylvania and Kentucky, accounted for 79 percent of the total convictions.

In FY 2022, convictions of nurse’s aides and of nurses or physician assistants accounted for 39 percent of the total 381 convictions for patient abuse or neglect.

Criminal and Civil Recoveries

While convictions rose, criminal recoveries decreased from $857 million in FY 2021 to $416 million in FY 2022. The Report attributes the drop in atypically large criminal recovery amounts realized in FY 2021 that resulted primarily from cases prosecuted by MFCUs in Virginia and Texas that produced a combined $714 million in criminal recoveries, 83 percent of the total reported criminal recoveries in FY 2021.

The Report points out that a single Texas criminal prosecution also significantly contributed to the total criminal recoveries in FY 2022. According to the Report, $82 million of the FY 2022 criminal recoveries resulted from the prosecution and conviction of the former head of Novus and Optimum Health Services, Bradley J. Harris and other defendants by the U.S. Attorney’s Office for the Northern District of Texas for defrauding the Medicare and Medicaid programs by among other actions:

Billing Medicare and Medicaid for hospice services that were (1) not provided, (2) not directed by a medical professional, and (3) provided to patients not eligible for hospice care; and
Using blank, pre-signed controlled substance prescriptions to distribute drugs without
physician input.

Recoveries from civil settlements and judgments also decreased in FY 2022, as did the total number of civil settlements and judgments associated with pharmaceutical manufacturers. In FY 2022, $395 million (62 percent) of the $641 million in civil recoveries derived from nonglobal cases. The remaining $246 million derived from global cases.

Appendixes to the report include a list of “beneficial” practices implemented by the MFCUs to prevent and discover these and other Medicaid abuses in various regions. Reviewing the granular statistics and these findings set forth in the Report provide valuable insights for health care providers, their leaders and advisors about these and other enforcement priorities and practices.

More Information

About the Author

For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

About Solutions Law Press, Inc.™

IMPORTANT NOTICE ABOUT THIS COMMUNICATION

Leave a Comment » | Anti-KickBack, ASC, Health Care, Health Care, Health Care Finance, Health Care Fraud, Health Care Provider, home health, Hospital, Medicaid, Medical Licensure, OIG | Permalink
Posted by Cynthia Marcotte Stamer

Chiropractor, Modern Vascular Office-Based Labs and Modern Vascular Corporate Entities Face False Claims Act Prosecution

December 19, 2022

Three consolidated False Claims Act (“FCA”) lawsuits against chiropractor Yury Gampel (“Gampel”), 15 Modern Vascular office-based labs owned primarily by Gampel located across the United States, and five Modern Vascular-affiliated companies owned by Gampel alert other chiropractic, physician and other medical providers using office-based labs send a clear warning to other health care providers and suppliers for services covered or billed to Medicare, Medicaid, TRICARE or other federal health care programs about the necessity to ensure their arrangements don’t involve illegal financial relationships or transactions.

False Claims Act Liability Arising From Participation In Or Filing Claims Involving Improper Inducements

The Justice Department suit against the defendants alleges the defendants both arose from the defendants participation in arrangements involving the offering and payment of illegal remuneration in violation of the federal Anti-Kickback Statute (“AKS”) and that the claims for benefits made to Medicare and other federal programs for care provided involving the arrangement violated the FCA.

The AKS generally prohibits any person or entity from soliciting, receiving, offering, or paying any direct or indirect prohibited remuneration as an inducement or reward for referring, recommending, ordering, or arranging for the purchase of any item or service for which payment may be made in whole or in part by a federal health care program. Parties violating the AKS commit a felony punishable with a fine of up to $100,000, imprisonment for up to 10 years or both.

In addition to any criminal liability arising under the AKS, filing claims derived or involving transactions prohibited by the AKS also can trigger liability for violation of the FCA. The FCA makes it unlawful for any person to submit, directly or indirectly, false or fraudulent claims for payment to the Government by among other things:

Knowingly presenting, or causing to be presented, a false or fraudulent claim for payment or approval in violation of 31 U.S.C. § 3729(a)(1)(A) (the “presentment provision”); or
Knowingly making, using, or causing to be made or used, a false record or statement material to a false or fraudulent claim in violation of 31 U.S.C. § 3729(a)(1)(B).

The FCA defines the term “knowingly” under the FCA very broadly. As defined, “knowingly” means that a person, with respect to information, (i) has actual knowledge of the information, (ii) acts in deliberate ignorance of the truth or falsity of the information, or (iii) acts in reckless disregard of the truth or falsity of the information. 31 U.S.C. § 3729(b). No proof of specific intent to defraud is required to show that a person acted knowingly under the FCA.

Violations of the FCA subject the defendant to mandatory civil penalties per FCA violation, plus three times the amount of damages that the Government sustains as a result of the defendant’s actions. 31 U.S.C. § 3729(a). Under 42 U.S.C. § 1320a-7(b)(7), health care providers submitting claims to Medicare or other federal health care programs also can face exclusion from participation in federal health care programs for FCA violations.

Health care providers filing claims for Medicare or other federal health plans can violate the FCA by knowingly presenting or causing to be presented claims for items or services that the person knew or should have known were not medically necessary, or were false or fraudulent. 42 U.S.C. §§ 1320a-7a(a)(1).

Moreover, health care providers under the Medicare statute have an affirmative duty to familiarize themselves with the statutes, regulations, and guidelines regarding coverage for the Medicare services. As a condition of program participation, Medicare regulations require providers and suppliers to certify that:

The provider or supplier meets, and will continue to meet, the requirements of the Medicare statute and regulations, 42 C.F.R. § 424.516(a)(1), including that any claims and underlying transactions made in a claim for Medicare comply with the Federal anti-kickback statute and the Stark law), and on the supplier’s compliance with all otherwise applicable conditions of participation in Medicare; and
The provider or supplier will not knowingly to present or cause to be presented a false or fraudulent claim for payment by Medicare, or to submit claims with deliberate ignorance or reckless disregard of their truth or falsity.

Additional certifications of continued compliance with these requirements also are required when claims are filed. Accordingly, since health care providers and suppliers are responsible for taking appropriate steps to familiarize themselves with the rules and regulations applicable to their claim and the transactions underlying it and certify in connection with the filing of the claim that the claim and its underlying transactions comply with the law, health care providers filing claims involving prohibited financial incentives or other transactions prohibited by law risk FCA liability.

Gampel, Modern Vascular FCA Complaint

Derived from the Justice Department’s assumption and consolidation of various qui tam lawsuits separately brought by various physicians, the United States filed its complaint in three consolidated lawsuits pending in the United States District Court for the District of Arizona under the qui tam, or whistleblower, provisions of the False Claims Act, 31 U.S.C. §§ 3729-3733 (“FCA”) which allow a private citizen to sue on behalf of the government and share in any recovery. The United States is also entitled to intervene in the lawsuits, as it did in these cases.

The resulting consolidated three consolidated Justice Department lawsuits seek to recover treble damages and civil penalties, and under common law and equitable theories of recovery from defendants for their billing of Medicare, TRICARE and other federal health care programs for claims resulting from transactions involving prohibited remuneration offered and provided in violation of the AKS under Gampel’s alleged schemes Nobility Management LLC; Modern Vascular LLC; Modern Vascular of South Florida LLC; Modern Vascular Management LLC; Modern Vascular Management – East LLC; Modern Vascular Management – West LLC; Modern Vascular Institute LLC; Modern Vascular of Mesa LLC; Modern Vascular of Glendale LLC; Modern Vascular of Sun City LLC; Modern Vascular of Tucson LLC; San Antonio Vascular Specialists Corp. dba Modern Vascular; Fort Worth Vascular Specialists Corp. dba Modern Vascular; Modern Vascular of Denver LLC; Modern Vascular – Navajo LLC; Modern Vascular of Fairfax LLC; Modern Vascular of Houston LLC; Modern Vascular of Indianapolis LLC; Modern Vascular of Southaven LLC; Modern Vascular of St. Louis LLC; and Modern Vascular of Kansas LLC.

The Justice Department complaint alleges Defendant Yury Gampel, a chiropractor, is the founder and former Chief Executive Officer (“CEO”) of a franchise of office-based labs (“OBL”) located in Arizona, New Mexico, Colorado, Texas, Indiana, Kansas, Mississippi, Missouri, Tennessee, and Virginia operating under the name Modern Vascular (collectively, the “Modern Vascular OBLs”). The Modern Vascular OBLs – each its own separate legal entity – focus on the treatment of peripheral arterial disease (“PAD”), particularly through an aggressive use of vascular intervention procedures, such as angioplasty and atherectomy. The complaint claims Gampel and the Modern Vascular defendants designed and promoted the franchises that incorporated a package of management and other services provided by various Modern Vascular defendant companies.

Defendant Nobility Management, LLC, provides management services to the Modern Vascular OBLs. Defendants Modern Vascular Management, LLC; Modern Vascular Management – East, LLC; and Modern Vascular Management – West, LLC, offer
IT and management support to Modern Vascular OBLs. Defendants Modern Vascular, LLC, and Modern Vascular of South Florida, LLC, are corporations controlled by Gampel that have various ownership interests in Modern Vascular OBLs. Through Modern Vascular, LLC, and Modern Vascular of South Florida, LLC, and in his own capacity, Gampel is the majority owner of the Modern Vascular OBLs. (These entities that own and manage the Modern Vascular OBLs are referred to collectively below as “Modern Vascular Corporate.”)

The complaint alleges that Gampel and Modern Vascular Corporate designed and implemented a fraud scheme at Modern Vascular OBLs at the expense of patients and federal payors from at least January 1, 2018 through June 30, 2022. Among other things, the complaint charges Gampel and the Modern Vascular defendants offered physicians the opportunity to invest in Modern Vascular office-based labs to induce them to refer their Medicare and TRICARE patients to Modern Vascular for the treatment of peripheral arterial disease. More specifically, Gampel and Modern Vascular Corporate opened Modern Vascular OBLs in new markets where referring physicians and vascular surgeons had established relationships. Prior to opening an OBL in a particular location, Gampel sought out up to 20 local physicians – usually podiatrists and pain management physicians – who traditionally referred to vascular surgeons and offered each up to a two percent ownership interest in the OBL in order to induce the physicians to refer to the OBL. Gampel and Modern Vascular Corporate selected these particular physicians (hereinafter “physician investors”) to offer ownership investment because Gampel and Modern Vascular Corporate identified them as potential high-referral sources. Once they invested in an OBL, Gampel and Modern Vascular Corporate further required the physician-investors to make referrals to Modern Vascular OBLs as a condition for remaining as a physician-investor. The complaint also alleges that Gampel pressured vascular surgeons and interventional radiologists employed at the Modern Vascular office-based labs to increase the number of invasive surgical procedures performed by tracking procedures and setting aggressive weekly and monthly goals for such procedures. In particular, Gampel and Modern Vascular Corporate provided remuneration to physician investors in Modern Vascular OBLs to induce those investors to refer patients to the Modern Vascular OBL.

The Justice Department charges that using this scheme, Defendants between January 1, 2018 and June 30, 2022 submitted, and caused to be submitted, tens of millions of dollars in false or fraudulent claims to Medicare, TRICARE and other federal health care programs by offering and providing illegal remuneration to health care providers to induce referrals to the Modern Vascular OBLs in violation of the Anti-Kickback Statute (“AKS”), 42 U.S.C. § 1320a-7b. To induce referrals, Gampel and Modern Vascular Corporate provided remuneration to physician-investors in the form of equity ownership interests in an OBL, which also included distributions, the prospect of future distributions, and/or the prospect of a cash-out of the equity ownership amounts when
the Modern Vascular OBLs were sold. During the relevant time period, the Justice Department also claims Modern Vascular
OBLs received over $50 million from Medicare Part B alone for claims submitted for patients referred by physician-investors in violation of the FCA.

Warning To Other Heath Care Providers & Suppliers

In announcing its filing of the Gambrel FCA lawsuit, the Justice Department warned other federal health program providers and suppliers and their business partners, investors, employees and agents from violating the AKS, FCA or both in the provision of or billing of health care services or supplies. “As part of our mission to protect the American people, the FBI remains committed to safeguarding patients who rely on our healthcare systems,” said Deputy Assistant Director Aaron Tapp of the FBI’s Criminal Investigative Division. “The FBI and our law enforcement partners will continue to investigate those who abuse our healthcare systems, place patients at risk, and waste taxpayer dollars.”

This warning, along with the ever-lengthening list of federal criminal and civil prosecutions, convictions and settlements by the Justice Department, the Department of Health & Human Services Office of Inspector General and other agencies provide a strong warning to health care providers, suppliers and others involved in creating or administering transactions and other arrangements for the delivery and billing for health are to be billed to Medicare, Medicaid, TRICARE and other health care arrangements covered by the AKS, the FCA or other federal or state health care fraud laws to take well documented care to ensure the care delivery arrangement does not involve transactions prohibited under the AKS or other federal or state health care fraud transactions and the care billed qualifies for reimbursement before submitting the claim. Parties who know or suspect that they may have participated in an arrangement prohibited under these laws or submitted prohibited claims should contact experienced legal counsel within the scope of attorney-client privilege for assistance in reviewing those concerns and exploring options for correction or mitigation.

For More Information

If your organization would like to learn more about the concerns discussed in this update or seeks assistance auditing, updating, administering or defending its human resources, compensation, benefits, corporate ethics and compliance practices, or other performance related concerns, contact management attorney and consultant Cynthia Marcotte Stamer.

An attorney Board Certified in Labor & Employment Law by Texas Board of Legal Specialization, Ms. Stamer is recognized for work helping organizations management people, operations and risk as a Fellow in the American College of Employee Benefit Counsel, a “Top Woman Lawyer,” “Top Rated Lawyer,” and “LEGAL LEADER™” in Labor and Employment Law and Health Care Law; a “Best Lawyers” in “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law.”

For 35 years, Ms. Stamer’s work has focused on advising and assisting businesses and business leaders with these and other employment and other staffing, employee benefit, compensation, risk, performance and compliance management and other operational solutions and concerns. Her experience includes helping management both manage performance and manage legal risk and compliance. While helping businesses define and manage the conduct and performance of their employees, contractors and vendors, she also assists employers and others about compliance with federal and state equal employment opportunity, compensation, health and other employee benefit, workplace safety, leave, and other labor and employment laws, advises and defends businesses against labor and employment, employee benefit, compensation, fraud and other regulatory compliance and other related audits, investigations and litigation, charges, audits, claims and investigations by the IRS, Department of Labor, Department of Justice, SEC, Federal Trade Commission, HUD, HHS, DOD, Departments of Insurance, and other federal and state regulators. Ms. Stamer also speaks, coaches management and publishes extensively on these and other related matters. For additional information about Ms. Stamer and her experience or to access other publications by Ms. Stamer see hereor contact Ms. Stamer directly.

Other Helpful Resources & Information

If you found this article of interest, you also may be interested in reviewing other Breaking News, articles and other resources available including:

If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information – including your preferred e-mail – by creating or updating your profile here. For important information concerning this communication click here. If you do not wish to receive these updates in the future, unsubscribe by updating your profile here.

NOTICE: Terms. These materials are for general informational and educational purposes only. They do not establish an attorney-client relationship, are not legal advice, a substitute for legal advice, an offer or commitment to provide legal advice or an admission. The information and statements in these materials may not address all relevant issues or apply to any situation or circumstances. The author reserves the right to qualify or retract any of these statements at any time. and does not necessarily address all relevant issues. Because the law evolves and in ways that subsequent developments could impact the currency and completeness of this discussion. The author disclaims and has no responsibility to provide any update or otherwise notify anyone any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers are urged to engage competent legal counsel for consultation and representation considering the specific facts and circumstances presented in their unique circumstance at any time. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication. Readers acknowledge and agree to the conditions of this Notice as a condition of their access of this publication. Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein. ©2022 Cynthia Marcotte Stamer. Nonexclusive right to republish granted to Solutions Law Press, Inc. All other rights reserved.

Leave a Comment » | Academic medicine, Anti-KickBack, ASC, billing, compensation, Conditions of Participation, Corporate Compliance, DME, Doctor, Durable Medical Equipment, Federal Health Center, Federal Sentencing Guidelines, Health Care, Health Care, Health Care Finance, Health Care Fraud, Health Care Provider, Health Care Quality, health care reimbursement, Health IT, Home Health, Hospice, Hospital, Hospital, Indian Health, Inpatient Rehabilitation Facility, Laboratory tests, Laws, long-term care, Medicaid, Medicaid Advantage, Medicare, Mergers and Acquisitions, nursing home, Outpatient, pain management, Pharmaceudical, Physician, Physician Licensing, Prescription Drugs, Reimbursement | Tagged: Anti-Kickback, Health Care Fraud, Health Care Reimbursement, Medicaid, Medicare, Office-based labs | Permalink
Posted by Cynthia Marcotte Stamer

Pharmacies Pay $6.8+ Million To Settle False Claims Act Civil Claims

October 14, 2022

The $6.8 million plus settlement that four compounding pharmacies will pay highlights the federal health care fraud risks of co-payment and misrepresenting the charge for compound pain creams used by some compounding pharmacies and other health care providers.

DermaTran Health Solutions, LLC; Pharmacy Insurance Administrators, LLC; Legends Pharmacy; TriadRx; and the former owners of Lake Side Pharmacy and related entities, agreed to pay $6,876,564 to resolve allegations that they violated the False Claims Act by waiving copays, charging the government higher prices than permitted, and trading federal healthcare business with other pharmacies, according to an October 12, 2022 Justice Department announcement.

The government alleged that in 2012, pharmacy DermaTran Health Solutions, LLC (“DermaTran”), opened in Rome, Georgia, for the purpose of making and selling custom “compound” pain creams. DermaTran’s owners during the relevant time include DIII Consulting, LLC; SRM Holdings, LLC; Gussenhoven Holdings, LLC; Sam Moss; and Robert Gussenhoven. At the same time, another company named Pharmacy Insurance Administrators, LLC (“PIA”), was created to handle the billing for DermaTran. During the relevant time, PIA was a subsidiary of Insurance Administrative Solutions, LLC; which was a subsidiary of Gulfcoast Administrators, LLC; which was majority-owned by Life & Health Holdings, Inc.; which was a subsidiary of State Mutual Insurance Company.

The massive civil settlement resolves a lawsuit originally filed in the U.S. District Court for the Northern District of Georgia by a former accountant for DermaTran, under the qui tam, or whistleblower provisions, of the False Claims Act. United States ex rel. Doe v. DermaTran Health Solutions, LLC, et al., Civil Action No. 1:17-CV-1765. Under the False Claims Act, private citizens may bring suit for false claims on behalf of the United States and share in any recovery obtained by the government. The whistleblower will receive $1,434,775 from the settlements. PIA will also pay her attorney’s fees.

According to the complaint, the settling defendants used prohibited practices to cash in on lucrative coverage for compound pain creams provided by government backed health insurance programs such as TRICARE (for the military) and the Federal Employees Health Benefits Program (for federal workers). These programs would reimburse hundreds of dollars for these prescriptions, provided that certain restrictions to limit spending were met. For example, patients were required to contribute to the cost of the prescription in the form of copays. The government programs also limited payments to the “usual and customary price”—the price charged to a cash-paying, uninsured patient.

The Government alleged that DermaTran and PIA found ways to avoid these restrictions. DermaTran and PIA created a copay-waiver program where the providers would waive patients’ copayments based on a brief, unverified statement of economic need. DermaTran and PIA also misled the government programs about the price being charged to uninsured, cash-paying patients by falsely stating that that price was high when, in fact, it was only $30. As a result, there were days that veterans were charged $600+ for pain creams, while uninsured patients were charged only $30.

Eventually, various auditors uncovered these problems and began to terminate DermaTran from their networks. The Government alleged that DermaTran, looking for a way to continue to earn money, began selling its out-of-network prescriptions to other pharmacies. The other pharmacies could fill the prescriptions because they were still in network. After filling the lucrative prescriptions, the other pharmacies remitted a portion of the proceeds to DermaTran and PIA. The government alleged that this arrangement constituted an illegal kickback. The other pharmacies that participated in this prescriptions-for-money scheme included Legends Pharmacy (in Texas), Lake Side Pharmacy (in Alabama), and TriadRx (in Alabama).

The Government’s False Claims Act claims based on the above allegations are being settled. PIA will contribute $6.5 million to the settlement. DermaTran is no longer operating and was sold in an arm’s-length transaction to a third-party buyer last year for the price of $40,000. That amount will be turned over to the government as part of the settlement. MLDP of Texas, LP (a/k/a “Legends Pharmacy”) will pay $59,293. TRIAD Rx, Inc. will pay $166,547. Lake Side Pharmacy is no longer in business, but former owners of Lake Side Pharmacy will pay $110,724. The former owners include Titan Medical Marketing, LLC; Donald Wayne Bogue; George Takashi Elkins; James Bernard Bogue, Jr.; Robert Joseph Puckett, Jr.; Robert Joseph Puckett, Sr.; Stephen Weston Wilson; and Charles Franklin Taylor, Jr.

Statements by agencies involved in the investigation and prosecution of the DermaTran and PIA cases send a strong warning to other pharmacies and health care providers against engaging in similar copay waiver or billing practices. “Fraud through compounding pharmacies bilked billions out of TRICARE and undermined the integrity of our healthcare system designed to care for our service members and their families,” stated Cynthia Bruce, Special Agent in Charge of the Department of Defense, Office of Inspector General, Defense Criminal Investigative Service (DCIS). “I appreciate the partnership among involved law enforcement agencies and the U.S. Attorney’s Office to bring this matter to justice.”

“The OPM OIG has no tolerance for businesses that knowingly take advantage of FEHBP, violating the rules to make a profit,” said Amy K. Parker, Special Agent in Charge, OPM OIG. “I am extremely proud of the hard work of our investigators, analysts, and other law enforcement partners because overcharging the government is not a victimless crime – it contributes to higher premium prices and harms the financial integrity of the FEHBP.”

“The U.S. Postal Service, Office of Inspector General, will continue to tirelessly investigate those who commit frauds against federal benefit programs and the U.S. Postal Service. This settlement is a clear message that the USPS OIG is dedicated to rooting out corruption and bringing to justice those responsible for these crimes, said Special Agent in Charge Matthew Modafferi of the U.S. Postal Service, Office of Inspector General Northeast Area Field Office. The USPS OIG would like to thank our law enforcement partners and the Department of Justice for their efforts in this investigation”.

“Health care providers that try to boost their profits by submitting fraudulent claims to Federal health care programs threaten the integrity of those programs and drive up prices for everyone,” said Tamala E. Miles, Special Agent in Charge with the U.S. Department of Health and Human Services Office of Inspector General. “We work tirelessly alongside our law enforcement partners to protect the integrity of Federal health care programs and to ensure the appropriate use of taxpayer dollars.”

Compound pharmacies and other providers not only should not engage in these practices, but also should take steps to correct any past copayment waiver or billing practices that in retrospect could be found to have violated these or other Federal health program rules.

More Information

We hope this update is helpful. For more information about the these or other health or other legal, management or public policy developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.

Solutions Law Press, Inc. invites you receive future updates by registering on our Solutions Law Press, Inc. Website and participating and contributing to the discussions in our Solutions Law Press, Inc. LinkedIn SLP Health Care Risk Management & Operations Group, HR & Benefits Update Compliance Group, and/or Coalition for Responsible Health Care Policy.

About the Author

A Fellow in the American College of Employee Benefit Counsel, Vice Chair of the American Bar Association (“ABA”) International Section Life Sciences and Health Committee, Past Chair of the ABA Managed Care & Insurance Interest Group, Scribe for the ABA JCEB Annual Agency Meeting with HHS-OCR, past chair of the the ABA RPTE Employee Benefits & Other Compensation Group and current co-Chair of its Welfare Benefit Committee, Ms. Stamer is most widely recognized for her decades of pragmatic, leading edge work, scholarship and thought leadership on health and managed care industry legal, public policy and operational concerns.

Ms. Stamer’s work throughout her 30 plus year career has focused heavily on working with health care and managed care, health and other employee benefit plan, insurance and financial services and other public and private organizations and their technology, data, and other service providers and advisors domestically and internationally with legal and operational compliance and risk management, performance and workforce management, regulatory and public policy and other legal and operational concerns.

For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here.

IMPORTANT NOTICE ABOUT THIS COMMUNICATION

NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author and Solutions Law Press, Inc.™ reserve the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The author and Solutions Law Press, Inc.™ disclaim, and have no responsibility to provide any update or otherwise notify anyone any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication. Readers acknowledge and agree to the conditions of this Notice as a condition of their access of this publication.

Leave a Comment » | Costsharing, Health Care, Health Care Fraud, Pharmaceudical, Pharmacy | Permalink
Posted by Cynthia Marcotte Stamer

Act Promptly To Comment On ONC’s Proposed Electronic Clinical Quality Measure Draft Changes

September 14, 2022

Health care providers, health plans and insurers and other stakeholders concerned about the Department of Health and Human Services Office of the National Coordinator for Healthcare Information (“ONC”) electronic clinical quality measures (“eCQMs”) have the opportunity to review and comment on draft changes to the eCQM specifications and supporting resources under consideration by ONC as part of ONC’s 2022 Change Review Process (CRP) for the ONC Project Tracking System. Interested stakeholders must monitor the posting of issues and act quickly to share their feedback, however, as stakeholders have only two weeks to comment after a ONC posts a new proposed eCQm change.

eCQMs As Measure of Health Care Quality

Electronic clinical quality measures or “eCQMs” are tools that ONC develops with stakeholder input to help Medicare and Medicaid measure and track the quality of health care services that eligible hospitals and critical access hospitals (CAHs) provide, as generated by a provider’s electronic health record (EHR). CMS Measuring and reporting eCQMs helps to ensure that our health care system is delivering effective, safe, efficient, patient-centered, equitable, and timely care. CMS’ eCQMs measure many aspects of patient care, including:

Patient and Family Engagement
Patient Safety
Care Coordination
Population/Public Health
Efficient Use of Healthcare Resources
Clinical Process/Effectiveness

To successfully participate in the Medicare and Medicaid Promoting Interoperability Programs, the Centers for Medicare and Medicaid Services (“CMS”) requires eligible providers, eligible hospitals, critical access hospitals and dual-eligible hospitals electronically to report on eCQMs determined by CMS that require the use of data from the provider’s certified electronic health record (“EHR”) technology (CEHRT) or other health information technology systems to measure and report quality measures in a standardized manner. For calendar year (CY) 2022, Medicare Promoting Interoperability Program participants are required to report on three self-selected eCQMs and the Safe Use of Opioids – Concurrent Prescribing eCQM from the set of nine available for at least three self-selected quarters of CY 2022 data. To report eCQMs successfully, health care providers must use an EHR and adhere to the requirements identified by the CMS quality program. Failing to meet these eCQM reporting requirements can prevent the provider from meeting meaningful use requirements and trigger reductions in reimbursements for care.

Health care quality, credentialing, accreditation, and other provider, health plan and other organizations also use the eCQMs data alone or with other quality measures and tools to set standards and assess and enforce quality goals and performances.

As the proposed changes on a relevant eCQM could materially impact the reporting responsibilities of the reporting providers, the quality and meaning of a proposed data measure, or both, impacted stakeholders should monitor the system for possible changes impacting the eCQMs used or applicable to their organizations and its activities and if appropriate, comment promptly.

2022 eCQMs Updates

Each year, CMS makes updates to the eCQMs approved for CMS programs to reflect changes in:

Evidence-based Medicine
Code Sets
Measure Logic

Conducted annually as part of OCN’s eCQM Issue Tracker project, the CRP provides eCQM users the opportunity to review and comment on draft changes to the eCQM specifications and supporting resources under consideration by the measure stewards. The goal of the CRP is for eCQM implementers to comment on the potential impact of draft changes to eCQMs so CMS and measure stewards can make improvements to meet CMS’s intent of minimizing provider and vendor burden in the collection, capture, calculation, and reporting of eCQMs.

Stakeholders with an account on the ONC Project Tracking System can monitor, review and comment on proposed eCQM changes through the eCQM Issue Tracker project during the two week period following the date the issue is posted in the eCQM Issue Tracker. To participate in the CRP, users must have an ONC Project Tracking System account. New users can create an account via the ONC Project Tracking System website.

The following table reflects the eCQM issues open on the eCQM Issue Tracker as of September 14, 2022 and their scheduled comment closing dates

Issues Open for Public Comment As of 9/14/2022

CMS eCQM Identifier and Measure Title	CRP Issue Title	Issue Number and Link	Issue Type	Goal of Review	Public Comment Open Date	Public Comment Close Date
Multiple measures	Incorporate ‘Diagnosis’ datatype to capture Hospice Care	CQM-5561	Logic; Value Set	Obtain clinical and technical feedback	09/07/2022	09/21/2022
CMS128: Anti-depressant Medication Management; CMS136: Follow-Up Care for Children Prescribed ADHD Medication (ADD); CMS156: Use of High-Risk Medications in Older Adults	Update Cumulative Medication Duration function to calculate maximum daily frequency	CQM-5562	Logic	Obtain technical feedback	09/07/2022	09/21/2022
Multiple measures	Expand codes using ‘Diagnosis’ datatype to capture Palliative Care	CQM-5563	Logic; Value Set	Obtain clinical and technical feedback	09/07/2022	09/21/2022
Multiple measures	Require 2 indications of frailty to meet exclusion	CQM-5564	Header; Logic; Measure Intent Clarification	Obtain clinical feedback	09/07/2022	09/21/2022
CMS127: Pneumococcal Vaccination Status for Older Adults	Expand numerator to allow for pneumococcal vaccination since 19 years of age	CQM-5565	Header; Logic; Measure Intent Clarification	Obtain clinical feedback	09/07/2022	09/21/2022

eCQM Issue Tracker Open Issues As Of September 14, 2022

As proposed eCQM changes are posted for public comment as CRP issues. ONC informs eCQM accountholders of the proposed change or eCQM issue by posting for review in the ONC Project Tracking System. Accountholders only have two weeks after ONC posts a proposed eCQM to comment on the posted issue. Stakeholders interested in commenting on a particular issue must submit their comment in accordance with the directions within this two week period.

More Information

About the Author

For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here.

IMPORTANT NOTICE ABOUT THIS COMMUNICATION

Learn About DOJ Federal Antitrust Health Industry Market Competition Enforcement & Latest On $2.67 Billion BCBS Class Action Antitrust Settlement In 9/8 JCEB Webex

September 2, 2022

As qualifying individuals and companies that purchased or received health insurance await instructions on how to claim their share of the $2.67 billion In re: Blue Cross Blue Shield Antitrust Litigation private federal class action civil antitrust lawsuit settlement (“Settlement”) finally approved August 9, 2022 against the Blue Cross Blue Shield Association (“BCBSA”) and other settling individual Blue Cross Plans, employers and other plan sponsors, health care systems and providers, health insurers, pharmacy benefit managers, brokerages, and other health and health insurance market participants need to keep in mind that the private antitrust judgements are not their only exposure under federal antitrust laws. Health insurance and health industry market participants that engage in anticompetitive conduct or business transactions also risk investigation and prosecution under federal antitrust laws by the U.S. Department of Justice, the Federal Trade Commission and state regulators or attorneys general.

Market participants and others with health or health insurance industry market competitiveness concerns or interests should register and attend the September 8, 2022 Justice Department Health Industry Antitrust Enforcement Update to learn about key federal antitrust statutes regulating or prohibiting anticompetitive conduct and business transactions and hear how the Department of Justice uses these laws to promote market competition in the health care and health insurance marketplaces.

