Mental Heatlh |

HHS Proposes Increasing Health Care Fraud Reporting Rewards To Up To $9.9 Million

May 1, 2013

The Department of Health and Human Services (HHS) Centers for Medicare & Medicaid Services (CMS) plans to increase rewards paid to Medicare beneficiaries and others whose tips about suspected fraud lead to the successful recovery of funds to as high as $9.9 million. Secretary Kathleen Sebelius announced proposed regulations that would increase the penalties on April 24. In addition, a new funding opportunity released this month supports the expansion of Senior Medicare Patrol (SMP) activities to educate Medicare beneficiaries on how to prevent, detect and report Medicare fraud, waste and abuse.

The Obama Administration has made health care fraud prosecutions and settlement a key element of its health care cost containment plan. Over the last three years, the administration claims its enforcement efforts have recovered over $14.9 billion in fraud, some of which resulted from fraud reporting by individuals.

Summary Of The SMP Incentive Reward Program Proposals

The SMP is a national, volunteer-based program that empowers Medicare beneficiaries to prevent and report Medicare fraud, waste, and abuse. Since 1997, HHS reports more than 7,000 referrals have been made to CMS and the Office of the Inspector General (OIG) for investigation since 1998.

Under the proposed changes, CMS is proposing to increase the potential reward amount for information that leads to a recovery of Medicare funds from 10 percent to 15 percent of the final amount collected. HHS currently offers a reward of 10 percent up to $1,000 under the current incentive reward program. In changes are modeled on an IRS program that has returned $2 billion in fraud since 2003, HHS proposes to increase the portion of the recovery on which CMS will pay a reward up to the first $66 million recovered – this means an individual could receive a reward of $9.9 million if CMS recovers $66 million or more.

HHS began paying rewards to individuals who reported tips that led to the recovery of funds in 1998. According to HHS, to date, HHS has recovered approximately $3.5 million as a result of this program and paid just $16,000 for 18 rewards. The proposed changes are similar to the IRS whistleblower program that has resulted in recoveries of over $2 billion since 2003.

To expand the SMP program’s capacity to reach more Medicare beneficiaries, the Administration for Community Living issued a new funding opportunity. Each of the current 54 SMP projects is eligible for varying funding levels, up to a total of $7.3 million across the program.

HHS says thhese proposed changes will support the administration’s comprehensive approach to program integrity, including the work being done with the Health Care Fraud Prevention and Enforcement Action Team, a joint effort between HHS and the Department of Justice to fight health care fraud. The Obama Administration credits this joint effort with recovering a record $4.2 billion in taxpayer dollars in fiscal year 2012.

The proposed increase in the reward for blowing the whistle on health care fraud is intended to fuel further reports by beneficiaries, workers and others of suspected health care fraud. Health care providers should share any concerns about the proposed increase in the rewards as well as review and tighten their health care fraud prevention and risk management to defend against rising exposures.

For more details, read a fact sheet on the proposed rule available here for more details.

For More Information Or Assistance

If you need assistance reviewing or responding to these or other health care related risk management, compliance, enforcement or management concerns, the author of this update, attorney Cynthia Marcotte Stamer, may be able to help. Vice President of the North Texas Health Care Compliance Professionals Association, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has more than 25 years experience advising health industry clients about these and other matters.

A board certified labor and employment attorney widely known for her extensive and creative knowledge and experience with health plan privacy and data security matters, Ms. Stamer serves as the scribe for the ABA JCEB Annual Technical Session meeting with OCR each May and has worked, spoken and published extensively on these and other privacy and data security concerns and controls. Extensively published and a popular speaker on HIPAA and other data security matters, Ms. Stamer works extensively with health care providers, health plans, employers, insurance and financial services, technology and other clients on privacy, data seurity and other privacy and cybercrime concerns. She also serves as the Scribe for the ABA JCEB Agency Techical Sessions Meetings with the Office of Civil Rights which occur each May in Washington, D.C.

Ms. Stamer has extensive experience advising and assisting health care providers and other health industry clients to establish and administer compliance and risk management policies and to respond to DEA and other health care industry investigation, enforcement and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns. A popular lecturer and widely published author on health industry concerns, Ms. Stamer continuously advises health industry clients about compliance and internal controls, workforce and medical staff performance, quality, governance, reimbursement, and other risk management and operational matters. Ms. Stamer also publishes and speaks extensively on health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns including a number of programs and publications on OCR Civil Rights rules and enforcement actions. Her insights on these and other related matters appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, World At Work, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications. You can get more information about her health industry experience here. If you need assistance with these or other compliance concerns, wish to ask about arranging for compliance audit or training, or need legal representation on other matters please contact Ms. Stamer at (469) 767-8872 or via e-mail here.

About Solutions Law Press

THE FOLLOWING DISCLAIMER IS INCLUDED TO COMPLY WITH AND IN RESPONSE TO U.S. TREASURY DEPARTMENT CIRCULAR 230 REGULATIONS. ANY STATEMENTS CONTAINED HEREIN ARE NOT INTENDED OR WRITTEN BY THE WRITER TO BE USED, AND NOTHING CONTAINED HEREIN CAN BE USED BY YOU OR ANY OTHER PERSON, FOR THE PURPOSE OF (1) AVOIDING PENALTIES THAT MAY BE IMPOSED UNDER FEDERAL TAX LAW, OR (2) PROMOTING, MARKETING OR RECOMMENDING TO ANOTHER PARTY ANY TAX-RELATED TRANSACTION OR MATTER ADDRESSED HEREIN. ©2013 Cynthia Marcotte Stamer, P.C. Non-exclusive license to republish granted to Solutions Law Press. All other rights reserved.

Leave a Comment » | Academic medicine, Affordable Care Act, Anti-KickBack, ASC, Childrens Health Insurance Program, Corporate Compliance, DME, Doctor, Durable Medical Equipment, Electronic Health Records, Electronic Medical Records, Federal Health Center, Federal Sentencing Guidelines, Health Care, Health Care Finance, Health Care Fraud, Health Care Provider, Health Care Quality, Health Care Reform, Health IT, Health Plan, Health Plans, HIPAA, Hospital, Laws, Medicaid, Medicare, Medicare Advantage, Medicare Fee Schedule, Medicare Prescription Drug Program, Mental Heatlh, Money Laundering, OIG, Outpatient, Patient Protection and Affordable Care Act, Pharmacy, Physician, Prescription Drugs, Public Policy, Reimbursement, Rural Health Care, Stark, Substance Abuse | Tagged: Acute Care, CMS, Hospital, Medicare, PPS, Prospective Payment, Skilled Nursing, SNF | Permalink
Posted by Cynthia Marcotte Stamer

CMS Proposes Changes To Accute Care Hospital & Skilled Nursing Facility Propective Payment Rules

May 1, 2013

Acute care hospitals and skilled nursing facilities participating in Medicare should review proposed changes to key Medicare reimbursement rules and act quickly to share feedback on any provisions of significant concern.

The Centers For Medicare & Medicaid Services (CMS) is proposing changes to its Prospective Payment Systems and other reimbursement key reimbursement rules for Hospitals and Skilled Nursing Facilities for Fiscal Year (FY) 2014. Advance copies of the proposed rules were made available May 1.

CMS’ proposed rules on Prospective Payment System and Consolidated Billing for Skilled Nursing Facilities for FY 2014 are scheduled for official publication on May 1, 2013.

CMS’ proposed rules on Hospital Inpatient Prospective Payment Systems for Acute Care Hospitals and Long Term Care Hospital Prospective Payment System, etc. are scheduled for official publication on May 10, 2013.

Acute care hospitals and skilled nursing facilities should evaluate the implications of the proposed changes and provide relevant feedback as necessary to CMS.

For More Information Or Assistance

If you need assistance reviewing or responding to these or other health care related risk management, compliance, enforcement or management concerns, the author of this update, attorney Cynthia Marcotte Stamer, may be able to help. Vice President of the North Texas Health Care Compliance Professionals Association, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has more than 25 years experience advising health industry clients about these and other matters.

About Solutions Law Press

OCR Shares New Tools to Educate Consumers and Providers about HIPAA Privacy and Security

April 30, 2013

The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) has developed an array of new tools to educate consumers and health care providers about the Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security Rules.

Many consumers are unfamiliar with their rights under the HIPAA Privacy Rule. With that in mind, OCR has posted a series of factsheets, also available in eight languages, to inform consumers about their rights under the HIPAA Privacy Rule. These materials are available on OCR’s website here.

The fact sheets compliment a set of seven consumer-facing videos released earlier this year on OCR’s YouTube channel. An additional video, The HIPAA Security Rule, has been designed for providers in small practices and offers an overview of how to establish basic safeguards to protect patient information and comply with the Security Rule’s requirements. The videos are available on the HHS OCR YouTube Channel at here.

OCR has also launched three modules for health care providers on compliance with various aspects of the HIPAA Privacy and Security Rules, available at Medscape.org:

Patient Privacy: A Guide for Providers at here;
HIPAA and You: Building a Culture of Compliance here; and
Examining Compliance with the HIPAA Privacy Rule here.

The Medscape modules offer free Continuing Medical Education (CME) credits for physicians and Continuing Education (CE) credits for health care professionals.

For More Information Or Assistance

If you need assistance reviewing or responding to these or other health care related risk management, compliance, enforcement or management concerns, the author of this update, attorney Cynthia Marcotte Stamer, may be able to help. Vice President of the North Texas Health Care Compliance Professionals Association, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has more than 25 years experience advising health industry clients about these and other matters.

About Solutions Law Press

Leave a Comment » | Academic medicine, Affordable Care Act, Anti-KickBack, ASC, Childrens Health Insurance Program, Corporate Compliance, DME, Doctor, Durable Medical Equipment, Electronic Health Records, Electronic Medical Records, Federal Health Center, Federal Sentencing Guidelines, Health Care, Health Care Finance, Health Care Fraud, Health Care Provider, Health Care Quality, Health Care Reform, Health IT, Health Plan, Health Plans, HIPAA, Hospital, Laws, Medicaid, Medicare, Medicare Advantage, Medicare Fee Schedule, Medicare Prescription Drug Program, Mental Heatlh, Money Laundering, OIG, Outpatient, Patient Protection and Affordable Care Act, Pharmacy, Physician, Prescription Drugs, Public Policy, Reimbursement, Rural Health Care, Stark, Substance Abuse | Tagged: Covered Entities, Data, Health Care, Health Plans, HIPAA, HIPAA Audits, OCR, Privacy, Security | Permalink
Posted by Cynthia Marcotte Stamer

HHS Publishes Medicaid Expansion Final Regs, Invites Public Comment

April 1, 2013

The Department of Health & Human Services (HHS) has published its final rule with a request for comments that provides, effective January 1, 2014, the federal government will pay 100 percent of the cost of certain newly eligible adult Medicaid beneficiaries. These payments will be in effect through 2016, phasing down to a permanent 90 percent matching rate by 2020. The Affordable Care Act authorizes states to expand Medicaid to adult Americans under age 65 with income of up to 133 percent of the federal poverty level (approximately $15,000 for a single adult in 2012) and provides unprecedented federal funding for these states.

Under the Affordable Care Act, states that cover the new adult group in Medicaid will have 100 percent of the costs of newly eligible Americans paid for by the federal government in 2014, 2015, and 2016. The federal government’s contribution is then phased-down gradually to 90 percent by 2020, and remains there permanently. For states that had coverage expansions in effect prior to enactment of the Affordable Care Act, the rule also provides information about the availability of an increased FMAP for certain adults who are not newly eligible.

For the full text of the final rule, see http://www.ofr.gov/inspection.aspx.