Hosted by the American Bar Association Joint Committee on Employee Benefits, the webinar will feature a discussion by U.S. Department of Justice Civil Division Healthcare and Consumer Products Section Antitrust Attorney Natalie Melada of basic federal antitrust rules and principles the Justice Department relies upon to safeguard market competitiveness and discusses selected Justice Department antitrust litigation and other compliance and enforcement initiatives the Department of Justice has undertaken to protect competition in the healthcare industry. Attorney and Solutions Law Press, Inc. editor and author Cynthia Marcotte Stamer also will provide an update on the In re: Blue Cross Blue Shield Antitrust Litigation and resulting $2.67 billion settlement approved August 9.

For more details and to register for the program, see here.

More Information

Solutions Law Press, Inc. invites you receive future updates by registering on our Solutions Law Press, Inc. Website and following and contributing to the discussions in our Solutions Law Press, Inc. LinkedIn SLP Health Care Risk Management & Operations Group, HR & Benefits Update Compliance Group, and/or Coalition for Responsible Health Care Policy.

About the Author

For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here.

IMPORTANT NOTICE ABOUT THIS COMMUNICATION

Leave a Comment » | Academic medicine, Anethesiology, Antitrust, ASC, Childrens Health Insurance Program, Conditions of Participation, Cyber crime, data breach, Direct Primary Care, Durable Medical Equipment, E-Prescribing, Electronic Medical Records, Employee Benefits, Federal Sentencing Guidelines, Health Apps, Health Care, Health Care Finance, Health Care Fraud, Health Care Provider, Health Care Quality, Health Insurance, Health Insurance Exchange, Health IT, Health Plan, Health Plans, healthcare, HHS, HIPAA, HIPAA Cyber Crime, HITECH Act, Home Health, home health, Hospice, Hospital, Hospital, hospitals, Indian Health, Inpatient Rehabilitation, Inpatient Rehabilitation Facility, managed care, Medical Licensure, Medical Records, Medicare, Mental Health, Mental Heatlh, nursing home, occupational health, OCR, Outpatient, participating provider, Pharmaceudical, Pharmacy, Physician, Physician Licensing, physician licensure, Prescription Drugs, Privacy, Psychiatric, public health, Reproductive Rights, Rural Health Care, Self-Insured Group health Plans, Skilled Nursing Facility, substance abuse treatment | Tagged: Antitrust, Association, competition, Department of Justice, Employers, Group Purchasing Organizations, Health Care, Health Insurance, Health Plans, PBMs, Physician, Prescription Drugs, Protected Health Information | Permalink
Posted by Cynthia Marcotte Stamer

HIPAA Covered Entity Nailed With $300,000+ HIPAA Settlement For Improper PHI Disposal

August 23, 2022

A Massachusetts dermatology practice’s Health Insurance Portability & Accountability Act (“HIPAA”) $300,000 plus settlement with the Department of Health & Human Services Office for Civil Rights (OCR) reminds health care providers, health plans, health care clearinghouses and their business associates (“Covered Entities”) to use proper practices and safeguards when disposing of protected health information (“PHI”).

Following up on other OCR enforcement involving improper protection and disposal of paper and electronic PHI, the settlement with New England Dermatology P.C., d/b/a New England Dermatology and Laser Center (“NDELC”) OCR announced today (August 23, 2022) resolves charges that NDELC violated the HIPAA Privacy Rules when it placed specimen containers with patient identifying PHI in its parking lot garbage bin.

OCR interprets HIPAA as requiring Covered Entities to appropriate steps to ensure that safeguards are in place when disposing of patient information to keep it from being accessible by the public. ”Improper disposal of protected health information creates an unnecessary risk to patient privacy,” said Acting OCR Director Melanie Fontes Rainer.

On May 11, 2021, NEDLC filed a breach report with OCR that reported empty specimen containers with the PHI on labels were placed in a garbage bin in their parking lot. The containers’ labels included patient names and dates of birth, dates of sample collection, and name of the provider who took the specimen. On March 31, 2021, a third-party security guard found one specimen container bearing a label containing patient names, dates of birth, dates of sample collection, and name of the provider who took the specimen. During the investigation, NEDLC stated that from February 4, 2011 until March 31, 2021, it regularly discarded specimen containers with an attached label that contained PHI as regular waste, bagged and placed in an exterior dumpster accessible via the parking lot, without alteration to the PHI containing label.

OCR’s New England Regional Office found the practice of disposing of specimen containers with their labels containing PHI violated the HIPAA Privacy Rule including the impermissible use and disclosure of PHI and failure to maintain appropriate safeguards to protect the privacy of PHI.

Under the NEDLC Resolution Agreement negotiated to settle the alleged violations, NEDLC paid $300,640 to OCR and agreed to implement a “robust” corrective action plan that includes two years of OCR monitoring. Among other things, the corrective action plan requires NEDLC to:

Within 60 days, develop, maintain, and revise, as needed and present for OCR review its written policies and procedures to comply with the physical safeguard and disposal of PHI created, received or maintained by or on behalf of NEDLC and all other HIPAA Privacy, Security and Breach Notification and training protocols to ensure workforce member compliance with these policies; and sanctions for workforce members violating these requirements;
Implement the updated policies and procedures within 30 days of receipt of HHS approval;
Distribute the policies to existing members of its workforce within 30 days of receipt of HHS approval of the policies and subsequently to new members of the workforce within 30 days of their beginning of service and obtain a signed written or electronic initial compliance certification from all members of the workforce and relevant business associates stating that the workforce members have read, understand, and shall abide by such policies and procedures;
Assess, update, and revise, as necessary, the policies and procedures at least annually or as needed, provide the revised policies and procedures to HHS for review and approval, and redistribute to and obtained new compliance certifications from workforce members and business associates within 30 days of HHS approval;
If it receives information during the Compliance Term that a workforce member or business associate may have failed to comply with its policies and procedures for safeguarding PHI, promptly investigate and it the investigation finds a violation, notify HHS within 30 days of the violation and corrective action taken;
Comply with specified breach investigation and notification requirements;
Provide reports certified by a designated leader of the organization its implementation of the corrective action plan, annually and upon the occurrence of certain other events during the two-year monitoring period.

The NEDLC Resolution Agreement is not the first time OCR has nailed a Covered Entity for improper disposal of PHI. In 2015 Cornell Prescription Pharmacy paid OCR $125,000 and implemented a correction action plan to correct alleged HIPAA violations after an OCR investigation of a local news report confirmed unsecured paper documents containing PHI of more than 1600 patients were disposed of in an unlocked, open container on Cornell’s premises. The documents were not shredded and contained identifiable information regarding specific patients. See Cornell Prescription Pharmacy Resolution Agreement. See also $800,000 HIPAA Settlement in Medical Records Dumping Case.

To reduce their own exposure to potential HIPAA liability arising from improper disposal of PHI, covered entities should evaluate the adequacy of the PHI handling, security and disposal policies, procedures, training and compliance for potential weaknesses and take appropriate, timely documented corrective action to tighten their compliance with OCR’s regulations, OCR’s Frequently Asked Questions About the Disposal and other OCR enforcement actions and guidance on PHI disposal.

Since these evaluations could uncover past or ongoing compliance concerns, Covered Entities and business associates should consider engaging legal counsel experienced with HIPAA compliance to advise and aid the Covered Entity to structure, conduct, evaluate findings and determine and implement any corrective actions that the review reveals as required or advisable within the scope of attorney client privilege.

Effective protection and disposal of PHI requires that Covered Entities recognize and keep track of all PHI in the various phases of its lifecycle in the organization including when it is being disposed or or migrating through various systems. Sanctions for disposal of specimen bottles containing PHI labels should raise the need for awareness of disposal practices for other patient labeled items including identification bracelets, medication containers and labels, meal trays and the plethora of other items containing patient specific information. PHI disposal issues also can arise out of the disposal of files, storage containers, computers, copiers or other devices. For instance, under the Affinity Health Plan, Inc. Resolution Agreement, Affinity Health paid OCR $1,215,780 to settle potential HIPAA Civil Monetary Sanctions after OCR found it exposed the PHI of up to 344,579 individuals by returning photocopiers to a leasing agent without erasing the data contained on the copier hard drives.

Because HIPAA obligations continue even when a Covered Entity or business associate goes out of business, Covered Entities also need to take appropriate steps to provide for ongoing management, protection and disposal of PHI when they or a business associate ceases business. Thus, in the FileFax Resolution Agreement, for instance the receiver appointed to liquidate the assets of Filefax, Inc. agreed to pay $ 100,000 out of the receivership estate to OCR to settle potential HIPAA violations after Filefax shut its doors during the course of OCR’s investigation into alleged HIPAA violations.

Covered Entities must understand that these responsibilities generally cannot be met merely through adoption of a standard set of policies and procedures from a third-party. The HIPAA Privacy Rule requires all Covered Entities to prepare and document risk assessments and develop and enforce appropriate privacy and security policies and procedures. Security and disposal practices and procedures are among the elements of HIPAA compliance that OCR expects Covered Entities to address in the documented risk assessments the regulations require Covered Entities to prepare and maintain. See $750,000 HIPAA Settlement Underscores the Need for Organization Wide Risk Analysis. As with other HIPAA compliance responsibilities, OCR regulations require that Covered Entities include their documented assessment and decision-making about the adequacy and reasonableness of their PHI protection and destruction practices under HIPAA as part of their overall HIPAA risk assessment plan and practices.

While OCR guidance provides some examples of several practices that a Covered Entity might use that could or could not meet the destruction standards, these examples are not safe harbors. The regulations and guidance expect Covered Entities to conduct a documented review and assessment “of their own circumstances to determine what steps are reasonable to safeguard PHI through disposal and develop and implement policies and procedures to carry out those steps.” OCR guidance directs that Covered Entities should assess potential risks to patient privacy, as well as consider such issues as the form, type, and amount of PHI to be disposed. Covered entities are responsible for conducting and documenting their analysis as well as their adoption, implementation and enforcement of the resulting policies and procedures.

If circumstances come to light that indicate a breach of the standards in the course of the disposal compliance assessment or otherwise, Covered Entities also promptly should work with legal counsel timely to investigate, determine and provide any required notifications or other corrective action and document their actions to meet applicable HIPAA and other legal obligations and mitigate liability.

Of course, Covered Entities and their leaders always must keep in mind that their responsibilities and potential liability for mishandling PHI could extend well beyond HIPAA. In addition to the civil monetary penalties HIPAA authorizes, mishandling the collection, protection or disposal of PHI or other sensitive data also can trigger other legal exposures. For instance, as HIPAA compliance is part of the Conditions of Participation that Medicare participating Covered Entities and Medicare Advantage Plans must meet to qualify for program participation, noncompliance could trigger program exclusion, False Claims Act or related exposures. Deficiencies in security or destruction of credit card, banking or other PHI that also qualifies as personal financial information could trigger exposure under Federal Trade Commission, state identity theft and privacy or other laws. Public companies and their leaders also may need to evaluate if deficiencies in their security or destruction protocols trigger investor disclosure obligations under Securities and Exchange Commission rules or other federal or state laws. Considering these and other exposures, documented, compliance and defensibility of PHI and other sensitive information use, protection, disclosure and destruction should rank high among the priorities of all Covered Entities and their leaders.

More Information

About the Author

For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here.

IMPORTANT NOTICE ABOUT THIS COMMUNICATION

Leave a Comment » | Academic medicine, Anethesiology, ASC, Childrens Health Insurance Program, Conditions of Participation, Cyber crime, data breach, Direct Primary Care, Durable Medical Equipment, E-Prescribing, Electronic Medical Records, Employee Benefits, Health Apps, Health Care, Health Care Finance, Health Care Fraud, Health Care Provider, Health Care Quality, Health Insurance, Health Insurance Exchange, Health IT, Health Plan, Health Plans, healthcare, HHS, HIPAA, HIPAA Cyber Crime, HITECH Act, Home Health, home health, Hospice, Hospital, Hospital, hospitals, Indian Health, Inpatient Rehabilitation, Inpatient Rehabilitation Facility, managed care, Medical Licensure, Medical Records, Medicare, Mental Health, Mental Heatlh, nursing home, occupational health, OCR, Outpatient, participating provider, Pharmaceudical, Pharmacy, Physician, Physician Licensing, physician licensure, Prescription Drugs, Privacy, Psychiatric, public health, Reproductive Rights, Rural Health Care, Self-Insured Group health Plans, Skilled Nursing Facility, substance abuse treatment | Tagged: Abortion, dobbs, Health Care, HIPAA, Physician, Protected Health Information, Reproductive Rights | Permalink
Posted by Cynthia Marcotte Stamer

6 Texas Physicians Face Federal Health Care Fraud Charges For Alleged Improper Kickbacks & Lab Testing Claims

May 29, 2022

The Department of Justice sent another strong warning to physicians and other health care provides not to violate the False Claims Act by making improper patient referrals in violation of the Anti-Kickback Statute and the Stark Law, billing federal health care programs for medically unnecessary laboratory testing or other services or both when charged six Texas physicians with federal health care fraud this week. The prosecution of the physicians for laboratory tests arranged and billed through management services organizations also reminds physicians and other providers that reliance upon management services or other third-party service providers generally does not protect a physician participating in prohibited laboratory or other testing, durable medical equipment, facility, physical therapy or other health care billing or referral arrangements from liability.

Charges Against Texas Physicians

This week, the Justice Department added the following six physicians as defendants to criminal charges filed in a False Claims Act complaint filed in January 2022 against former True Health Diagnostics LLC (THD) CEO Christopher Grottenthaler, former Boston Heart Diagnostics Corporation (BHD) CEO Susan Hertzberg, former LRH CEO Jeffrey Madison, and others:

Doyce Cartrett, Jr., M.D., of Silsbee, Texas, allegedly received over $320,000 from LRH and two management services organizations or “MSOs,” Ascend MSO of TX LLC (Ascend) and Eridanus MG LLC (Eridanus), in return for his referrals.
Elizabeth Seymour, M.D., of Corinth, Texas, allegedly received over $280,000 from two MSOs, Ascend and Eridanus, in return for her referrals.
Emanuel Paul “E.P.” Descant, II, M.D., of Spring, Texas, allegedly received over $125,000 from two MSOs, North Houston MSO and Tomball Medical Management Inc., in return for his referrals.
Frederick Brown, M.D., of Missouri City, Texas, allegedly received over $190,000 from two MSOs, Ascend and Indus MG LLC (Indus), in return for his referrals.
Heriberto Salinas, M.D., of Cleburne, Texas, allegedly received over $75,000 from two MSOs, Ascend and Herculis MG LLC (Herculis), in return for his referrals.
Hong Davis, M.D., of Lewisville, Texas, allegedly received over $70,000 from two MSOs, Ascend and Herculis, in return for her referrals.

The complaint in United States, et al. ex rel. STF, LLC v. True Health Diagnostics, LLC, et al., No. 4:16-cv-547 (E.D. Tex.) charges that small Texas hospitals including Rockdale Hospital dba Little River Healthcare (LRH), THD, BHD, the six physicians and others conspired to pay physicians to induce referrals to the hospitals for laboratory testing performed by THD or BHD. The charges stem from allegations made under the qui tam or whistleblower provisions of the False Claims Act by STF LLC by Felice Gersh, M.D. and Chris Riedel. The United States intervened in the qui tam action in December 2021.

The complaint alleges the charged hospitals paid a portion of their laboratory profits to recruiters, who in turn kicked back those funds to the referring physicians through MSOs allegedly set up by the recruiters to make payments to referring physicians. The Justice Department charges the alleged kickbacks were disguised as investment returns but actually were based on, and offered in exchange for, the physicians’ referrals. The complaint alleges that laboratory tests resulting from this referral scheme were billed to various federal health care programs, and that the claims not only were tainted by improper inducements but, in many cases, also involved tests that were not reasonable and necessary.

The Justice Department reports that before adding charges against the six physicians to the complaint this week, the Justice Department recovered more than $31 million relating to conduct involving BHD, THD and LRH, including False Claims Act settlements with 29 physicians, two health care executives and a laboratory company.

Health Care Fraud Liability Under False Claims Act, Anti-Kickback Statute, Stark Law

The Anti-Kickback Statute prohibits offering, paying, soliciting or receiving remuneration to induce referrals of items or services covered by Medicare, Medicaid and other federally-funded programs. The Stark Law forbids a hospital or laboratory from billing Medicare for certain services referred by physicians that have a financial relationship with the hospital or laboratory. The Anti-Kickback Statute and the Stark Law seek to ensure that medical providers’ judgments are not compromised by improper financial incentives and are instead based on the best interests of their patients.

The False Claims Act prohibits health care providers from billing federal health care programs for services resulting from referrals prohibited by the Anti-Kickback Statute or the Stark law.

Under the False Claims Act, a private party can file an action on behalf of the United States and receive a portion of the recovery. The False Claims Act also allows the Justice Department to intervene in such lawsuits and add claims and defendants, as happened in this litigation. The qui tam case is captioned United States, et al. ex rel. STF, LLC v. True Health Diagnostics, LLC, et al., No. 4:16-cv-547 (E.D. Tex.). If a defendant is found liable for violating the act, the United States may recover three times the amount of its losses plus applicable penalties.

The United States’ pursuit of this lawsuit illustrates the government’s emphasis on combating health care fraud generally with a special emphasis on physicians. For instance, U.S. Attorney Brit Featherston is quoted as saying, “Schemes that funnel health care referrals do not work without the participation of physicians. … They are not merely passive players in these elaborate schemes, but an integral part, without which the scheme could not exist. Our office is committed to rooting out health care fraud by pursuing all players involved the scheme, from the laboratories and their leaders to the marketers and the physicians who make it all possible. Naming these physicians in the complaint is evidence of that commitment.”

Given this clear warning, physicians and other prescribers, as well as recruiting, billing and management services organizations, laboratories and others involved in recruiting and marketing, providing or billing for laboratory or other services to double check the appropriateness of their referral and other practices keeping in mind that the Anti-Kickback Statute and Stark Law prohibitions against direct and indirect compensation can reach to a wide range of subtle value and benefits in addition to the obvious payment of cash or gifts delivered in a multitude of ways. The prosecution of these physicians for referrals made and compensation delivered under management services contracts also clearly warns physicians and other providers against expecting their reliance upon billing, management services or other staff or management service providers to shield them from liability if an improper referral or payment happens.

More Information

About the Author

For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here.

IMPORTANT NOTICE ABOUT THIS COMMUNICATION

Leave a Comment » | Anti-KickBack, billing, Centers For Disease Control, Conditions of Participation, DME, Doctor, Durable Medical Equipment, E-Prescribing, false claims act, Federal Sentencing Guidelines, Health Care, Health care coding, Health Care Finance, Health Care Fraud, Health Care Provider, Health Care Quality, health care reimbursement, healthcare, HHS, Home Health, home health, Hospice, Hospital, Hospital, hospitals, Laboratory tests, Licensing, Medical Licensure, Medical Malpractice, Medicare, Medicare Advantage, Medicare Prescription Drug Program, Money Laundering, nursing home, OIG, Opiates, Pharmaceudical, Physician, Physician Licensing, Reimbursement, Stark, Substance Abuse | Tagged: Federal Sentencing Guidelines, Opiate, pain management, Physician | Permalink
Posted by Cynthia Marcotte Stamer

SCOTUS: Emotional Injury Damages Not Recoverable In Patient’s Private Rehab Act and ACA Disability Discrimination Lawsuit But Other Significant Liability Risks Remain

May 2, 2022

Today’s Supreme Court ruling that emotional distress damages are not recoverable in a private action to enforce the disability discrimination and accommodation requirements of either the Rehabilitation Act of 1973 (“Rehab Act”) or the Patient Protection and Affordable Care Act (“ACA”) prevents health care and other businesses subject to these requirements against the risk of large emotional injury awards in private actions for discrimination based on these laws. However, health care providers and other organizations subject to these requirements should use care to maintain compliance to avoid large actual damage awards to plaintiffs bringing private lawsuits, program exclusion, penalties or other governmental sanctions or both.

Cummings Supreme Court Ruling

The May 1, 2022 United States Supreme Court ruling in Cummings v. Premier Rehab Keller authored by Supreme Court Justice John Roberts resulted from a suit that sought emotional distress damages brought by filed by a deaf and legally blind woman, Jane Cummings against Premier Rehab Keller after it denied her request that it provide an American Sign Language interpreter at her physical therapy sessions. Premier Rehab told Cummings the therapist could communicate with her through other means, Claiming Premier Rehab’s failure to provide an ASL interpreter constituted discrimination on the basis of disability in violation of the Rehab Act and Section 1557 of the ACA, Cummings sued Premier Rehab seeking various damages and other relief, including emotional distress damages.

The Supreme Court took notice that Premier Rehab was subject to these laws because its receipt of Medicare and Medicaid payments qualified as federal financial assistance triggering their applicability.

The Supreme Court affirmed the previous District Court and Fifth Circuit Court of Appeals’ rulings that emotional distress damages are not recoverable in a private action to enforce either the Rehab Act or the ACA.

The Supreme Court Majority based its decision on its finding that the Rehab Act and Act both are spending statutes that condition their offer of federal funding on a promise by the recipient not to discriminate creating what amounts essentially to a contract between the Government and the recipient of funds. Following previously established Supreme Court precedent for “private spending clause actions,” the Court ruled the emotional distress or other remedy is not available unless “the funding recipient is on notice that by accepting federal funding, it exposes itself to liability of that nature.”

To decide whether emotional distress damages are available under the Spending Clause statutes in this case, the Court therefore asked if a prospective funding recipient deciding whether to accept
federal funds would have had “clear notice” regarding that liability. Because the two statutes are silent on the availability of emotional injury damages, the Supreme Court followed prior precedent by looking to whether the emotional damages sought by Cummings were the type of damages traditionally available in suits for breach of contract so as to put Premier Rehab and other defendants on notice of their exposure to such damages from actions under the Rehab Act or ACA. While acknowledging some exceptional circumstances where punitive damages may be recovered where “the conduct constituting the breach is also a tort for which punitive damages are recoverable,” the Court found such damages “are generally not available for breach of contract.” Concluding that the recognized exception to the general rule was insufficient to give funding recipients the requisite notice that they could face such damages. the Supreme Court ruled that funding recipients under the Rehab Act and the ACA “have not, merely by accepting funds, implicitly consented to liability for punitive damages.”

To read the full Majority opinion and related consenting and dissenting opinions, see here.

Liability Risks Remain Substantial Despite Cummings Ruling

While the Supreme Court’s ruling means private litigants cannot recover emotional injury damages in discrimination actions brought to enforce the Rehabilitation Act or the ACA, health industry and other organizations remain subject to other substantial liability risks for improper discrimination in violation of those laws. Beyond recoveries for actual damages, attorneys’ fees and costs recoverable by private litigants, covered organizations also can face substantial civil monetary penalties, program disqualification, in some instances even False Claims Act liability for billing in violation of program conditions of participation and other risks. As federal agencies continue to make enforcement of these sanctions a priority, organization covered by either of these laws should use care to maintain appropriate compliance and risk management to ensure their ability to defend against any potential charges.

For instance, HHS recently reaffirmed its continued commitment and prioritization of protecting disabled individuals against disability discrimination by its publication of its February 4, 2022 FAQs for Healthcare Providers during the COVID-19 Public Health Emergency: Federal Civil Rights Protections for Individuals with Disabilities under Section 504 and Section 1557. Published to remind health care providers of their obligations under law and provide examples of applicability, HHS clarifies in that guidance that federal civil rights laws apply to health care providers, including those administering COVID-19 testing, medical supplies, and medication. These rules also apply to entities providing hospitalization, long-term care, intensive treatments, and critical care, such as oxygen therapy and mechanical ventilators. HHS also confirm that federal civil rights laws apply to state Crisis Standard of Care plans, procedures, and related standards for triaging scarce resources that hospitals are required to follow. HHS Issues New Guidance for Health Care Providers on Civil Rights Protections for People with Disabilities. See also New Guidance to Boost Accessibility and Equity in COVID-19 Vaccine Programs (December 22, 2021); HHS Takes Action to Prevent Discrimination and Strengthen Civil Rights (November 18, 2021); HHS and DOJ Issue Guidance on “Long COVID” and Disability Rights Under the ADA, Section 504, and Section 1557 (July 26, 2021); OCR Provides Technical Assistance to the State of Arizona to Ensure Crisis Standards of Care Protect Against Age and Disability Discrimination (May 25, 2021); HHS Announces Prohibition on Sex Discrimination Includes Discrimination on the Basis of Sexual Orientation and Gender Identity (May 10, 2021); New Legal Guidance and Resources to Ensure — and Expand — Access to COVID-19 Vaccines for People with Disabilities and Older Adults (April 13, 2021).

HHS’ guidance announcements all include a warning like the one from OCR Director Lisa J. Pino in the February 4, 2022 announcment that “OCR will continue our robust enforcement of federal civil rights laws that protect people with disabilities from discrimination, including when Crisis Standards of Care are in effect.”

The current and historical enforcement record of HHS demonstrates the teeth behind this commitment. OCR has a long and continuing history of extracting substantial settlements or civil monetary penalties from health care or other organizations receiving Medicare, Medicaid or other federal funds administered by HSS for engaging in conduct OCR finds inconsistent with the ACA or Rehabilitation Act discrimination requirements. See, e.g., Settlement Agreement Reached with Rhode Island Department of Children, Youth and Families to Address Discrimination Against Parents with Disabilities (March 30, 2022); Massachusetts Healthcare Provider Resolves Allegations of Discriminatory Practices Regarding Patients Needing Opioid Use Disorder Treatment (December 22, 2021); HHS Office for Civil Rights and U.S. Attorney’s Office for the District of Massachusetts Settle Disability Discrimination Case with Baystate Medical Center (November 17, 2021); HHS Office for Civil Rights and U.S. Attorney’s Office Settle Disability Discrimination Case with Backus Hospital (October 5, 2021); Rhode Island, Massachusetts Healthcare Provider Resolves Allegations of Discriminatory Practices Regarding Patients Needing Opioid Use Disorder Treatment (August 9, 2021).

These OCR guidance and enforcement actions and similar activities by other federal agencies send a strong message that OCR and other federal agencies will continue and expand their zealous investigation and enforcement of disability and other violations by health care providers and other public and private organizations covered by the Rehabilitation Act, the ACA or other federal discrimination and civil rights laws. Health care providers and others regulated by these federal discrimination laws should consider auditing the adequacy of existing practices, reaffirming their own and their business partners’ compliance, retraining workforce and taking other appropriate steps to help prevent illegal discrimination within their organization and to position their organization to respond and defend against potential discrimination investigations or charges.

For Additional Information Or Assistance

If you need have questions or need assistance with health, health or other insurance, employee benefit, payroll, investment or other data, systems or other privacy or security related risk management, compliance, enforcement or management concerns, the author of this update, attorney Cynthia Marcotte Stamer may be able to help. Longtime scribe for the American Bar Association Joint Committee on Employee Benefits agency meeting with OCR and author of leading publications on HIPAA and other privacy and data security concerns, Ms. Stamer regularly assists clients and provides input to Congress, OCR and other agencies, publishes and speaks extensively on medical and other privacy and cybersecurity, health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns.

Ms. Stamer also shares her extensive publications and thought leadership as well as leadership involvement in a broad range of other professional and civic organizations. For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

Her publications and insights appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, World At Work, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications. Her insights on HIPAA risk management and compliance frequently appear in medical privacy related publications of a broad range of health care, health plan and other industry publications. She also is a highly-sought out speaker on privacy and data security who serves on the planning faculty and speaks for the Association of State & Territorial Health Plans (ASTHO), the Los Angeles Health Department, the American Bar Association, the Health Care Compliance Association, a multitude of health industry, health plan, insurance and financial services, education, employer employee benefit and other clients, trade and professional associations and others. You can get more information about her HIPAA and other experience here. If you need assistance with these or other compliance concerns, wish to inquire about arranging for compliance audit or training, or need legal representation on other matters, e-mail Ms. Stamer or call (214) 452-8297.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here.

Important Information About This Communication

Leave a Comment » | 1335 Waiver, Academic medicine, ADA, air ambulance, Ambulatory care, Childrens Health Insurance Program, Civil Rights, Conditions of Participation, Corporate Compliance, Covid, Disability Discrimination, Discrimination, DME, early childhood education, Emergency Care, Employee Benefits, Employment, false claims act, Health Care, Health Care Fraud, Health Care Provider, health care reimbursement, Health Plan, Health Plans, healthcare, HHS, Home Health, home health, Hospice, Hospital, Hospital, hospitals, Indian Health, Inpatient Rehabilitation, Inpatient Rehabilitation Facility, Labor Law, Laws, Life Sciences, Medicaid, Medicare, Medicare Advantage, Medicare Prescription Drug Program, Mental Health, Mental Heatlh, nursing home, occupational health, OCR, OIG, Opiates, Outpatient, Pharmaceudical, Pharmacy, Physician, Physician Licensing, Prescription Drugs, Reimbursement, Section 1557 | Permalink
Posted by Cynthia Marcotte Stamer

Federal Convictions Of Physicians Highlight Need For Care In Opiate & Other Pain Management Prescribing & Billing

March 4, 2022

Physicians and other health care prescribers must remain hyper vigilant when prescribing, documenting, billing and managing opiate and other pain management prescriptions and patients. That’s the clear message sent by the ever-growing wave of federal prosecutions and convictions like the March 2, 2022 federal conviction of Tennessee physician Mark Murphy and his wife, Jennifer Murphy and his wife for unlawfully distributing opioids, providing unnecessary services and defrauding insurers from their now-shuttered North Alabama Pain Services clinics (“NAPS”) and March 1, 2022 sentencing of former physician Patrick Titus to 20 years in prison for his conviction of unlawful distribution of opioid drug outside the usual scope of professional practice and not for legitimate medical purposes as part of the his internal medicine practice.

Tennessee Doctor & Wife Convicted of Pain Management Related Unlawful Opioid Distribution, Health Care Fraud & Other Criminal Charges

The March 2 federal jury conviction of Dr. and Ms. Murphy stemmed from their ownership and operation of their now-defunct pain management clinics resulted from evidence gathered through a joint investigation by the Federal Bureau of Investigation, the Department of Health & Human Services Office of Inspector General, the Internal Revenue Service, and the Drug Enforcement Agency.

During the resulting jury trial, federal prosecutors presented evidence that during the five-year period leading up to the clinic closing its Alabama locations in 2017, Dr. Murphy and Ms. Murphy, who was the office manager, caused over $50 million in fraudulent or unnecessary medical services to be charged to Medicare, TRICARE, Blue Cross Blue Shield of Alabama and others. Evidence at trial showed that NAPS provided pre-signed prescriptions to thousands of patients a month, including prescriptions written outside the usual course of professional practice without a legitimate medical purpose. Federal prosecutors also introduced evidence that the Murphys also solicited and received unlawful payments for referring fraudulent or unnecessary services to patients.

Based on the evidence, the jury found both Dr. and Ms. Murphy guilty on numerous criminal charges including:

Conspiracy to unlawfully distribute and unlawful distribution of controlled substances;
Conspiracy to commit and commission of health care fraud;
Conspiracy to defraud the United States; and
Receiving illegal kickbacks in violation of the Anti-Kickback Statute.

Ms. Murphy also was convicted of tax-related charges for underreporting clinic income.

Currently scheduled for sentencing in June, the Murphys each face a maximum of 20 years in prison for the drug charges and a maximum of 10 years in prison for the health care fraud charges. Both defendants also face a maximum of five years in prison for charges stemming from violations of the Anti-Kickback Statute, and Ms. Murphy faces up to three years in prison for the tax charges.

Former Delaware Doctor Sentenced to 20 Years in Prison for Unlawful Opioid Distribution

The Murphy’s jury conviction came one day after the sentencing of former to 20 years in prison for his July 2021 federal jury conviction on 13 counts of unlawfully distributing and dispensing controlled substances and one count of maintaining a drug-involved premises.