For More Information Or Assistance

If you need assistance reviewing or responding to these or other health care related risk management, compliance, enforcement or management concerns, the author of this update, attorney Cynthia Marcotte Stamer, may be able to help. Vice President of the North Texas Health Care Compliance Professionals Association, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has more than 25 years experience advising health industry clients about these and other matters.

About Solutions Law Press

Leave a Comment » | Academic medicine, Affordable Care Act, Anti-KickBack, ASC, Childrens Health Insurance Program, Corporate Compliance, DME, Doctor, Durable Medical Equipment, Electronic Health Records, Electronic Medical Records, Federal Health Center, Federal Sentencing Guidelines, Health Care, Health Care Finance, Health Care Fraud, Health Care Provider, Health Care Quality, Health Care Reform, Health IT, Health Plan, Health Plans, HIPAA, Hospital, Laws, Medicaid, Medicare, Medicare Advantage, Medicare Fee Schedule, Medicare Prescription Drug Program, Mental Heatlh, Money Laundering, OIG, Outpatient, Patient Protection and Affordable Care Act, Pharmacy, Physician, Prescription Drugs, Public Policy, Reimbursement, Rural Health Care, Stark, Substance Abuse | Tagged: Covered Entities, Data, Health Care, Health Plans, HIPAA, HIPAA Audits, OCR, Privacy, Security | Permalink
Posted by Cynthia Marcotte Stamer

Hospitals with 2012 CMS Adverse Complaint Inspection Reports in AHCJ Data Bank Should Prepare Response

March 27, 2013

Acute-care and critical access hospitals that had adverse complaint inspections in 2012 by the Centers for Medicare & Medicaid Services (CMS) may want to prepare to respond to press and public inquiries. The Association of Health Care Journalists (AHCJ) updated its website, healthcareinspectionreports.com, to include details about deficiencies cited during complaint inspections at acute-care and critical access hospitals throughout the United States since January 1, 2011 obtained from CMS.

Although AHCJ cautions in its website that the posted data should not be used to rank hospitals because of omissions and limitations in the data, hospitals with posted reports in the data bank should expect that the reports on their hospital may draw the attention of the media, patients, health plans and others.

AHCJ publishes the reports, which historically have not been easily accessible to the general public. AHCJ cautions that the data is not necessarily complete and should not be used to rank hospitals within a state. AHCJ says data on acute-care and critical hospital access hospitals is incomplete because CMS has just begun gathering this data and releasing it in electronic format. AHCJ also says some reports are missing narrative details. Beyond that, CMS acknowledges that other reports that should appear may not. It does not include results of routine inspections or those of psychiatric hospitals or long-term care hospitals. It also does not include hospital responses to deficiencies cited during inspections. Those can be obtained by filing a request with a hospital or the U.S. Centers for Medicare and Medicaid Services (CMS).AHCJ to make future iterations of this data more complete. At this time, this data should not be used to rank hospitals within a state or between states. It can be used to review issues identified at hospitals during recent inspections.

Subject to these limitations, an individual wishing to review the available data can click on a state on the map will retrieve a list of all hospitals with their violations grouped together.

In anticipation of potential media or public review and reaction to the AHCJ website posting, hospitals with adverse reports posted on the website should consider acting proactively. Hospitals should consult with counsel and their public relations team to plan and prepare a factually accurate response to the shared reports and other suitable mitigation activities.

For More Information Or Assistance

If you need assistance reviewing or responding to these or other health care related risk management, compliance, enforcement or management concerns, the author of this update, attorney Cynthia Marcotte Stamer, may be able to help. Vice President of the North Texas Health Care Compliance Professionals Association, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has more than 25 years experience advising health industry clients about these and other matters.

About Solutions Law Press

Leave a Comment » | Academic medicine, Affordable Care Act, Anti-KickBack, ASC, Childrens Health Insurance Program, Corporate Compliance, DME, Doctor, Durable Medical Equipment, Electronic Health Records, Electronic Medical Records, Federal Health Center, Federal Sentencing Guidelines, Health Care, Health Care Finance, Health Care Fraud, Health Care Provider, Health Care Quality, Health Care Reform, Health IT, Health Plan, Health Plans, HIPAA, Hospital, Laws, Medicaid, Medicare, Medicare Advantage, Medicare Fee Schedule, Medicare Prescription Drug Program, Mental Heatlh, Money Laundering, OIG, Outpatient, Patient Protection and Affordable Care Act, Pharmacy, Physician, Prescription Drugs, Public Policy, Reimbursement, Rural Health Care, Stark, Substance Abuse | Tagged: health care quality, Health Plans, Hospitals, Public Relations | Permalink
Posted by Cynthia Marcotte Stamer

OCR Invites Comments On Plans to Survey HIPAA Covered Entities Audited Under 2012 HIPAA Audit Program

March 25, 2013

The Department of Health & Human Services (HHS) Office of Civil Rights (OCR) wants to ask the 115 health plans, health care clearinghouses, and health care providers (covered entities) that OCR audited in 2012 for compliance with Privacy and Security Rules of the Health Insurance Portability & Accountability Act (HIPAA) under its HIPAA Audit Program to share feedback about their experience. The planned survey announcement follows OCR’s recent released of restated HIPAA Privacy & Security Rules scheduled to take effect in September, 2013 and as OCR continues and expanding its HIPAA Audit Program in 2013. All together, the signs are clear that covered entities should update and strengthen their HIPAA compliance and risk management practices to withstand the tightened rules and enforcement.

OCR initiated the HIPAA Audit Program in 2012 to comply with Section 13411 of the Health Information Technology for Economic and Clinical Health Act’s requirement that it audit covered entity and business associate compliance with the HIPAA privacy, security, and breach notification rules. While it continues its HIPAA Audit Program in 2013, OCR also is evaluating the effectiveness of the HIPAA Audit Program audits in 2012.

To this end, OCR currently is conducting a review of the HIPAA Audit program to determine its efficacy in assessing the HIPAA compliance efforts of covered entities. As part of that review, OCR plans to ask covered entities audited under the HIPAA Audit Program in 2012 to complete an online survey about their experience. In anticipation of its conduct of the proposed surveys, OCR is inviting public comment on the burden to Covered Entities to complete the planned online survey, which OCR estimates will take two hours to complete through May 20, 2013. According to OCR, the survey will gather information on the effect of the audits on the audited entities and the entities’ opinions about the audit process. The online survey will be used to:

Measure the effect of the HIPAA Audit program on covered entities;
Gauge their attitudes towards the audit overall and in regards to major audit program features, such as the document request, communications received, the on-site visit, the audit report findings and recommendations;
Obtain estimates of costs incurred by covered entities, in time and money, spent responding to audit-related requests;
Seek feedback on the effect of the HIPAA Audit program on the day-to-day business operations; and
Assess whether improvements in HIPAA compliance were achieved as a result of the Audit program.

OCR says it will use the information, opinions, and comments collected using the online survey to produce recommendations for improving the HIPAA Audit program.

For instructions to comment or more details, see here.

For More Information Or Assistance

If you need assistance reviewing or responding to these or other health care related risk management, compliance, enforcement or management concerns, the author of this update, attorney Cynthia Marcotte Stamer, may be able to help. Vice President of the North Texas Health Care Compliance Professionals Association, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has more than 25 years experience advising health industry clients about these and other matters.

About Solutions Law Press

Leave a Comment » | Academic medicine, Affordable Care Act, Anti-KickBack, ASC, Childrens Health Insurance Program, Corporate Compliance, DME, Doctor, Durable Medical Equipment, Electronic Health Records, Electronic Medical Records, Federal Health Center, Federal Sentencing Guidelines, Health Care, Health Care Finance, Health Care Fraud, Health Care Provider, Health Care Quality, Health Care Reform, Health IT, Health Plan, Health Plans, HIPAA, Hospital, Laws, Medicaid, Medicare, Medicare Advantage, Medicare Fee Schedule, Medicare Prescription Drug Program, Mental Heatlh, Money Laundering, OIG, Outpatient, Patient Protection and Affordable Care Act, Pharmacy, Physician, Prescription Drugs, Public Policy, Reimbursement, Rural Health Care, Stark, Substance Abuse | Tagged: Covered Entities, Data, Health Care, Health Plans, HIPAA, HIPAA Audits, OCR, Privacy, Security | Permalink
Posted by Cynthia Marcotte Stamer

On Health Reform Law’s 3rd Anniversary, Test Your Reform Knowledge

March 21, 2013

March 21, 2013 is the 3rd Anniversary of the Affordable Care Act. With the 2014 rollout of the next round of reforms approaching, the Kaiser Family Foundation invites you to take its latest interactive quiz to test your knowledge about what’s in – and what’s not in – the health reform law and encourage your friends and family to do the same. You can compare your knowledge with others and share your results on Facebook and Twitter. The quiz also includes links to more information about specific provisions of the law.

About Solutions Law Press

Leave a Comment » | Academic medicine, Affordable Care Act, Anti-KickBack, ASC, Childrens Health Insurance Program, Corporate Compliance, Durable Medical Equipment, Federal Health Center, Federal Sentencing Guidelines, Health Care, Health Care Finance, Health Care Fraud, Health Care Provider, Health Care Quality, Health Care Reform, Health Plans, Hospital, Laws, Medicaid, Medicare, Medicare Advantage, Medicare Fee Schedule, Medicare Prescription Drug Program, Mental Heatlh, Money Laundering, OIG, Outpatient, Patient Protection and Affordable Care Act, Pharmacy, Physician, Prescription Drugs, Public Policy, Reimbursement, Rural Health Care, Stark, Substance Abuse | Tagged: Affordable Care Act, Health Care Reform | Permalink
Posted by Cynthia Marcotte Stamer

Maintaining Patient Problem List Under Meaningful Use Core Measure 3 To Support Patient Care

March 16, 2013

ONC is sharing resources to help health care providers see the value of and effectively incorporate and use active patient problem lists as part of the electronic health records systems (EHRs).

Meaningful Use Core Measure 3 calls for physicians and other eligible professionals to design their electronic health record systems to incorporate and maintain an up-to-date problem list of current and active diagnoses of patients.

The requirement reflects ONC’s determination that accurate active problem lists and the fast overview of patient history’s they provide are a “mainstay” of efficient and effective primary care. Effective active patient problem lists in EHRs make this information available to all clinic staff and the on-call team improves the efficiency and effectiveness of the care team.

To support this goal, the requirement that Meaningful Use Core Measure 3 calls for more than 80 percent of all unique patients seen by the eligible professional have at least one entry or an sign that no problems are known for the patient recorded as structured data.

Review the requirements of Core Measure 3 and access other tips and resources for developing and using effective patient problem lists in EHRs here.

For More Information Or Assistance

About Solutions Law Press

1 Comment | Academic medicine, Affordable Care Act, Anti-KickBack, ASC, Childrens Health Insurance Program, Corporate Compliance, Durable Medical Equipment, Federal Health Center, Federal Sentencing Guidelines, Health Care, Health Care Finance, Health Care Fraud, Health Care Provider, Health Care Quality, Health Care Reform, Health Plans, Hospital, Laws, Medicaid, Medicare, Medicare Advantage, Medicare Fee Schedule, Medicare Prescription Drug Program, Mental Heatlh, Money Laundering, OIG, Outpatient, Patient Protection and Affordable Care Act, Pharmacy, Physician, Prescription Drugs, Public Policy, Reimbursement, Rural Health Care, Stark, Substance Abuse | Tagged: EHR, Health Care, Meaningful Use | Permalink
Posted by Cynthia Marcotte Stamer

CMS 2nd Recalculation Medicare Readmission Penalties In 6 Months Cuts Overall Penalties By $10M

March 15, 2013

The Centers for Medicare & Medicaid Services (CMS)for the second time in six months has corrected errors in its calculation of Medicare readmission penalties imposed against more than 1,000 hospitals imposed under the Medicare Hospital Readmission Reduction Program.

Under the Medicare Readmission Reduction Program, CMS is penalizing hospitals whose readmissions within 30 days following their discharge of heart attack, heart failure and pneumonia patients exceed the rate CMS expects based on their patient risks with the loss of up to 1 percent of their regular payments. This maximum penalty ramps is slated to rise to up to 2 percent in October and 3 percent in 2014.

While some hospital’s penalties went up and most went down, the net effect of the recalculation back to the program’s origination last October is a $10 million reduction in the overall penalties resulting in an adjusted total of $280 million for 2013.

An updated chart of the corrected readmission penalties prepared by Kaiser Health News is available here.

Part of new CMS “quality” provisions, the readmission penalties have prompted widespread concern by many hospital and other health care leaders as penalizing hospitals for readmissions beyond their control. Supports of the penalties say that the penalties can encourage hospitals to provide better quality and reduce costs by emphasizing appropriate discharge planning.

For More Information Or Assistance

About Solutions Law Press

Leave a Comment » | Academic medicine, Affordable Care Act, Anti-KickBack, ASC, Childrens Health Insurance Program, Corporate Compliance, Durable Medical Equipment, Federal Health Center, Federal Sentencing Guidelines, Health Care, Health Care Finance, Health Care Fraud, Health Care Provider, Health Care Quality, Health Care Reform, Health Plans, Hospital, Laws, Medicaid, Medicare, Medicare Advantage, Medicare Fee Schedule, Medicare Prescription Drug Program, Mental Heatlh, Money Laundering, OIG, Outpatient, Patient Protection and Affordable Care Act, Pharmacy, Physician, Prescription Drugs, Public Policy, Reimbursement, Rural Health Care, Stark, Substance Abuse | Tagged: Health Care Fraud, Medicaid Fraud, Medicare, Medicare Fraud Task Force, readmissions penalty | Permalink
Posted by Cynthia Marcotte Stamer

Par Pharmaceutical Pays $45 Million For Illegal Off-Label Marketing Of Megace ES

March 11, 2013

New Jersey-based Par Pharmaceutical Companies Inc. (Par) must pay more than will pay $45 million to resolve their criminal and civil liability under its March 5, 2013 guilty plea to illegally promoting off-label uses of the prescription drug Megace ES in violation of Food and Drug Administration (FDA) rules and wrongfully promoting and billing Medicare for its use. The Par guilty plea followed a guilty plea by Par’s Chief Executive Officer Paul V. Campanelli earlier in the day in a New Jersey federal court.

Par also entered into a civil settlement that resolved three lawsuits filed under the whistleblower provisions of the False Claims Act, which let private parties to file suit on behalf of the United States and obtain part of the government’s recovery. The civil lawsuits filed in New Jersey are U.S. ex rel. McKeen and Combs v. Par Pharma ceutical, et al., U.S. ex rel. Thompson v. Par Pharmaceutical, et al., and U.S. ex rel. Elliott & Lundstrom v. Bristol-M yers Squibb, Par Pharma ceutical, et al. As part of today’s resolution, relators McKeen and Combs will receive $4.4 million. The actions provide another example of the growing role of whistleblowers to the success of federal health care fraud detection and enforcement efforts.

Par Criminal & Charges

The Federal Food, Drug and Cosmetic Act (FDCA) requires companies such as Par to specify the intended uses of a product in its new drug application to the FDA. Once approved, a drug may not be distributed in interstate commerce for unapproved or “off-label” uses until the company receives FDA approval for the new intended uses.

Par pleaded guilty to a federal a criminal misdemeanor violation of these rules by misbranding Megace ES in violation of the FDCA. Megace ES, a megestrol acetate drug product was approved by the FDA to treat anorexia, cachexia, or other significant weight loss suffered by patients with AIDS. Federal prosecutors charged that Megace ES distributed nationwide by Par was criminally misbranded because its FDA-approved labeling lacked adequate directions for use in the treatment of non-AIDS-related geriatric wasting, a use that was intended by Par but never approved by the FDA.

Federal Judge Judge Arleo fined Par $18 million and ordered $4.5 million in criminal forfeiture. Par also entered into a civil settlement agreement to settle associated civil liability.

The civil settlement agreement requires Par to pay $22.5 million to the federal government and various states to resolve claims arising from its off-label marketing. The civil settlement resolves allegations that Par, by promoting the sale and use of Megace ES for uses that were not FDA-approved and not covered by Federal health care programs, caused false claims to be submitted to these programs. The United States further alleged that Par deliberately and improperly targeted sales to elderly nursing home residents with weight loss, whether or not such patients suffered from AIDS, and launched a long-term care sales force to market to this population. During this marketing campaign, the government charged Par was aware of adverse side effects associated with the use of megestrol acetate in elderly patients, including an increased risk of deep vein thrombosis, toxic reactions in elderly patients with impaired renal function, and mortality. The United States alleged that Par made unsubstantiated and misleading representations about the superiority of Megace ES over generic megestrol acetate for elderly patients to encourage providers to switch patients from generic megestrol acetate to MegaceES, despite having conducted no well-controlled studies to support a claim of greater efficacy for Megace ES.

As part of plea agreement and corporate integrity agreements reached to resolve its civil and criminal charges, Par committed to the Department of Justice, the Department of Health & Human Services (HHS) and its Office of Inspector General. Par to implement several compliance measures and annually provide the U.S. Attorney’s Office and other agencies with certain reports.

The plea agreement and corporate integrity agreement include provisions that require Par to implement changes to the way it does business. The plea agreement and agreement prohibit Par from providing compensation to sales representatives or their managers based on the volume of sale of Megace ES, and in the corporate integrity agreement, based on the volume of Megace ES and any branded successor megestrol acetate drug.

The agreements also dictate individual accountability of Par’s board and executives. Under the agreement, Par is also required to change its executive compensation program to permit the company to recoup annual bonuses from covered executives if they, or their subordinates, engage in significant misconduct. Company executives may have to forfeit annual bonuses if they or their subordinates engage in significant misconduct, and sales representatives may not be paid incentive compensation for the drug involved in the case, or successor branded versions of that drug. For instance, the plea agreement requires Par give the Justice Department a sworn certification from its chief executive officer that the company has not unlawfully marketed any of its pharmaceutical products.

Par Prosecutions Part Of Larger Aggressive Health Care Fraud Enforcement

The Par civil and criminal charges were brought as part of the ongoing war against health care fraud conducted by federal and state officials. Its announcement is just one of high-profile health care fraud charges, settlements and convictions announced by the Justice Department in the first seven days of March. See, e.g., Health Care Clinic Director Pleads Guilty in Miami for Role in $63 Million Health Care Fraud Scheme; Orange County Doctor Convicted of Six Counts of Health Care Fraud in Multi-Million Dollar Scam involving Durable Medical Equipment; Manhattan U.S. Attorney Sues Park Avenue Medical Associates for Medicare Billing Fraud; Par Pharmaceuticals Pleads Guilty and Agrees to Pay $45 Million to Resolve Civil and Criminal Allegations Related to Off-Label Marketing; Doctor gets 50 Month Sentence for Health Care Fraud & Tax Evasion; and Nelson County, Kentucky Drug Store Owner Charged With Health Care Fraud and Wire Fraud.

Already a lead federal enforcement priority for more than a decade, the Health Care Fraud and Abuse Control Program Annual Report for Fiscal Year 2012 (FY2012 Report) documents that DOJ and HHS health care fraud enforcement activities scored big in 2012, and that qui tam whistleblowers played a big part and shared big in the profits. See Federal Health Care Fraud & Abuse Recovery of $4.2 Billion In FY 2012 Shows Enforcement Risks Growing.

Act To Manage Risks

In response to the growing emphasis and effectiveness of Federal officials in investigating and taking action against health care providers and organizations, health care providers covered by federal false claims, referral, kickback and other health care fraud laws should consider auditing the adequacy of existing practices, tightening training, oversight and controls on billing and other regulated conduct, reaffirming their commitment to compliance to workforce members and constituents and taking other appropriate steps to help prevent, detect and timely redress health care fraud exposures within their organization and to position their organization to respond and defend against potential investigations or charges. Along with a broad health care fraud enforcement and compliance programs, these efforts should include targeted efforts to prevent and manage fraud and other whistleblower claims by employees, business partners and others.

For More Information Or Assistance

About Solutions Law Press

Leave a Comment » | Academic medicine, Affordable Care Act, Anti-KickBack, ASC, Childrens Health Insurance Program, Corporate Compliance, Durable Medical Equipment, Federal Health Center, Federal Sentencing Guidelines, Health Care, Health Care Finance, Health Care Fraud, Health Care Provider, Health Care Quality, Health Care Reform, Health Plans, Hospital, Laws, Medicaid, Medicare, Medicare Advantage, Medicare Fee Schedule, Medicare Prescription Drug Program, Mental Heatlh, Money Laundering, OIG, Outpatient, Patient Protection and Affordable Care Act, Pharmacy, Physician, Prescription Drugs, Public Policy, Reimbursement, Rural Health Care, Stark, Substance Abuse | Tagged: FDA, Health Care Fraud, Medicaid Fraud, Medicare, Medicare Fraud Task Force, Off Label | Permalink
Posted by Cynthia Marcotte Stamer

Corpus Christi Radiology Group & Clinic $2.3 Million To Settle Health Care Fraud Charges

March 11, 2013

Children’s Physician Services of South Texas (CPSST) and Radiology Associates jointly will pay $2.3 million to settle claims they violated the False Claims Act and the Texas Medicaid Fraud Prevention Act between 2002 and 2007.

The CPSST & Radiology Associates Settlement as part of another busy week of health care fraud enforcement by the Justice Department. See, Health Care Clinic Director Pleads Guilty in Miami for Role in $63 Million Health Care Fraud Scheme; Orange County Doctor Convicted of Six Counts of Health Care Fraud in Multi-Million Dollar Scam involving Durable Medical Equipment; Manhattan U.S. Attorney Sues Park Avenue Medical Associates for Medicare Billing Fraud; Par Pharmaceuticals Pleads Guilty and Agrees to Pay $45 Million to Resolve Civil and Criminal Allegations Related to Off-Label Marketing; Doctor gets 50 Month Sentence for Health Care Fraud & Tax Evasion; and Nelson County, Kentucky Drug Store Owner Charged With Health Care Fraud and Wire Fraud. These and other growing health care fraud charges, settlements and convictions show the zealous enforcement by federal prosecutors is continuing. To guard against getting caught in the health care fraud hopper, health care providers must constantly look at current and past practices against emerging regulations and enforcement and take prompt steps to maintain compliance and minimize risks as they become clear.

CPSST & Radiology Associates Settlement Highlights

According to the March 5, 2013 announcement of United States Attorney Kenneth Magidson, the charges settled involved allegations that CPSST billed and received payment for Radiology Associates’ professional services and, without disclosing the payments, directed Radiology Associates to bill and receive payment for the same professional services. Magidson says that CPSST, a part of the Driscoll Health System, agreed to pay $1.5 million, while Radiology Associates, an independent physician group serving the Driscoll Health System, agreed to pay $800,000 to settle claims they billed and received payment twice for the professional reading and interpretation of genetic ultrasounds.

Medicare billing rules recognize two components for each ultrasound, a technical component and a professional component. The technical component refers to the actual taking of the ultrasound by a technician and the professional component refers to the reading and interpretation of the ultrasound images by a physician, usually a radiologist.