Federal prosecutors presented evidence in court documents and trial that Dr. Titus unlawfully distributed or dispensed opioid drugs including fentanyl, morphine, methadone, OxyContin and oxycodone outside the usual scope of professional practice and not for legitimate medical purposes as part of the his internal medicine practice. The Justice Department charged Dr. Titus frequently prescribed these dangerous controlled substances in high dosages, sometimes in combination with each other or in other dangerous combinations, mostly in exchange for cash. Evidence at trial showed he distributed over 1 million opioid pills without providing any meaningful medical care and to patients he knew were suffering from substance use disorder and/or who demonstrated clear signs that the prescribed drugs were being abused, diverted or sold on the street.

Health Care Fraud Task Force Targeting Opioid Distribution, Billing, & Related Misconduct

Both the Murphy and Titus prosecutions and convictions are two of a growing series of convictions resulted from investigations into opioid and other pain management prescribing conducted as part of efforts targeting physicians and other health care providers involved in prohibited the federal Health Care Fraud Strike Force Program. See e.g., Medical Director Convicted in $110 Million Addiction Treatment Fraud Scheme.

The Federal agencies made a point of warning to other physicians not to overprescribe, bill or engage in other prohibited dealings involving opioids or other controlled substances when announcing the Titus sentencing.

“As we continue the fight against the opioid crisis, this case serves as an important reminder that health care professionals have a duty to prescribe medication responsibly to ensure the well-being of individuals under their care. Failing to do so can endanger patients and undermines critical, ongoing public health measures,” said Special Agent in Charge Maureen Dixon of the U.S. Department of Health and Human Services, Office of the Inspector General (HHS-OIG). “HHS-OIG will continue to work with our law enforcement partners to hold bad actors accountable.”

“This sentence is a reminder that the Department of Justice will hold accountable those doctors who are illegitimately prescribing opioids and fueling the country’s opioid crisis,” said Assistant Attorney General Kenneth A. Polite Jr. of the Justice Department’s Criminal Division. “Doctors who commit these unlawful acts exploit their roles as stewards of their patients’ care for their own profit.”

“DEA-registered medical practitioners have an important role in our communities to treat patients compassionately and responsibly,” said DEA Administrator Anne Milgram. “Today’s sentencing makes clear that medical professionals who recklessly prescribe opioids and endanger the safety and health of patients will be held accountable.”

More Information

About the Author

For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here.

IMPORTANT NOTICE ABOUT THIS COMMUNICATION

Leave a Comment » | billing, Centers For Disease Control, Conditions of Participation, Controlled Substances, Corporate Compliance, DEA, Doctor, drug treatment, E-Prescribing, Evidence Based Medicine, false claims act, FDA, Federal Sentencing Guidelines, Health Care, Health Care Finance, Health Care Fraud, Health Care Provider, Health Care Quality, health care reimbursement, Health Plan, Health Plans, healthcare, hemp, HHS, Home Health, home health, Hospice, Hospital, Hospital, hospitals, Licensing, managed care, marijuana, Medical Licensure, Medical Malpractice, Medical Records, Medicare, Medicare Advantage, Medicare Prescription Drug Program, Mental Heatlh, Money Laundering, Monopoly, OIG, Opiates, pain management, Physician, Physician Licensing, Prescription Drugs, Reimbursement, Substance Abuse | Tagged: Federal Sentencing Guidelines, Opiate, pain management, Physician | Permalink
Posted by Cynthia Marcotte Stamer

CMS Updates COVID-19 Guidance For Visiting Nursing Homes & LTC Facility Vaccination During Omicron Surge

January 13, 2022

CMS recently updated its Nursing Home Resource Centerwith new pieces of informational guidance on visitation and vaccines in response to the recent surge in Omicron cases.

Visitation

As of January 6, CMS updated the Nursing Home Visitation FAQs (PDF) to give additional guidance about visitation during the Omicron surge and also created an infographic (PDF) to graphically represent how to safely conduct visits to nursing homes during this time of spiking COVID cases around the country. Nursing home providers, patients, caregivers, and CMS partners can use these 2 new resources to stay informed about CMS’ latest thinking for keeping nursing homes safe in the current COVID climate.

CMS also continues to urge long-term care settings, like nursing homes, assisted living, residential care communities, group homes, and senior housing, to ensure residents and staff get COVID-19 vaccine primary series and booster shots.

Vaccination

while long-term care and other Medicare and Medicaid participating healthcare providers continue to await the Supreme Court’s decision on the enforceability and validity of the Biden administration vaccine mandate for program participation, CMS continues to urge long-term care providers to coordinate access to COVID-19 vaccines, either in the local community or on-site using the newest CDC resources.

As a reminder, through enforcement discretion, CMS allows Medicare-enrolled immunizers, including but not limited to pharmacies working with the U.S., to bill directly and get direct reimbursement from the Medicare program for vaccinating Medicare skilled nursing facility residents. See, Medicare billing and payment information.

Long-term care another healthcare providers also need to continue to ensure that they meet all other contagious disease and related requirements for participation in these federal programs as well as our meeting and managing their occupational health and safety, occupational injury, sick and disability leave, employee benefit, accommodation and anti retaliation mandates. See, e.g. SCOTUS To Hear Oral Arguments on OSHA COVID-19 Vaccination Rule Enforceability On January 7; COVID-19 Vaccination Rule Injunctions Leave Employers With Significant Liability Challenges Even As OSHA Extends Comment Period on OSHA COVID-19 Vaccine ETS

More Information

About the Author

Past Board President of the Richardson Development Program for Children ECE and Scribe for the ABA JCEB Annual Agency Meeting with HHS-OCR, Vice Chair of the ABA International Section Life Sciences Committee, past Chair of the ABA Health Law Section Managed Care & Insurance Interest Group and the ABA RPTE Employee Benefits & Other Compensation Group, Ms. Stamer is most widely recognized for her decades of pragmatic, leading edge work, scholarship and thought leadership on health industry legal, public policy and operational concerns.

As a part of this work, she has continuously and extensively worked with domestic and international health plans, their sponsors, fiduciaries, administrators, and insurers; managed care and insurance organizations; hospitals, health care systems, clinics, skilled nursing, long term care, rehabilitation and other health care providers and facilities; medical staff, accreditation, peer review and quality committees and organizations; billing, utilization management, management services organizations, group purchasing organizations; pharmaceutical, pharmacy, and prescription benefit management and organizations; consultants; investors; EHR, claims, payroll and other technology, billing and reimbursement and other services and product vendors; products and solutions consultants and developers; investors; managed care organizations, self-insured health and other employee benefit plans, their sponsors, fiduciaries, administrators and service providers, insurers and other payers, health industry advocacy and other service providers and groups and other health and managed care industry clients as well as federal and state legislative, regulatory, investigatory and enforcement bodies and agencies.

This involvement encompasses helping health care systems and organizations, schools, ECEs, group and individual health care providers, health plans and insurers, health IT, life sciences and other health industry clients prevent, investigate, manage and resolve sexual assault, abuse, harassment and other organizational, provider and employee misconduct and other performance and behavior; manage Section 1557, Civil Rights Act and other discrimination and accommodation, and other regulatory, contractual and other compliance; vendors and suppliers; contracting and other terms of participation, medical billing, reimbursement, claims administration and coordination, Medicare, Medicaid, CHIP, Medicare/Medicaid Advantage, ERISA and other payers and other provider-payer relations, contracting, compliance and enforcement; Form 990 and other nonprofit and tax-exemption; fundraising, investors, joint venture, and other business partners; quality and other performance measurement, management, discipline and reporting; physician and other workforce recruiting, performance management, peer review and other investigations and discipline, wage and hour, payroll, gain-sharing and other pay-for performance and other compensation, training, outsourcing and other human resources and workforce matters; board, medical staff and other governance; strategic planning, process and quality improvement; meaningful use, EHR, HIPAA and other technology, data security and breach and other health IT and data; STARK, ant kickback, insurance, and other fraud prevention, investigation, defense and enforcement; audits, investigations, and enforcement actions; trade secrets and other intellectual property; crisis preparedness and response; internal, government and third-party licensure, credentialing, accreditation, HCQIA and other peer review and quality reporting, audits, investigations, enforcement and defense; patient relations and care; internal controls and regulatory compliance; payer-provider, provider-provider, vendor, patient, governmental and community relations; facilities, practice, products and other sales, mergers, acquisitions and other business and commercial transactions; government procurement and contracting; grants; tax-exemption and not-for-profit; privacy and data security; training; risk and change management; regulatory affairs and public policy; process, product and service improvement, development and innovation, and other legal and operational compliance and risk management, government and regulatory affairs and operations concerns. to establish, administer and defend workforce and staffing, quality, and other compliance, risk management and operational practices, policies and actions; comply with requirements; investigate and respond to Board of Medicine, Health, Nursing, Pharmacy, Chiropractic, and other licensing agencies, Department of Aging & Disability, FDA, Drug Enforcement Agency, OCR Privacy and Civil Rights, Department of Labor, IRS, HHS, DOD, FTC, SEC, CDC and other public health, Department of Justice and state attorneys’ general and other federal and state agencies; JCHO and other accreditation and quality organizations; private litigation and other federal and state health care industry actions: regulatory and public policy advocacy; training and discipline; enforcement; and other strategic and operational concerns.

Author of a multitude of health industry and other highly regarded publications and presentations, the American Bar Association (ABA) International Section Life Sciences Committee Vice Chair, a Scribe for the ABA Joint Committee on Employee Benefits (JCEB) Annual OCR Agency Meeting and a former Council Representative, Past Chair of the ABA Managed Care & Insurance Interest Group, former Vice President and Executive Director of the North Texas Health Care Compliance Professionals Association, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, and a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her extensive publications and thought leadership as well as leadership involvement in a broad range of other professional and civic organizations.

For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here.

IMPORTANT NOTICE ABOUT THIS COMMUNICATION

Leave a Comment » | ASC, Centers For Disease Control, Conditions of Participation, Coronavirus, Corporate Compliance, Covid, Employee Benefits, Employer, Employment, Health Care, Health Care Finance, Health Care Fraud, Health Care Provider, Health Care Quality, health care reimbursement, Health Plan, healthcare, HHS, Hospice, Inpatient Rehabilitation, Inpatient Rehabilitation Facility, Life Sciences, long-term care, Medicaid, Medicaid Advantage, Medicare, Medicare Advantage, occupational health, OSHA, Pandemic, participating provider, Provider contracting | Permalink
Posted by Cynthia Marcotte Stamer

Justice Department COVID & Other Health Care Fraud Enforcement Thriving Despite Pandemic Emergency

November 23, 2021

Federal health care fraud prosecution continues to thrive despite the ongoing COVID-19 health care emergency.

Recently announced prosecutions and other enforcement actions include Fraud & Abuse, False Claims Act and other health care fraud prosecutions commonly pursued by the Justice Department in recent decades as well as a host of new prosecutions of abuses of Covid-19 relief programs. Examples include:

These and other actions send a clear message to health care and life science organizations to continue vigorous health care fraud compliance and risk management activities as well as stay vigilant for signs of new audit and enforcement activities.

More Information

About the Author

For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here.

IMPORTANT NOTICE ABOUT THIS COMMUNICATION

Leave a Comment » | Academic medicine, American Rescue Plan Act of 2021, Anti-KickBack, ASC, Centers For Disease Control, Conditions of Participation, Coronavirus, Corporate Compliance, Covid, COVID-19, Electronic Health Records, Employer, false claims act, Health Care, Health care coding, Health Care Fraud, Health Care Provider, Health Care Quality, health care reimbursement, healthcare, HHS, Home Health, home health, Hospice, Hospital, hospitals, Life Sciences, long-term care, Medicaid, Medicaid Advantage, Medicare, Medicare Advantage, Mental Heatlh, Money Laundering, OIG, Pandemic, Pharmacy, Physician, physician licensure, Reimbursement, retaliation, Skilled Nursing Facility, Stark, substance abuse treatment | Permalink
Posted by Cynthia Marcotte Stamer

CMS Updates COVID-19 Accelerated and Advance Payments FAQs

July 8, 2021

Providers that received COVID-19 accelerated and advance payments should read the Centers for Medicare and Medicaid Services (“CMS”) updated FAQs (PDF) about repayment of COVID-19 accelerated and advance payments to learn how recoupment works and how it affects the provider’s Medicare claims payment amounts.

The new FAQ updates the Repayment of COVID-19 Accelerated and Advance Payments Began on March 30, 2021 (PDF) guidance.

For more information and to follow future updates, see the COVID-19 Accelerated and Advance Payments webpage or contact the author of this update.

More Information

If you are interested in a more detailed description of this or other developments discussed in this article, see here.

If you would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here. For specific information or counsel about the these or other legal, management or public policy developments, Ms. Stamer’s work, experience, involvements, other publications, or programs, contact Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297, follow her on Facebook, LinkedIn or Twitter or see Cynthia Marcotte Stamer, P.C. Website.

About the Author

Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years working as an on demand, special project, consulting, general counsel or other basis with domestic and international business, charitable, community and government organizations of all types, sizes and industries and their leaders on labor and employment and other workforce compliance, performance management, internal controls and governance, compensation and benefits, regulatory compliance, investigations and audits, change management and restructuring, disaster preparedness and response and other operational, risk management and tactical concerns.

Most widely recognized for her work with health care, life sciences, insurance and data and technology organizations, she also has worked extensively with health plan and insurance, employee benefits, financial, transportation, manufacturing, energy, real estate, accounting and other services, public and private academic and other education, hospitality, charitable, civic and other business, government and community organizations. and their leaders.

Ms. Stamer has extensive experience advising, representing, defending and training domestic and international public and private health care and life sciences, charitable, community and governmental, and other business organizations and their leaders, employee benefit plans, their fiduciaries and service providers, insurers, and others. A widely published author and popular speaker, Ms. Stamer also has published and spoken extensively on wage and other and other health care, human resources, employee benefits and other workforce and services; insurance; workers’ compensation and occupational disease; business reengineering, disaster and distress; and many other compliance, governance, risk management, operational and public and regulatory affairs concerns.

A former lead advisor to the Government of Bolivia on its pension project, Ms. Stamer also has worked internationally and domestically as an advisor to health, managed care, insurance, and other business, community and government leaders on these and other legislative, regulatory and other legislative and regulatory design, drafting, interpretation and enforcement, as well as regularly advises and represents organizations on the design, administration and defense of workforce, employee benefit and compensation, safety, discipline, reengineering, regulatory and operational compliance and other management practices and actions.

Ms. Stamer also serves in leadership of a broad range of professional and civic organizations and provides insights and thought leadership through her extensive publications, public speaking and volunteer service with a diverse range of organizations including as Chair of the American Bar Association (“ABA”) Intellectual Property Section Law Practice Management Committee, Vice Chair of the International Section Life Sciences and Health Committee, Past ABA RPTE Employee Benefits & Other Compensation Group Chair and Council Representative and current Welfare Benefit Committee Co-Chair, Past Chair of the ABA Managed Care & Insurance Interest Group, past Region IV Chair and national Society of Human Resources Management Consultant Forum Board Member, past Texas Association of Business BACPAC Chair, Regional Chair and Dallas Chapter Chair, former Vice President and Executive Director of the North Texas Health Care Compliance Professionals Association, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation and many others.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here such as:

If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here. ©2021 Cynthia Marcotte Stamer. Non-exclusive right to republish granted to Solutions Law Press, Inc.™

Leave a Comment » | Academic medicine, American Rescue Plan Act of 2021, Anti-KickBack, billing, Centers For Disease Control, compensation, Conditions of Participation, Coronavirus, Corporate Compliance, COVID-19, Doctor, E-Prescribing, Emergency Care, Health Care, Health care coding, Health Care Finance, Health Care Fraud, Health Care Provider, Health Insurance, Health Plan, Health Plans, healthcare, HHS, Home Health, home health, Hospital, hospitals, Indian Health, Medicaid, Medicare, Medicare Advantage, Medicare Fee Schedule, OIG, Pandemic, Physician, public health, Reimbursement, Uncategorized | Tagged: COVID-19, Health Care, Health Care Fraud, Medicare, Physician, recoupment, Reimbursement | Permalink
Posted by Cynthia Marcotte Stamer

Biden-Harris Plan To Beat COVID-19 Includes Plan To Expand Medicare, Other Health Care Plans

January 21, 2021

Newly sworn in President Joe Biden chose to make an executive order outlining the core principles for his Administration’s policy for fighting COVID-19 the first signed in his new administration.

The text of the COVID-19: The Biden-Harris plan to beat COVID-19 reads as follows:

The American people deserve an urgent, robust, and professional response to the growing public health and economic crisis caused by the coronavirus (COVID-19) outbreak. President Biden believes that the federal government must act swiftly and aggressively to help protect and support our families, small businesses, first responders, and caregivers essential to help us face this challenge, those who are most vulnerable to health and economic impacts, and our broader communities – not to blame others or bail out corporations.

The Biden-Harris administration will always:

Listen to science
Ensure public health decisions are informed by public health professionals
Promote trust, transparency, common purpose, and accountability in our government
President Biden and Vice President Harris have a seven-point plan to beat COVID-19.

Ensure all Americans have access to regular, reliable, and free testing.

Double the number of drive-through testing sites.
Invest in next-generation testing, including at home tests and instant tests, so we can scale up our testing capacity by orders of magnitude.
Stand up a Pandemic Testing Board like Roosevelt’s War Production Board. It’s how we produced tanks, planes, uniforms, and supplies in record time, and it’s how we will produce and distribute tens of millions of tests.
Establish a U.S. Public Health Jobs Corps to mobilize at least 100,000 Americans across the country with support from trusted local organizations in communities most at risk to perform culturally competent approaches to contact tracing and protecting at-risk populations.
Fix personal protective equipment (PPE) problems for good.

President Biden is taking responsibility and giving states, cities, tribes, and territories the critical supplies they need.

Fully use the Defense Production Act to ramp up production of masks, face shields, and other PPE so that the national supply of personal protective equipment exceeds demand and our stores and stockpiles — especially in hard-hit areas that serve disproportionately vulnerable populations — are fully replenished.
Build immediately toward a future, flexible American-sourced and manufactured capability to ensure we are not dependent on other countries in a crisis.
Provide clear, consistent, evidence-based guidance for how communities should navigate the pandemic – and the resources for schools, small businesses, and families to make it through.

Social distancing is not a light switch. It is a dial. President Biden will direct the CDC to provide specific evidence-based guidance for how to turn the dial up or down relative to the level of risk and degree of viral spread in a community, including when to open or close certain businesses, bars, restaurants, and other spaces; when to open or close schools, and what steps they need to take to make classrooms and facilities safe; appropriate restrictions on size of gatherings; when to issue stay-at-home restrictions.
Establish a renewable fund for state and local governments to help prevent budget shortfalls, which may cause states to face steep cuts to teachers and first responders.
Call on Congress to pass an emergency package to ensure schools have the additional resources they need to adapt effectively to COVID-19.
Provide a “restart package” that helps small businesses cover the costs of operating safely, including things like plexiglass and PPE.
“THIS ISN’T ABOUT POLITICS. IT’S ABOUT SAVING LIVES.”

PRESIDENT BIDEN, SEPTEMBER 16, 2020
Plan for the effective, equitable distribution of treatments and vaccines — because development isn’t enough if they aren’t effectively distributed.

Invest $25 billion in a vaccine manufacturing and distribution plan that will guarantee it gets to every American, cost-free.
Ensure that politics plays no role in determining the safety and efficacy of any vaccine. The following 3 principles will guide the Biden-Harris administration: Put scientists in charge of all decisions on safety and efficacy; publicly release clinical data for any vaccine the FDA approves; and authorize career staff to write a written report for public review and permit them to appear before Congress and speak publicly uncensored.
Ensure everyone — not just the wealthy and well-connected — in America receives the protection and care they deserve, and consumers are not price gouged as new drugs and therapies come to market.
Protect older Americans and others at high risk.

President Biden understands that older Americans and others at high-risk are most vulnerable to COVID-19.

Establish a COVID-19 Racial and Ethnic Disparities Task Force, as proposed by Vice President Harris, to provide recommendations and oversight on disparities in the public health and economic response. At the end of this health crisis, it will transition to a permanent Infectious Disease Racial Disparities Task Force.
Create the Nationwide Pandemic Dashboard that Americans can check in real-time to help them gauge whether local transmission is actively occurring in their zip codes. This information is critical to helping all individuals, but especially older Americans and others at high risk, understand what level of precaution to take.
Rebuild and expand defenses to predict, prevent, and mitigate pandemic threats, including those coming from China.

Immediately restore the White House National Security Council Directorate for Global Health Security and Biodefense, originally established by the Obama-Biden administration.
Immediately restore our relationship with the World Health Organization, which — while not perfect — is essential to coordinating a global response during a pandemic.
Re-launch and strengthen U.S. Agency for International Development’s pathogen-tracking program called PREDICT.
Expand the number of CDC’s deployed disease detectives so we have eyes and ears on the ground, including rebuilding the office in Beijing.
Implement mask mandates nationwide by working with governors and mayors and by asking the American people to do what they do best: step up in a time of crisis.

Experts agree that tens of thousands of lives can be saved if Americans wear masks. President Biden will continue to call on:

Every American to wear a mask when they are around people outside their household.
Every Governor to make that mandatory in their state.
Local authorities to also make it mandatory to buttress their state orders.
Once we succeed in getting beyond this pandemic, we must ensure that the millions of Americans who suffer long-term side effects from COVID don’t face higher premiums or denial of health insurance because of this new pre-existing condition. The Biden-Harris Administration will work to ensure that the protections for those with pre-existing conditions that were won with Obamacare are protected. And, they will work to lower health care costs and expand access to quality, affordable health care through a Medicare-like public option.

As the new Administration and Congress get down to work, health industry organizations as well as all other U.S. organizations and communities, their leaders, and individual employees and citizens should carefully follow, and share their input to the Administration, members of Congress, and other federal, state and local officials on the actions and proposals taken to implement this and other policy that impact their interests. The need for careful attention and scrutiny is particularly important for health, managed care and insurance and management organizations as President Biden made clear throughout his campaign his intent to pursue legislative and regulatory reforms that would reverse actions of the previous administration as well as implement addition reforms to expand coverage and regulation of health care, workforce and other critical policies.

More Information

About the Author

An attorney board certified in labor and employment law by the Texas Board of Legal Specialization and Fellow in the American College of Employee Benefit Counsel, Ms. Stamer has worked as an on demand, special project, consulting, general counsel or other basis with health care providers, health insurers, employer and other management organizations, health and other employee benefit plans, their sponsors, insurers, administrators, providers and others and others has published and spoken extensively on these concerns.

A former lead advisor to the Government of Bolivia on its pension project, Ms. Stamer also has worked internationally and domestically as an advisor and advocate for employer and other plan sponsors, fiduciaries, administrators, insurers, technology and other service providers, managed care organizations, direct primary care and other health care providers and others on these and other legislative, regulatory and other legislative and regulatory design, drafting, interpretation and enforcement, as well as regularly advises and represents organizations on the design, administration and defense of workforce, employee benefit and compensation, safety, discipline, reengineering, regulatory and operational compliance and other management practices and actions.

For more information about these concerns or Ms. Stamer’s work, experience, involvements, other publications, or programs, see www.cynthiastamer.com or contact Ms. Stamer via e-mail here.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here such as:

Leave a Comment » | CDC, Centers For Disease Control, Consumer Driven Health Care, Coronavirus, Corporate Compliance, COVID-19, Cultural diversity, Direct Primary Care, Disability Discrimination, DME, Doctor, Emergency Care, Employee Benefits, Employer, Employment, Employment law, ERISA, Evidence Based Medicine, Fast Track Approval, FDA, Health Care, Health Care Finance, Health Care Fraud, Health Care Provider, Health Care Quality, Health Care Reform, health care reimbursement, Health Insurance, Health Plan, Health Plans, healthcare, HHS, home health, Hospice, Hospital, hospitals, Labor Law, Laws, managed care, Medicare, Medicare Advantage, Medicare Prescription Drug Program, Pandemic, Pharmaceudical, Physician, Reimbursement, Uncategorized | Tagged: Biden Administration, COVID-19, Health Care | Permalink
Posted by Cynthia Marcotte Stamer

CMS Steps Up Nursing Home Inspections & Tightens Inspections In Response To Continuing COVID-19 Outbreaks & Deaths

April 3, 2020

Skilled nursing and other long term care facilities commonly known as “nursing homes” (“LTC facilities”),[i] rehabilitation, assisted living, retirement and other facilities and communities caring for elderly, disabled, aged or other infirm patients or residents should use recently released tools to confirm the adequacy of and update their current COVID-19 and other infectious disease prevention and control and other key policies and practices with the latest Centers for Medicare & Medicaid Services (CMS) and Centers for Disease Control and Prevention (CDC) requirements and guidelines in light of recently announced changes to CMS nursing home inspection policies (the “Targeted Inspection Policy”)[iii] that target nursing homes with COVID-19 outbreaks or death for likely inspection announced March 23, 2020 including all existing requirements including new “recommendations” on nursing homes on COVID-19 preparedness and response announced April 2, 2020 (the “April Recommendations”).[iii]

Prompted by the continuing explosive growth in COVID-19 infection and deaths among nursing home residents and widespread deficiencies found during recent inspections at the Kirkland, Washington Life Care Center nursing homes (the “Kirkland Facilities”) made notorious by the death of 23 people and other nursing homes with COVID-19 inspections, the Targeted Inspection Policy and April Recommendations supplement and give more teeth to the CMS Guidance for Infection Control and Prevention of Coronavirus Disease 2019 (COVID-19) in Nursing Homes (the “3/3 Directive”)[iv] previously released by CMS released in conjunction with President Trump’s Proclamation on Declaring a National Emergency Concerning the Novel Coronavirus Disease (COVID-19) Outbreak (“COVID Emergency Declaration”) in response to concerns raised by reports of 19 COVID-19 related deaths at the Kirkland Facilities[v] on March 13, 2020.

Despite CMS and CDC’s efforts to reign in nursing home based COVID-19 infections and deaths by ordering nursing homes in the Nursing Home Directive to limit outside visitors and take other precautions outlined in the Nursing Home Directive and release of other guidance and tools, nursing home based COVID-19 infections and deaths have continued to soar since March 13, 2020.[vi] Meanwhile, onsite audits at the Kirkland Facilities and other facilities during March uncovered concerning deficiencies in the compliance at the Kirkland Facilities and many other nursing homes across the nation, as well as the need to address other weaknesses in current CMS and CDC practices and guidelines that the agencies determined were perpetuating practices that left nursing home residents exposed to COVID-19.

The new Targeted Inspection Policy and April Recommendations attempt to address these compliance and other concerns by updating, clarifying and supplementing previously established requirements and guidance, providing new tools for nursing homes and their inspectors to use to assess nursing home compliance with the latest standards and stepping up inspections and enforcement of nursing homes that experience COVID-19 outbreaks.[vii]

April Recommendations Send Warnings, Share New Tools

To this end, the just announced April Recommendations urge nursing homes to move quickly to clean up their practices by:

Urging nursing homes to immediately ensure that they are complying with all CMS and CDC guidance related to COVID-19 and other infection control and other requirements;
Urging nursing homes immediately to implement symptom screening for all staff, residents, and visitors – including temperature checks; [viii]
Urging nursing homes to ensure all staff are using appropriate PPE when interacting with patients and residents, to the extent PPE is available and per CDC guidance on conservation of PPE;
Confirming the availability of Medicare coverage of Medicare enrolled residents performed by laboratories and that facilities can allow laboratory personnel into facilities to perform the tests;
Urging State and local leaders to consider the needs of long term care facilities with respect to supplies of PPE and COVID-19 tests as nursing homes are a critical part of the healthcare system, and because of the ease of spread in long term care facilities and the severity of illness that occurs in residents with COVID-19,
Recommending facilities use separate staffing teams for residents to the best of their ability to avoid transmission within nursing homes in response to evidence that using staff shared between multiple facilities helped to fuel the COVID-19 outbreak in the Kirkland Facilities;
Consistent previously published guidance and resources on the CDC Isolation Sites and Alternative Care Sites webpage,[ix] urging nursing homes to work with State and local leaders to designate separate facilities or units within a facility to separate COVID-19 negative residents from COVID-19 positive residents and individuals with unknown COVID-19 status; and
Encouraging facilities to use new targeted survey assessment tools adopted by CMS to guide inspections under the Targeted Inspection Program to self-assess and make appropriate adjustments to tighten their facility compliance with applicable requirements and guidelines promptly.

While characterized as “recommendations,” the reaffirmation in the April Recommendations that CMS intends to continue to follow the new Targeted Inspection Policy announced March 23, 2020 sends a strong message to all nursing homes that CMS does not view compliance with the recommendations as optional.

Under the Targeted Inspection Policy, CMS intends to conduct targeted inspections giving prioritization for Immediate Jeopardy investigations over recertification surveys for Clinical Laboratory Improvement Amendment (CLIA) laboratories.

According to CMS’ announcement regarding the Targeted Inspection Policy, only the following types of federal inspections will be prioritized and conducted over the next few weeks:

Complaint inspections: State survey agencies will continue to conduct inspections related to complaints and facility-reported incidents that are triaged at the Immediate Jeopardy level. Inspectors will use a streamlined Infection Control review tool, regardless of the Immediate Jeopardy allegation.
Targeted Infection Control inspections: Federal and state inspectors will conduct targeted infection control inspections of providers identified through CMS collaboration with the Centers for Disease Control and Prevention (CDC). These inspectors will use a streamlined targeted review checklist to minimize the impact on provider activities, while ensuring providers are implementing actions to protect health and safety. This will consist of both onsite and offsite inspections.
Self-Assessments: The Infection Control checklist referenced above will also be shared with providers and suppliers, to allow for self-assessment of their Infection Control plans. This may be the best solution in some cases when there is a lack of personal protective equipment or state surveyors available.

During this time frame, CMS has indicated it will not conduct the following inspections:

Standard inspections for nursing homes, hospitals, home health agencies, intermediate care facilities for individuals with intellectual disabilities, and hospices; and

Revisit inspections not associated with Immediate Jeopardy.

In addition to redefining the priorities and scope for conducting inspections in the new Targeted Inspection Policy, CMS also refocused the inspection process that surveyors are expected to use when conducting inspections under the Targeted Inspection Policy which includes existing components of CMS’s infection control inspection process updated to include the latest CDC and CMS guidance. Under the Targeted Inspection Policy CMS and state inspectors will be guided by a newly developed and updated targeted assessment tool in assessing if certain facilities are prepared to meet CMS’s expectations for preventing the spread of COVID-19. When gaps are identified, CMS warns that facilities will be required to take corrective actions to close the gaps.

Facilities are well advised to follow the recommendation of CMS to use the new surveyor tools to self-assess their own ability to prevent the spread of COVID-19 in accordance with applicable CMS requirements both to mitigate potential exposures to CMS sanctions and because CMS also is encouraging residents and families to be proactive about nursing home safety by among other things asking facility staff how the facility performed on its self-assessment. Facilities and their leaders at all times should keep in mind the significant risks that they are likely to incur if significant deficiencies are found from an inspection. While the March 23, 2020 announcement of the Targeted Inspection Policy states that CMS is not seeking to be punitive, but rather to respond to urgent issues while proactively ensuring providers are compliant with federal health and safety standards. Accordingly, CMS has indicated that CMS intends to exercise enforcement discretion, unless Immediate Jeopardy situations arise. Given the conclusions announced regarding Immediate Jeopardy findings found from the inspection at the Kirkland Facility, however, nursing homes are well advised to assume that the occurrence of COVID-19 related deaths or infections at their facilities might create a significant risk of Immediate Jeopardy findings with regard to their facilities which could result in significant sanctions.

CMS and other agencies continue to tailor their response to the COVID-19 outbreak. In addition to verifying and maintaining their compliance with current COVID-19 and other CMS, CDC and state and local requirements and guidelines, nursing homes and their leaders also should continue to monitor emerging developments and guidance from CMS, CDC, the Federal Emergency Management Agency (“FEMA”) and their state and local regulatory bodies.

[i] Nursing homes (also known as “skilled nursing facilities” under the Medicare program and “nursing facilities” under Medicaid; or “long-term care facilities”).

[ii] Press release Trump Administration Issues Key Recommendations to Nursing Homes, State and Local Governments, CMS (2020), https://www.cms.gov/newsroom/press-releases/trump-administration-issues-key-recommendations-nursing-homes-state-and-local-governments (last visited Apr 2, 2020).

[iii] Fact sheet Kirkland, Washington Update and Survey Prioritization Fact Sheet, CMS (2020), https://www.cms.gov/newsroom/fact-sheets/kirkland-washington-update-and-survey-prioritization-fact-sheet (last visited Mar 31, 2020).

[iv] Guidance For Infection Control and Prevention of Coronavirus Disease 2019 (COVID-19) in Nursing Homes, DEPARTMENT OF HEALTH & HUMAN SERVICES (2020), https://www.cms.gov/files/document/3-13-2020-nursing-home-guidance-covid-19.pdf (last visited Mar 30, 2020).

[iv] Nursing home with the biggest cluster of covid-19 deaths to date in the U.S. thought it was facing an influenza outbreak, a spokesman says, https://www.msn.com/en-us/news/us/nursing-home-with-the-biggest-cluster-of-covid-19-deaths-to-date-in-the-us-thought-it-was-facing-an-influenza-outbreak-a-spokesman-says/ar-BB11fvgj (last visited Mar 30, 2020).

[vi] See e.g., Guidance for Infection Control and Prevention of Coronavirus Disease 2019 (COVID-19) in Nursing Homes (REVISED), CMS (2020), https://www.cms.gov/files/document/qso-20-14-nh-revised.pdf (last visited Apr 2, 2020).

[vii] In the initial wave of surveys during the week of March 30, CMS reports finding 36 percent of facilities inspected in recent days did not follow proper hand washing guidelines and 25 percent failed to demonstrate proper use of personal protective equipment (PPE) required by longstanding federal regulations. Press release Trump Administration Issues Key Recommendations to Nursing Homes, State and Local Governments, CMS (2020), https://www.cms.gov/newsroom/press-releases/trump-administration-issues-key-recommendations-nursing-homes-state-and-local-governments (last visited Apr 3, 2020).

[viii] Facilities that have not already done so should consult with experienced legal counsel for assistance about the advisability of providing or posting notifications and/or securing consents to these screening procedures, advisable or recommended procedures regarding the collection, use, or disclosure of screenings or their results, or other safeguards to manage relevant privacy or other legal rights or risks.

[ix] See Alternate Care Sites and Isolation Sites (March 25, 2020) https://www.cdc.gov/coronavirus/2019-ncov/healthcare-facilities/alternative-care-sites.html. Also see Topic Collection: Alternate Care Sites (including shelter medical care) https://asprtracie.hhs.gov/technical-resources/48/alternate-care-sites-including-shelter-medical-care/47.

More Information

We hope this update is helpful. In addition to this update, the author also has prepared a more comprehensive discussion of these concerns scheduled for publication by the American Bar Association Health Publication in April, 2020. To request access for a prepublication unofficial manuscript of that upcoming publication or of more information about the these or other health or other legal, management or public policy developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.

About the Author

Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years of health industry and other management work, public policy leadership and advocacy, coaching, teachings, and publications. As a significant part of her work, Ms. Stamer has worked extensively on pandemic, business and other crisis planning, preparedness and response for more than 30 years.

Scribe for the ABA JCEB Annual Agency Meeting with OCR, Vice Chair of the ABA International Section Life Sciences Committee, past Chair of the ABA Health Law Section Managed Care & Insurance Interest Group and the ABA RPTE Employee Benefits & Other Compensation Group, Ms. Stamer is most widely recognized for her decades of pragmatic, leading edge work, scholarship and thought leadership on health and other privacy and data security and other health industry legal, public policy and operational concerns. Ms. Stamer’s work throughout her 30 plus year career has focused heavily on working with health care and managed care, health and other employee benefit plan, insurance and financial services and other public and private organizations and their technology, data, and other service providers and advisors domestically and internationally with legal and operational compliance and risk management, performance and workforce management, regulatory and public policy and other legal and operational concerns. As a part of this work, she has continuously and extensively worked with domestic and international health plans, their sponsors, fiduciaries, administrators, and insurers; managed care and insurance organizations; hospitals, health care systems, clinics, skilled nursing, long term care, rehabilitation and other health care providers and facilities; medical staff, accreditation, peer review and quality committees and organizations; billing, utilization management, management services organizations, group purchasing organizations; pharmaceutical, pharmacy, and prescription benefit management and organizations; consultants; investors; EHR, claims, payroll and other technology, billing and reimbursement and other services and product vendors; products and solutions consultants and developers; investors; managed care organizations, self-insured health and other employee benefit plans, their sponsors, fiduciaries, administrators and service providers, insurers and other payers, health industry advocacy and other service providers and groups and other health and managed care industry clients as well as federal and state legislative, regulatory, investigatory and enforcement bodies and agencies.

This involvement encompasses helping health care systems and organizations, group and individual health care providers, health plans and insurers, health IT, life sciences and other health industry clients prevent, investigate, manage and resolve sexual assault, abuse, harassment and other organizational, provider and employee misconduct and other performance and behavior; manage Section 1557, Civil Rights Act and other discrimination and accommodation, and other regulatory, contractual and other compliance; vendors and suppliers; contracting and other terms of participation, medical billing, reimbursement, claims administration and coordination, Medicare, Medicaid, CHIP, Medicare/Medicaid Advantage, ERISA and other payers and other provider-payer relations, contracting, compliance and enforcement; Form 990 and other nonprofit and tax-exemption; fundraising, investors, joint venture, and other business partners; quality and other performance measurement, management, discipline and reporting; physician and other workforce recruiting, performance management, peer review and other investigations and discipline, wage and hour, payroll, gain-sharing and other pay-for performance and other compensation, training, outsourcing and other human resources and workforce matters; board, medical staff and other governance; strategic planning, process and quality improvement; meaningful use, EHR, HIPAA and other technology, data security and breach and other health IT and data; STARK, ant kickback, insurance, and other fraud prevention, investigation, defense and enforcement; audits, investigations, and enforcement actions; trade secrets and other intellectual property; crisis preparedness and response; internal, government and third-party licensure, credentialing, accreditation, HCQIA and other peer review and quality reporting, audits, investigations, enforcement and defense; patient relations and care; internal controls and regulatory compliance; payer-provider, provider-provider, vendor, patient, governmental and community relations; facilities, practice, products and other sales, mergers, acquisitions and other business and commercial transactions; government procurement and contracting; grants; tax-exemption and not-for-profit; privacy and data security; training; risk and change management; regulatory affairs and public policy; process, product and service improvement, development and innovation, and other legal and operational compliance and risk management, government and regulatory affairs and operations concerns. to establish, administer and defend workforce and staffing, quality, and other compliance, risk management and operational practices, policies and actions; comply with requirements; investigate and respond to Board of Medicine, Health, Nursing, Pharmacy, Chiropractic, and other licensing agencies, Department of Aging & Disability, FDA, Drug Enforcement Agency, OCR Privacy and Civil Rights, Department of Labor, IRS, HHS, DOD, FTC, SEC, CDC and other public health, Department of Justice and state attorneys’ general and other federal and state agencies; JCHO and other accreditation and quality organizations; private litigation and other federal and state health care industry actions: regulatory and public policy advocacy; training and discipline; enforcement; and other strategic and operational concerns.

Author of “Privacy and the Pandemic Workshop” for the Association of State and Territorial Health Plans, as well as a multitude of other health industry matters, workforce and health care change and crisis management and other highly regarded publications and presentations, the American Bar Association (ABA) International Section Life Sciences Committee Vice Chair, a Scribe for the ABA Joint Committee on Employee Benefits (JCEB) Annual OCR Agency Meeting and a former Council Representative, Past Chair of the ABA Managed Care & Insurance Interest Group, former Vice President and Executive Director of the North Texas Health Care Compliance Professionals Association, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, and a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her extensive publications and thought leadership as well as leadership involvement in a broad range of other professional and civic organizations. For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here such as:

If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here. ©2020 Cynthia Marcotte Stamer. Limited non-exclusive license to republish granted to Solutions Law Press, Inc.™ All other rights reserved.

Leave a Comment » | 1335 Waiver, Biological Warfare, Centers For Disease Control, Conditions of Participation, Coronavirus, Corporate Compliance, COVID-19, Disaster Relief, Disease Management, drug treatment, Durable Medical Equipment, Federal Health Center, Health Care, Health Care Finance, Health Care Fraud, Health Care Provider, Health Care Quality, HHS, home health, Hospice, Hospital, Hospital, hospitals, Inpatient Rehabilitation, Inpatient Rehabilitation Facility, Laboratory tests, Licensing, long-term care, Medicaid, Medicare, Medicare Advantage, Mental Heatlh, nursing home, Pandemic, Patient Empowerment, Physician, public health, Public Policy, quality reporting, Reimbursement, Skilled Nursing Facility, Uncategorized, Veterans Health, Veterans Health Care | Permalink
Posted by Cynthia Marcotte Stamer

Gastroenterology Practices Pays $100K For HIPAA Noncompliance

March 3, 2020

The $100,000 settlement payment the medical practice of Steven A. Porter, M.D., has agreed to pay $100,000 to the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services to settle a potential violation of the Health Insurance Portability and Accountability Act (HIPAA) Security Rule Serves as a warning to other physicians and healthcare providers that they too could pay big bucks for failing to comply with HIPAA. The resolution agreement and corrective action plan may be found here.

Dr. Porter’s medical practice provides gastroenterological services to over 3,000 patients per year in Ogden, Utah.

OCR began investigating Dr. Porter’s medical practice after it filed a breach report with OCR related to a dispute with a business associate. OCR’s investigation determined that Dr. Porter had never conducted a risk analysis at the time of the breach report, and despite significant technical assistance throughout the investigation, had failed to complete an accurate and thorough risk analysis after the breach and failed to implement security measures sufficient to reduce risks and vulnerabilities to a reasonable and appropriate level.

Many physician and other small healthcare providers underestimate their responsibilities or their exposure for noncompliance. Many have never conducted the necessary risk analysis or initially adopted the requisite policies and procedures to comply. Furthermore, practices relying upon outsourced management or compliance services for their HIPAA compliance need to ensure that they have appropriate business associates agreements with those and all other service providers. While OCR typically takes into account efforts to obtain services as evidence of a culture of compliance, when breaches happen in the practice or at the business associate, A physician or other healthcare provider can expect OCR to investigate their compliance and potentially their culpability for the breach. physicians and other healthcare providers also should not assume that their engagement of a service HIPAA to comply with or provide HIPAA compliant services equates to making that service provider accountable for the quality in adequacy of the services.Typically service providers and consultants limit their liability contractually and otherwise when providing these services, often do not have adequate compliance themselves, or both. Licensing agreements and other services contracts typically include various provisions excusing or limiting the service provider from liability for deficiencies in compliance resulting from inadequacies in their procedures, operational noncompliance or both. In some instances, business associates may include provisions in their business associate agreement or other related agreements that actually obligate the healthcare provider to defend and indemnify the service provider for breaches and other liabilities arising out of HIPAA noncompliance. Since the cost of investigating and defending an alleged complaint can be very expensive even if no penalties are sought by OCR, most physicians and other healthcare providers should explore the availability of insurance coverage to help protect against these expenses.

“All health care providers, large and small, need to take their HIPAA obligations seriously,” said OCR Director Roger Severino. “The failure to implement basic HIPAA requirements, such as an accurate and thorough risk analysis and risk management plan, continues to be an unacceptable and disturbing trend within the health care industry.”

In addition to the monetary settlement, Dr. Porter will undertake a corrective action plan that includes two years of monitoring.

Physicians and other healthcare providers need to keep in mind that OCR penalties are not the only risk of HIPAA violations. Noncompliance with these requirements also commonly gives rise to licensing board, peer review, and other professional, employment or contractual consequences as well as negative publicity.

The resolution agreement demonstrates OCR requires physicians shouldn’t expect OCR to look the other way when they violate HIPAA. Given the potential professional and monetary liability risk that result from complaints and violations, physicians and other healthcare Should consult with qualified legal counsel for assistance with assessing the adequacy of their current clients within the scope of attorney-client privilege. Additionally, in the event of a complaint or threaten complaint, physicians and other healthcare providers should take appropriate steps to conduct a documentary investigation. As discussions and activities conducted in association with such investigations can involve sensitive communications and information, it also is advisable to consult with legal counsel at the beginning of an issue to determine whether the investigation or other activities should be conducted within the scope of attorney-client privilege so as to minimize exposure of sensitive communications as admissions or another discoverable evidence for administrative or litigation proceedings.

More Information

About the Author

Author of leading works on HIPAA and a multitude of other health care, health plan and other health industry matters, the American Bar Association (ABA) International Section Life Sciences Committee Vice Chair, a Scribe for the ABA Joint Committee on Employee Benefits (JCEB) Annual OCR Agency Meeting and a former Council Representative, Past Chair of the ABA Managed Care & Insurance Interest Group, former Vice President and Executive Director of the North Texas Health Care Compliance Professionals Association, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, and a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her extensive publications and thought leadership as well as leadership involvement in a broad range of other professional and civic organizations. For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here such as:

Leave a Comment » | ambulance, ASC, data security, Direct Primary Care, Doctor, drug treatment, Durable Medical Equipment, E-Prescribing, Electronic Health Records, Electronic Medical Records, Emergency Care, FACTA, Federal Health Center, Genetic Information, GINA, Health Care Fraud, Health Care Provider, Health IT, HHS, HIPAA, HIPAA Cyber Crime, HITECH Act, Home Health, home health, Hospice, Hospital, hospitals, Licensing, long-term care, Medical Privacy, Medical Records, OCR, participating provider, Pharmacy, Physician, Physician Licensing, Privacy, Substance Abuse, Uncategorized | Permalink
Posted by Cynthia Marcotte Stamer

ONC Adds Reducing Provider EHR Burdens & Promoting Electronic Health Data Use In Research To Health IT Priorities

February 25, 2020

Reducing health care providers burdens from using electronic health records (“EHRs”) and promoting the better uses of electronic medical data in medical research are the focus of two new health information technology (“health IT”) policy documents released this week by the Department of Health & Human Services (“HHS”) Office of the National Coordinator for Health Information Technology (“ONC”). Health care providers, health researchers, health plans, health care clearinghouses and other health data collectors or users, as well as health IT providers and other interested persons will want to evaluate carefully these new ONC releases for insights about policy and other efforts ONC is promoting to shape the use of health IT and data.

Reducing Health IT and EHR Burdens On Providers

On February 21, 2020, ONC moved forward on its efforts to implement “a comprehensive strategy to reduce the regulatory and administrative burden related to the use of health IT, including EHRs” by publishing its “Strategy on Reducing Regulatory and Administrative Burdens Relating to the Use of Health IT and EHRs” (the “EHR Report”) targets burdens tied to regulatory and administrative requirements that HHS can directly impact through the rulemaking process. A collaborative effort between ONC and the Centers for Medicare & Medicaid Services (CMS), the report’s strategies was developed in response to a Congressional mandate in the 21^st Century Cures Act, which directed HHS to develop a plan of action to reduce regulatory and administrative burden relating to the use of health IT and EHRs and finalizes the draft version of this strategy ONC released in November 2018. Based on stakeholder input, the final HER Report outlines three overarching goals designed to reduce clinician burden:

Reduce the effort and time required to record health information in EHRs for clinicians;
Reduce the effort and time required to meet regulatory reporting requirements for clinicians, hospitals, and healthcare organizations; and
Improve the functionality and ease of use of EHRs.

ONC says reducing unnecessary regulatory burden will alleviate time spent on administrative tasks. For example, during listening sessions with clinicians, we heard criticism that the documentation guidelines for Evaluation and Management (E/M) visits were a source of EHR-related burden and overly complicated. They told us these requirements result in “pajama time,” where physicians spend hours after clinic sessions and on weekends entering data to satisfy billing and quality reporting requirements. Poor usability features within EHRs can further exacerbate this issue, as clinicians find it difficult to navigate long records within the EHR interface. Based on this feedback, the report covers four key areas:

Clinical documentation
Health IT usability (or ease of use of health IT tools and systems)
Federal health IT and EHR reporting requirements
Public health reporting (including coordination with prescription drug reporting programs and electronic prescribing of controlled substances).

In addition to responding to the direction included in the EHR Report, health care and health IT providers also will want to continue to monitor and communicate with ONC. While moving forward on the implementation of the objectives identified in the EHR Report, ONC says it plans to continue to reach out and engage the clinician community and other key stakeholder communities and to monitor emerging and ongoing burdens related to the use of EHRs, such as burdens related to EHR inbox management and other efforts to enable further automation in health care, with a focus on prior authorization, quality reporting, and other aspects of our current system that can reduce time spent using health IT.

Leveraging Health IT For Research

On February 24, 2020, ONC followed up by releasing its National Health IT Priorities for Research: A Policy and Development Agenda. The Agenda articulates its latest vision of a health information technology infrastructure that supports alignment between the clinical and research ecosystems in research.

The Agenda identifies two overarching goals along with nine associated priority areas ONC believes stakeholders can take to achieve the respective visions more quickly and effectively:

Read the Agenda here.

More Information

The Agenda is the latest in a series of priorities, agendas and other initiatives adopted by ONC since its establishment in furtherance of its legislative mandate under the Health Information Technology for Economic and Clinical Health Act (HITECH Act) of 2009 to improve the health and well-being of individuals and communities through the use of technology and health information.

Health care providers, plans, technology vendors and providers and other stakeholders impacted by ONC and other electronic medical record or health IT systems should take into account the likely implications of these and other ONC pronouncements on their programs and practices when planning and updating them.

About the Author

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here such as:

Comments Off on ONC Adds Reducing Provider EHR Burdens & Promoting Electronic Health Data Use In Research To Health IT Priorities | Academic medicine, ambulance, Conditions of Participation, Consumer Driven Health Care, Corporate Compliance, Disease Management, DME, Doctor, drug treatment, Durable Medical Equipment, Electronic Health Records, Electronic Medical Records, Evidence Based Medicine, FDA, Health Care, Health care coding, Health Care Finance, Health Care Fraud, Health Care Provider, Health Care Quality, Health Care Reform, health care reimbursement, Health Insurance, Health IT, Health Plan, Health Plans, Health Policy, healthcare, HHS, HITECH Act, Home Health, home health, Hospice, Hospital, hospitals, Human Subjects Research, Meaningful Use, Medicare Advantage, Medicare Prescription Drug Program, Mental Health, NIOSH, occupational health, OCR, ONC, Outcomes Data, pain management, Pharmacy, Physician, Prescription Drugs, Prospective Payment, public health, Public Policy, quality reporting, Reimbursement, research, Technology, Telemedicine, Uncategorized, Veterans Health, Veterans Health Care, Wellness | Permalink
Posted by Cynthia Marcotte Stamer

New Texas Law Requiring Anti-Retaliation Policies For Nonprofit Healthcare Org’s Takes Effect 1/1

December 27, 2019

Nonprofit health organizations must develop anti-retaliation policies for doctors and submit biennial reports to the Texas Medical Board in response to a House Bill 1532 mandate that takes effect January 1, 2020.

Passed by the Texas Legislature on September 1, 2019, the Bill also amends the Medical Practice Act to require the Texas Medical Board to accept and process complaints against a certified nonprofit health organization in the same manner it would handle complaints against a health professional.

For More Information

We hope this update is helpful. For more information about this or other labor and employment developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.

About the Author

Scribe for the ABA JCEB Annual Agency Meeting with OCR, Vice Chair of the ABA International Section Life Sciences Committee, past Chair of the ABA Health Law Section Managed Care & Insurance Interest Group and the ABA RPTE Employee Benefits & Other Compensation Group, Ms. Stamer’s work throughout her 30 plus year career has focused heavily on working with health care and managed care, health and other employee benefit plan, insurance and financial services, public and private primary, secondary, and other educational institutions, and other public and private organizations and their technology, data, and other service providers and advisors domestically and internationally with legal and operational compliance and risk management, performance and workforce management, regulatory and public policy and other legal and operational concerns. As a part of this work, she has recurrently worked extensively with public school districts and public and private primary and secondary schools, colleges and universities, academic medical, and other educational institutions, insured and self-insured health plans; domestic and international hospitals, health care systems, clinics, skilled nursing, long term care, rehabilitation and other health care providers and facilities; medical staff, accreditation, peer review and quality committees and organizations; billing, utilization management, management services organizations, group purchasing organizations; pharmaceutical, pharmacy, and prescription benefit management and organizations; consultants; investors; EMR, claims, payroll and other technology, billing and reimbursement and other services and product vendors; products and solutions consultants and developers; investors; managed care organizations, employers; and federal and state legislative, regulatory, investigatory and enforcement bodies and agencies on health care, education, and other data privacy, security, use, protection and disclosure; disability and other educational rights; workforce, and a host of other risk management and compliance concerns.

Ms. Stamer is most widely recognized for her decades-long leading edge work, scholarship and thought leadership on health and other privacy and data security and other health industry legal, public policy and operational concerns. This involvement encompasses helping health care systems and organizations, group and individual health care providers, health plans and insurers, health IT, life sciences and other health industry clients prevent, investigate, manage and resolve sexual assault, abuse, harassment and other organizational, provider and employee misconduct and other performance and behavior; manage Section 1557, Civil Rights Act and other discrimination and accommodation, and other regulatory, contractual and other compliance; vendors and suppliers; contracting and other terms of participation, medical billing, reimbursement, claims administration and coordination, Medicare, Medicaid, CHIP, Medicare/Medicaid Advantage, ERISA and other payers and other provider-payer relations, contracting, compliance and enforcement; Form 990 and other nonprofit and tax-exemption; fundraising, investors, joint venture, and other business partners; quality and other performance measurement, management, discipline and reporting; physician and other workforce recruiting, performance management, peer review and other investigations and discipline, wage and hour, payroll, gain-sharing and other pay-for performance and other compensation, training, outsourcing and other human resources and workforce matters; board, medical staff and other governance; strategic planning, process and quality improvement; meaningful use, EMR, HIPAA and other technology, data security and breach and other health IT and data; STARK, ant kickback, insurance, and other fraud prevention, investigation, defense and enforcement; audits, investigations, and enforcement actions; trade secrets and other intellectual property; crisis preparedness and response; internal, government and third-party licensure, credentialing, accreditation, HCQIA and other peer review and quality reporting, audits, investigations, enforcement and defense; patient relations and care; internal controls and regulatory compliance; payer-provider, provider-provider, vendor, patient, governmental and community relations; facilities, practice, products and other sales, mergers, acquisitions and other business and commercial transactions; government procurement and contracting; grants; tax-exemption and not-for-profit; privacy and data security; training; risk and change management; regulatory affairs and public policy; process, product and service improvement, development and innovation, and other legal and operational compliance and risk management, government and regulatory affairs and operations concerns. to establish, administer and defend workforce and staffing, quality, and other compliance, risk management and operational practices, policies and actions; comply with requirements; investigate and respond to Board of Medicine, Health, Nursing, Pharmacy, Chiropractic, and other licensing agencies, Department of Aging & Disability, FDA, Drug Enforcement Agency, OCR Privacy and Civil Rights, Department of Labor, IRS, HHS, DOD, FTC, SEC, CDC and other public health, Department of Justice and state attorneys’ general and other federal and state agencies; JCHO and other accreditation and quality organizations; private litigation and other federal and state health care industry actions: regulatory and public policy advocacy; training and discipline; enforcement; and other strategic and operational concerns.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here such as:

NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author reserves the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The author and Solutions Law Press, Inc. disclaim, and have no responsibility to provide any update or otherwise notify anyone any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.

©2019 Cynthia Marcotte Stamer. Non-exclusive right to republish granted to Solutions Law Press, Inc.™ For information about republication, please contact the author directly. All other rights reserved.

1 Comment | Corporate Compliance, Doctor, Employer, Health Care Fraud, Health Care Provider, Health Care Quality, health care reimbursement, healthcare, Home Health, Hospice, Hospital, hospitals, Inpatient Rehabilitation, Inpatient Rehabilitation Facility, Licensing, managed care, Nonprofits, participating provider, Peer Review, Physician, Physician Licensing, Provider contracting, retaliation, Uncategorized, Whistleblower | Permalink
Posted by Cynthia Marcotte Stamer

Omnicare & CVS Accused Of Health Care Fraud In Long Term Care Pharmacies

December 17, 2019

The Department of Justice today sued the nation’s largest long term care pharmacy provider, Omnicare, and its parent company, CVS Healthcare Corporation seeking seeks damages and civil penalties under the False Claims Act for fraudulently billing federal healthcare programs for hundreds of thousands of non-controlled prescription drugs DOJ says Omnicare illegally dispensed to elderly and disabled individuals in assisted living facilities, group homes, independent living communities, and other non-skilled residential long-term care facilities (“LTC facilities”).

In the civil health care fraud complaint the DOJ filed a New York Federal District Court, the Omnicare illegally dispensed and billed the federal government and patients for antipsychotics, anticonvulsants, and antidepressants to elderly and disabled residents in LTC facilities without proper prescriptions. DOJ’s lawsuit alleges that instead of obtaining new prescriptions from patients’ doctors after the old ones had expired or run out of refills, Omnicare just assigned a new number to the old prescription and kept on dispensing drugs for months, and sometimes years, after the prescriptions expired. DOJ’s complaint alleges that Omnicare internally referred to these renumbered expired prescriptions as “rollover” prescriptions. The DOJ complaint also charges that Omnicare also submitted, or caused to be submitted false claims for payment for medications dispensed based on invalid prescriptions it internally referred to as “rollover” prescriptions” to Medicare, Medicaid, and TRICARE in violation of the False Claims Act.

Omnicare is the country’s largest provider of pharmacy services to LTC facilities. It currently operates approximately 160 pharmacies in 47 states across the United States, which dispense tens of millions of prescription drugs to LTC facilities that serve elderly and disabled individuals. CVS acquired Omnicare in May 2015, and shortly thereafter assumed an active role in overseeing Omnicare’s operations, including pharmacy dispensing practices and systems.

According to the DOJ complaint failed today, from 2010 until 2018, Omnicare and CVS allowed Omnicare pharmacies to dispense non-controlled prescription drugs to tens of thousands of elderly and disabled individuals living in LTC facilities based on prescriptions that had expired, were out of refills, or were otherwise invalid. Omnicare repeatedly disregarded prescription refill limitations and expiration dates that required doctor visits to reevaluate whether the drug should be renewed. Instead of requesting new prescriptions when old ones expired, Omnicare allowed prescriptions to “roll over.” At Omnicare, “rolling over” a prescription meant that when a prescription expired, Omnicare’s computer systems would assign the old prescription a new number and the pharmacy would continue to dispense the drug indefinitely without the need for a prescription renewal. Depending on the computer system used, Omnicare also sometimes assigned a fake number of authorized refills to a prescription – usually 99 allowable refills for Medicare patients – to allow for continuous refilling. DOJ claims that Omnicare pharmacies “rolled over” prescriptions for elderly and disabled individuals living in more than 3,000 residential long-term care facilities, including assisted living facilities operated by the largest long-term care providers in the country, such as Brookdale Senior Living, Atria Senior Living, Sunrise Senior Living Services, and Five Star Senior Living. DOJ also claims Omnicare managers exerted pressure on overwhelmed pharmacy staff to fill prescriptions quickly so that Omnicare could submit claims and collect payments.

According to the DOJ, Senior management at Omnicare and CVS knew of the practices. The DOJ complaint charges among other things that the Omnicare’s Compliance Department succinctly acknowledged the problem in an internal April 2015 email in which one Regional Compliance Officer stated: “An issue that I am running into more and more in multiple states concerns the ability of our systems to allow prescriptions to continue to roll after a year to a new prescription number without any documentation or pharmacist intervention.” A compliance officer then forwarded the email to the head of Omnicare’s Third Party Audit group, who responded that she had a “potential solution (programmed last year) but no one is rolling it out now.”

DOJ says Omnicare’s practice of illegally dispensing drugs to elderly and disabled individuals living in LTC facilities exposed these vulnerable individuals to a significant risk of harm. In contrast to traditional skilled nursing homes, where residents have access to 24-hour medical care supervised by doctors, assisted living and other non-skilled residential facilities offer more limited medical care, or none at all. In particular, these LTC facilities generally do not have doctors on staff to oversee and monitor residents’ drug therapy.

Many of the prescription drugs dispensed by Omnicare without valid prescriptions treat serious, chronic conditions, such as dementia, depression, and heart disease. They include antipsychotics, anticonvulsants, cardiovascular medications, anti-depressants, and other drugs that can have dangerous side effects and need to be closely monitored by doctors, particularly when taken in combination with other drugs by elderly patients. By repeatedly dispensing potent drugs without current and valid prescriptions, Omnicare jeopardized the health and safety of tens of thousands of individuals who continued to take the same drugs for months, and sometimes years, without consulting their doctors to determine whether the medications were still clinically appropriate.

A large percentage of the long-term care residents served by Omnicare are beneficiaries of federal healthcare programs. By dispensing drugs without valid prescriptions, Omnicare presented, or caused to be presented, hundreds of thousands of false claims to Medicare, Medicaid, and TRICARE. These claims were ineligible for payment. In addition, Omnicare knowingly transmitted false information to these federal healthcare programs that made it appear that drug dispensations were supported by current, valid prescriptions from physicians when in fact they were not.

The DOJ lawsuit resulted from the DOJ’s intervention in whistleblower lawsuits filed by former employees.

In today’s announcement of the lawsuit, Manhattan U.S. Attorney Geoffrey S. Berman said: “As alleged, Omnicare put at risk the health of tens of thousands of elderly and disabled individuals living in assisted living and other residential long-term care facilities by dispensing drugs for months, and sometimes years, without obtaining current, valid prescriptions from doctors. A pharmacy’s fundamental obligation is to ensure that drugs are dispensed only under the supervision of treating doctors who monitor patients’ drug therapies. Omnicare blatantly ignored this obligation in favor of pushing drugs out the door as quickly as possible to make more money. This Office will continue to hold accountable those who put at risk people’s health and safety just to turn a profit.”

Meanwhile, HHS-OIG Special Agent in Charge Scott J. Lampert said: “Failing to consult doctors as to whether prescriptions should be refilled places patients’ health and medical care at serious risk. These automatic rollover refills could have significant consequences for vulnerable people in long term-care facilities. We will continue working with law enforcement partners to protect people depending on these taxpayer-funded government health programs.”

More information is expected to be forthcoming.

For More Information

Scribe for the ABA JCEB Annual Agency Meeting with OCR, Vice Chair of the ABA International Section Life Sciences Committee, past Chair of the ABA Health Law Section Managed Care & Insurance Interest Group and the ABA RPTE Employee Benefits & Other Compensation Group, Ms. Stamer’s work throughout her 30 plus year career has focused heavily on working with health care and managed care, health and other employee benefit plan, insurance and financial services and other public and private organizations and their technology, data, and other service providers and advisors domestically and internationally with legal and operational compliance and risk management, performance and workforce management, regulatory and public policy and other legal and operational concerns. As a part of this work, she has continuously and extensively worked with domestic and international hospitals, health care systems, clinics, skilled nursing, long term care, rehabilitation and other health care providers and facilities; medical staff, accreditation, peer review and quality committees and organizations; billing, utilization management, management services organizations, group purchasing organizations; pharmaceutical, pharmacy, and prescription benefit management and organizations; consultants; investors; EMR, claims, payroll and other technology, billing and reimbursement and other services and product vendors; products and solutions consultants and developers; investors; managed care organizations, self-insured health and other employee benefit plans, their sponsors, fiduciaries, administrators and service providers, insurers and other payers, health industry advocacy and other service providers and groups and other health and managed care industry clients as well as federal and state legislative, regulatory, investigatory and enforcement bodies and agencies.