According to federal prosecutors, CPSST made arrangements to have Radiology Associates read and interpret the ultrasounds taken at CPSST. From Jan. 1, 2002, to June 1, 2007, Radiology Associates read and interpreted several thousand ultrasounds for CPSST. The understanding between the two providers was that CPSST would bill and receive payment solely for the technical component and Radiology Associates would bill and receive payment solely for the professional component. In reality, CPSST billed and received payment for both the technical and professional components without informing or disclosing this fact to Radiology Associates. Upon discovery of this fact, Radiology Associates informed CPSST about the double billing for the professional component, but CPSST denied billing for the professional component except for a few accidental and isolated occasions. Instead, CPSST instructed and directed Radiology Associates to continue to bill for the professional component and reaffirmed that CPSST would only bill for the technical component. Despite additional evidence of double billing, Radiology Associates ignored the evidence, accepted CPSST’s misrepresentations without question and continued to bill and receive payment for the professional component.

Government funded health care programs such as Medicare, Medicaid, TRICARE and the Federal Employees Health Benefits program agree to pay enrolled health care providers once for the technical and professional components of each ultrasound performed on a patient covered by theses health care programs. Health care providers enrolled and servicing patients covered by these government-funded health care programs are prohibited from billing and receiving payment twice for the ultrasound’s technical or professional component.

The settlement resolves allegations made against Radiology Associates, Children’s Physician Services of South Texas, Center for Genetic Services, and Raymond C. Lewandowski Jr. M.D. in a qui tam or whistleblower lawsuit filed in 2008 by a former revenue manager and coding compliance officer with Radiology Associates. Under the False Claims Act, private citizens can bring suit on behalf of the government and share in any amounts that are obtained through that legal action. In this case, the share will be between 15 – 25% of the proceeds of the overall settlement.

The investigation was conducted by the United States Department of Health and Human Services – Office of Inspector General and the Texas Attorney General’s Medicaid Fraud Control Unit and Civil Medicaid Fraud Division.

Strike Force & Other Zealous Health Care Fraud Enforcement Continues

The settlement and other fraud enforcement actions provide clear evidence of the risks health care providers and their management face if they are found to have participated in activities that federal or state health care fraud prosecutors view as violating health care fraud rules.

The FY2012 Report says DOJ opened 1,131 new criminal health care fraud investigations involving 2,148 potential defendants. Federal prosecutors had 2,032 health care fraud criminal investigations pending, involving 3,410 potential defendants, and filed criminal charges in 452 cases involving 892 defendants. A total of 826 defendants were convicted of health care fraud-related crimes during the year. Also in FY 2012, DOJ opened 885 new civil health care fraud investigations and had 1,023 civil health care fraud matters pending at the end of the fiscal year. In FY 2012, Federal Bureau of Investigation (FBI) health care fraud investigations resulted in the operational disruption of 329 criminal fraud organizations, and the dismantlement of the criminal hierarchy of more than 83 criminal enterprises engaged in health care fraud.

Meanwhile, HHS’ Office of Inspector General (HHS/OIG) excluded 3,131 individuals and entities in FY 2012. Among these were exclusions based on criminal convictions for crimes related to Medicare and Medicaid (912) or to other health care programs (287); for patient abuse or neglect (212); and as a result of licensure revocations (1,463). In addition, HHS/OIG imposed civil monetary penalties against, among others, providers and suppliers who knowingly submitted false claims to the Federal government. HHS/OIG also issued many audits and evaluations with recommendations that, when implemented, would correct program vulnerabilities and save program funds.

The enforcement actions announced by the Justice Department the first week of March, 2013 make clear federal prosecutors are gunning for even greater health care fraud enforcement success in 2013. See Health Care Clinic Director Pleads Guilty in Miami for Role in $63 Million Health Care Fraud Scheme; Orange County Doctor Convicted of Six Counts of Health Care Fraud in Multi-Million Dollar Scam involving Durable Medical Equipment; Manhattan U.S. Attorney Sues Park Avenue Medical Associates for Medicare Billing Fraud; Par Pharmaceuticals Pleads Guilty and Agrees to Pay $45 Million to Resolve Civil and Criminal Allegations Related to Off-Label Marketing; Doctor gets 50 Month Sentence for Health Care Fraud & Tax Evasion; and Nelson County, Kentucky Drug Store Owner Charged With Health Care Fraud and Wire Fraud.

Act To Manage Risks

For More Information Or Assistance

About Solutions Law Press

Leave a Comment » | Academic medicine, Affordable Care Act, Anti-KickBack, ASC, Childrens Health Insurance Program, Corporate Compliance, Durable Medical Equipment, Federal Health Center, Federal Sentencing Guidelines, Health Care, Health Care Finance, Health Care Fraud, Health Care Provider, Health Care Quality, Health Care Reform, Health Plans, Hospital, Laws, Medicaid, Medicare, Medicare Advantage, Medicare Fee Schedule, Medicare Prescription Drug Program, Mental Heatlh, Money Laundering, OIG, Outpatient, Patient Protection and Affordable Care Act, Pharmacy, Physician, Prescription Drugs, Public Policy, Reimbursement, Rural Health Care, Stark, Substance Abuse | Tagged: Health Care Fraud, Medicaid Fraud, Medicare, Medicare Fraud Task Force | Permalink
Posted by Cynthia Marcotte Stamer

Houston Ambulance Service Owner Convicted Of Health Care Fraud Faces Up To 70 Years

March 11, 2013

A Houston, Texas Federal jury on March 4, 2013 convicted the owner and operator of a Houston-area ambulance company, Olusola Elliott, of one count of conspiracy to commit health care fraud and six counts of health care fraud for submitting false and fraudulent claims to Medicare for ambulance services.

Elliott owned and operated Double Daniels LLC, a Texas entity that purportedly provided non-emergency ambulance services to Medicare beneficiaries in the Houston area. During the course of the scheme, the Justice Department charged that Elliott submitted and caused the submission of approximately $1,713,716 in fraudulent ambulance service claims to Medicare.

According to evidence presented at trial, Elliott and others conspired from April 2010 through December 2011 to unlawfully enrich themselves by submitting false and fraudulent claims to Medicare for ambulance services that were medically unnecessary and not provided. Evidence showed that Elliott falsified patient records in order to fraudulently bill Medicare for beneficiaries who were not in need of ambulance services. According to court documents, Elliot transferred the proceeds of the fraud to himself and others after Medicare payments were sent to Double Daniels.

Elliot is scheduled for sentencing on May 31, 2013, in Houston. The six health care fraud counts and the conspiracy count each carry a maximum potential penalty of 10 years in prison and a $250,000 fine

Federal prosecutors brought the charges as part of the Medicare Fraud Strike Force, supervised by the U.S. Attorney’s Office for the Southern District of Texas and the Criminal Division’s Fraud Section.

Strike Force & Other Zealous Health Care Fraud Enforcement Continues

The conviction is another reminder to health care providers, leaders and organizations of the advisability of tightening compliance practices and taking other steps to guard against ever-expanding health care fraud exposures. Even as the jury convicted Elliott, federal prosecutors finalizing a health care fraud settlement with another group of Texas providers. On March 5, 2013, the Justice Department announced that Children’s Physician Services of South Texas (CPSST) and Radiology Associates had agreed to pay more than $2 million collectively to settle claims they violated the False Claims Act and the Texas Medicaid Fraud Prevention Act between 2002 and 2007. Under the settlement, CPSST, a part of the Driscoll Health System, agreed to pay $1.5 million, while Radiology Associates, an independent physician group serving the Driscoll Health System, will pay $800,000 to settle claims they billed and received payment twice for the professional reading and interpretation of genetic ultrasounds. See, Corpus Christi Radiologist Group and Children’s Genetic Services Clinic Settle False Claims Act Allegations.

Act To Manage Risks

For More Information Or Assistance

If you need assistance reviewing or responding to these or other health care related risk management, compliance, enforcement or management concerns, the author of this update, attorney Cynthia Marcotte Stamer, may be able to help. Vice President of the North Texas Health Care Compliance Professionals Association, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has more than 23 years experience advising health industry clients about these and other matters. Ms. Stamer has extensive experience advising and assisting health care providers and other health industry clients to establish and administer compliance and risk management policies and to respond to DEA and other health care industry investigation, enforcement and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns. A popular lecturer and widely published author on health industry concerns, Ms. Stamer continuously advises health industry clients about compliance and internal controls, workforce and medical staff performance, quality, governance, reimbursement, and other risk management and operational matters. Ms. Stamer also publishes and speaks extensively on health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns including a number of programs and publications on OCR Civil Rights rules and enforcement actions. Her insights on these and other related matters appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, World At Work, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications. You can get more information about her health industry experience here. If you need assistance with these or other compliance concerns, wish to ask about arranging for compliance audit or training, or need legal representation on other matters please contact Ms. Stamer at (469) 767-8872 or via e-mail here.

About Solutions Law Press

Leave a Comment » | Academic medicine, Affordable Care Act, Anti-KickBack, ASC, Childrens Health Insurance Program, Corporate Compliance, Durable Medical Equipment, Federal Health Center, Federal Sentencing Guidelines, Health Care, Health Care Finance, Health Care Fraud, Health Care Provider, Health Care Quality, Health Care Reform, Health Plans, Hospital, Laws, Medicaid, Medicare, Medicare Advantage, Medicare Fee Schedule, Medicare Prescription Drug Program, Mental Heatlh, Money Laundering, OIG, Outpatient, Patient Protection and Affordable Care Act, Pharmacy, Physician, Prescription Drugs, Public Policy, Reimbursement, Rural Health Care, Stark, Substance Abuse | Tagged: Health Care Fraud, HEAT, Medicaid Fraud, Medicare, Medicare Fraud, Medicare Fraud Task Force | Permalink
Posted by Cynthia Marcotte Stamer

OSHA Safety Violations At Veterans’ Medical Center Reminder To Manage OSHA Compliance

March 1, 2013

The U.S. Department of Labor’s Occupational Safety and Health Administration (OSHA) has issued seven notices of unsafe or unhealthful working conditions found at the Battle Creek Veterans Administration Medical Center, following a safety inspection conducted in July as part of OSHA’s Federal Agency Targeting Inspection Program. OSHA’s announcement of the citations highlights the need for all health care and other employers to manage safety compliance. The citations highlight the high enforcement and penalty risks that public and private health care providers risk by failing to comply with OSHA’s safety, recordkeeping and reporting requirements.

Health Industry Employers High Priority OSHA Enforcement Target

Under these OSHA requirements, all employers, including federal and private health industry employers, are responsible for knowing what hazards exist in their facilities and taking appropriate precautions by following OSHA standards so workers are not exposed to such hazards. Physician practices, hospitals and other health care providers in both the public and private sectors generally are subject to these federal requirements, as well as various state and federal environmental and patient safety requirements. Enforcement of compliance in the health care industry is a high priority for OSHA because of the high rates of occupational accident and injury among health industry workers. Federal agencies generally must comply with the same safety standards as private-sector employers.

OSHA prioritizes monitoring and enforcing occupational safety standards throughout the health care industry because of the high incidence of occupational accidents and illnesses among health care workers. According to OSHA, more workers are injured in the healthcare and social assistance industry sector than any other. This industry has one of the highest rates of work related injuries and illnesses and it continues to rise. In 2020, the healthcare and social assistance industry reported a 40% increase in injury and illness cases which continues to be higher than any other private industry sector – 806,200 cases (2020 Survey of Occupational Injuries and Illnesses, BLS). Over half of these cases (447,890) resulted in at least one day away from work. The total incidence rate for this sector was 5.5 cases per 100 FTE workers in 2020, compared to 3.8 per 100 FTE workers in 2019. Nursing assistants were amongst the occupations with the highest rates of musculoskeletal disorders of all occupations in 2020, with 15,360 cases. Musculoskeletal disorders made up 52% of all days away from work cases for nursing assistants. See here. In addition to the medical staff, large healthcare facilities employ a wide variety of trades that have health and safety hazards associated with them. These include mechanical maintenance, medical equipment maintenance, housekeeping, food service, building and grounds maintenance, laundry, and administrative staff. Because of these risks, OSHA has extensive occupational health and safety requirements for physician practices, hospitals, nursing homes, home health and other health industry employers and targeted audit and enforcement programs to enforce and promote compliance with these requirements. See here.