Ms. Stamer is most widely recognized for her decades-long leading edge work, scholarship and thought leadership on health and other privacy and data security and other health industry legal, public policy and operational concerns. This involvement encompasses helping health care systems and organizations, group and individual health care providers, health plans and insurers, health IT, life sciences and other health industry clients prevent, investigate, manage and resolve fraud, substandard quality, safety, unprofessional conduct, sexual assault, abuse, harassment and other organizational, provider and employee misconduct and other performance and behavior; manage Section 1557, Civil Rights Act and other discrimination and accommodation, and other regulatory, contractual and other compliance; vendors and suppliers; contracting and other terms of participation, medical billing, reimbursement, claims administration and coordination, Medicare, Medicaid, CHIP, Medicare/Medicaid Advantage, ERISA and other payers and other provider-payer relations, contracting, compliance and enforcement; Form 990 and other nonprofit and tax-exemption; fundraising, investors, joint venture, and other business partners; quality and other performance measurement, management, discipline and reporting; physician and other workforce recruiting, performance management, peer review and other investigations and discipline, wage and hour, payroll, gain-sharing and other pay-for performance and other compensation, training, outsourcing and other human resources and workforce matters; board, medical staff and other governance; strategic planning, process and quality improvement; meaningful use, EMR, HIPAA and other technology, data security and breach and other health IT and data; STARK, antikickback, insurance, and other fraud prevention, investigation, defense and enforcement; audits, investigations, and enforcement actions; trade secrets and other intellectual property; crisis preparedness and response; internal, government and third-party licensure, credentialing, accreditation, HCQIA and other peer review and quality reporting, audits, investigations, enforcement and defense; patient relations and care; internal controls and regulatory compliance; payer-provider, provider-provider, vendor, patient, governmental and community relations; facilities, practice, products and other sales, mergers, acquisitions and other business and commercial transactions; government procurement and contracting; grants; tax-exemption and not-for-profit; privacy and data security; training; risk and change management; regulatory affairs and public policy; process, product and service improvement, development and innovation, and other legal and operational compliance and risk management, government and regulatory affairs and operations concerns. to establish, administer and defend workforce and staffing, quality, and other compliance, risk management and operational practices, policies and actions; comply with requirements; investigate and respond to Board of Medicine, Health, Nursing, Pharmacy, Chiropractic, and other licensing agencies, Department of Aging & Disability, FDA, Drug Enforcement Agency, OCR Privacy and Civil Rights, Department of Labor, IRS, HHS, DOD, FTC, SEC, CDC and other public health, Department of Justice and state attorneys’ general and other federal and state agencies; JCHO and other accreditation and quality organizations; private litigation and other federal and state health care industry actions: regulatory and public policy advocacy; training and discipline; enforcement; and other strategic and operational concerns.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here such as:

Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.

Leave a Comment » | Conditions of Participation, Controlled Substances, Corporate Compliance, DEA, Doctor, drug treatment, E-Prescribing, false claims act, FDA, Federal Sentencing Guidelines, Health Care, Health Care Finance, Health Care Fraud, Health Care Provider, Health Care Quality, health care reimbursement, Health Insurance, Health Plan, Health Plans, healthcare, HHS, Hospice, long-term care, Medicare Prescription Drug Program, OIG, Patient Empowerment, Pharmaceudical, Pharmacy, Prescription Drugs, Reimbursement, Uncategorized, Veterans Health, Veterans Health Administration, Veterans Health Care | Tagged: controlled substance, cvs, DEA, drugs, false claims act, Health Care, Health Care Fraud, Health Care Provider, HEAT, Medicaid, omnicare, pharmacist, pharmacy | Permalink
Posted by Cynthia Marcotte Stamer

Air Ambulance Bills Drawing Congressional “Surprise Billing” Scrutiny

July 31, 2019

Congress is looking into air ambulance rates. The top Republican on the House Ways and Means Committee Kevin Brady (R-TX) and Committee Chairman Richard E. Neal (D-MA) sent a letter to Department of Transportation (DOT) Secretary Elaine Chao, urging her to comply with congressional requirements and promptly convene the Air Ambulance and Patient Billing (AAPB) Advisory Committee.

Part of continuing Congressional concern about reports that patients and their families suffer financial hardship from “surprise bills” for emergency care, Congress directed DOT to establish this task force within 60 days of enactment of the FAA Reauthorization Act of 2018, but 10 months have passed since the President signed the bill into law and the advisory committee still has not met. The task force’s purpose is to inform Congress on air ambulance medical patient billing as Ways and Means Committee leaders work to address the issue of balance billing.

The Government Accountability Office (GAO) issued a report this year that found that nearly 70 percent of analyzed air ambulance transports conducted in 2017 for privately insured patients were out-of-network, a significantly higher rate than other emergency services. The cost of these out-of-network air ambulance services are leaving patients exposed to unexpectedly high out-of-pocket bills.

The AAPB Advisory Committee is required to provide Congress, DOT, and the Department of Health and Human Services with recommendations to protect consumers from balance billing for air ambulance transports, requirements for the disclosure of charges and fees for these services, and consumer protection and enforcement authorities of both the DOT and states. “This information is critical as Congress considers appropriate steps to find the best solution to protect consumers from surprise bills,” wrote Brady and Neal. “However, the committee has failed to convene, let alone produce a report. Additionally, Congress mandated the Secretary of DOT to submit a report to the appropriate committees of Congress on air ambulance oversight, which has also yet to be provided.”

Brady and Neal requested that, within 14 days, DOT provide updated deadlines for the appointment of individuals to the task force, along with a timeline for convening the advisory committee and providing recommendations and a final report.

Patients using air ambulance and other services used in emergency circumstances generally don’t have the option of choosing network participating providers and often their health plans may not cover or only provide limited coverage for that transportation. On the other hand, air ambulance operators point out that the services are costly to own and operate requiring substantial investment in equipment, staff, regulations and other operating costs on standby and ready to respond on demand. They also point out that limited coverage for their services already creates a high uncollectible debt load. Because of these and other challenges many cities, counties and other governmental entities assume or subsidize these operating costs to help preserve the availability of services. They caution that increased regulation likely would adversely impact the availability of these services in rural or other areas where prompt transportation can mean the difference between life and death for critical patients.

About the Author

Ms. Stamer’s legal, management, governmental affairs work and speaking and publications have focused on helping health industry, health benefit and other organizations and their management use the law, performance and risk management tools and process to manage people, performance, quality, compliance, operations and risk.

Highly valued for her rare ability to find pragmatic client-centric solutions by combining her detailed legal and operational knowledge and experience with her talent for creative problem-solving, Ms. Stamer supports these organizations and their leaders on both a real-time, “on demand” basis as well as outsourced operations or special counsel on an interim, special project, or ongoing basis with strategic planning and product and services development and innovation; workforce and operations management, crisis preparedness and response as well as to prevent, stabilize and cleanup legal and operational crises large and small that arise in the course of operations.

As core components of this work, Ms. Stamer helps health industry, health plans and insurers, health IT, life sciences and other health industry clients manage regulatory, contractual and other compliance; vendors and suppliers; Medicare, Medicaid, CHIP, Medicare/Medicaid Advantage, ERISA and other private payer and other terms of participation, medical billing, reimbursement, claims administration and coordination, and other provider-payer relations, contracting, compliance and enforcement; Form 990 and other nonprofit and tax-exemption; fundraising, investors, joint venture, and other business partners; quality and other performance measurement, management, discipline and reporting; physician and other workforce recruiting, performance management, peer review and other investigations and discipline, wage and hour, payroll, gain-sharing and other pay-for performance and other compensation, training, outsourcing and other human resources and workforce matters; board, medical staff and other governance; strategic planning, process and quality improvement; meaningful use, EMR, HIPAA and other technology, data security and breach and other health IT and data; STARK, antikickback, insurance, and other fraud prevention, investigation, defense and enforcement; audits, investigations, and enforcement actions; trade secrets and other intellectual property; crisis preparedness and response; internal, government and third-party licensure, credentialing, accreditation, HCQIA and other peer review and quality reporting, audits, investigations, enforcement and defense; patient relations and care; internal controls and regulatory compliance; payer-provider, provider-provider, vendor, patient, governmental and community relations; facilities, practice, products and other sales, mergers, acquisitions and other business and commercial transactions; government procurement and contracting; grants; tax-exemption and not-for-profit; 1557 and other Civil Rights; privacy and data security; training; risk and change management; regulatory affairs and public policy; process, product and service improvement, development and innovation, and other legal and operational compliance and risk management, government and regulatory affairs and operations concerns.

Her clients include public and private, domestic and international hospitals, health care systems, clinics, skilled nursing, long term care, rehabilitation and other health care providers and facilities; medical staff, accreditation, peer review and quality committees and organizations; billing, utilization management, management services organizations, group purchasing organizations; pharmaceutical, pharmacy, and prescription benefit management and organizations; consultants; investors; technology, billing and reimbursement and other services and product vendors; products and solutions consultants and developers; investors; managed care organizations, insurers, self-insured health plans and other payers; and other health industry clients to establish and administer compliance and risk management policies; comply with requirements, investigate and respond to Board of Medicine, Health, Nursing, Pharmacy, Chiropractic, and other licensing agencies, Department of Aging & Disability, FDA, Drug Enforcement Agency, OCR Privacy and Civil Rights, Department of Labor, IRS, HHS, DOD, FTC, SEC, CDC and other public health, Department of Justice and state attorneys’ general and other federal and state agencies; JCHO and other accreditation and quality organizations; private litigation and other federal and state health care industry investigation, enforcement including insurance or other liability management and allocation; process and product development, contracting, deployment and defense; evaluation, commenting or seeking modification of regulatory guidance, and other regulatory and public policy advocacy; training and discipline; enforcement, and a host of other related concerns for public and private health care providers, health insurers, health plans, technology and other vendors, employers, and others.and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns.

Author of leading works on a multitude of health care, health plan and other health industry matters, the American Bar Association (ABA) International Section Life Sciences Committee Vice Chair, a Scribe for the ABA Joint Committee on Employee Benefits (JCEB) Annual OCR Agency Meeting, former Vice President of the North Texas Health Care Compliance Professionals Association, past Chair of the ABA Health Law Section Managed Care & Insurance Section, past ABA JCEB Council Representative and CLE and Marketing Committee Chair, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer’s health industry clients include public health organizations; public and private hospitals, healthcare systems, clinics and other health care facilities; physicians, physician practices, medical staff, and other provider organizations; skilled nursing, long term care, assisted living, home health, ambulatory surgery, dialysis, telemedicine, DME, Pharma, clinics, and other health care providers; billing, management and other administrative services organizations; insured, self-insured, association and other health plans; PPOs, HMOs and other managed care organizations, insurance, claims administration, utilization management, and other health care payers; public and private peer review, quality assurance, accreditation and licensing; technology and other outsourcing; healthcare clearinghouse and other data; research; public and private social and community organizations; real estate, technology, clinical pathways, and other developers; investors, banks and financial institutions; audit, accounting, law firm; consulting; document management and recordkeeping, business associates, vendors, and service providers and other professional and other health industry organizations; academic medicine; trade associations; legislative and other law making bodies and others.

Past Chair of the ABA Managed Care & Insurance Interest Group and, a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also has extensive health care reimbursement and insurance experience advising and defending health care providers, payers, and others about Medicare, Medicaid, Medicare and Medicaid Advantage, Tri-Care, self-insured group, association, individual and group and other health benefit programs and coverages including but not limited to advising public and private payers about coverage and program design and documentation, advising and defending providers, payers and systems and billing services entities about systems and process design, audits, and other processes; provider credentialing, and contracting; providers and payer billing, reimbursement, claims audits, denials and appeals, coverage coordination, reporting, direct contracting, False Claims Act, Medicare & Medicaid, ERISA, state Prompt Pay, out-of-network and other nonpar insured, and other health care claims, prepayment, post-payment and other coverage, claims denials, appeals, billing and fraud investigations and actions and other reimbursement and payment related investigation, enforcement, litigation and actions.

Heavily involved in health care and health information technology, data and related process and systems development, policy and operations innovation and a Scribe for ABA JCEB annual agency meeting with OCR for many years who has authored numerous highly-regarded works and training programs on HIPAA and other data security, privacy and use, Ms. Stamer also is widely recognized for her extensive work and leadership on leading edge health care and benefit policy and operational issues including meaningful use and EMR, billing and reimbursement, quality measurement and reimbursement, HIPAA, FACTA, PCI, trade secret, physician and other medical confidentiality and privacy, federal and state data security and data breach and other information privacy and data security rules and many other concerns. Her work includes both regulatory and public policy advocacy and thought leadership, as well as advising and representing a broad range of health industry and other clients about policy design, drafting, administration, business associate and other contracting, risk assessments, audits and other risk prevention and mitigation, investigation, reporting, mitigation and resolution of known or suspected violations or other incidents and responding to and defending investigations or other actions by plaintiffs, DOJ, OCR, FTC, state attorneys’ general and other federal or state agencies, other business partners, patients and others.

Ms. Stamer has worked extensively with health care providers, health plans, health care clearinghouses, their business associates, employers and other plan sponsors, banks and other financial institutions, and others on risk management and compliance with HIPAA, FACTA, trade secret and other information privacy and data security rules, including the establishment, documentation, implementation, audit and enforcement of policies, procedures, systems and safeguards, investigating and responding to known or suspected breaches, defending investigations or other actions by plaintiffs, OCR and other federal or state agencies, reporting known or suspected violations, business associate and other contracting, commenting or obtaining other clarification of guidance, training and and enforcement, and a host of other related concerns. Her clients include public and private health care providers, health insurers, health plans, technology and other vendors, and others. In addition to representing and advising these organizations, she also has conducted training on Privacy & The Pandemic for the Association of State & Territorial Health Plans, as well as HIPAA, FACTA, PCI, medical confidentiality, insurance confidentiality and other privacy and data security compliance and risk management for Los Angeles County Health Department, MGMA, ISSA, HIMMS, the ABA, SHRM, schools, medical societies, government and private health care and health plan organizations, their business associates, trade associations and others.

A former lead consultant to the Government of Bolivia on its Pension Privatization Project with extensive domestic and international public policy concerns in Pensions, healthcare, workforce, immigration, tax, education and other areas.

A popular lecturer and widely published author on health industry concerns, Ms. Stamer continuously advises health industry clients about compliance and internal controls, workforce and medical staff performance, quality, governance, reimbursement, privacy and data security, and other risk management and operational matters. Ms. Stamer also publishes and speaks extensively on health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns.

A Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her thought leadership, experience and advocacy on these and other related concerns by her service in the leadership of the Solutions Law Press, Inc. Coalition for Responsible Health Policy, its PROJECT COPE: Coalition on Patient Empowerment, and a broad range of other professional and civic organizations including North Texas Healthcare Compliance Association, a founding Board Member and past President of the Alliance for Healthcare Excellence, past Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; former Board President of the early childhood development intervention agency, The Richardson Development Center for Children (now Warren Center For Children); current Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee, current Vice Chair of Policy for the Life Sciences Committee of the ABA International Section, Past Chair of the ABA Health Law Section Managed Care & Insurance Section, a current Defined Contribution Plan Committee Co-Chair, former Group Chair and Co-Chair of the ABA RPTE Section Employee Benefits Group, past Representative and chair of various committees of ABA Joint Committee on Employee Benefits; a ABA Health Law Coordinating Council representative, former Coordinator and a Vice-Chair of the Gulf Coast TEGE Council TE Division, past Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee, a former member of the Board of Directors of the Southwest Benefits Association and others.

For more information about Ms. Stamer or her health industry and other experience and involvements, see here or contact Ms. Stamer via telephone at (469) 767-8872 or via e-mail here.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources here.

NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advise or an admission. The author reserves the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The presenter and the program sponsor disclaim, and have no responsibility to provide any update or otherwise notify any participant of any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.

Leave a Comment » | air ambulance, ambulance, balance billing, Emergency Care, Employee Benefits, Employer, Health Care, Health Care Finance, Health Care Fraud, Health Care Provider, Health Care Reform, health care reimbursement, Health Plan, HHS, Hospital, Reimbursement, Rural Health Care, Uncategorized | Permalink
Posted by Cynthia Marcotte Stamer

Providers, Other HIPAA-Covered Entities Must Provide PHI to Patient-Designated Apps; Liable For Security On Covered Entity Supplied Or Sponsored Apps

May 6, 2019

Health care providers, health plans and other entities (“covered entities”) subject to the Health Insurance Portability & Accountability Act (“HIPAA”) Privacy and Security Rules must deliver electronic protected health information (“ePHI”) to electronic applications or software (“apps”) used by plan members, and are responsible under HIPAA for the security of electronic PHI (“ePHI”) on apps the covered entity sponsors or provides, according to new guidance from the Department of Health & Human Services (“HHS”) Office of Civil Rights (“OCR”). With health care providers and other covered entities increasingly offering or promoting the use of apps to patients or plan plan members to access, maintain and use their health information, covered entities and their business associates must understand and be prepared meet their HIPAA responsibilities to provide and protect ePHI to and on these apps, but may want to rethink sponsoring or providing a particular app for that purpose.

New HIPAA FAQ guidance (the “FAQs”) from OCR that addresses the implications of HIPAA on covered entities responsibility when asked to share or for ePHI shared or stored on apps or application programming interfaces (“APIs”) systems, covered entities have a legal obligation to disclose ePHI to an app when subjects of the ePHI or their personal representatives request such disclosures. However, the FAQs also state a covered entity or its business associates won’t be responsible for the security of the data shared to the app unless it sponsors or provides it. The FAQs state that the liability of the covered entity for the security once delivered to the app depends upon whether the AP or API interface provider is a business associate of the covered entity versus just a third-party provider whose involvement and receipt of the PHI is requested and arranged by the subject of the PHI.

Covered Entities Obligated To Disclose ePHI to Apps Chosen By Individuals

The FAQs make crystal clear that covered entities do not have the option of refusing to share ePHI to an app when requested to do so by the subject of the ePHI or its personal representative. The FAQs states that covered entities cannot refuse to disclose ePHI to an app chosen by an individual because of concerns about how the app will use or disclose the ePHI it receives. In this regard, the FAQs state that the HIPAA Privacy Rule generally prohibits a covered entity from refusing to disclose ePHI to a third-party app designated by the individual if the ePHI is readily producible in the form and format used by the app. See 45 CFR 164.524(a)(1), (c)(2)(ii), (c)(3)(ii).According to the FAQ, the HIPAA Rules do not impose any restrictions on how an individual or the individual’s designee, such as an app, may use the health information that has been disclosed pursuant to the individual’s right of access. For instance, a covered entity is not permitted to deny an individual’s right of access to their ePHI where the individual directs the information to a third-party app because the app will share the individual’s ePHI for research or because the app does not encrypt the individual’s data when at rest.According to the FAQs, the liability a covered entity or business associate bears for sharing ePHI to an App under the HIPAA Privacy, Security, or Breach Notification Rules (HIPAA Rules) depends on the relationship between the covered entity and the app.

Breaches of Health Information Disclosed To An App

If an app that is neither a covered entity nor a business associate of the covered entity under HIPAA receives ePHI at the request of the subject or its personal representative, the FAQ states that the shared ePHI is no longer subject to the protections of the HIPAA Rules. Thus if the individual’s app – chosen by an individual to receive the individual’s requested ePHI – was not provided by or on behalf of the covered entity (and, thus, does not create, receive, transmit, or maintain ePHI on its behalf), the covered entity would not be liable under the HIPAA Rules for any subsequent use or disclosure of the requested ePHI received by the app. For example, the covered entity would have no HIPAA responsibilities or liability if such an app that the individual designated to receive their ePHI later experiences a breach. See also, See also OCR FAQ 2039, “What is the liability of a covered entity in responding to an individual’s access request to send the individual’s PHI to a third party.In contrast, however, the FAQ states that if the app was developed for, or provided by or on behalf of the covered entity – and, thus, creates, receives, maintains, or transmits ePHI on behalf of the covered entity – the covered entity could be liable under the HIPAA Rules for a subsequent impermissible disclosure because of the business associate relationship between the covered entity and the app developer. For example, if the individual selects an app that the covered health care provider uses to provide services to individuals involving ePHI, the FAQs state that the health care provider may be subject to liability under the HIPAA Rules if the app impermissibly discloses the ePHI received.

Transmission of ePHI to App Using Unsecured Method

The FAQs also address the potential exposures of covered entities and their business associates arising from the transmission of ePHI to an App using an unsecure method. According to the FAQs, the access rights HIPAA guarantees to individuals allows an individual to request that a covered entity to direct their ePHI to a third-party app in an unsecure manner or through an unsecure channel. See 45 CFR 164.524(a)(1), (c)(2)(ii), (c)(3)(ii). For instance, an individual may request that their unencrypted ePHI be transmitted to an app as a matter of convenience. The FAQ states that a covered entity that transmits ePHI through an unsecured means under such circumstances would not be responsible for unauthorized access to the individual’s ePHI while in transmission to the app. With respect to such apps, however, the FAQs also suggest that the covered entity may want to consider informing the individual of the potential risks involved the first time that the individual makes the request.

Post Transmission Exposure of Covered Entity’s EHR Systems Developer

The FAQ also discusses the potential exposure of a covered entity’s electronic health record (EHR) system developer under HIPAA after completing the transmission on behalf of a covered entity of ePHI to an app designated by the subject of the ePHI. According to the FAQs, the exposure of the HER system developer depends on the relationship, if any, between the covered entity, the EHR system developer, and the app chosen by the individual to receive the individual’s ePHI. A business associate relationship exists if an entity creates, receives, maintains, or transmits ePHI on behalf of a covered entity (directly or through another business associate) to carry out the covered functions of the covered entity. A business associate relationship exists between an EHR system developer and a covered entity. If the EHR system developer does not own the app, or if it owns the app but does not provide the app to, through, or on behalf of, the covered entity – e.g., if it creates the app and makes it available in an app store as part of a different line of business (and not as part of its business associate relationship with any covered entity) – the EHR system developer would not be liable under the HIPAA Rules for any subsequent use or disclosure of the requested ePHI received by the app.If the EHR system developer owns the app or has a business associate relationship with the app developer, and provides the app to, through or on behalf of, the covered entity (directly or through another business associate), however, the FAQs state the EHR system developer then potentially could face HIPAA liability (as a business associate of a HIPAA covered entity) for any impermissible uses and disclosures of the health information received by the app. For example, if an EHR system developer contracts with the app developer to create the app on behalf of a covered entity and the individual later identifies that app to receive ePHI, then the EHR system developer could be subject to HIPAA liability if the app impermissibly uses or discloses the ePHI received.

Covered Entity’s Duty To Enter Into Business Associate Agreement Depends Upon Relationship

Likewise, the FAQs also state that whether HIPAA requires a a covered entity or its EHR system developer to enter into a business associate agreement with an app designated by the individual in order to transmit ePHI to the app depends upon the relationship between the app developer and the covered entity and/or its EHR system developer. A business associate is a person or entity who creates, receives, maintains or transmits PHI on behalf of (or for the benefit of) a covered entity (directly or through another business associate) to carry out covered functions of the covered entity. An app’s facilitation of access to the individual’s ePHI at the individual’s request alone does not create a business associate relationship. Such facilitation may include API terms of use agreed to by the third-party app (i.e., interoperability arrangements).HIPAA does not require a covered entity or its business associate (e.g., EHR system developer) to enter into a business associate agreement with an app developer that does not create, receive, maintain, or transmit ePHI on behalf of or for the benefit of the covered entity (whether directly or through another business associate). However if the app was developed to create, receive, maintain, or transmit ePHI on behalf of the covered entity, or was provided by or on behalf of the covered entity (directly or through its EHR system developer as the covered entity’s business associate), then a business associate agreement would be required.

Health Plan & Other Covered Entity Take Aways

The new FAQ raises several action items for health care providers and other covered entities and their business associates. Among other things, covered entities must recognize and be prepared currently to provide PHI on the apps of the requesting individual’s preference within the time frames dictated by HIPAA. Covered entities must recognize that the FAQs reflect this is a current, not future responsibility.

Second, covered entities that have or are considering providing apps or other tools to atients for use in accessing or using PHI also generally need to recognize that covered entity’s provision or sponsorship of the app generally makes the covered entity responsible under HIPAA for the adequacy of the security of the apps provided by or on behalf of the health plan or health care provider including any updates to the apps. Given the general responsibility to provide PHI to any apps designated by a subject of PHI, many covered entities may want to rethink whether providing or endorsing a particular app continues to make sense taking into account the HIPAA data privacy and security responsibilities and risks attendent to maintaining the security of PHI stored and accessed using those tools. Those electing to provide apps or other tools need to take steps to ensure the current and future adequacy of the data security of the app and its associated storage and other components including any future modifications to those tools.

Furthermore, covered entities also should consider the advisability of revising existing notices and authorizations in response to the new FAQs. For instance, health plans, health care providers and others supplying PHI to an app designated by the requesting individual may want to consider revising forms to document the direction and consent of the requestor to the electronic delivery of the PHI to the designated app to better position themselves to claim the protection against liability for breaches on these subject designate apps described in the FAQs. Meanwhile, covered entities providing apps also may wish to weigh options for supplementing disclosures to mitigate potential risks from use or failure to upgrade apps that might be viewed as covered entity provided or sponsored.

Certainly, before sponsoring or allowing a business associate to offer or provide an app or other similar solution, health care providers and other covered entities must ensure that the business associate agreement requirements of HIPAA are met from the app developer and others providing services or the app as business associates to the covered entity. Covered entities also should take steps to ensure that the interfaces between the apps and other systems are properly security at the point of implementation and during any subsequent upgrades keeping in mind that OCR guidance expects covered entities to reconfirm security for any system, software or app upgrades. Meeting this expectation for apps within the possession of patients or plan members can present special challenges requiring careful planning.

Beyond complying with the specific requirements of the FAQs concerning the obligation of health care providers and other covered entities to deliver PHI to apps in formats specified by patients, providers also need to take to heart OCR’s broader requirement that providers and other covered entities deliver and provide timely access to OHI as required by HIPAA generally. Recognizing that noncompliance with this rule remains a top violation, OCR has targeted enforcement of the access rules for increase enforcement. In addition, violations also expose providers to medical licensure and other discipline.

Have questions about the new FAQs or other health care regulatory developments or their implications on your organization, contact the author. You also are invited to stay abreast of these and other health care developments by participating in our Solutions Law Press, Inc. Linkedin SLP Health Care Risk Management & Operations Group or COPE: Coalition On Patient Empowerment Group or Project COPE: Coalition on Patient Empowerment Facebook Page.

About the Author

Highly valued for her rare ability to find pragmatic client-centric solutions by combining her detailed legal and operational knowledge and experience with her talent for creative problem-solving, Ms. Stamer’s clients include employers and other workforce management organizations; employer, union, association, government and other insured and self-insured health and other employee benefit plan sponsors, benefit plans, fiduciaries, administrators, and other plan vendors; managed care organizations, insurers, self-insured health plans and other payers and their management; public and private, domestic and international hospitals, health care systems, clinics, skilled nursing, long term care, rehabilitation and other health care providers and facilities; medical staff, health care accreditation, peer review and quality committees and organizations; managed care organizations, insurers, third party administrative services organizations and other payer organizations; billing, utilization management, management services organizations; group purchasing organizations; pharmaceutical, pharmacy, and prescription benefit management and organizations; claims, billing and other health care and insurance technology and data service organizations; other health, employee benefit, insurance and financial services product and solutions consultants, developers and vendors; and other health, employee benefit, insurance, technology, government and other management clients.

A former lead consultant to the Government of Bolivia on its Pension Privatization Project with extensive domestic and international public policy concerns in pensions, healthcare, workforce, immigration, tax, education and other areas, Ms. Stamer has been extensively involved in U.S. federal, state and local health care and other legislative and regulatory reform impacting these concerns throughout her career. Her public policy and regulatory affairs experience encompassess advising and representing domestic and multinational private sector health, insurance, employee benefit, employer, staffing and other outsourced service providers, and other clients in dealings with Congress, state legislatures, and federal, state and local regulators and government entities, as well as providing advice and input to U.S. and foreign government leaders on these and other policy concerns.

Beyond her public policy and regulatory affairs involvement, Ms. Stamer also has extensive experience helping these and other clients to design, implement, document, administer and defend workforce, employee benefit, insurance and risk management, health and safety, and other programs, products and solutions, and practices; establish and administer compliance and risk management policies; comply with requirements, investigate and respond to government; accreditation and quality organizations; private litigation and other federal and state health care industry investigations and enforcement actions; evaluate and influence legislative and regulatory reforms and other regulatory and public policy advocacy; training and discipline; enforcement, and a host of other related concerns. Ms. Stamer’s experience in these matters includes supporting these organizations and their leaders on both a real-time, “on demand” basis with crisis preparedness, intervention and response as well as consulting and representing clients on ongoing compliance and risk management; plan and program design; vendor and employee credentialing, selection, contracting, performance management and other dealings; strategic planning; policy, program, product and services development and innovation; mergers, acquisitions, and change management; workforce and operations management, and other opportunities and challenges arising in the course of their operations.

Past Chair of the ABA Managed Care & Insurance Interest Group and, a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, heavily involved in health benefit, health care, health, financial and other information technology, data and related process and systems development, policy and operations throughout her career, and scribe of the ABA JCEB annual Office of Civil Rights agency meeting, Ms. Stamer also is widely recognized for her extensive work and leadership on leading edge health care and benefit policy and operational issues. She regularly helps employer and other health benefit plan sponsors and vendors, health industry, insurers, health IT, life sciences and other health and insurance industry clients design, document and enforce plans, practices, policies, systems and solutions; manage regulatory, contractual and other legal and operational compliance; vendors and suppliers; deal with Medicare, Medicaid, CHIP, Medicare/Medicaid Advantage, ERISA, state insurance law and other private payer rules and requirements; contracting; licensing; terms of participation; medical billing, reimbursement, claims administration and coordination, and other provider-payer relations; reporting and disclosure, government investigations and enforcement, privacy and data security; and other compliance and enforcement; Form 990 and other nonprofit and tax-exemption; fundraising, investors, joint venture, and other business partners; quality and other performance measurement, management, discipline and reporting; physician and other workforce recruiting, performance management, peer review and other investigations and discipline, wage and hour, payroll, gain-sharing and other pay-for performance and other compensation, training, outsourcing and other human resources and workforce matters; board, medical staff and other governance; strategic planning, process and quality improvement; HIPAA administrative simplification, meaningful use, EMR, HIPAA and other technology, data security and breach and other health IT and data; STARK, antikickback, insurance, and other fraud prevention, investigation, defense and enforcement; audits, investigations, and enforcement actions; trade secrets and other intellectual property; crisis preparedness and response; internal, government and third-party licensure, credentialing, accreditation, HCQIA, HEDIS and other peer review and quality reporting, audits, investigations, enforcement and defense; patient relations and care; internal controls and regulatory compliance; payer-provider, provider-provider, vendor, patient, governmental and community relations; facilities, practice, products and other sales, mergers, acquisitions and other business and commercial transactions; government procurement and contracting; grants; tax-exemption and not-for-profit; 1557 and other Civil Rights; privacy and data security; training; risk and change management; regulatory affairs and public policy; process, product and service improvement, development and innovation, and other legal and operational compliance and risk management, government and regulatory affairs and operations concerns.