Violations are common and frequently result in citations, particularly in certain key areas. The most frequently cited areas affecting health industry employers include violations of the following standards:

Section 1910.132, General requirements.
Section1910.133, Eye and face protection.
Section 1910.134, Respiratory protection.
Section 1910 Subpart Z – Toxic and Hazardous Substances
Section 1910.1030, Bloodborne pathogens.
Section 1910.1047, Ethylene oxide.
Section 1910.1048, Formaldehyde.
Section 1910.1096, Ionizing radiation.
Section 1910.1200, Hazard Communication.
Section 1910.1450, Occupational exposure to hazardous chemicals in laboratories.

Battle Creek VA OSHA Safety Violations

In the case of the Battle Creek Veterans Administration Medical Center, OSHA says an inspection uncovered several repeat safety violations, as well as certain other serious safety violations. OSHA reports that three repeat safety violations involved failing to evaluate the workplace to identify if permit-required confined spaces were present and label such spaces with danger signs; failing to adequately guard automated laundry equipment to prevent employees from entering the work area, and failing to fully guard the belt and pulley of an air compressor. To issue notices for repeat violations, OSHA must have issued at least one other notice for the same violation at one of the agency’s establishments within the same standard industrial classification code, commonly known as the SIC code. OSHA previously has cited U.S. Department of Veterans Affairs facilities in Danville and North Chicago, Illinois, and Minneapolis, Minnesota for the same safety and health violations.

The serious safety violations found included three serious safety violations for unguarded floor openings in the general repair shop; failing to inspect powered industrial trucks prior to placing them in service, and failing to remove trucks from service in need of repair. Additionally, OSHA found a circuit breaker panel was not mounted correctly. OSHA issues a serious notice when it finds a substantial probability that death or serious physical harm could result from a hazard about which the employer knew or should have known.

Beyond the repeat and serious violations, OSHA reports it also found one other-than-serious violation for failing to close unused openings on electrical cabinets and junction boxes. An other-than-serious violation is one that has a direct relationship to job safety and health, but probably would not cause death or serious physical harm.

While the medical center and other federal agencies are required to comply with the same OSHA rules as private sector employers, the VA and other federal agencies don’t face the same liabilities when cited. OSHA cannot propose monetary penalties against another federal agency for failure to comply with OSHA standards.

Since private sector employers that don’t enjoy the VA’s immunity liability run much greater risks for failing to maintain workplace safety, including significant civil and in the case of a workplace death, potentially even criminal penalties, private sector hospitals and other organizations should exercise special care to ensure appropriate safety in their workplaces.

For More Information Or Assistance

If you need assistance reviewing or responding to these or other health care related risk management, compliance, enforcement or management concerns, the author of this update, attorney Cynthia Marcotte Stamer, may be able to help. Vice President of the North Texas Health Care Compliance Professionals Association, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has nearly 35 years of experience advising health industry clients about these and other matters. Ms. Stamer has extensive experience advising and assisting health care providers and other health industry clients to establish and administer compliance and risk management policies and to respond to DEA and other health care industry investigation, enforcement and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns. A popular lecturer and widely published author on health industry concerns, Ms. Stamer continuously advises health industry clients about compliance and internal controls, workforce and medical staff performance, quality, governance, reimbursement, and other risk management and operational matters. Ms. Stamer also publishes and speaks extensively on health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns including a number of programs and publications on OCR Civil Rights rules and enforcement actions. Her insights on these and other related matters appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, World At Work, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications. You can get more information about her health industry experience here. If you need assistance with these or other compliance concerns, wish to ask about arranging for compliance audit or training, or need legal representation on other matters please contact Ms. Stamer at (469) 767-8872 or via e-mail here.

About Solutions Law Press

Leave a Comment » | Academic medicine, Affordable Care Act, Anti-KickBack, ASC, Childrens Health Insurance Program, Corporate Compliance, Employer, Federal Health Center, Federal Sentencing Guidelines, Health Care, Health Care Finance, Health Care Fraud, Health Care Provider, Health Care Quality, Health Care Reform, Health Plans, Hospital, Laws, Medicaid, Medicare, Medicare Advantage, Medicare Fee Schedule, Medicare Prescription Drug Program, Mental Heatlh, Money Laundering, OIG, Outpatient, Patient Protection and Affordable Care Act, Pharmacy, Physician, Prescription Drugs, Public Policy, Reimbursement, Rural Health Care, Stark, Substance Abuse | Tagged: Health Care, Health Care Fraud, hospita, Hospital, Medicaid Fraud, Medicare Fraud Task Force, OSHA, Safety | Permalink
Posted by Cynthia Marcotte Stamer

Federal Health Care Fraud & Abuse Recovery of $4.2 Billion In FY 2012 Shows Enforcement Risks Growing

March 1, 2013

A new report from the Department of Health & Human Services (HHS) and the U.S. Department of Justice (DOJ) joint Health Care Fraud and Abuse Control Program (HCFC) documents the growing exposures of health care providers to federal health care fraud enforcement actions.

The charges are provide yet another powerful reminder to health care providers, leaders and organizations of the advisability of tightening compliance practices and taking other steps to guard against ever-expanding health care fraud exposures. Already a lead federal enforcement priority for more than a decade, the Health Care Fraud and Abuse Control Program Annual Report for Fiscal Year 2012 (FY2012 Report) documents that DOJ and HHS health care fraud enforcement activities scored big in 2012, and that qui tam whistleblowers played a big part and shared big in the profits.

Among other things, the FY2012 Report credits HCFC with producing $4.2 Billion in health care fraud judgments and settlements in Fiscal Year 2012 of which more than $284 million of the recovered monies were paid to relators under the qui tam provisions of the False Claims Act (FCA).

The FY2012 Report says the Medicare Trust Fund received more than $2.4 billion, including civil recoveries of $935 million, $1.4 billion in criminal fines, and $89.7 million in HHS Medicare program audit disallowances.

On the enforcement front, the FY2012 Report says DOJ opened 1,131 new criminal health care fraud investigations involving 2,148 potential defendants. Federal prosecutors had 2,032 health care fraud criminal investigations pending, involving 3,410 potential defendants, and filed criminal charges in 452 cases involving 892 defendants. A total of 826 defendants were convicted of health care fraud-related crimes during the year. Also in FY 2012, DOJ opened 885 new civil health care fraud investigations and had 1,023 civil health care fraud matters pending at the end of the fiscal year. In FY 2012, Federal Bureau of Investigation (FBI) health care fraud investigations resulted in the operational disruption of 329 criminal fraud organizations, and the dismantlement of the criminal hierarchy of more than 83 criminal enterprises engaged in health care fraud.

Act To Manage Risks

For More Information Or Assistance

If you need assistance reviewing or responding to these or other health care related risk management, compliance, enforcement or management concerns, the author of this update, attorney Cynthia Marcotte Stamer, may be able to help. Vice President of the North Texas Health Care Compliance Professionals Association, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has more than 23 years experience advising health industry clients about these and other matters. Ms. Stamer has extensive experience advising and assisting health care providers and other health industry clients to establish and administer compliance and risk management policies and to respond to DEA and other health care industry investigation, enforcement and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns. A popular lecturer and widely published author on health industry concerns, Ms. Stamer continuously advises health industry clients about compliance and internal controls, workforce and medical staff performance, quality, governance, reimbursement, and other risk management and operational matters. Ms. Stamer also publishes and speaks extensively on health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns including a number of programs and publications on OCR Civil Rights rules and enforcement actions. Her insights on these and other related matters appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, World At Work, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications. You can get more information about her health industry experience here. If you need assistance with these or other compliance concerns, wish to ask about arranging for compliance audit or training, or need legal representation on other matters please contact Ms. Stamer at (469) 767-8872 or via e-mail here.

About Solutions Law Press

Leave a Comment » | Academic medicine, Affordable Care Act, Anti-KickBack, ASC, Childrens Health Insurance Program, Corporate Compliance, Durable Medical Equipment, Federal Health Center, Federal Sentencing Guidelines, Health Care, Health Care Finance, Health Care Fraud, Health Care Provider, Health Care Quality, Health Care Reform, Health Plans, Hospital, Laws, Medicaid, Medicare, Medicare Advantage, Medicare Fee Schedule, Medicare Prescription Drug Program, Mental Heatlh, Money Laundering, OIG, Outpatient, Patient Protection and Affordable Care Act, Pharmacy, Physician, Prescription Drugs, Public Policy, Reimbursement, Rural Health Care, Stark, Substance Abuse | Tagged: Health Care Fraud, HEAT, Medicaid Fraud, Medicare, Medicare Fraud, Medicare Fraud Task Force | Permalink
Posted by Cynthia Marcotte Stamer

Medical Device Excise Tax Rules Supplemented

December 9, 2012

Medical device manufacturers heads up! The Internal Revenue Service (IRS) has adopted interim rules for relating to the excise tax on medical devices imposed by § 4191 (the “medical device excise tax”) of the Internal Revenue Code (the “Code”).

Section 4191, enacted by section 1405 of the Health Care and Education Reconciliation Act of 2010 in conjunction with the Patient Protection and Affordable Care Act (the Affordable Care Act) enacted a new excise tax on the sale of certain medical devices. The excise tax imposed by Code section 4191 is 2.3% of the price for which the taxable medical device is sold. The medical device excise tax is codified in chapter 32, subtitle D of the Code (“chapter 32”), which pertains to excise taxes imposed on the sale or use of taxable articles by manufacturers, producers, and importers (commonly referred to as “manufacturers excise taxes”). See § 48.0-2(a)(4)(i) of the Manufacturers and Retailers Excise Tax Regulations (Regulations). The Code defines the term “manufacturer” to include a “producer” and an “importer”.

On December 7, 2012, the Internal Revenue Service (IRS) and the Treasury Department issued TD 9604, containing final regulations under § 4191. The final regulations did not address certain issues that the IRS and the Treasury Department continue to study. These issues included the determination of price under § 4216(b); the tax treatment of medical software licenses; the taxability of donated medical devices; and the taxability of medical convenience kits.

The IRS recently followed up by issuing Notice 2012-77. Notice 2012-77 available here contains the IRS’ rules about:

How to determine price for purposes of the medical device excised tax under Code section 4216(b);
Donated taxable medical devices;
Licensing of taxable medical devices;
The tax treatment of medical convenience kits;
Transition relief to medical device manufacturers from the failure to deposit penalties imposed by § 6656; and
Invites comments from taxpayers about its rules.

As these rules take effect January 1, 2013, device manufacturers should review the new guidance and update their procedures to provide for timely determination and payment of any required device taxes. In addition, device manufacturers also will need to kep an eye out for potential changes in the rules. The IRS and the Treasury Department have said they may issue additional published guidance on these issues in the future.

For Help With Monitoring Developments, Compliance, Investigations Or Other Needs

If you need help reviewing or commenting on the Tests Procedures or monitoring or responding to these or other health care or health IT related risk management, compliance, enforcement or management concerns, the author of this update, attorney Cynthia Marcotte Stamer, can help. Vice President of the North Texas Health Care Compliance Professionals Association, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, and A Fellow in the American Bar Association, State Bar of Texas and other prominent organizations, Ms. Stamer has more than 24 years experience advising health industry clients about these and other matters. Ms. Stamer has extensive experience advising and assisting health care providers, health plans, their business associates and other health industry clients to set up and administer medical privacy, EHR and other technology and other compliance and risk management policies, to health care industry investigation, enforcement and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns. She regularly designs and presents HIPAA and other risk management, compliance and other training for health plans, employers, health care providers, professional associations and others.

You can get more information about her experience here.

Other Recent Updates & Resources

If you found this information of interest, you also may be interested in the following recent updates on health care, health plan and employee benefits, human resources and other risk management and compliance matters. Recent examples on health care compliance and risk management matters include:

Congress Sends Bill Amending Lab Testing Rule Violation Sanctions

Learn Latest On OCR New HIPAA De-Identification Guidance & Other HIPAA Developments In 12/12 HIPAA Update Workshop!

$12M+ Settlement Recoveries In 2 Health Care Fraud Whistleblower Claims Shows Providers, Owners, Management & Staff Must Manage Compliance & Risks

Feds Health Fraud Suit Against Psychiatrists Shows Risks Providers Run From Aggressive Referral or Billing Activities

ONC Releases Next Wave of 2014 Draft Test Methods For Public Review and Comment; Plans 11/13 Virtual Workshop

Recent OIG Audit Reports Provide Insights Where Fraud Audits Likely To Look Next

Hospital Chain HCA Inc. Pays $16.5 Million to Settle False Claims Act Allegations That Hospital

Detroit-Area Doctor Charged for Role in Alleged $40 Million Medicare Fraud Scheme

Five More Individuals Charged in Detroit for Alleged Roles in $24.7 Million Medicare Fraud Scheme

Massachusetts Ear Group To Pay $1.5 Million To Resolve HIPAA Charges

Personal Consumer Information Protection In Health Care Operations Topic of Stamer’s 11/1 Speech

ONC Releases First Wave of EHR Test Procedures; More To Come

OCR Releases HIPAA Compliance Training Tool As Enforcement Risks Rise

Health Care Orgs Disability Exposure High As $475K Paid To Settle Justice Department Charges Medical Fitness Screenings of EMTs, Others Violated ADA

HHS/DOJ Partner With Private Health Plans To Further Ramp Up Health Care Fraud Heat!

AHRQ Issues New Guide for Use of Interactive Preventive Care Record

Nextcare Inc. $10 Million False Claims Act Settlement Shows Qui Tam Role In False Claims Act Prosecutions

For more resources and publications training materials by Ms. Stamer, see here.

If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information – including your preferred e-mail – by creating or updating your profile here. For important information concerning this communication click here. If you do not wish to receive these updates in the future, send an e-mail with the word “Remove” in the Subject to here.

Leave a Comment » | Academic medicine, ARRA, Disease Management, DME, Doctor, Durable Medical Equipment, Electronic Health Records, Electronic Medical Records, Employee Benefits, Employer, Health Care, Health Care Provider, Health Insurance Exchange, Health IT, Health Plan, Health Plans, HIPAA, HITECH Act, Home Health, Hospital, Hospital, Indian Health, Meaningful Use, Mental Heatlh, Pharmacy, Physician, Privacy | Tagged: Affordable Care Act, DME, medical device, medical device excise tax, Tax | Permalink
Posted by Cynthia Marcotte Stamer

Updated 2013 ACA Prescription Drug Fee Calculation & Payment Rules Released; 12/18 Deadline To File Form 8947

December 4, 2012

December 17, 2012 is the deadline for covered entities to file a Form 8947 as part if its reporting and payment of the Form 8947The Internal Revenue Service (IRS) Notice 2012-74 sets forth the instructions for calculation and reporting branded prescription drug fee for the 2013 fee year under Section 9008 of the Patient Protection and Affordable Care Act, as amended by section 1404 of the Health Care and Education Reconciliation Act of 2010 (Affordable Care Act).

The Act imposes an annual fee on covered entities engaged in the business of manufacturing or importing branded prescription drugs. The Branded Prescription Drug Fee Regulations in 26 C.F.R. Part 51 published on August 18, 2011 provide the method for calculating each covered entity’s annual fee and the fee year for purposes of these rules and how the fee must be reported and paid. See 76 Fed. Reg. 51245. These regulations also define terms for the administration of the fee.

Notice 2012-74/s instructions on the 2013 prescription drug fee discusses:

The submission of Form 8947, “Report of Branded Prescription Drug Information,”
The time and manner for notifying covered entities of their preliminary fee calculation;
the time and manner for covered entities to submit error reports for the dispute resolution; process; and
The time for the IRS to notify covered entities of their final fee calculation.

12/18/12 Deadline to File Form 8947

One of the deadlines for this process is rapidly approaching. Section 51.3T provides that annually, each covered entity may submit a completed Form 8947, “Report of Branded Prescription Drug Information,” in accordance with the instructions for the form. Generally, the form solicits information from covered entities on National Drug Codes, orphan drugs, designated entities, rebates, and other information specified by the form or its instructions. The form is to be filed by the date prescribed in guidance published in the Internal Revenue Bulletin.

Notice 2012-74 sets the deadline for a covered entity that chooses to submit Form 8947 for 2013 at December 17, 2012.

Preliminary Fee Calculation

For the 2013 fee year, the IRS will mail each covered entity a paper notice of its preliminary fee calculation by April 1, 2013. This mailing will include a National Drug Code (NDC) attachment (NDC attachment) that lists the covered entity’s NDCs and the sales data reported to the IRS by each government program pursuant to § 51.4T.

A covered entity may request that the IRS send a CD-ROM with the NDC attachment in Microsoft Excel format. The covered entity must make this request by March 15, 2013. This request must be made either by telephone to Ingrid Taylor at (908) 301-2118 or Mi Lim at (312) 292-3775 (not toll-free calls) or by email to it.bpd.fee@irs.gov. If a covered entity makes this request timely, the IRS will mail the covered entity its notice of preliminary fee calculation on paper and the NDC attachment on paper and CD-ROM by April 1, 2013.

Submitting Error Reports For The Dispute Resolution Process

For the 2013 fee year, a covered entity that chooses to submit an error report regarding its preliminary fee calculation must mail the error report by May 16, 2013. When the IRS mails each covered entity a notice of its preliminary fee calculation by April 1, 2013, the IRS will also send each covered entity a template on a CD-ROM that the covered entity must use to prepare its error report. All completed templates and the supporting documentation must be submitted on a CD-ROM to the IRS in a timely fashion.

Final Fee Calculation & Payment

The IRS will notify each covered entity of its final fee calculation for 2013 by August 31, 2013. In accordance with § 51.8T(c), each covered entity must pay this fee by September 30, 2013.

For Help With Monitoring Developments, Compliance, Investigations Or Other Needs

You can get more information about her experience here.

Other Recent Updates & Resources

OIG Recommends CMS, ONC Tighten EMR Incentive Program Rules To Improve Oversight

Congress Sends Bill Amending Lab Testing Rule Violation Sanctions

Learn Latest On OCR New HIPAA De-Identification Guidance & Other HIPAA Developments In 12/12 HIPAA Update Workshop!

$12M+ Settlement Recoveries In 2 Health Care Fraud Whistleblower Claims Shows Providers, Owners, Management & Staff Must Manage Compliance & Risks

Feds Health Fraud Suit Against Psychiatrists Shows Risks Providers Run From Aggressive Referral or Billing Activities

ONC Releases Next Wave of 2014 Draft Test Methods For Public Review and Comment; Plans 11/13 Virtual Workshop

Recent OIG Audit Reports Provide Insights Where Fraud Audits Likely To Look Next

Hospital Chain HCA Inc. Pays $16.5 Million to Settle False Claims Act Allegations That Hospital

Detroit-Area Doctor Charged for Role in Alleged $40 Million Medicare Fraud Scheme

Five More Individuals Charged in Detroit for Alleged Roles in $24.7 Million Medicare Fraud Scheme

Massachusetts Ear Group To Pay $1.5 Million To Resolve HIPAA Charges

Personal Consumer Information Protection In Health Care Operations Topic of Stamer’s 11/1 Speech

ONC Releases First Wave of EHR Test Procedures; More To Come

OCR Releases HIPAA Compliance Training Tool As Enforcement Risks Rise

Health Care Orgs Disability Exposure High As $475K Paid To Settle Justice Department Charges Medical Fitness Screenings of EMTs, Others Violated ADA

HHS/DOJ Partner With Private Health Plans To Further Ramp Up Health Care Fraud Heat!

AHRQ Issues New Guide for Use of Interactive Preventive Care Record

Nextcare Inc. $10 Million False Claims Act Settlement Shows Qui Tam Role In False Claims Act Prosecutions

For more resources and publications training materials by Ms. Stamer, see here.

Leave a Comment » | Academic medicine, ARRA, Disease Management, DME, Doctor, Durable Medical Equipment, Electronic Health Records, Electronic Medical Records, Employee Benefits, Employer, Health Care, Health Care Provider, Health Insurance Exchange, Health IT, Health Plan, Health Plans, HIPAA, HITECH Act, Home Health, Hospital, Hospital, Indian Health, Meaningful Use, Mental Heatlh, Pharmacy, Physician, Privacy | Tagged: CMS, Health Care Fraud, Health Care Fraud Task Force, Health Care Reimbursement, HHS, Hospitals, Inpatient, Medicare, OIG, outpatient, Physicians | Permalink
Posted by Cynthia Marcotte Stamer

Hospitals Urged To Tighten Inpatient & Outpatient Admission Records As OIG Audits Hospitals for New vs. Established Patients,

November 29, 2012

Hospitals should act quickly to adopt appropriate compliance policies and tighten outpatient and inpatient admissions recordkeeping and associated billing activities to minimize exposures signaled by audits announced by the Department of Health & Human Services (HHS) Office of Inspector General (OIG).

OIG reportedly is auditing inpatient and outpatient hospital claims for new and established patients to identify potential overcharges by some hospital-based outpatient clinics that may have resulted from treating established patients as if they were new patients. OIG’s Office of Audit Services reportedly sent letters to some hospitals in October, asking about a handful of claims for new patient visits that OIG suspects the hospital should have billed as established patient visits. In addition to requesting specific information about line items on the claims and their internal controls for billing new versus established patients and provide descriptions of written policies and procedures governing the facilities classification of new versus established patients and internal controls for detecting errors.

Medicare typically pays more for new versus established patients since CMS implemented the outpatient prospective payment system in 2000. Since 2008, CMS rules have specified that patients who visit the hospital outpatient clinic within three years are established patients, and after that they are new, with Medicare paying more for the latter. See(73 Fed. Reg. 68502, 68679 (November 18, 2009). Data mining technology increasingly used by CMS and other federal fraud investigators facilities the ability of Medicare and others to identify errors in coding and billing resulting from misclassication of existing patients as new.

Many hospitals may be exposed under this requirement for a variety of reasons including failure to appropriately track and coordinate inpatient and outpatient admission data, defaults built into recordkeeping systems and omissions to timely update practices or training. In contrast to the risk of overbilling from incorrectly treating patients as new, hospitals that bill all patients as established to overcome inadequacies in their ability to track new versus established patients often leave money on the table unnecessarily by foregoing added reimbursement that the facility otherwise would qualify for it could reliably identify new patients.

While strengthening coding and billing to ward of risks, may debate the appropriateness of CMS’ new versus existing patient distinction outside the physician office context. Critics contend that unlike in the physician office context, the level of care or resources delivered for a new patient compared to a patient who previously visited the hospital doesn’t generally differ. Parties with these concerns should continue to ensure appropriate compliance with existing rules while providing input and feedback to CMS and other regulators about their concerns with the policy’s suitability.