Ms. Stamer has extensive health care reimbursement and insurance experience advising and defending plan sponsors, administrators, insurance and managed care organizations, health care providers, payers, and others about Medicare, Medicaid, Medicare and Medicaid Advantage, Tri-Care, self-insured group, association, individual and employer and association group and other health benefit programs and coverages including but not limited to advising public and private payers about coverage and program design and documentation, advising and defending providers, payers and systems and billing services entities about systems and process design, audits, and other processes; provider credentialing, and contracting; providers and payer billing, reimbursement, claims audits, denials and appeals, coverage coordination, reporting, direct contracting, False Claims Act, Medicare & Medicaid, ERISA, state Prompt Pay, out-of-network and other nonpar insured, and other health care claims, prepayment, post-payment and other coverage, claims denials, appeals, billing and fraud investigations and actions and other reimbursement and payment related investigation, enforcement, litigation and actions. Scribe for the ABA JCEB annual agency meeting with HHS OCR, she also has worked extensively on health and health benefit coding, billing and claims, meaningful use and EMR, billing and reimbursement, quality measurement and reimbursement, HIPAA, FACTA, PCI, trade secret, physician and other medical, workforce, consumer financial and other data confidentiality and privacy, federal and state data security, data breach and mitigation, and other information privacy and data security concerns.

For more information about Ms. Stamer or her health industry and other experience and involvements, see here or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources here such as:

NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advise or an admission. The author reserves the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The presenter and the program sponsor disclaim, and have no responsibility to provide any update or otherwise notify any participant of any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.

Highly valued for her rare ability to find pragmatic client-centric solutions by combining her detailed legal and operational knowledge and experience with her talent for creative problem-solving, Ms. Stamer supports these organizations and their leaders on both a real-time, “on demand” basis as well as outsourced operations or special counsel on an interim, special project, or ongoing basis with strategic planning and product and services development and innovation; workforce and operations management, crisis preparedness and response as well as to prevent, stabilize and cleanup legal and operational crises large and small that arise in the course of operations.

Past Chair of the ABA Managed Care & Insurance Interest Group and, a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also has extensive health care reimbursement and insurance experience advising and defending health care providers, payers, and others about Medicare, Medicaid, Medicare and Medicaid Advantage, Tri-Care, self-insured group, association, individual and group and other health benefit programs and coverages including but not limited to advising public and private payers about coverage and program design and documentation, advising and defending providers, payers and systems and billing services entities about systems and process design, audits, and other processes; provider credentialing, and contracting; providers and payer billing, reimbursement, claims audits, denials and appeals, coverage coordination, reporting, direct contracting, False Claims Act, Medicare & Medicaid, ERISA, state Prompt Pay, out-of-network and other nonpar insured, and other health care claims, prepayment, post-payment and other coverage, claims denials, appeals, billing and fraud investigations and actions and other reimbursement and payment related investigation, enforcement, litigation and actions.

For more information about Ms. Stamer or her health industry and other experience and involvements, see here or contact Ms. Stamer via telephone at (469) 767-8872 or via e-mail here.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources here such as the following:

NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advise or an admission. The author reserves the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The presenter and the program sponsor disclaim, and have no responsibility to provide any update or otherwise notify any participant of any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.

Leave a Comment » | E-Prescribing, Employee Benefits, Health Care, Health Care Finance, Health Care Fraud, Health Care Provider, Health Insurance Exchange, Health IT, home health, Hospital, Indian Health, Medicaid, Medicaid Advantage, Medical Licensure, Medicare Advantage, OCR, Physician, Uncategorized | Tagged: Data Breach, Health Care, Health Plan, HIPAA | Permalink
Posted by Cynthia Marcotte Stamer

Provider Pays $3 Million For Breach With Delayed Investigation & Notice

May 6, 2019

A Franklin, Tennessee-based diagnostic medical imaging services provider Touchstone Medical Imaging (“Touchstone”) will pay $3,000,000 to the Office for Civil Rights (“OCR”) at the U.S. Department of Health and Human Services (“HHS”), and adopt a corrective action plan to settle potential violations of the Health Insurance Portability and Accountability Act (HIPAA) Security and Breach Notification Rules. The Resolution Agreement and Corrective Action Plan announced May 6, 2019 illustrates for other health care providers, health plans, healthcare clearinghouses and their business associates (“Covered Entities”) the perils both of failing to properly secure and protect protected health information and the necessity for timely investigation and disclosure within the short time frames required by HIPAA.

The Resolution Agreement between Touchstone and OCR stems from Touchstone’s mishandling of a 2014 breach. In May 2014, the Federal Bureau of Investigation (“FBI”) and OCR notified Touchstone that one of its FTP servers allowed uncontrolled access to protected health information (“PHI”). This uncontrolled access permitted search engines to index the PHI of Touchstone’s patients, which remained visible on the Internet even after the server was taken offline. While Touchstone initially claimed that no patient PHI was exposed, in the course of OCR’s investigation, Touchstone subsequently admitted PHI of more than 300,000 patients was exposed including, names, birth dates, social security numbers, and addresses. As a result of its delayed acknowledgement of the occurrence of the breach on May 9, 2014, Touchstone did not provide notice of the breach until October, 2014, months after OCR and FBI notified it of the breach. See here.

OCR’s investigation found that Touchstone did not thoroughly investigate the security incident until several months after notice of the breach from both the FBI and OCR. Consequently, Touchstone’s notification to individuals affected by the breach also was untimely. OCR’s investigation further found that Touchstone failed to conduct an accurate and thorough risk analysis of potential risks and vulnerabilities to the confidentiality, integrity, and availability of all of its electronic PHI (ePHI), and failed to have business associate agreements in place with its vendors, including their IT support vendor and a third-party data center provider as required by HIPAA.

In addition to the monetary settlement, Touchstone will undertake a robust corrective action plan that includes the adoption of business associate agreements, completion of an enterprise-wide risk analysis, and comprehensive policies and procedures to comply with the HIPAA Rules.

The Resolution Agreement illustrates the expensive price Covered Entities risk from failing to conduct risk assessments, obtain business associate agreements and fulfill other HIPAA requirements before a breach, then failing to promptly investigate, provide notification and redress a breach when discovered. Covered Entities should learn from the painful lesson learned by Touchstone by reconfirming the adequacy of their current HIPAA compliance and using care to timely and adequately investigate and provide notification if and when a breach occurs.

About the Author

Highly valued for her rare ability to find pragmatic client-centric solutions by combining her detailed legal and operational knowledge and experience with her talent for creative problem-solving, Ms. Stamer supports these organizations and their leaders on both a real-time, “on demand” basis as well as outsourced operations or special counsel on an interim, special project, or ongoing basis with strategic planning and product and services development and innovation; workforce and operations management, crisis preparedness and response as well as to prevent, stabilize and cleanup legal and operational crises large and small that arise in the course of operations.

Past Chair of the ABA Managed Care & Insurance Interest Group and, a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also has extensive health care reimbursement and insurance experience advising and defending health care providers, payers, and others about Medicare, Medicaid, Medicare and Medicaid Advantage, Tri-Care, self-insured group, association, individual and group and other health benefit programs and coverages including but not limited to advising public and private payers about coverage and program design and documentation, advising and defending providers, payers and systems and billing services entities about systems and process design, audits, and other processes; provider credentialing, and contracting; providers and payer billing, reimbursement, claims audits, denials and appeals, coverage coordination, reporting, direct contracting, False Claims Act, Medicare & Medicaid, ERISA, state Prompt Pay, out-of-network and other nonpar insured, and other health care claims, prepayment, post-payment and other coverage, claims denials, appeals, billing and fraud investigations and actions and other reimbursement and payment related investigation, enforcement, litigation and actions.

For more information about Ms. Stamer or her health industry and other experience and involvements, see here or contact Ms. Stamer via telephone at (469) 767-8872 or via e-mail here.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources here such as the following:

NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advise or an admission. The author reserves the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The presenter and the program sponsor disclaim, and have no responsibility to provide any update or otherwise notify any participant of any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.

DOJ-Atrium Settlement Signals Possible Antitrust Risks From Common Provider Contract Terms

November 18, 2018

Hospitals and other health care providers, health care payers, health care providers, managed care and practice management service providers and others structuring or working with preferred provider or other managed health care contracts should weigh the potential implications on their health plan provider agreements and managed care practices of the antitrust lawsuit jointly brought by the U.S. Department of Justice and the North Carolina Attorney General against North Carolina’s largest healthcare system, The Charlotte-Mecklenburg Hospital Authority d/b/a Atrium Health (“Atrium”) which challenges steering restrictions and other contractual protections of Atrium against competition from other contracted health care providers.

Court documents filed by the Justice Department with the U.S. District Court for the Western District of North Carolina on November 15, 2018, seek Court approval of a Joint Stipulation and Final Judgment (“Consent Decree”), which if approved by the Court, will resolve a civil antitrust lawsuit challenging Atrium’s practice of requiring and enforcing “steering restrictions” in its managed care provider agreements with commercial insurers, self-insured employer and union health plans and other private payer that prohibit the payers from steering patients to, or sharing information about other potentially more cost-effective competitor hospitals, physicians or other health care providers filed by the Justice Department in June, 2016. While the emphasis by the Justice Department of the market dominance of Atrium in the factual allegations contained in its complaint raise questions about whether the Justice Department would undertake similar litigation against less market dominant providers, the charges made by the Justice Department in its complaint and the agreement by Atrium to cease the challenged conduct nevertheless raise a substantial basis for concern by other health care providers and payers about their own potential antitrust risks from negotiating to include, including or enforcing a wide range of provider steering and other contractual provisions commonly included in many preferred provider contracts between health plans, insurers and their managed care organizations and the health care providers that contract to be participating providers for their health plan narrow network or other managed care provider panels.

It should be noted that steering, and commitments to steer and not to steer patients to various providers are a longstanding and key component of the structure of most preferred provider contracts used in the managed care industry. Steering refers to practices payers historically use to offer or encourage patients and other health care consumers to access care from health care providers that the payer perceives as a more cost effective provider. Historically, insurers promised to steer patients to health care providers contracting to become “preferred providers” to health plan members in return for health care provider’s agreement to provide care a preferred rates or in accordance with other health plan rules. With most health care providers now participating in provider networks, however, payers increasingly want to steer members to lower cost providers within the provider network to maximize savings and place pressure on higher cost participating providers to reduce rates. If the higher cost providers have most favored nation or other contractual safeguards like those in Atrium’s provider contracts, however, contractual barriers obstruct these efforts by payers. The insurers in Atrium used antitrust complaints filed with the Justice Department to attack these contractual barriers.

Formerly known as Carolinas HealthCare System, the dominant health care provider in the Charlotte, North Carolina area, and one of the largest not-for-profit healthcare systems in the United States, Atrium provides healthcare services throughout the Carolinas, including in hospitals, freestanding emergency departments, urgent care centers, physician practices, outpatient surgery centers, imaging centers, nursing homes, and laboratories. Atrium’s flagship facility is Carolinas Medical Center, the largest hospital in North Carolina. Atrium also operates eight other general acute-care hospitals in the Charlotte area and owns, manages, or has strategic affiliations with more than 40 hospitals in the Carolinas.

The Justice Department complaint filed on June 9, 2016 charges that Atrium violated federal antitrust law by using its dominant market power to force commercial payers to agree to include various steering and transparency restrictions in their managed care contracts with Atrium in a manner that illegally restricts competition in violation of federal antitrust laws. The challenged provisions include a series of promises historically included in many provider agreements such as provisions requiring that the private payer:

To steer plan members to participating providers;

Not to steer plan members away from participating providers;
To include Atrium providers in any new networks or preferential treatment afforded to any other contracting provider in new or all plans, products, networks and preferred provider classifications; and
Not to exclude from and/or to provide the provider with the right to receive any new preferences or rewards for being a preferred provider.

Although provider contracts historically have included many of these same provisions, the Justice Department in its lawsuit against Atrium charged that Atrium illegally used its dominant market position to negotiate managed care contracts paying higher reimbursement rates than other less dominant contracted providers received and used the challenged contract provisions to insulate itself against competition from other network providers offer care at more cost effective rates. The Justice Department contends the challenged provisions allow Atrium to continue to charge higher prices free from effective competition from other health care providers by prohibiting the private payers from steering patients to other health care providers and guaranteeing Atrium the most preferential treatment available even if its rates are not competitive with those of other providers enjoying the same status. In its Atrium complaint, the Justice Department asserts that Atrium’s steering restrictions harm payers and consumers in violation of federal antitrust laws by obstructing the ability of insurers to design health benefit plans that give patients financial incentives to choose more cost-effective hospitals and physicians. The Justice Department contends these actions by Atrium force health insurers not to encourage consumers to choose other healthcare providers that offer better overall value and from providing consumers and employers with information regarding the cost and quality of alternative health benefit plan.

More than two years after the Justice Department commenced the lawsuit, court documents filed with the Court by the Justice Department on November 15, 2018 reflect the parties now have agreed to settle the lawsuit. The Justice Department filed an unopposed motion that asks to enter a Consent Decree implementing the terms of a settlement which would preclude Atrium from seeking to negotiate or enforce a wide range of steering and transparency restrictions in existing or future preferred provider agreements. While Atrium would not pay any damages under the proposed Consent Degree, the proposed Consent Decree would:

Prohibit Atrium from seeking to negotiate, include or enforce steering or transparency restrictions in its provider agreements with private payers or otherwise seeking contract terms or taking actions that would prohibit, prevent, or penalize payers for steering or sharing information to promote transparency in the future in any Narrow Network Benefit Plan, Tiered Network Benefit Plan, or any Benefit Plan with Reference-Based Pricing or a Center of Excellence as a component in the Charlotte area; and
Void or restrict Atrium from enforcing certain specific existing steering and transparency restrictions in Atrium’s existing preferred provider agreements with various commercial insurers identified in exhibits to the Consent Decree except with respect to certain “carve out networks.”

If approved in its current form, the Consent Decree will both void a host of existing contractual safeguards currently included in Atrium’s existing provider contracts and affirmatively prohibit Atrium from seeking seek or enforce other safeguards insulating it from competition from other lower cost health care providers by defining “penalties” broadly to include any contract term or action with the likely effect of significantly restraining steering through steered plans or transparency under the facts and circumstances considering the contract provision or action; its economic impact; and the extent to which the contract provision or action has potential or actual procompetitive effects in the Charlotte Area.

Special rules applicable to Department of Justice antitrust settlements under the Tunney Act require the Justice Department to publish the proposed settlement to be implemented by the Consent Decree and the Department’s competitive impact statement in the Federal Register and allow a public comment period of 60 days before the court can approve the Consent Decree. Any person may submit written comments concerning the proposed settlement during a 60-day comment period to Peter J. Mucchetti, Chief, Healthcare and Consumer Products Section, Antitrust Division, U.S. Department of Justice, 450 Fifth Street, N.W., Suite 4100, Washington, D.C. 20530. After the comment period closes, the Court will consider the motion taking into account the comments and other factors it determines appropriate. Barring unforeseen circumstances, the U.S. District Court for the Western District of North Carolina likely will approve the proposed consent decree upon finding that it serves the public interest.

Because the contractual provisions challenged as anti-competitive in the Atrium litigation are of a nature widely used within the managed care industry, health care providers, health insurers, self-insured employer and union health plans and their sponsors and others involved in the managed care industry should weigh the potential implications of the Atrium litigation and its anticipated resolution on their own provider contracting strategies and practices as well as those of their competitors.

Contractual provisions like those challenged in the Atrium litigation are widely used throughout the managed care industry. Steerage of patients to the participating provider and associated competitive protections historically has been the primary inducements and considerations that providers receive in return for agreeing to accept payer rates and other rules for a health care provider to qualify for inclusion on the payer’s provider panel. Consequently, provider contracts between payers and participating providers commonly include steering, transparency or other restrictions similar in function if not form to those contested in the Atrium litigation. Moreover, promises regarding steering are not limited to provider agreements between payers and providers. Insurers, preferred provider organizations and other managed care organization typically require employer, union or other health plan sponsors of health plans with preferred provider or other managed care features contractually to commit to design their health plans to incorporate features that steer plan members to use preferred providers and prohibit plan members from taking advantage of potentially lower cash or other rates that a participating provider might offer to patients choosing to circumvent the provider network to access care. Since the Atrium litigation raises questions about potential challenges to the enforceability and legality of similar steering and contractual provisions insulating contracted providers from competition health care providers and payers with or negotiating preferred provider contracts that contain anti-steering or other contractual provisions like those challenged in the Atrium litigation and the self-insured group health plans that contract to access provider networks using these contracts should weigh carefully the potential risks of participating in contractors or seeking to negotiate or enforce these provisions taking into account their own specific facts and circumstances and the current guidance within qualified legal counsel within the scope of attorney-client privilege.

While some might be tempted to assume from Atrium’s market dominance that the Atrium challenge and litigation challenges apply only to provider agreements involving providers with substantial market dominance in their region, this is not necessarily the case. Broader existing antitrust precedent concerning restraints on competition arguably provide some grounds for concern that the Justice Department or private litigants might seek to leverage the antitrust challenges raised in the Atrium litigation to challenge Atrium-like steering restrictions, most favored nation status and other similar clauses in preferred provider and other managed care agreements involving health care providers or others with a much smaller market share. Likewise, it remains whether evidence showing the insurer, rather than the provider, originally proposed the questioned provision could impact the risk or render the contracts more defensible.

Despite these and other questions about the extent to which the challenges raised to the Atrium contracts will be asserted, much less successfully litigated with respect to provider protections contained in other preferred provider agreements, those negotiating or involved in preferred provider agreements containing similar provisions should consider and monitor the potential risks and weigh their options for mitigating these risks. Among other things, it is important to keep in mind that antitrust violations carry potential civil and in some cases, even criminal violations, for participating or conspiring to participate in prohibited anticompetitive arrangements. Thus both payers and providers participating or contemplating participating in contracts or negotiation to interject the challenged provisions into their own provider agreements should weigh their actions carefully. Moreover, even when only civilly prosecuted, potential civil damages and defense costs often are substantial. Accordingly, while the Justice Department prosecution of Atrium was civil, rather than criminal in nature and the agreed upon Judgement presented to the Court to end the litigation does not require Atrium to pay any monetary damages, future plaintiffs should not assume that they would similarly avoid such damages in the event their own practices are successfully challenged. Consequently, health care providers, as well as health insurers, employer and union health plans and other private sector payers, and others participating in the negotiation or administration of, or competing in market regions with preferred provider agreements containing steering restrictions or other contractual provisions similar in form or function to those challenged in the Atrium litigation should seek specific legal advice about the potential implications of antitrust challenges raised in the Atrium Judgement on their practices and market situation and options for mitigating those risks.

About the Author

Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: Erisa & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years of managed care and other health industry, health and other benefit and insurance, workforce and other management work, public policy leadership and advocacy, coaching, teachings, and publications.

Past Chair of the ABA Managed Care & Insurance Interest Group and, a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer has been continuously involved the design, regulation, administration and defense of managed care and other health care and health benefit arrangements, contracts, systems, and processes throughout her career. In addition to her extensive provider and payer contracting work, Ms. Stamer also is recognized for her knowledge, experience and leadership on health benefit, health care, health, financial and other information technology, data and related process and systems development, policy and operations throughout her career, and scribe of the ABA JCEB annual Office of Civil Rights agency meeting, Ms. Stamer also is widely recognized for her extensive work and leadership on leading edge health care and benefit policy and operational issues. Highly valued for her rare ability to find pragmatic client-centric solutions by combining her detailed legal and operational knowledge and experience with her talent for creative problem-solving, Ms. Stamer’s clients include employers and other workforce management organizations; employer, union, association, government and other insured and self-insured health and other employee benefit plan sponsors, benefit plans, fiduciaries, administrators, and other plan vendors; managed care organizations, insurers, self-insured health plans and other payers and their management; public and private, domestic and international hospitals, health care systems, clinics, skilled nursing, long term care, rehabilitation and other health care providers and facilities; medical staff, health care accreditation, peer review and quality committees and organizations; managed care organizations, insurers, third party administrative services organizations and other payer organizations; billing, utilization management, management services organizations; group purchasing organizations; pharmaceutical, pharmacy, and prescription benefit management and organizations; claims, billing and other health care and insurance technology and data service organizations; other health, employee benefit, insurance and financial services product and solutions consultants, developers and vendors; and other health, employee benefit, insurance, technology, government and other management clients.

As a key part of this work, Ms. Stamer throughout her career regularly has worked with health care providers and payers, employer and other health benefit plan sponsors and vendors, health industry, insurers, health IT, life sciences and other health and insurance industry clients design, document and enforce managed care and other contracts, benefit plans and insurance arrangements, practices, policies, systems and solutions; manage regulatory, contractual and other legal and operational compliance; vendors, supplier, and patient and member relations and requirements; deal with Medicare, Medicaid, CHIP, Medicare/Medicaid Advantage, ERISA, state insurance law and other private payer rules and requirements; contracting; licensing; terms of participation; medical billing, reimbursement, claims administration and coordination, and other provider-payer relations; reporting and disclosure, government investigations and enforcement, privacy and data security; and other compliance and enforcement; Form 990 and other nonprofit and tax-exemption; fundraising, investors, joint venture, and other business partners; quality and other performance measurement, management, discipline and reporting; physician and other workforce recruiting, performance management, peer review and other investigations and discipline, wage and hour, payroll, gain-sharing and other pay-for performance and other compensation, training, outsourcing and other human resources and workforce matters; board, medical staff and other governance; strategic planning, process and quality improvement; HIPAA administrative simplification, meaningful use, EMR, HIPAA and other technology, data security and breach and other health IT and data; STARK, antikickback, insurance, and other fraud prevention, investigation, defense and enforcement; audits, investigations, and enforcement actions; trade secrets and other intellectual property; crisis preparedness and response; internal, government and third-party licensure, credentialing, accreditation, HCQIA, HEDIS and other peer review and quality reporting, audits, investigations, enforcement and defense; patient relations and care; internal controls and regulatory compliance; payer-provider, provider-provider, vendor, patient, governmental and community relations; facilities, practice, products and other sales, mergers, acquisitions and other business and commercial transactions; government procurement and contracting; grants; tax-exemption and not-for-profit; 1557 and other Civil Rights; privacy and data security; training; risk and change management; regulatory affairs and public policy; process, product and service improvement, development and innovation, and other legal and operational compliance and risk management, government and regulatory affairs and operations concerns.

Ms. Stamer also has extensive health care reimbursement and insurance experience advising and defending plan sponsors, administrators, insurance and managed care organizations, health care providers, payers, and others about Medicare, Medicaid, Medicare and Medicaid Advantage, Tri-Care, self-insured group, association, individual and employer and association group and other health benefit programs and coverages including but not limited to advising public and private payers about coverage and program design and documentation, advising and defending providers, payers and systems and billing services entities about systems and process design, audits, and other processes; provider credentialing, and contracting; providers and payer billing, reimbursement, claims audits, denials and appeals, coverage coordination, reporting, direct contracting, False Claims Act, Medicare & Medicaid, ERISA, state Prompt Pay, out-of-network and other nonpar insured, and other health care claims, prepayment, post-payment and other coverage, claims denials, appeals, billing and fraud investigations and actions and other reimbursement and payment related investigation, enforcement, litigation and actions. Scribe for the ABA JCEB annual agency meeting with HHS OCR, she also has worked extensively on health and health benefit coding, billing and claims, meaningful use and EMR, billing and reimbursement, quality measurement and reimbursement, HIPAA, FACTA, PCI, trade secret, physician and other medical, workforce, consumer financial and other data confidentiality and privacy, federal and state data security, data breach and mitigation, and other information privacy and data security concerns.

A popular lecturer and widely published author on health industry concerns, Ms. Stamer continuously advises health industry clients about contracting, credentialing and quality assurance, compliance and internal controls, workforce and medical staff performance, quality, governance, reimbursement, privacy and data security, and other risk management and operational matters. Author of works on Payer and Provider Contracting and many other managed care concerns, Ms. Stamer also publishes and speaks extensively on health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns.

For more information about Ms. Stamer or her health industry and other experience and involvements, see here or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources here.

NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advise or an admission. The author reserves the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The presenter and the program sponsor disclaim, and have no responsibility to provide any update or otherwise notify any participant of any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.

©2018 Cynthia Marcotte Stamer. Non-exclusive right to republish granted to Solutions Law Press, Inc.™ For information about republication, please contact the author directly. All other rights reserved.

Leave a Comment » | Antitrust, Consumer Driven Health Care, Health Care, Health Care Finance, Health Care Fraud, Health Care Provider, Health Care Quality, health care reimbursement, managed care, participating provider, Provider contracting, Uncategorized | Permalink
Posted by Cynthia Marcotte Stamer

Record $16M HIPAA Sanction Shows Need For Current Enterprise Risk Assessment; ONC/OCR Share New Tool To Help HIPAA Covered Entities Comply

October 17, 2018

Following on the heels of Monday’s announcement that Anthem, Inc. is paying a record setting $16 million to resolve charges its violations of the enterprise risk assessment and other requirements of the Health Insurance Portability & Accountability Act (HIPAA) Security Rule allowed cybercriminals to breach the electronic protected health information (ePHI) of more than 79 million patients, physicians and other health care providers, health plans and health insurers, health care clearinghouses (covered entities) and their service providers acting as their business associates (business associates) (hereafter collectively “HIPAA Entities”) should reconfirm their own and their business associates’ compliance with the HIPAA Security Rule’s enterprise risk assessment and other ePHI security requirements.

When conducting these assessments, HIPAA Entities generally will want to ensure that their new enterprise risk assessment documents their consideration of the newly updated Security Risk Assessment (SRA) Tool jointly announced yesterday (October 16, 2018) by the Department of Health & Human Services (HHS) Office of the National Coordinator for Health Information Technology (ONC) and OCR, lessons shared in OCR’s $16 million Anthem, Inc. resolution agreement, $5.55 million resolution agreement with Memorial Healthcare System and other OCR HIPAA resolution agreements, civil monetary penalty assessments and other Security Rule guidance, as well as other emergent internal and external data suggesting potential susceptibilities of their own systems and data to breach or loss.

HIPAA Entities are reminded that HIPAA requires that all HIPAA covered entities and business associates to conduct an accurate and thorough assessment of the potential risks and vulnerabilities to the confidentiality, integrity, and availability of electronic protected health information held by their organization. Any HIPAA Entity that hasn’t already conducted a recent, appropriately documented enterprise wide risk analysis or updated their analysis in response to changes in equipment, vendors or emerging threats and developments should do so as soon as possible.

HIPAA’s requirement that HIPAA entities conduct and maintain an appropriately comprehensive and timely updated enterprise-wide risk analysis of potential security threats to ePHI both an affirmative requirement of the HIPAA Security Rule and an indispensable process to help healthcare organizations understand their security posture to prevent, detect, respond to and mitigate potential legal, operational and reputational costs that commonly result when ePHI or other sensitive information is breached or destroyed.

The importance of HIPAA entities having and being able to produce in the event of a breach or OCR audit an up-to-date, comprehensively enterprise risk assessment and response plan cannot be overstated. Beyond OCR’s publication of extensive regulatory guidance and educational outreach discussing the responsibility to conduct and maintain documentation of appropriate enterprise risk assessments, virtually every announced HIPAA Security Rule civil monetary penalty assessment and other enforcement action identifies violation of the HIPAA Security Rule’s enterprise risk assessment requirements among the material transgressions committed and required to be corrected by HIPAA entities like Anthem, Inc. subjected to Security Rule enforcement.

The updated SRA Tool jointly released by OCR and ONC on October 16, 2018 further reinforces the importance of complying with the enterprise wide risk assessment requirement while simultaneously encouraging and facilitating compliance by small to medium sized health care practices. Particularly designed with an eye to helping health care providers that work as solo practitioners or in groups with 10 or less health care providers and their business associates identify risks and vulnerabilities to ePHI, OCR says the updated SRA Tool “provides enhanced functionality to document how such organizations can implement or plan to implement appropriate security measures to protect ePHI” and incorporates new features to make the tool “more user friendly.” New features OCR hopes will make the SRA tool more user friendly include:

Enhanced User Interface
Modular workflow with question branching logic
Custom Assessment Logic
Progress Tracker
Improved Threats & Vulnerabilities Rating
Detailed Reports
Business Associate and Asset Tracking
Overall improvement of the user experience

HIPAA Entities should take note, however, that as of its October 16, 2018 released date, the updated version of the SRA Tool currently is only available in Windows format. OCR has indicated that the OCR and ONC have not yet updated the OS iPad version of the previously published version of the SRA Tool. While the previous OS iPad version remains available at the Apple App Store exit disclaimer icon (search under “HHS SRA Tool”), HIPAA Entities that presently use or plan to use the OS iPad tool should consider comparing the prior tool against the updated Windows SRA Tool to verify the continued suitability of its continued use and any adjustments in understanding or application that might be warranted by these differences. Additionally, HIPAA Entities also should review the revised User Guide available on the SRA Tool’s website before starting the assessment.

While the SRA Tool provides valuable guidance to help HIPAA Entities to conduct their own enterprise wide risk assessment, HIPAA Entities should keep in mind that the responsibility to assess their enterprise wide risk and to update their security safeguards to respond to these risks is a continuous one. While using the SRA Tool is an excellent starting point for beginning this assessment, HIPAA Entities need to realize that OCR expects HIPAA Entities to tailor their assessments to identify and respond to the full range of risks and exposures to their ePHI and associated systems and to constantly reevaluate and adjust these assessments in response to emerging system and ePHI threats identified in the course of their operations as well as external developments suggesting previously unidentified or inadequately appreciated threats. Moreover, in addition to conducting the risk assessment, OCR regulatory guidance and guidance drawn from OCR’s civil monetary settlements resolution agreements and other enforcement and audit activities also make clear that in addition to conducting the enterprise wide risk analysis, HIPAA entities also need to be prepared to produce documentation that their organizations took appropriate and timely action to address the risks identified in the risk assessment in accordance with the HIPAA Security Rule.

In addition to mitigate their exposure to potentially substantial HIPAA civil monetary penalties for violating the HIPAA Security Rule, HIPAA Entities also should keep in mind the potential role that their conduct and maintenance of appropriately comprehensive enterprise wide security risk assessments can play in helping to mitigate other legal, financial, operational and reputational risks that commonly also arise along with the HIPAA exposures associated with a breach of HIPAA. In addition to HIPAA’s Security Rules for ePHI, HIPAA Entities typically also are subject to a hodgepodge of non-HIPAA statutory, regulatory and/or contractual obligations to safeguard patient, employee, business partners and other individual, financial, health, tax, peer review and credentialing, trade secrets and other confidential information against improper use, access, destruction or disclosure. Examples of such obligations include the privacy and data security rules of the Fair and Accurate Credit Transaction Act (FACTA), the Internal Revenue Code and other tax laws, federal and state consumer debt and information, electronic crime, data security and identity theft statutes; federal and state trade secret and intellectual property laws; and others, for which violations often equal or substantially exceed the civil monetary penalty liability that commonly arise under the HIPAA Security Rule. The experience of Anthem, Inc. illustrates this point. While the $16 million resolution payment that OCR announced Anthem, Inc. is paying to resolve its HIPAA civil monetary penalty exposures for allowing the breach of the ePHI of 79 million individuals, this payment reflects only a very small portion of the overall liability that Anthem, Inc. incurred from data breach that lead to this resolution payment. Anthem, Inc. also separately already reportedly also has paid more than $115 million to settle other statutory and contractual liabilities arising from the breach separate as well as substantial investigatory and defense costs in addition to the HIPAA liabilities settled under the resolution agreement announced Monday. Other HIPAA Entities subjected to HIPAA civil monetary penalties or paying resolution payments to OCR also typically also have incurred substantial non-HIPAA sanctions and settlements, as well as other defense, investigation, operational and reputational losses as a result of their breaches. HIPAA Entities should strive to ensure that their HIPAA enterprise wide risk assessment and compliance efforts are properly coordinated and administered to manage these overall risks and responsibilities in addition to their HIPAA-specific responsibilities and liabilities.

Because enterprise wide risk assessments and discussions of their structuring, scope and findings are likely to produce legally sensitive evidence, HIPAA Entities are encouraged to seek the advice of qualified and suitably experienced legal counsel about the advisability of conducting all or certain aspects of an enterprise wide risk analysis and their documentation of their risk evaluation and response to take advantage of possible attorney-client privilege, work-product or other evidentiary rules before or throughout the risk assessment and response process and deliberations.

About The Author

A practicing attorney and Managing Shareholder of Cynthia Marcotte Stamer, P.C, Cynthia Marcotte Stamer’s more than 30 years’ of leading edge work as an practicing attorney, author, lecturer and industry and policy thought leader have resulted in her recognition as a “Top” attorney in employee benefits, labor and employment and health care law.

Board certified in labor and employment law by the Texas Board of Legal Specialization, a Fellow in the American College of Employee Benefit Counsel, Scribe for the American Bar Association (ABA) Joint Committee on Employee Benefits (JCEB) Annual Agency Meeting with the Office of Civil Rights and a former JCEB Council Representative; former Chair of the ABA Health Law Section Managed Care & Insurance Interest Group; and past Chair, former Welfare Benefit Committee Co-Chair and current Fiduciary Responsibility Committee Co-Chair of the American Bar Association (ABA) RPTE Section Employee Benefits Group, former Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee, Ms. Stamer is recognized nationally and internationally for her practical and creative insights and leadership on HIPAA and other health care, managed care and insurance, and other employee benefit, human resources, and related antitrust, corporate, privacy and data security, tax and other internal controls, regulatory affairs and public policy concerns.

Ms. Stamer’s legal and management consulting work throughout her career has focused on helping organizations and their management use the law and process to manage people, process, compliance, operations and risk. Highly valued for her rare ability to find pragmatic client-centric solutions by combining her detailed legal and operational knowledge and experience with her talent for creative problem-solving, Ms. Stamer helps public and private, domestic and international health, insurance and financial security, and other businesses, governments, and other organizations and their leaders manage their employees, vendors and suppliers, and other workforce members, customers and other’ performance, compliance, compensation and benefits, operations, risks and liabilities, as well as to prevent, stabilize and cleanup legal and operational crises large and small that arise in the course of operations.

In this respect, Ms. Stamer works with businesses and their management, employee benefit plans, governments and other organizations deal with all aspects of human resources and workforce, regulatory compliance and operational and performance management. She supports her clients both on a real time, “on demand” basis and with longer term basis to deal with daily performance management and operations, emerging crises, strategic planning, process improvement and change management, investigations, defending litigation, audits, investigations or other enforcement challenges, government affairs and public policy.

Well known for her extensive work with health care, insurance and other highly regulated entities on corporate compliance, internal controls and risk management, her clients range from highly regulated entities like employers, contractors and their employee benefit plans, their sponsors, management, administrators, insurers, fiduciaries and advisors, technology and data service providers, health care, managed care and insurance, financial services, government contractors and government entities, as well as retail, manufacturing, construction, consulting and a host of other domestic and international businesses of all types and sizes.

As a key part of this work, Ms. Stamer uses her deep and highly specialized health, insurance, labor and employment and other knowledge and experience to help health industry, insurance and financial services and other employers and other employee benefit plan sponsors; health, pension and other employee benefit plans, their fiduciaries, administrators and service providers, insurers, and others design legally compliant, effective compliance and internal controls, risk management, human resources and other workforce performance, discipline, compensation, employee benefits and related programs, products and arrangements.

In the course of this work, Ms. Stamer has accumulated an impressive resume of experience advising and representing clients on HIPAA and other privacy and data security concerns. The scribe for the American Bar Association (ABA) Joint Committee on Employee Benefits annual agency meeting with the Department of Health & Human Services Office of Civil Rights for several years, Ms. Stamer has worked extensively with health plans, health care providers, health care clearinghouses, their business associates, employer and other sponsors, banks and other financial institutions, and others on risk management and compliance with HIPAA and other information privacy and data security rules, investigating and responding to known or suspected breaches, defending investigations or other actions by plaintiffs, OCR and other federal or state agencies, reporting known or suspected violations, business associate and other contracting, commenting or obtaining other clarification of guidance, training and enforcement, and a host of other related concerns. Her clients include public and private health plans, health insurers, health care providers, banking, technology and other vendors, and others. Beyond advising these and other clients on privacy and data security compliance, risk management, investigations and data breach response and remediation, Ms. Stamer also advises and represents clients on OCR and other HHS, Department of Labor, IRS, FTC, DOD and other health care industry investigation, enforcement and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns. She also is the author of numerous highly acclaimed publications, workshops and tools for HIPAA or other compliance including training programs on Privacy & The Pandemic for the Association of State & Territorial Health Plans, as well as HIPAA, FACTA, PCI, medical confidentiality, insurance confidentiality and other privacy and data security compliance and risk management for Los Angeles County Health Department, ISSA, HIMMS, the ABA, SHRM, schools, medical societies, government and private health care and health plan organizations, their business associates, trade associations and others.

Ms. Stamer also is deeply involved in helping to influence the health care, workforce, insurance and financial services, employee benefit, privacy and data security and other federal, state and local laws, regulations and enforcement actions. She both helps her clients respond to and resolve emerging regulations and laws, government investigations and enforcement actions and helps them shape the rules through dealings with Congress and other legislatures, regulators and government officials domestically and internationally. A former lead consultant to the Government of Bolivia on its Social Security reform law and most recognized for her leadership on U.S. health and pension, wage and hour, tax, education and immigration policy reform, Ms. Stamer works with U.S. and foreign businesses, governments, trade associations, and others on workforce, social security and severance, health care, immigration, privacy and data security, tax, ethics and other laws and regulations. Founder and Executive Director of the Coalition for Responsible Healthcare Policy and its PROJECT COPE: the Coalition on Patient Empowerment and a Fellow in the American Bar Foundation and State Bar of Texas. She also works as a policy advisor and advocate to health, insurance and financial services, employee benefits and other business, professional and civic organizations.

Author of the thousands of publications and workshops these and other employment, employee benefits, health care, insurance, workforce and other management matters, Ms. Stamer also is a highly sought out speaker and industry thought leader known for empowering audiences and readers. Ms. Stamer’s insights on employee benefits, insurance, health care and workforce matters in Atlantic Information Services, The Bureau of National Affairs (BNA), InsuranceThoughtLeaders.com, Benefits Magazine, Employee Benefit News, Texas CEO Magazine, HealthLeaders, Modern Healthcare, Business Insurance, Employee Benefits News, World At Work, Benefits Magazine, the Wall Street Journal, the Dallas Morning News, the Dallas Business Journal, the Houston Business Journal, and many other publications. She also has served as an Editorial Advisory Board Member for human resources, employee benefit and other management focused publications of BNA, HR.com, Employee Benefit News, InsuranceThoughtLeadership.com and many other prominent publications. Ms. Stamer also regularly serves on the faculty and planning committees for symposia of LexisNexis, the American Bar Association, ALIABA, the Society of Employee Benefits Administrators, the American Law Institute, ISSA, HIMMs, and many other prominent educational and training organizations and conducts training and speaks on these and other management, compliance and public policy concerns.

Ms. Stamer also has a lifelong history of involvement with and service with a diverse range of professional, community and charitable organizations and causes including as founder and Executive Director of the Coalition for Responsible Health Care Policy and its PROJECT COPE: Coalition for Patient Empowerment; technical advisor to the National Physicians’ Council for Health Care Policy; a founding Board Member and President of the Alliance for Healthcare Excellence and its Patient Empowerment and Health Care Heroes Projects; a Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; the Board President of the early childhood development intervention agency, The Richardson Development Center for Children; a member of the Dallas United Way Long Range Planning Committee; as well as leadership involvement in the ABA Joint Committee on Employee Benefits Council, the North Texas Healthcare Compliance Professionals Association; the ABA RPTE Employee Benefits & Other Compensation Committee, the ABA Health Law Section, the ABA International Section Life Sciences Committee, and the ABA TIPS Employee Benefit Committee; TEGE Coordinator of the Gulf Coast TEGE Council TE Division; Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee; a member of the Board of Directors of the Southwest Benefits Association; Dallas, Regional and State BACPAC Chair of the Texas Association of Business; SHRM Regional Chair and National Advisory Board Chair; WEB Network of Benefits Professionals National and Dallas Boards; as a contributing author and the Advisory Board member of the BNA EBCD CD, InsuranceThoughtLeadership.com, HR.com, Employee Benefit News, and many other publications and as chair or planning faculty of a multitude of symposia.. For additional information about Ms. Stamer, see www.cynthiastamer.com, or contact Ms. Stamer via email here or via telephone to (214) 452.8297.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also may be interested reviewing other Solutions Law Press, Inc.™ resources at www.solutionslawpress.com such as:

Leave a Comment » | Ambulatory care, Anethesiology, Cyber crime, data breach, Doctor, Electronic Medical Records, Employer, ERISA, FACTA, Fiduciary Responsibility, Health Care, Health care coding, Health Care Finance, Health Care Fraud, Health Care Provider, Health Care Quality, Health Care Qulity, health care reimbursement, Health Insurance, Health Insurance Exchange, Health IT, Health Plan, healthcare, HHS, HIPAA, HIPAA Cyber Crime, HITECH Act, Home Health, home health, Hospital, Indian Health, Uncategorized | Permalink
Posted by Cynthia Marcotte Stamer

Congress Set To Pass Opiate Addition Crisis Bill

September 26, 2018

Legislation targeting opiate addition crisis in the United States is heading to President Trump for signature.

Yesterday (September 25, 2018), House and Senate leaders reached an agreement on the reconciliation of differences in versions of legislation passed in the House and Senate targeting opiate and other drug addition crisis.

The Opiate Crisis

Opiate addition increasingly is recognized as one of the leading and most costly social and financial challenges in the U.S.

The misuse of and addiction to opioids—including prescription pain relievers, heroin, and synthetic opioids such as fentanyl—is considered a serious national crisis that affects public health as well as social and economic welfare.

according to the National Institutes of Health (NIH), more than 115 people in the United States die after overdosing on opioids every day.

The Centers for Disease Control and Prevention estimates that the total “economic burden” of prescription opioid misuse alone in the United States is $78.5 billion a year, including the costs of healthcare, lost productivity, addiction treatment, and criminal justice involvement.

Concern about the addiction crisis prompted President Trump to make addressing the opiate epidemic a key Administration priority and reform efforts generally enjoy widespread bipartisan support with Congress.

The Bill

In June, the House passed H.R. 6, the SUPPORT for Patients and Communities Act by a vote of 396-14. On September 17th, the Senate passed the Opioid Crisis Response Act of 2018 by a vote of 99-1.

The bipartisan, bicameral agreement allows the final legislation negotiated through the reconciliation process, the “Substance Use–Disorder Prevention that Promotes Opioid Recovery and Treatment for Patients and Communities Act” more commonly referred to as the ‘‘SUPPORT for Patients and Communities Act’’ to move swiftly through both chambers of congress and to the president’s desk.

Among other things, the Bill:

Expands opiate addition treatment coverage, requires added utilization management and oversight for coverage of opiate prescriptions and makes other changes to opiate-related Medicare and federal rules, including adding requirements for automatic escalation to external review under a Medicare part D drug management program for at-risk beneficiaries and suspension of payments by Medicare prescription drug plans and MA–PD plans pending investigations of credible allegations of fraud,
Requiring expanded coverage and Clains reporting about by healthcare payers including requiring reporting by group health plans of prescription drug coverage information for purposes of identifying primary payer situations under the Medicare program,

Modifies provisions regarding electronic prescriptions and post-surgical pain management,
Requires prescription drug plan sponsors to establish drug management programs for at-risk beneficiaries,
Establishes and expands programs to support increased detection and monitoring of fentanyl and other synthetic opioids,
Increases the maximum number of patients that health care practitioners may initially treat with medication-assisted treatment (i.e., under a buprenorphine waiver),
Clarifies FDA regulation of non-addictive pain products.
Requires the FDA to develop and implement guidelines for opiate prescribing and new safety-enhancing packaging,
Targets illegal distribution with new notification, nondistribution, and controlled substances recall rules, expanding controls on illegal importation, and strengthening FDA and CBP coordination and capacity
Creating or expanding a plethora of social, treatment, oversight and other programs and services.

Read the full text of the legislation here. For more information about the Bill or its effects, contact the author.

About the Author

Highly valued for her rare ability to find pragmatic client-centric solutions by combining her detailed legal and operational knowledge and experience with her talent for creative problem-solving, Ms. Stamer’s clients include public and private, domestic and international hospitals, health care systems, clinics, skilled nursing, long term care, rehabilitation and other health care providers and facilities; medical staff, accreditation, peer review and quality committees and organizations; billing, utilization management, management services organizations, group purchasing organizations; pharmaceutical, pharmacy, and prescription benefit management and organizations; consultants; investors; technology, billing and reimbursement and other services and product vendors; products and solutions consultants and developers; investors; managed care organizations, insurers, self-insured health plans and other payers; and other health industry clients as well as a diverse array of other business and government entities. Ms. Stamer’s health industry clients include public health organizations; public and private hospitals, healthcare systems, clinics and other health care facilities; physicians, physician practices, medical staff, and other provider organizations; skilled nursing, long term care, assisted living, home health, ambulatory surgery, dialysis, telemedicine, DME, Pharma, clinics, and other health care providers; billing, management and other administrative services organizations; insured, self-insured, association and other health plans; PPOs, HMOs and other managed care organizations, insurance, claims administration, utilization management, and other health care payers; public and private peer review, quality assurance, accreditation and licensing; technology and other outsourcing; healthcare clearinghouse and other data; research; public and private social and community organizations; real estate, technology, clinical pathways, and other developers; investors, banks and financial institutions; audit, accounting, law firm; consulting; document management and recordkeeping, business associates, vendors, and service providers and other professional and other health industry organizations; academic medicine; trade associations; legislative and other law making bodies and others.

Ms. Stamer supports these organizations and their leaders on both a real-time, “on demand” basis as well as outsourced operations or special counsel on an interim, special project, or ongoing basis with operational compliance and risk management; strategic planning; product and services development and innovation; workforce and operations management: crisis preparedness and response; public and regulatory affairs and host of other concerns.

As part of this work, Ms. Stamer continuously advises clients about compliance and internal controls, workforce and medical staff performance, quality, governance, reimbursement, privacy and data security, and other risk management and operational matters. She helps clients to establish and administer compliance and risk management policies; comply with requirements, investigate and respond to Board of Medicine, Health, Nursing, Pharmacy, Chiropractic, and other licensing agencies, Department of Aging & Disability, FDA, Drug Enforcement Agency, OCR Privacy and Civil Rights, Department of Labor, IRS, HHS, DOD, FTC, SEC, CDC and other public health, Department of Justice and state attorneys’ general and other federal and state agencies; JCHO and other accreditation and quality organizations; private litigation and other federal and state health care industry investigation, enforcement including insurance or other liability management and allocation; process and product development, contracting, deployment and defense; evaluation, commenting or seeking modification of regulatory guidance, and other regulatory and public policy advocacy; training and discipline; enforcement, and a host of other related concerns for public and private health care providers, health insurers, health plans, technology and other vendors, employers, and others.and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns. She also helps health industry, health plans and insurers, health IT, life sciences and other health industry clients manage regulatory, contractual and other legal and operational compliance; vendors and suppliers; Medicare, Medicaid, CHIP, Medicare/Medicaid Advantage, ERISA and other private payer and other terms of participation, medical billing, reimbursement, claims administration and coordination, and other provider-payer relations, contracting, compliance and enforcement; Form 990 and other nonprofit and tax-exemption; fundraising, investors, joint venture, and other business partners; quality and other performance measurement, management, discipline and reporting; physician and other workforce recruiting, performance management, peer review and other investigations and discipline, wage and hour, payroll, gain-sharing and other pay-for performance and other compensation, training, outsourcing and other human resources and workforce matters; board, medical staff and other governance; strategic planning, process and quality improvement; meaningful use, EMR, HIPAA and other technology, data security and breach and other health IT and data; STARK, antikickback, insurance, and other fraud prevention, investigation, defense and enforcement; audits, investigations, and enforcement actions; trade secrets and other intellectual property; crisis preparedness and response; internal, government and third-party licensure, credentialing, accreditation, HCQIA and other peer review and quality reporting, audits, investigations, enforcement and defense; patient relations and care; internal controls and regulatory compliance; payer-provider, provider-provider, vendor, patient, governmental and community relations; facilities, practice, products and other sales, mergers, acquisitions and other business and commercial transactions; government procurement and contracting; grants; tax-exemption and not-for-profit; 1557 and other Civil Rights; privacy and data security; training; risk and change management; regulatory affairs and public policy; process, product and service improvement, development and innovation, and other legal and operational compliance and risk management, government and regulatory affairs and operations concerns.

Past Chair of the ABA Managed Care & Insurance Interest Group and, a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also has extensive health care reimbursement and insurance experience advising and defending health care providers, payers, and others about Medicare, Medicaid, Medicare and Medicaid Advantage, Tri-Care, self-insured group, association, individual and group and other health benefit programs and coverages including but not limited to advising public and private payers about coverage and program design and documentation, advising and defending providers, payers and systems and billing services entities about systems and process design, audits, and other processes; provider credentialing, and contracting; providers and payer billing, reimbursement, claims audits, denials and appeals, coverage coordination, reporting, direct contracting, False Claims Act, Medicare & Medicaid, ERISA, state Prompt Pay, out-of-network and other nonpar insured, and other health care claims, prepayment, post-payment and other coverage, claims denials, appeals, billing and fraud investigations and actions and other reimbursement and payment related investigation, enforcement, litigation and actions.

As part of this work, Ms. Stamer has worked extensively with health care providers, health plans, health care clearinghouses, their business associates, employers and other plan sponsors, banks and other financial institutions, and others on risk management and compliance with HIPAA, FACTA, trade secret and other information privacy and data security rules, including the establishment, documentation, implementation, audit and enforcement of policies, procedures, systems and safeguards, investigating and responding to known or suspected breaches, defending investigations or other actions by plaintiffs, OCR and other federal or state agencies, reporting known or suspected violations, business associate and other contracting, commenting or obtaining other clarification of guidance, training and and enforcement, and a host of other related concerns. Her clients include public and private health care providers, health insurers, health plans, technology and other vendors, and others. In addition to representing and advising these organizations, she also has conducted training on Privacy & The Pandemic for the Association of State & Territorial Health Plans, as well as HIPAA, FACTA, PCI, medical confidentiality, insurance confidentiality and other privacy and data security compliance and risk management for Los Angeles County Health Department, MGMA, ISSA, HIMMS, the ABA, SHRM, schools, medical societies, government and private health care and health plan organizations, their business associates, trade associations and others.

Author of leading works on a multitude of these and other concerns, the American Bar Association (ABA) International Section Life Sciences Committee Vice Chair, a Scribe for the ABA Joint Committee on Employee Benefits (JCEB) Annual OCR Agency Meeting, former Vice President of the North Texas Health Care Compliance Professionals Association, past Chair of the ABA Health Law Section Managed Care & Insurance Section, past ABA JCEB Council Representative and CLE and Marketing Committee Chair, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, and Board Certified by the Texas Board of Legal Specialization in Labor and Employment Law, Ms. Stamer also shares her thought leadership, experience and advocacy on these and other related concerns by her service in the leadership of the Solutions Law Press, Inc. Coalition for Responsible Health Policy, its PROJECT COPE: Coalition on Patient Empowerment, and a broad range of other professional and civic organizations including North Texas Healthcare Compliance Association, a founding Board Member and past President of the Alliance for Healthcare Excellence, past Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; former Board President of the early childhood development intervention agency, The Richardson Development Center for Children (now Warren Center For Children); current Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee, current Vice Chair of Policy for the Life Sciences Committee of the ABA International Section, Past Chair of the ABA Health Law Section Managed Care & Insurance Section, a current Defined Contribution Plan Committee Co-Chair, former Group Chair and Co-Chair of the ABA RPTE Section Employee Benefits Group, past Representative and chair of various committees of ABA Joint Committee on Employee Benefits; a ABA Health Law Coordinating Council representative, former Coordinator and a Vice-Chair of the Gulf Coast TEGE Council TE Division, past Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee, a former member of the Board of Directors of the Southwest Benefits Association and others.

For more information about Ms. Stamer or experience publications, speaking, public advocacy or other involvements, see here or contact Ms. Stamer via telephone at (469) 767-8872 or via e-mail here.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources here.

NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advise or an admission. The author reserves the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The presenter and the program sponsor disclaim, and have no responsibility to provide any update or otherwise notify any participant of any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.

Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.

Leave a Comment » | Anethesiology, billing, Border Health, Centers For Disease Control, Consumer Driven Health Care, Controlled Substances, Doctor, drug treatment, E-Prescribing, Electronic Health Records, Employee Benefits, Employer, ERISA, Evidence Based Medicine, Health Care, Health Care Finance, Health Care Fraud, Health Care Provider, health care reimbursement, Health IT, Health Plan, Health Plans, home health, Hospital, managed care, Medicaid, Medical Malpractice, Medical Records, Medicare, Medicare Advantage, Medicare Prescription Drug Program, Mental Heatlh, Opiates, Outpatient, pain management, Pharmacy, Physician, Physician Licensing, Prescription Drugs, Reimbursement, Substance Abuse, substance abuse treatment, Uncategorized, Veterans Health Administration | Permalink
Posted by Cynthia Marcotte Stamer

Device Manufacturers & Health Care Providers Should Update Audits & Controls For New NIST Data Security Guidance

August 23, 2018

Medical device manufacturers whose physical devices include technology that allows them to connect to the internet or other electronic system to communicate with other devices or systems “connected medical devices”) and health care providers installing, providing or using these devices should check out the guidance on connected medical device security provided by the just released 375 page NIST Special Publication 1800-8 (Guidance) from the National Institute of Standards and Technology (NIST).

While the Guidance’s title of “Securing Wireless Infusion Pumps,” suggests a more narrow focus, the Guidance clearly can be read as relevant if not generally applicable to all connected medical devices.

Unlike prior medical devices that were once standalone instruments, today’s wireless infusion pumps and other connected medical devices transmit and/or connect to a variety of electronic health records (EHRs) and other healthcare systems, networks, and other devices. While this connectivity often helps improve certain healthcare delivery processes, a medical device’s connectivity capabilities also can create significant cybersecurity risk, which could lead to health care privacy, operational or safety risks. Tampering or other intentional or inadvertent access or interference with the data sent or received from connected medical devices can expose health care providers and their healthcare enterprises to series risks including, for example:

A breach of electronic protected health information (ePHI) in violation of the privacy and security standards of the Health Insurance Portability & Accountability Act (HIPAA);
Loss or disruption of healthcare services;
Malicious access by malicious actors;
Loss or corruption of enterprise information and patient data and health records; and
Resulting damage to an organization’s reputation, productivity, and bottom-line revenue.

The Guide includes a variety of information NIST intends to help organizations manage these and other risks to connected medical devices and their ePHI and other data. It provides an example that:

Illustrates cybersecurity standards and best-practice guidelines for better securing the wireless infusion pump ecosystem, such as the hardening of operating systems, segmenting the network, file and program whitelisting, code-signing, and using certificates for both authorization and encryption, maintaining the performance and usability of wireless infusion pumps and other connected mobile devices;
Discusses risks and opportunities to reduce risks from the compromise of information, including the potential for a breach or loss of ePHI, as well as not allowing these medical devices to be used for anything other than the intended purposes;
Documentation of a defense-in-depth strategy to introduce layers of cybersecurity controls that avoid a single point of failure and provide strong support for availability that may include a variety of tactics: using network segmentation to isolate business units and user access; applying firewalls to manage and control network traffic; hardening and enabling device security features to reduce zero-day exploits; and implementing strong network authentication protocols and proper network encryption, monitoring, auditing, and intrusion detection systems (IDS) and intrusion prevention systems (IPS);
Highlights best practices for the procurement of wireless infusion pumps, by including the need for cybersecurity features at the point of purchase; and
Calls upon industry to create new best practices for healthcare providers to consider when onboarding medical devices, with a focus on elements such as asset inventory, certificate management, device hardening and configuration, and a clean-room environment to limit the possibility of zero-day vulnerabilities.

As the patient identifiable ePHI these connected medical devices send, store or receive are considered subject to HIPAA’s privacy, security and breach notification rules, health care providers, medical device manufacturers acting as their business associates and other entities covered by these rules as covered entities or business associates are responsible for protecting and safeguarding this ePHI in accordance with HIPAA’s requirements. Since the Department of Health & Human Services Office of Civil Rights (OCR) often points to the NIST guidance as a relevant touchstone for HIPAA covered entities and business associates to comply with HIPAA security requirements, HIPAA covered entities can anticipate that OCR will look to and be influenced by the Guidance in formulating and applying HIPAA to connected mobile devices. Consequently, health care providers and other HIPAA covered entities and their business associates should be prepared to demonstrate their consideration and use of the standards and practices suggested in the Guidance including their analysis and justification for not following those criteria as part of their HIPAA security rule assessments. Meanwhile, connected mobile device manufacturers also will want to evaluate the Guidance and update their products and practices both to meet customer demands and to mitigate their risks as manufacturers to potential product liability claims and associated claims likely to rise from breaches or other events that may result from the failure to address the security and other risks identified in the Guidance as well as, when applicable, their specific business associate risk under HIPAA.

To accomplish this, impacted health care providers, manufacturers and other responsible parties generally will want to assess and confirm within the scope of attorney-client privilege the compliance of the ePHI safeguards of their current connected medical devices as well as require documented verification that any connected medical devices not yet deployed take into account these new standards. To the extent that deficiencies exist in the adherence of currently in use connected medical devices, HIPAA covered entities and their business associates should consult with qualified legal counsel experienced in addressing these HIPAA compliance and risk management concerns about the defensibility and exposures potential arising from the continued use of the devices, if any, and develop an appropriate compliance and risk management plan accordingly.

About the Author

Recognized repeatedly by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: Erisa & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years of health industry, health and other benefit, workforce and other management work, public policy leadership and advocacy, coaching, teachings, and publications.

Highly valued for her rare ability to find pragmatic client-centric solutions by combining her detailed legal and operational knowledge and experience with her talent for creative problem-solving, Ms. Stamer’s clients include employer, associations, government and other health benefit sponsors and administrators, public and private, domestic and international hospitals, health care systems, clinics, skilled nursing, long term care, rehabilitation and other health care providers and facilities; medical staff, accreditation, peer review and quality committees and organizations; billing, utilization management, management services organizations, group purchasing organizations; pharmaceutical, pharmacy, and prescription benefit management and organizations; consultants; investors; technology, billing and reimbursement and other services and product vendors; products and solutions consultants and developers; investors; managed care organizations, insurers, self-insured health plans and other payers; and other health industry, insurance, technology, government and other management clients.

Beyond her public policy and regulatory affairs involvement, Ms. Stamer also has extensive experience helping these and other clients to design and reform programs and practices; establish and administer compliance and risk management policies; comply with requirements, investigate and respond to government; accreditation and quality organizations; private litigation and other federal and state health care industry investigations and enforcement actions; evaluate and influence legislative and regulatory reforms and other regulatory and public policy advocacy; training and discipline; enforcement, and a host of other related concerns. supports these organizations and their leaders on both a real-time, “on demand” basis as well as outsourced operations or special counsel on an interim, special project, or ongoing basis with strategic planning and product and services development and innovation; workforce and operations management, crisis preparedness and response as well as to prevent, stabilize and cleanup legal and operational crises large and small that arise in the course of operations.

Past Chair of the ABA Managed Care & Insurance Interest Group and, a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer has extensive health care reimbursement and insurance experience advising and defending health care providers, payers, and others about Medicare, Medicaid, Medicare and Medicaid Advantage, Tri-Care, self-insured group, association, individual and employer and association group and other health benefit programs and coverages including but not limited to advising public and private payers about coverage and program design and documentation, advising and defending providers, payers and systems and billing services entities about systems and process design, audits, and other processes; provider credentialing, and contracting; providers and payer billing, reimbursement, claims audits, denials and appeals, coverage coordination, reporting, direct contracting, False Claims Act, Medicare & Medicaid, ERISA, state Prompt Pay, out-of-network and other nonpar insured, and other health care claims, prepayment, post-payment and other coverage, claims denials, appeals, billing and fraud investigations and actions and other reimbursement and payment related investigation, enforcement, litigation and actions.

Ms. Stamer helps health industry, health plans and insurers, health IT, life sciences and other health industry clients design, document and enforce plans, practices, policies, systems and solutions; manage regulatory, contractual and other legal and operational compliance; vendors and suppliers; Medicare, Medicaid, CHIP, Medicare/Medicaid Advantage, ERISA and other private payer and other terms of participation, medical billing, reimbursement, claims administration and coordination, and other provider-payer relations, contracting, compliance and enforcement; Form 990 and other nonprofit and tax-exemption; fundraising, investors, joint venture, and other business partners; quality and other performance measurement, management, discipline and reporting; physician and other workforce recruiting, performance management, peer review and other investigations and discipline, wage and hour, payroll, gain-sharing and other pay-for performance and other compensation, training, outsourcing and other human resources and workforce matters; board, medical staff and other governance; strategic planning, process and quality improvement; meaningful use, EMR, HIPAA and other technology, data security and breach and other health IT and data; STARK, antikickback, insurance, and other fraud prevention, investigation, defense and enforcement; audits, investigations, and enforcement actions; trade secrets and other intellectual property; crisis preparedness and response; internal, government and third-party licensure, credentialing, accreditation, HCQIA and other peer review and quality reporting, audits, investigations, enforcement and defense; patient relations and care; internal controls and regulatory compliance; payer-provider, provider-provider, vendor, patient, governmental and community relations; facilities, practice, products and other sales, mergers, acquisitions and other business and commercial transactions; government procurement and contracting; grants; tax-exemption and not-for-profit; 1557 and other Civil Rights; privacy and data security; training; risk and change management; regulatory affairs and public policy; process, product and service improvement, development and innovation, and other legal and operational compliance and risk management, government and regulatory affairs and operations concerns.

For more information about Ms. Stamer or her health industry and other experience and involvements, see here or contact Ms. Stamer via telephone at (469) 767-8872 or via e-mail here.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources here.

NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advise or an admission. The author reserves the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The presenter and the program sponsor disclaim, and have no responsibility to provide any update or otherwise notify any participant of any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.

Leave a Comment » | Academic medicine, data breach, data security, Durable Medical Equipment, Electronic Health Records, Genetic Information, GINA, Health Care, Health care coding, Health Care Finance, Health Care Fraud, Health Care Provider, Health Care Quality, Health IT, healthcare, HHS, HIPAA, home health, Hospital, hospitals, Human Subjects Research, Immigration, Inpatient Rehabilitation Facility, Life Sciences, medical devices, Medical Privacy, Medical Records, NIST, Privacy, Uncategorized, Veterans Health Administration | Tagged: connected medical device, Data Breach, Data Privacy Day, Data Security, EPHI, FTC Act, Health Care, health care data security, health care privacy, HIPAA, medical device, NIST, product liability, Technology | Permalink
Posted by Cynthia Marcotte Stamer

House Passess Medical Device Tax Repeal, Other Health Bills; Will Senate Follow Its Lead?

July 24, 2018

Supporters of efforts to repeal a controversial excise tax on medical devices enacted as part of the Patient Protection and Affordable Care Act (ACA) should share their positions with key Senate leaders following the passage by the United States House of Representatives earlier today of legislation that would repeal the excise tax on medical devices.