For Help With Monitoring Developments, Compliance, Investigations Or Other Needs

You can get more information about her experience here.

Other Recent Updates & Resources

OIG Recommends CMS, ONC Tighten EMR Incentive Program Rules To Improve Oversight

Congress Sends Bill Amending Lab Testing Rule Violation Sanctions

Learn Latest On OCR New HIPAA De-Identification Guidance & Other HIPAA Developments In 12/12 HIPAA Update Workshop!

$12M+ Settlement Recoveries In 2 Health Care Fraud Whistleblower Claims Shows Providers, Owners, Management & Staff Must Manage Compliance & Risks

Feds Health Fraud Suit Against Psychiatrists Shows Risks Providers Run From Aggressive Referral or Billing Activities

ONC Releases Next Wave of 2014 Draft Test Methods For Public Review and Comment; Plans 11/13 Virtual Workshop

Recent OIG Audit Reports Provide Insights Where Fraud Audits Likely To Look Next

Hospital Chain HCA Inc. Pays $16.5 Million to Settle False Claims Act Allegations That Hospital

Detroit-Area Doctor Charged for Role in Alleged $40 Million Medicare Fraud Scheme

Five More Individuals Charged in Detroit for Alleged Roles in $24.7 Million Medicare Fraud Scheme

Massachusetts Ear Group To Pay $1.5 Million To Resolve HIPAA Charges

Personal Consumer Information Protection In Health Care Operations Topic of Stamer’s 11/1 Speech

ONC Releases First Wave of EHR Test Procedures; More To Come

OCR Releases HIPAA Compliance Training Tool As Enforcement Risks Rise

Health Care Orgs Disability Exposure High As $475K Paid To Settle Justice Department Charges Medical Fitness Screenings of EMTs, Others Violated ADA

HHS/DOJ Partner With Private Health Plans To Further Ramp Up Health Care Fraud Heat!

AHRQ Issues New Guide for Use of Interactive Preventive Care Record

Nextcare Inc. $10 Million False Claims Act Settlement Shows Qui Tam Role In False Claims Act Prosecutions

For more resources and publications training materials by Ms. Stamer, see here.

Leave a Comment » | Academic medicine, ARRA, Disease Management, DME, Doctor, Durable Medical Equipment, Electronic Health Records, Electronic Medical Records, Employee Benefits, Employer, Health Care, Health Care Provider, Health Insurance Exchange, Health IT, Health Plan, Health Plans, HIPAA, HITECH Act, Home Health, Hospital, Hospital, Indian Health, Meaningful Use, Mental Heatlh, Pharmacy, Physician, Privacy | Tagged: CMS, Health Care Fraud, Health Care Fraud Task Force, Health Care Reimbursement, HHS, Hospitals, Inpatient, Medicare, OIG, outpatient, Physicians | Permalink
Posted by Cynthia Marcotte Stamer

OIG Recommends CMS, ONC Tighten EMR Incentive Program Rules To Improve Oversight

November 29, 2012

The Department of Health & Human Services Office of Inspector General is recommending the Centers for Medicare & Medicaid Services (CMS) and the Office of the National Coordinator for Health IT (ONC) act to improve the effectiveness of its oversight and management of the Medicare electronic health record (EHR) incentive program. The recommendations are likely to impact on the requirements that hospitals and other professionals will be required to meet to get and keep EHR program incentive payments. Consequently, hospitals, physicians and other providers and their technology and other systems advisors and vendors should carefully watch and respond to changes that these two agencies implement in response to the OIG feedback.

According to an OIG study reported here, the CMS estimates that it will pay $6.6 billion in EHR incentive payments to providers under the program between 2011 and 2016. Many hospitals, physician organizations and other providers are making substantial investments in EHR and related technologies in reliance of expectation of receiving program incentive payments. Accordingly, parties hoping to qualify for incentive programs need to watch closely the actions that the agencies take in response to this OIG input or otherwise that impacts on qualification and audits.

OIG Study & Findings

OIG’s early assessment of CMS’s oversight of the Program found that because professionals and hospitals self-report data to prove fulfillment of program requirements, CMS’s efforts to verify these data will help make sure the integrity of Medicare EHR incentive payments.

The recommendation comes from an OIG study reviewing CMS’s oversight of professionals’ and hospitals’ self-reported meaningful use of certified EHR technology in 2011, the first year of the program. OIG evaluated self-reported information against program requirements. It also looked at CMS’s audit planning documents, regulations and guidance for the program and conducted structured interviews with CMS staff on CMS’s oversight.

Based on this evaluation, OIG foundCMS faces obstacles to overseeing the Medicare EHR incentive program that leave the program vulnerable to paying incentives to professionals and hospitals that do not fully meet the meaningful use requirements. OIG says CMS has not yet implemented strong prepayment safeguards, and has limited ability to safeguard incentive payments postpayment. OIG also reports that the ONC requirements for EHR reports may contribute to CMS’s oversight obstacles.

OIG Recommended Corrective Action

Based on its study, OIG is recommending that CMS take the following actions.

Obtain and review supporting documentation from selected professionals and hospitals prior to payment to verify the accuracy of their self‑reported information and
Issue guidance with specific examples of documentation that professionals and hospitals should maintain to support their compliance.

CMS did not agree with our first recommendation, stating that prepayment reviews would increase the burden on practitioners and hospitals and could delay incentive payments. Despite this CMS feedback, OIG nevertheless is continuing to recommend that CMS conduct prepayment reviews to improve program oversight. CMS concurred with our second recommendation.

OIG also recommended that ONC take the following actions:

Require that certified EHR technology be capable of producing reports for yes/no meaningful use measures where possible and
Improve the certification process for EHR technology to make sure applicants provide accurate EHR reports.

ONC concurred with both recommendations.

Recommended Provider Action

Hospitals and providers looking to take advantage of the HER incentive payments should carefully monitor the developments resulting from these recommendations and take proper actions to stay compliant with evolving requirements as they move forward.

Along with monitoring these responses, providers participating in the incentive program also need to stay abreast of other developments. For instance, last month, ONC announced the release of the Wave 7 2014 Edition Draft Test Methods (test procedures, tools, and applicable test data and files). See 2014 Edition Draft Test Procedures webpage. Additional waves of test methods are impending. ONC says it expects the final set of Test Methods to be available for use in early 2013.

For Help With Monitoring Developments, Compliance, Investigations Or Other Needs

You can get more information about her experience here.

Other Recent Updates & Resources

Congress Sends Bill Amending Lab Testing Rule Violation Sanctions

Learn Latest On OCR New HIPAA De-Identification Guidance & Other HIPAA Developments In 12/12 HIPAA Update Workshop!

$12M+ Settlement Recoveries In 2 Health Care Fraud Whistleblower Claims Shows Providers, Owners, Management & Staff Must Manage Compliance & Risks

Feds Health Fraud Suit Against Psychiatrists Shows Risks Providers Run From Aggressive Referral or Billing Activities

ONC Releases Next Wave of 2014 Draft Test Methods For Public Review and Comment; Plans 11/13 Virtual Workshop

Recent OIG Audit Reports Provide Insights Where Fraud Audits Likely To Look Next

Hospital Chain HCA Inc. Pays $16.5 Million to Settle False Claims Act Allegations That Hospital

Detroit-Area Doctor Charged for Role in Alleged $40 Million Medicare Fraud Scheme

Five More Individuals Charged in Detroit for Alleged Roles in $24.7 Million Medicare Fraud Scheme

Massachusetts Ear Group To Pay $1.5 Million To Resolve HIPAA Charges

Personal Consumer Information Protection In Health Care Operations Topic of Stamer’s 11/1 Speech

ONC Releases First Wave of EHR Test Procedures; More To Come

OCR Releases HIPAA Compliance Training Tool As Enforcement Risks Rise

Health Care Orgs Disability Exposure High As $475K Paid To Settle Justice Department Charges Medical Fitness Screenings of EMTs, Others Violated ADA

HHS/DOJ Partner With Private Health Plans To Further Ramp Up Health Care Fraud Heat!

AHRQ Issues New Guide for Use of Interactive Preventive Care Record

Nextcare Inc. $10 Million False Claims Act Settlement Shows Qui Tam Role In False Claims Act Prosecutions

For more resources and publications training materials by Ms. Stamer, see here.

Leave a Comment » | Academic medicine, ARRA, Disease Management, DME, Doctor, Durable Medical Equipment, Electronic Health Records, Electronic Medical Records, Employee Benefits, Employer, Health Care, Health Care Provider, Health Insurance Exchange, Health IT, Health Plan, Health Plans, HIPAA, HITECH Act, Home Health, Hospital, Hospital, Indian Health, Meaningful Use, Mental Heatlh, Pharmacy, Physician, Privacy | Tagged: Affordable Care Act, CMS, EHR, Electronic Health Records, Health Care, health care IT, Health Care Provider, Health Plans, HIPAA, OIG, ONC, PHI, Physicians, Privacy | Permalink
Posted by Cynthia Marcotte Stamer

ONC Changes Start Time, Releases Agenda For 11/13 Virtual Workshop On Health IT Test Standards

November 9, 2012

The Office of the National Coordinator for Health IT (ONC) today (November 9, 2012) announced a preliminary agenda of topics and the procedures that health care providers and other interested parties wishing to participate in a public virtual workshop on the ONC Health Information Technology (IT) Certification Program and 2014 Edition Test Methods that ONC plans to host on Tuesday, November 13, 2012 from 8:15 AM-4:30PM EST.

The announced commencement time is 45 minutes earlier than the originally announced 9:00 AM start time that ONC had announced as the start time for the workshop in November 8 announcements.

To review the preliminary agenda for the workshop, see http://www.healthit.gov/policy-researchers-implementers/2014-edition-draft-test-methods.

According to today’s ONC announcement, parties wishing to participate in the virtual workshop should register for ONC Certification Technical Workshop on Nov 13, 2012 8:15 AM EST at https://attendee.gotowebinar.com/register/2114316126469925632 . ONC says that successful registrants will receive a confirmation email containing information about joining the webinar.

The planned workshop follows ONC’s anno0uncement of the release for review of the latest in a series of electronic medical records Test Standards that ONC has issued recently in its march to implement its mandate. ONC says all Test Methods will undergo public review and comment before being finalized and approved by ONC for use in testing and certification. ONC typically allows a two week period of public review and comment from the date posted for public review and comment on each Wave.

In keeping with this process, ONC is inviting interested persons to submit comments and suggestions to ONC.Certification@hhs.gov. All submissions should include “2014 Test Methods” in the subject line. ONC asks that parties submitting input to be as specific as possible in their comment submissions.

ONC says it expects the final set of Test Methods to be available for use in early 2013.

For Help With Monitoring Developments, Compliance, Investigations Or Other Needs

If you need help reviewing or commenting on the Tests Procedures or monitoring or responding to these or other health care or health IT related risk management, compliance, enforcement or management concerns, the author of this update, attorney Cynthia Marcotte Stamer, can help. Vice President of the North Texas Health Care Compliance Professionals Association, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has more than 24 years experience advising health industry clients about these and other matters. Ms. Stamer has extensive experience advising and assisting health care providers, health plans, their business associates and other health industry clients to establish and administer medical privacy and other compliance and risk management policies, to health care industry investigation, enforcement and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns. She regularly designs and presents HIPAA and other risk management, compliance and other training for health plans, employers, health care providers, professional associations and others.

You can get more information about her HIPAA and other experience here.

Other Recent Updates & Resources

For additional resources and publications training materials by Ms. Stamer, see here.