Medical Device Tax Repeal

One of five health care reform bills passed by the House today, H.R. 184, the Protect Medical Innovation Act of 2018, would amend the Internal Revenue Code to repeal the excise tax on the sale of a medical device by the manufacturer, producer, or importer currently imposed under Subchapter E of Chapter 32 of the Internal Revenue Code of 1986 retroactive to December 31, 2017. Introduced originally by Republican Representative Erik Paulsen, its 278 cosponsors included 233 Republicans and 45 democrats. It passed the House by a vote of 283 to 132.

Of course, the bill requires Senate approval before it can go to the President for signature. While S. 2287, the No Taxation on Device Innovation Act, also calls for repeal of the excise tax, its prospects for passage remain to be seen. While House Republications have realized much success getting health care reform legislation passed in the House during the current and prior Congress and many Senate members have expressed support for repeal of the excise tax, the inability to secure their passage in the Senate has prevented a multitude of widely supported House passed reform proposals from becoming law in the current Congress despite Republican majorities in both bodies. Couple these historical difficulties with the fact that Democrat Senator Edward “Ed” Markey introduced the bill, it is not surprising that the Senate has not taken any action on the bill since the Republican leadership referred it to the Senate Finance Committee following its introduction in January. It remains to be seen whether and when House passage of H.R. 184 will prompt Senate Republicans to move on the legislation before the November elections.

Other Health Care Reform Bills Pass The House

Securing Senate passage also could prove a challenge to the enactment of the following four other health care bills that passed the House by unanimous consent today:

H.R. 1201, the Equitable Access to Care and Health Act, sponsored by Rep. Rodney Davis (R-IL) and cosponsored by Rep. Erik Paulsen (R-MN), Rep. David Schweikert (R-AZ), and Rep. Mike Kelly (R-PA).
H.R. 1476, the Native American Health Savings Improvement Act, sponsored by Rep. John Moolenaar (R-MI).
H.R. 4952, the Improving Seniors Access to Quality Benefits Act, sponsored by Rep. Mike Kelly (R-PA) and Rep. Ron Kind (D-WI).
H.R. 6138, the Ambulatory Surgical Center (ASC) Payment Transparency Act of 2018, sponsored by Rep. Devin Nunes (R-CA) and Rep. John Larson (D-CT).

While many Senate Republicans support many of the reforms proposed in these and other bills, confirmation of President Trump’s latest Supreme Court nominee and various other legislative priorities leading up to the November elections could further complicate the already difficult path to approval health care reform legislation historically has faced in the current Senate. Ultimately, it is likely that the fate of these bills between now and the election will be determined by the level of perceived public support they enjoy. Accordingly, supports of any of these reforms likely will want to express their support to key Senate leaders as soon as possible if they wish to encourage consideration by the current Senate.

About the Author

Highly valued for her rare ability to find pragmatic client-centric solutions by combining her detailed legal and operational knowledge and experience with her talent for creative problem-solving, Ms. Stamer’s clients include employer, associations, government and other health benefit sponsors and administrators, public and private, domestic and international hospitals, health care systems, clinics, skilled nursing, long term care, rehabilitation and other health care providers and facilities; medical staff, accreditation, peer review and quality committees and organizations; billing, utilization management, management services organizations, group purchasing organizations; pharmaceutical, pharmacy, and prescription benefit management and organizations; consultants; investors; technology, billing and reimbursement and other services and product vendors; products and solutions consultants and developers; investors; managed care organizations, insurers, self-insured health plans and other payers; and other health industry, insurance, technology, government and other management clients.

Past Chair of the ABA Managed Care & Insurance Interest Group and, a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer has extensive health care reimbursement and insurance experience advising and defending health care providers, payers, and others about Medicare, Medicaid, Medicare and Medicaid Advantage, Tri-Care, self-insured group, association, individual and employer and association group and other health benefit programs and coverages including but not limited to advising public and private payers about coverage and program design and documentation, advising and defending providers, payers and systems and billing services entities about systems and process design, audits, and other processes; provider credentialing, and contracting; providers and payer billing, reimbursement, claims audits, denials and appeals, coverage coordination, reporting, direct contracting, False Claims Act, Medicare & Medicaid, ERISA, state Prompt Pay, out-of-network and other nonpar insured, and other health care claims, prepayment, post-payment and other coverage, claims denials, appeals, billing and fraud investigations and actions and other reimbursement and payment related investigation, enforcement, litigation and actions.

For more information about Ms. Stamer or her health industry and other experience and involvements, see here or contact Ms. Stamer via telephone at (469) 767-8872 or via e-mail here.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources here.

NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advise or an admission. The author reserves the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The presenter and the program sponsor disclaim, and have no responsibility to provide any update or otherwise notify any participant of any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.

Leave a Comment » | Health Care, Health Care Finance, Health Care Fraud, Uncategorized | Permalink
Posted by Cynthia Marcotte Stamer

Tuesday Health Care Fraud Hearing Start Time Delayed

July 16, 2018

The House Ways & Means Committee today announced its delay of one of two health care fraud hearings originally scheduled tomorrow.

When it ended it’s work last week, the Committee was scheduled to hold two hearings on health care fraud on Tuesday:

The Ways and Means Committee Oversight Subcommittee Hearing on Combating Fraud in Medicare: A Strategy for Success beginning at 10:00 AM Eastern Time; and
The Ways and Means Committee Subcommittee Hearing on Modernizing Stark Law to Ensure the Successful Transition from Volume to Value in the Medicare Program beginning at 2:00 PM.

Both hearings are scheduled to take place in Room 1100 Longworth Congressional Offices and be live streamed on YouTube.

Today, however, House Ways and Means Health Subcommittee Chairman Peter Roskam announced that the Subcommittee is delaying the start time of the hearing on “Modernizing Stark Law to Ensure the Successful Transition from Volume to Value in the Medicare Program” to 3:30 PM.

This week’s health focused hearings reflect the continued emphasis of members of Congress in both parties on health care reform legislation as they prepare for the impending mid-term elections in November. As a part of these efforts, the House and Senate already over the past several months have held a wide range of hearings in various committees and key votes on a multitude of reform proposals. Numerous other hearings and votes are planned over the next several months as Congressional leaders from both parties work to advance their health care agendas in anticipation of the upcoming elections.

Physicians and other health care providers concerned about existing health care fraud rules should monitor and provide timely input to the Committee and other key members of Congress on the ideas discussed in the Tuesday hearings and other proposed healtg reforms.

About the Author

Highly valued for her rare ability to find pragmatic client-centric solutions by combining her detailed legal and operational knowledge and experience with her talent for creative problem-solving, Ms. Stamer’s clients include employer, associations, government and other health benefit sponsors and administrators, public and private, domestic and international hospitals, health care systems, clinics, skilled nursing, long term care, rehabilitation and other health care providers and facilities; medical staff, accreditation, peer review and quality committees and organizations; billing, utilization management, management services organizations, group purchasing organizations; pharmaceutical, pharmacy, and prescription benefit management and organizations; consultants; investors; technology, billing and reimbursement and other services and product vendors; products and solutions consultants and developers; investors; managed care organizations, insurers, self-insured health plans and other payers; and other health industry, insurance, technology, government and other management clients.

Past Chair of the ABA Managed Care & Insurance Interest Group and, a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer has extensive health care reimbursement and insurance experience advising and defending health care providers, payers, and others about Medicare, Medicaid, Medicare and Medicaid Advantage, Tri-Care, self-insured group, association, individual and employer and association group and other health benefit programs and coverages including but not limited to advising public and private payers about coverage and program design and documentation, advising and defending providers, payers and systems and billing services entities about systems and process design, audits, and other processes; provider credentialing, and contracting; providers and payer billing, reimbursement, claims audits, denials and appeals, coverage coordination, reporting, direct contracting, False Claims Act, Medicare & Medicaid, ERISA, state Prompt Pay, out-of-network and other nonpar insured, and other health care claims, prepayment, post-payment and other coverage, claims denials, appeals, billing and fraud investigations and actions and other reimbursement and payment related investigation, enforcement, litigation and actions.

For more information about Ms. Stamer or her health industry and other experience and involvements, see here or contact Ms. Stamer via telephone at (469) 767-8872 or via e-mail here.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources here.

NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advise or an admission. The author reserves the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The presenter and the program sponsor disclaim, and have no responsibility to provide any update or otherwise notify any participant of any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.

Leave a Comment » | Health Care, Health Care Finance, Health Care Fraud, Uncategorized | Permalink
Posted by Cynthia Marcotte Stamer

Key House Committee Votes To Advance HSA & Other Health Choice Reforms; Plans 7/17 Health Care Fraud Hearings

July 13, 2018

A flurry of activity in the House Ways & Means Committee and other Congressional committees over the past few weeks signals the advisability of keeping a close eye on health care and health benefit reform proposals this Summer in anticipation of both the Fall health benefit enrollment and renewal season and the mid-term November Congressional elections.

Certainly continued Congressional commitment to pursue reform is evident from the House Ways & Means Committee’s health care heavy agenda of hearings and votes that this week alone resulted in its voting in favor of 11 health care reform bills promising new flexibility for employers about how to design their health plans and American families more health care choices and choice about how to pay for it and what coverage to buy popular with many providers, patients and employer and other health plan sponsors. While it remains to be seen if the House and Senate can agree on any or all of these proposal, the bi-partisan sponsorship of many of these proposals and the intensity of the focus of the Committee and others in Congress reflects a strong interest in health care reform by both parties leading up to November that could impact health benefit and other health care choices for providers, employers and American families in the Fall annual enrollment season.

The legislation passed by the Ways & Means Committee this weeks include bills that would:

Provide relief for employers relief from the Obamacare’s employer mandate and delay for an additional year the effective date of the widely disliked “Cadillac Tax;”
Overrule the “Use it Or Lose It” requirement in current Internal Revenue Regulations for healthcare flexible spending arrangement plans (HFSAs) that currently forces employers sponsoring HFSAs to draft their plans to require employees to forfeit unused salary reduction contributions in their HFSA accounts at the end of the year;
Offer individuals and families eligible for Obamacare created health premium subsidies more choice about where to obtain that coverage using their subsidies; and
Expand expand the availability and usability of HSAs in a multitude of ways.

While the recurrent stalling of past reform efforts over the past few years calls into question whether any or all of these proposals can make it through the highly politicized and divided Congress, bi-partisian sponsorship of most of the bills reported out this week at least raises the possibility that some of these proposals enjoy sufficient bi-partisan support to potentially pass before the elections. With both parties viewing health care reform as a key issue in the upcoming elections, voter feedback on these proposals could play a big role in determining the prospects for passage this Summer.

Passage of any or all of these proposed reforms between now and year end likely will fuel the need for last minute reconsideration and potential adjustments in plan design choices of employers and other health plan sponsors and administrators, reconsideration of health benefit enrollment choices of individual Americans and their families and a reconsideration of practice billing and health plan participation decisions of physicians and other health care providers. Accordingly, health care providers, employers and other health plan sponsors, American taxpayers and their families and others impacted by health care and health benefit policies will want to carefully monitor these reforms as the Summer progresses:

To provide timely input to Congress on proposed reforms of particular benefit or concern;
To help plan for and deal with rules changes that could impact their options and choices during the upcoming health plan renewal and enrollment season this Fall and going forward; and
To be prepared to make informed choices when voting in the upcoming mid-term Congressional elections in November.

To learn more details about this proposed legislation, its potential implications or other related concerns, see here or contact the author.

About the Author

After holding hearings on health savings account reforms and passing a flurry of health care reform bills intended to give employers relief from two key Obamacare mandates, to allow Obamacare subsidy-eligible Americans the choice to use the subsidies to purchase health care coverage not offered by the Obamacare exchanges, and a host of bills that would expand availability and usability of health savings account (HSA) and health care flexible spending account (HFSA) programs this week, the House Ways and Means Committee will turn its attention to health care fraud oversight and reform next week by holding hearings Tuesday on those health concerns. Health care providers, employer and other health plan sponsors, individual Americans and their families, and others interested in health benefit and health care reform will want to keep a close eye on these and other developments as Congress continues to debate health care reform in the runup to the upcoming 2018 health benefit plan renewal and annual enrollment season and November’s mid-term elections.

Committee Approved 11 Health Care Reform Bills This Week

As a part of its health reform efforts this week, the Committee voted to advance 11 health care reform bills offering new flexibility for employers about how to design their health plans and American families more health care choices and choice about how to pay for it and what coverage to buy popular with many providers, patients and employer and other health plan sponsors.

Among the approved legislation is a bill that would provide key relief for employers from certain key Obamacare mandates that have been widely unpopular with employers. H.R. 4616, the “Employer Relief Act of 2018,” sponsored by Rep. Devin Nunes (R-CA) and Rep. Mike Kelly (R-PA), which would give employers sponsoring health plans for their employees retroactive relief from Obamacare’s onerous employer mandate and delay for an additional year the effective date of another Obamacare requirement that when effective, will forces employers to pay the 40 percent tax on amounts paid for employer sponsored health care coverage that exceeds cost limits specified in the Obamacare legislation commonly known as the “Cadillac Tax.” Relief from the Cadillac Tax is widely perceived as benefiting bother employers and their employees, as its provisions penalize employers for spending more for employee health coverage than limits specified in the Obamacare law. These provisions also are particularly viewed by many as unfair because rising health plan costs since Obamacare’s passage make it likely that many employers will incur the tax penalty simply by sponsoring relatively basic health plans meeting the Obamacare mandates.

In addition to H.R. 4616, the Committee also voted to approve H.R. 6313, the “Responsible Additions and Increases to Sustain Employee Health Benefits Act of 2018,” sponsored by Rep. Steve Stivers (R-OH), which would overrule the “Use it Or Lose It” requirement in current Internal Revenue Regulations for HFSAs. Currently, this rule forces employers sponsoring HFSAs to draft their plans to require employees to forfeit unused salary reduction contributions in their HFSA accounts at the end of the year. The bill would allow employers to eliminate this forfeiture requirement so that employees could carry over any remaining unused balances in their HFSAs at the end of the year to use in a later year.

The Committee also voted to advance legislation to offer individuals and families eligible for Obamacare created health premium subsidies more choice about where to obtain that coverage. H.R. 6311, the “Increasing Access to Lower Premium Plans Act of 2018,” sponsored by Chairman Peter Roskam (R-IL) and Rep. Michael C. Burgess, M.D. (R-TX), would provide individuals receiving subsidies to help purchase health care coverage through the Obamacare-created health insurance exchange the option to use their premium tax credit to purchase health care coverage from qualified plans offered outside of the exchanges. Currently, subsidies may only be used to purchase coverage from health plans offered through the exchange, which often are much more costly and offer substantially fewer coverage options and less provider choice. In addition, the bill would expand access to the lowest-premium plans available for all individuals purchasing coverage in the individual market and allows the premium tax credit to be used to offset the cost of such plans.

Along with these reforms, the Committee also voted to pass a host of bills that would expand the availability and usability of HSAs including:

H.R. 6301, the “Promoting High-Value Health Care Through Flexibility for High Deductible Health Plans Act of 2018,” co-sponsored by Health Subcommittee Chairman Peter Roskam (R-IL) and Rep. Mike Thompson (D-CA), which seeks to expand access and enhance the utility of Health Savings Accounts (HSAs) by offering patients greater flexibility in designing their plan design while still being able to maintain their eligibility for HSA contributions.
H.R. 6305, the “Bipartisan HSA Improvement Act of 2018,” sponsored by Rep. Mike Kelly (R-PA) and Rep. Earl Blumenauer (D-OR), which also would expand HSA access and utility by allowing spouses to also make contributions to HSAs is their spouse has an FSA and lets employers offer certain services to employees through on-site or retail clinics.
H.R. 6317, the “Primary Care Enhancement Act of 2018,” co-sponsored by Rep. Erik Paulsen (R-MN) and Rep. Earl Blumenauer (D-OR), which seeks to protect HSA-eligible individuals who participate in a direct primary care (DPC) arrangement from losing their HSA-eligibility merely because of their participation in a DPC. In addition, it allows DPC provider fees to be covered with HSAs.
H.R. 6312, the “Personal Health Investment Today (PHIT) Act,” sponsored by Rep. Jason Smith (R-MO) and Rep. Ron Kind (D-WI), which seeks to fight obesity and promote wellness by allowing taxpayers to use tax-preferred accounts to pay costs of gym membership or exercise classes, children’s school sports programs and certain other wellness programs and activities.
H.R. 6309, the “Allowing Working Seniors to Keep Their Health Savings Accounts Act of 2018,” sponsored by Rep. Erik Paulsen (R-MN), which would expand HSA eligibility to include Medicare eligible seniors who are still in the workforce.
H.R.6199, the “Restoring Access to Medication Act of 2018,” sponsored by Rep. Lynn Jenkins (R-KS) and Rep. Grace Meng (D-NY), which would reverse Obamacare’s prohibition on using tax-favored health accounts to purchase over-the-counter medical products and would add feminine products to the list of qualified medical expenses for the purposes of these tax-favored health accounts.
H.R. 6306, the “Improve the Rules with Respect to Health Savings Accounts,” sponsored by Rep. Erik Paulsen (R-MN), which would increase the contribution limits for HSAs and further enhances flexibility in plans by allowing both spouses to contribute to make catch-up contributions to the same account and creating a new grace period for medical expenses incurred before the HSA was established.
H.R. 6314, the “Health Savings Act of 2018,” sponsored by Rep. Burgess (R-TX) and Rep. Roskam (R-IL), would expand eligibility and access to HSAs by allowing plans categorized as “catastrophic” and “bronze” in the exchanges to qualify for HSA contributions.

Committee Considers Health Care Fraud Next Week

The Committee next week will turn its attention to health care fraud by holding two hearings on Tuesday.

Tuesday morning, the Ways and Means Committee Oversight Subcommittee plans to hold a Hearing on Combating Fraud in Medicare: A Strategy for Success beginning at 10:00 AM Eastern Time; and
Tuesday afternoon, the Ways and Means Committee Subcommittee plans to hold a Hearing on Modernizing Stark Law to Ensure the Successful Transition from Volume to Value in the Medicare Program beginning at 2:00 PM.

Both hearings are scheduled to take place in Room 1100 Longworth and their proceedings will be live streamed on YouTube.

The Committee’s health care reform focus this week and next are reflective of the continued emphasis of members of Congress in both parties on health care reform legislation as they prepare for the impending mid-term elections in November. As a part of these efforts, the House and Senate already over the past several months have held a wide range of hearings in various committees and key votes on a multitude of reform proposals. Numerous other hearings and votes are planned over the next several months as Congressional leaders from both parties work to advance their health care agendas in anticipation of the upcoming elections.

Key health care and health benefit reform proposals that the Republican Majority has designated for priority consideration include:

Prescription drug costs by checking perceived negative effects of health industry and health plan consolidations involving large health insurers, pharmacy benefit management companies (PBMs), pharmacy companies and other health industry and health insurance organizations on health care costs and patient, plan sponsor and plan sponsor choice and health care quality;
Oversight and reform of existing STARK, anti-kickback and other federal health care rules and exemptions relied upon by PBMs and other health industry organizations;
Efforts to understand and address health care treatment, health care and coverage costs and related social concerns associated with mental health and opioid and other substance abuse conditions and their treatment;
Efforts promote health benefit and health care choice, affordability and coverage; improve patient and employer choice; promote broader health care access and quality; reduce counterproductive regulation; and other health insurance and care improvements through expanded availability of health savings accounts, direct primary care and other consumer directed health care options, association health plan and other program options, streamlining quality reporting and regulation, billing and coding, physician and other health care provider electronic billing and recordkeeping, and other provider, payer, employer, individual and other health insurance mandates and other federal health care and health plan rules; and
More.

Health care providers, employers and other health plan sponsors, American taxpayers and their families and others will want to carefully monitor these reforms as the Summer progresses:

To provide timely input to Congress on proposed reforms of particular benefit or concern;
To help plan for and deal with rules changes that could impact their options and choices during the upcoming health plan renewal and enrollment season this Fall and going forward; and
To be prepared to make informed choices when voting in the upcoming mid-term Congressional elections in November.

About the Author

Highly valued for her rare ability to find pragmatic client-centric solutions by combining her detailed legal and operational knowledge and experience with her talent for creative problem-solving, Ms. Stamer’s clients include employer, associations, government and other health benefit sponsors and administrators, public and private, domestic and international hospitals, health care systems, clinics, skilled nursing, long term care, rehabilitation and other health care providers and facilities; medical staff, accreditation, peer review and quality committees and organizations; billing, utilization management, management services organizations, group purchasing organizations; pharmaceutical, pharmacy, and prescription benefit management and organizations; consultants; investors; technology, billing and reimbursement and other services and product vendors; products and solutions consultants and developers; investors; managed care organizations, insurers, self-insured health plans and other payers; and other health industry, insurance, technology, government and other management clients.

Past Chair of the ABA Managed Care & Insurance Interest Group and, a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer has extensive health care reimbursement and insurance experience advising and defending health care providers, payers, and others about Medicare, Medicaid, Medicare and Medicaid Advantage, Tri-Care, self-insured group, association, individual and employer and association group and other health benefit programs and coverages including but not limited to advising public and private payers about coverage and program design and documentation, advising and defending providers, payers and systems and billing services entities about systems and process design, audits, and other processes; provider credentialing, and contracting; providers and payer billing, reimbursement, claims audits, denials and appeals, coverage coordination, reporting, direct contracting, False Claims Act, Medicare & Medicaid, ERISA, state Prompt Pay, out-of-network and other nonpar insured, and other health care claims, prepayment, post-payment and other coverage, claims denials, appeals, billing and fraud investigations and actions and other reimbursement and payment related investigation, enforcement, litigation and actions.

For more information about Ms. Stamer or her health industry and other experience and involvements, see here or contact Ms. Stamer via telephone at (469) 767-8872 or via e-mail here.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources here.

NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advise or an admission. The author reserves the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The presenter and the program sponsor disclaim, and have no responsibility to provide any update or otherwise notify any participant of any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.

Leave a Comment » | Affordable Care Act, Anti-KickBack, Antitrust, Child Care, Consumer Driven Health Care, Controlled Substances, Corporate Compliance, Direct Primary Care, E-Prescribing, Employee Benefits, Employment, Evidence Based Medicine, FDA, Fiduciary Responsibility, Health Care, Health care coding, Health Care Finance, Health Care Fraud, Health Care Provider, Health Care Quality, Health Care Reform, health care reimbursement, Health Insurance, Health Insurance Exchange, Health IT, Health Plan, Health Plans, Health Policy, healthcare, HHS, Home Health, home health, Hospital, hospitals, managed care, Medicaid, Medical Licensure, Medicare, Medicare Advantage, Medicare Fee Schedule, Medicare Prescription Drug Program, Mental Health, Mental Heatlh, Patient Empowerment, Pharmaceudical, Pharmacy, Physician, Preexisting Condition Insurance Plan, Prescription Drugs, Psychiatric, Public Policy, quality reporting, Reimbursement, Rural Health Care, substance abuse treatment, Tax, Tax-Exemption, Uncategorized, Veterans Health, Veterans Health Administration, Veterans Health Care | Permalink
Posted by Cynthia Marcotte Stamer

Agencies Delay To 1/21/19, Grant Limited Transition Relief For “Common Rule” Federal Policy For the Protection of Human Subjects

June 19, 2018

The Department of Health & Human Services(HHS), Department of Labor (DOL) and a plethora of other federal agencies today announced an additional six-month delay from July 19, 2018 to January 21, 2019 of the effective date and general compliance deadline for revised federal standards governing research involving human subjects set forth in the ”) (“Federal Policy for the Protection of Human Subjects” (often referred to as the “Common Rule.

The Common Rule originally was adopted on January 19, 2017 by HHS, DOL and the Department of Homeland Security; Department of Agriculture; Department of Energy; National Aeronautics and Space Administration; Department of Commerce; Consumer Product Safety Commission; Social Security Administration; Agency for International Development; Department of Housing and Urban Development; Department of Defense; Department of Education; Department of Veterans Affairs; Environmental Protection Agency; National Science Foundation; and Department of Transportation. The Consumer Product Safety Commission (CPSC) adopted the same changes in a Final Rule it published on September 18, 2017.

The Agencies originally set January 19, 2018 as the compliance date and effective date for the Common Rule. By an interim final rule issued on January 17, 2018 and published on January 22, 2018, however, HHS and most the other Agencies delayed the compliance and effective date until July 19, 2018. The Department of Housing and Urban Development (HUD) published an interim final rule adopting the same regulatory changes on January 26, 2018. The revised Common Rule, including technical amendments made by the January 22, 2018 interim final rule, is referred to here as the “2018 Requirements.” This delay delayed the effective date of the Common Rule until July 19, 2018 (with the exception of the revisions to its cooperative research provision, which has a compliance date of January 20, 2020).

On April 20, 2018, federal departments and agencies published a notice of proposed rulemaking (NPRM) soliciting comments on two proposals. 83 FR 17595. The first proposed an additional 6-month delay for the general compliance date for the 2018 Requirements (from July 19, 2018 to January 21, 2019). The second proposed a flexibility that would allow regulated entities to take advantage of three burden-reducing provisions of the 2018 Requirements during the delay period.

In the guidance issued today, HHS and the other Agencies adopts the proposals described in the April 20, 2018 NPRM. Consequently, the rule published today delays the general compliance date for the 2018 Requirements for an additional 6-month period, until January 21, 2019. As a result of this delay, regulated entities will be required, with an exception, to continue to comply with the requirements of the pre-2018 version of the Federal Policy for the Protection of Human Subjects (the “pre-2018 Requirements”) until January 21, 2019. The one exception to this general rule is that institutions will be permitted (but not required) to implement, for certain research, the following three burden-reducing provisions of the 2018 Requirements during the delay period (July 19, 2018, through January 20, 2019):

The revised definition of “research,” which deems certain activities not to be research covered by the Common Rule;
The elimination of the requirement for annual continuing review with respect to certain categories of research; and
The elimination of the requirement that institutional review boards (IRBs) review grant applications or other funding proposals related to the research.

Institutions planning to take advantage of the three-burden reducing provisions must comply with all other pre-2018 Requirements during the delay period. The three burden-reducing provisions of the 2018 Requirements can only be implemented during the delay period with respect to studies initiated prior to January 21, 2019 that will transition to compliance with the revised Common Rule. Any study that implements these three burden-reducing provisions during the delay period must, beginning on January 21, 2019, comply with all of the 2018 Requirements for the balance of the study’s duration.

About the Author

Highly valued for her rare ability to find pragmatic client-centric solutions by combining her detailed legal and operational knowledge and experience with her talent for creative problem-solving, Ms. Stamer supports these organizations and their leaders on both a real-time, “on demand” basis as well as outsourced operations or special counsel on an interim, special project, or ongoing basis with strategic planning and product and services development and innovation; workforce and operations management, crisis preparedness and response as well as to prevent, stabilize and cleanup legal and operational crises large and small that arise in the course of operations.

As core components of this work, Ms. Stamer helps health industry, health plans and insurers, health IT, life sciences and other health industry clients manage regulatory, contractual and other legal and operational compliance; vendors and suppliers; Medicare, Medicaid, CHIP, Medicare/Medicaid Advantage, ERISA and other private payer and other terms of participation, medical billing, reimbursement, claims administration and coordination, and other provider-payer relations, contracting, compliance and enforcement; Form 990 and other nonprofit and tax-exemption; fundraising, investors, joint venture, and other business partners; quality and other performance measurement, management, discipline and reporting; physician and other workforce recruiting, performance management, peer review and other investigations and discipline, wage and hour, payroll, gain-sharing and other pay-for performance and other compensation, training, outsourcing and other human resources and workforce matters; board, medical staff and other governance; strategic planning, process and quality improvement; meaningful use, EMR, HIPAA and other technology, data security and breach and other health IT and data; STARK, antikickback, insurance, and other fraud prevention, investigation, defense and enforcement; audits, investigations, and enforcement actions; trade secrets and other intellectual property; crisis preparedness and response; internal, government and third-party licensure, credentialing, accreditation, HCQIA and other peer review and quality reporting, audits, investigations, enforcement and defense; patient relations and care; internal controls and regulatory compliance; payer-provider, provider-provider, vendor, patient, governmental and community relations; facilities, practice, products and other sales, mergers, acquisitions and other business and commercial transactions; government procurement and contracting; grants; tax-exemption and not-for-profit; 1557 and other Civil Rights; privacy and data security; training; risk and change management; regulatory affairs and public policy; process, product and service improvement, development and innovation, and other legal and operational compliance and risk management, government and regulatory affairs and operations concerns.

Past Chair of the ABA Managed Care & Insurance Interest Group and, a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also has extensive health care reimbursement and insurance experience advising and defending health care providers, payers, and others about Medicare, Medicaid, Medicare and Medicaid Advantage, Tri-Care, self-insured group, association, individual and group and other health benefit programs and coverages including but not limited to advising public and private payers about coverage and program design and documentation, advising and defending providers, payers and systems and billing services entities about systems and process design, audits, and other processes; provider credentialing, and contracting; providers and payer billing, reimbursement, claims audits, denials and appeals, coverage coordination, reporting, direct contracting, False Claims Act, Medicare & Medicaid, ERISA, state Prompt Pay, out-of-network and other nonpar insured, and other health care claims, prepayment, post-payment and other coverage, claims denials, appeals, billing and fraud investigations and actions and other reimbursement and payment related investigation, enforcement, litigation and actions.

For more information about Ms. Stamer or her health industry and other experience and involvements, see here or contact Ms. Stamer via telephone at (469) 767-8872 or via e-mail here.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources here.

NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advise or an admission. The author reserves the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The presenter and the program sponsor disclaim, and have no responsibility to provide any update or otherwise notify any participant of any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.

More Information

About the Author

About Solutions Law Press, Inc.™

IMPORTANT NOTICE ABOUT THIS COMMUNICATION

Share this:

Like this:

More Information

About the Author

About Solutions Law Press, Inc.™

IMPORTANT NOTICE ABOUT THIS COMMUNICATION

Share this:

Like this:

Criminal Convictions

Criminal and Civil Recoveries

More Information

About the Author

About Solutions Law Press, Inc.™

IMPORTANT NOTICE ABOUT THIS COMMUNICATION

Share this:

Like this:

False Claims Act Liability Arising From Participation In Or Filing Claims Involving Improper Inducements

Gampel, Modern Vascular FCA Complaint

Warning To Other Heath Care Providers & Suppliers

For More Information

Other Helpful Resources & Information

Share this:

Like this:

More Information

About the Author

About Solutions Law Press, Inc.™

IMPORTANT NOTICE ABOUT THIS COMMUNICATION

Share this:

Like this:

eCQMs As Measure of Health Care Quality

2022 eCQMs Updates

More Information

About the Author

About Solutions Law Press, Inc.™

IMPORTANT NOTICE ABOUT THIS COMMUNICATION

Share this:

Share this:

Like this:

More Information

About the Author

About Solutions Law Press, Inc.™

IMPORTANT NOTICE ABOUT THIS COMMUNICATION

Share this:

Like this:

More Information

About the Author

About Solutions Law Press, Inc.™

IMPORTANT NOTICE ABOUT THIS COMMUNICATION

Share this:

Like this:

More Information

About the Author

About Solutions Law Press, Inc.™

IMPORTANT NOTICE ABOUT THIS COMMUNICATION

Share this:

Like this:

About Solutions Law Press, Inc.™

Important Information About This Communication

Share this:

Like this:

More Information

About the Author

About Solutions Law Press, Inc.™

IMPORTANT NOTICE ABOUT THIS COMMUNICATION

Share this:

Like this:

Visitation

Vaccination

More Information

About the Author

About Solutions Law Press, Inc.™

IMPORTANT NOTICE ABOUT THIS COMMUNICATION

Share this:

Like this:

More Information

About the Author