Leave a Comment » | Academic medicine, ARRA, Disease Management, DME, Doctor, Durable Medical Equipment, Electronic Health Records, Electronic Medical Records, Employee Benefits, Employer, Health Care, Health Care Provider, Health Insurance Exchange, Health IT, Health Plan, Health Plans, HIPAA, HITECH Act, Home Health, Hospital, Hospital, Indian Health, Meaningful Use, Mental Heatlh, Pharmacy, Physician, Privacy | Tagged: Affordable Care Act, EHR, Electronic Health Records, Health Care, health care IT, Health Care Provider, Health Plans, HIPAA, ONC, PHI, Privacy | Permalink
Posted by Cynthia Marcotte Stamer

ONC Releases Next Wave of 2014 Draft Test Methods For Public Review and Comment; Plans 11/13 Virtual Workshop

November 8, 2012

The Office of the National Coordinator for Health IT (ONC) today (November 8, 2012) announced the release of the Wave 7 2014 Edition Draft Test Methods (test procedures, tools, and applicable test data and files). To review the 2014 Edition draft Test Methods, visit the 2014 Edition Draft Test Procedures webpage. As a follow up to this announcement, ONC is inviting interested parties to participate in a public workshop on the ONC HIT Certification Program and 2014 Edition Test Methods on Tuesday, November 13^th, 9AM-4:30PM EST.

The Test Procedures announced today are the latest in a series ONC has issued recently. ONC says all Test Methods will undergo public review and comment before being finalized and approved by ONC for use in testing and certification. ONC typically allows a two week period of public review and comment from the date posted for public review and comment on each Wave.

ONC says it expects the final set of Test Methods to be available for use in early 2013.

To help interested parties stay informed about the Test Messages, ONC also announced today it will host a virtual public workshop on the ONC HIT Certification Program and 2014 Edition Test Methods on Tuesday, November 13^th, 9AM-4:30PM EST. According to ONC, the topics to be covered include 2014 Test Procedures, Test Tools, Test Data, ONC Timeline, and the Certified Health IT Product List (CHPL). ONC says additional details regarding access and agenda will be forthcoming. Watch the ONC website.

For Help With Monitoring Developments, Compliance, Investigations Or Other Needs

If you need help reviewing or commenting on the Tests Procedures or monitoring or responding to these or other health care or health IT related risk management, compliance, enforcement or management concerns, the author of this update, attorney Cynthia Marcotte Stamer, can help. Vice President of the North Texas Health Care Compliance Professionals Association, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has more than 24 years experience advising health industry clients about these and other matters. Ms. Stamer has extensive experience advising and assisting health care providers, health plans, their business associates and other health industry clients to establish and administer medical privacy and other compliance and risk management policies, to health care industry investigation, enforcement and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns. She regularly designs and presents HIPAA and other risk management, compliance and other training for health plans, employers, health care providers, professional associations and others.

You can get more information about her HIPAA and other experience here.

Other Recent Updates & Resources

For additional resources and publications training materials by Ms. Stamer, see here.

Leave a Comment » | Academic medicine, ARRA, Disease Management, DME, Doctor, Durable Medical Equipment, Electronic Health Records, Electronic Medical Records, Employee Benefits, Employer, Health Care, Health Care Provider, Health Insurance Exchange, Health IT, Health Plan, Health Plans, HIPAA, HITECH Act, Home Health, Hospital, Hospital, Indian Health, Meaningful Use, Mental Heatlh, Pharmacy, Physician, Privacy | Tagged: Affordable Care Act, EHR, Electronic Health Records, Health Care, health care IT, Health Care Provider, Health Plans, HIPAA, ONC, PHI, Privacy | Permalink
Posted by Cynthia Marcotte Stamer

Massachusetts Ear Group To Pay $1.5 Million To Resolve HIPAA Charges

September 17, 2012

Physician practices and other health care providers, health plans, health care clearinghouses and their business associates have yet another $1 million plus reminder of the importance of taking proper steps to secure electronic protected health information and take other steps required to comply with the Health Insurance Portability & Accountability Act of 1996 (HIPAA).

Massachusetts Eye and Ear Infirmary and Massachusetts Eye and Ear Associates, Inc. (collectively referred to as “MEEI”) will pay the U.S. Department of Health and Human Services’ (HHS) $1.5 million and take a series of corrective actions to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security Rule under the resolution agreement available here (“Resolution Agreement”) announced by the Department of Health & Human Services (HHS) Office of Civil Rights (OCR) on September 17, 2012.

MEEI Resolution Agreement

The Resolution Agreement settles charges that resulted from an OCR investigation commenced in response to a HIPAA breach report submitted by MEEI reporting the theft of an unencrypted personal laptop containing the electronic protected health information (ePHI) of MEEI patients and research subjects. The laptop information included patient prescriptions and clinical information.

OCR’s investigation indicated that MEEI failed to take necessary steps to comply with certain requirements of the HIPAA Security Rule, such as conducting a thorough analysis of the risk to the confidentiality of ePHI maintained on portable devices, implementing security measures sufficient to ensure the confidentiality of ePHI that MEEI created, maintained, and transmitted using portable devices, adopting and implementing policies and procedures to restrict access to ePHI to authorized users of portable devices , and adopting and implementing policies and procedures to address security incident identification, reporting, and response. OCR’s investigation indicated that these failures continued over an extended period of time, demonstrating a long-term organizational disregard for the requirements of the Security Rule.

To settle the charges, MEEI will pay a $1.5 million settlement to OCR. In addition, the Resolution Agreement also requires MEEI to adhere to a corrective action plan which includes reviewing, revising and maintaining policies and procedures to ensure compliance with the Security Rule, and retaining an independent monitor who will conduct assessments of MEEI’s compliance with the corrective action plan and render semi-annual reports to HHS for a 3-year period.

High Dollar Resolution Agreements Increasingly Common

The MEEI Resolution Agreement follows on the resolution agreement previously announced this year with Arizona-based Phoenix Cardiac Surgery, P.C. (PCS). That resolution agreement required PCS to pay $100,000 and take corrective action to implement policies and procedures to safeguard the protected health information of its patients to settle OCR charges PCS violated HIPAA.

Health care providers and other HIPAA-covered entities should heed the MEEI, PSC and other recent settlements as the latest signal of the risks that health care providers and other covered entities run by failing to adequately implement and administer appropriate HIPAA compliance practices.

Following the announcement by OCR last month that Blue Cross Blue Shield of Tennessee (BCBST) would pay $1,500,000 to resolve HIPAA violations charges, and the latest in a series of Resolution Agreements announced by OCR in recent years, the PCS highlights the willingness to sanction health care providers and other covered entities of all sizes. “The case is significant because it highlights a multi-year, continuing failure on the part of this provider to comply with the requirements of the Privacy and Security Rules,” said Leon Rodriguez, director of OCR. “We hope that health care providers pay careful attention to this resolution agreement and understand that the HIPAA Privacy and Security Rules have been in place for many years, and OCR expects full compliance no matter the size of a covered entity.”

Enforcement Actions Highlight Growing HIPAA Exposures For Covered Entities

Like the PCS, BCBST and other announced resolution agreements, the MEEI Resolution Agreement provides more evidence of the growing exposures that health care providers, health plans, health care clearinghouses and their business associates need to carefully and appropriately manage their HIPAA responsibilities. See HIPAA Heats Up: HITECH Act Changes Take Effect & OCR Begins Posting Names, Other Details Of Unsecured PHI Breach Reports On Website. Covered entities are urged to heed these warning by strengthening their HIPAA compliance and adopting other suitable safeguards to minimize HIPAA exposures. For tips, see here.

For Help With Monitoring Developments, Compliance, Investigations Or Other Needs

You can get more information about her HIPAA and other experience here or contact Ms Stamer here or at (469) 767-8872.

[1] The Breach Notification Rule also requires that covered entities report smaller breaches annually to OCR as part of a consolidated disclosure.

For more tips, see here.

Other Recent Updates & Resources

For additional resources and publications training materials by Ms. Stamer, see here.

[*] The Breach Notification Rule also requires that covered entities report smaller breaches annually to OCR as part of a consolidated disclosure.

Leave a Comment » | Academic medicine, ARRA, Disease Management, DME, Doctor, Durable Medical Equipment, Electronic Health Records, Electronic Medical Records, Employee Benefits, Employer, Health Care, Health Care Provider, Health Insurance Exchange, Health IT, Health Plan, Health Plans, HIPAA, HITECH Act, Home Health, Hospital, Hospital, Indian Health, Meaningful Use, Mental Heatlh, Pharmacy, Physician, Privacy | Tagged: Breach Notification, Health Care, Health Insurance Portability & Accountability Act, HIPAA, OCR, Office of Civil Rights, PHI, Privacy | Permalink
Posted by Cynthia Marcotte Stamer

ONC Releases First Wave of EHR Test Procedures; More To Come

September 14, 2012

On September 7th the ONC published the first wave of draft Test Procedures and applicable test data files for the 2014 Edition Elelctronic Health Record (EHR) certification criteria for public review and comment. ONC will release additional Test Procedures in waves on a weekly or bi-weekly basis. Each set of draft test procedures will undergo a two week period of public review and comment from the date posted. You can now provide input on Wave One 2014 draft Test Procedures. Visit the site for detailed information on the 2014 Test Procedure development process at http://www.healthit.gov/policy-researchers-implementers/2014-edition-draft-test-procedures.

For Help With Monitoring Developments, Compliance, Investigations Or Other Needs

If you need help monitoring federal health reform, policy or enforcement developments, or to review or respond to these or other health care or health IT related risk management, compliance, enforcement or management concerns, the author of this update, attorney Cynthia Marcotte Stamer, can help. Vice President of the North Texas Health Care Compliance Professionals Association, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has more than 24 years experience advising health industry clients about these and other matters. Ms. Stamer has extensive experience advising and assisting health care providers, health plans, their business associates and other health industry clients to establish and administer medical privacy and other compliance and risk management policies, to health care industry investigation, enforcement and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns. She regularly designs and presents HIPAA and other risk management, compliance and other training for health plans, employers, health care providers, professional associations and others.

You can get more information about her HIPAA and other experience here.

Other Recent Updates & Resources

For additional resources and publications training materials by Ms. Stamer, see here.

Leave a Comment » | Academic medicine, ARRA, Disease Management, DME, Doctor, Durable Medical Equipment, Electronic Health Records, Electronic Medical Records, Employee Benefits, Employer, Health Care, Health Care Provider, Health Insurance Exchange, Health IT, Health Plan, Health Plans, HIPAA, HITECH Act, Home Health, Hospital, Hospital, Indian Health, Meaningful Use, Mental Heatlh, Pharmacy, Physician, Privacy | Tagged: Affordable Care Act, EHR, Electronic Health Records, Health Care, health care IT, Health Care Provider, Health Plans, HIPAA, ONC, PHI, Privacy | Permalink
Posted by Cynthia Marcotte Stamer

OCR Releases HIPAA Compliance Training Tool As Enforcement Risks Rise

September 14, 2012

Along with its stepped up enforcement and new audit programs, the Department of Health & Human Services (HHS) Office of Civil Rights (OCR) is working to promote and encourage better voluntary compliance by physician and other health care providers by releasing a new interactive security and privacy training game to help educate healthcare providers and their staffs to make more informed decisions regarding privacy and security of health information. Using a game format, the game asks users to respond to privacy and security challenges often faced in a typical medical practice.

With the U.S. Department of Health and Human Services (HHS) Office of Civil Rights (OCR) stepping up enforcement and sanctions for health care providers, health plans, health care providers and their businesses associates (covered entities) that violate the Health Insurance Portability & Accountability Act (HIPAA) Privacy, Security and Breach Notification Rules and OCR now auditing HIPAA compliance, covered entities should self-audit within the scope of attorney-client privilege and tighten as necessary existing policies, practices and documentation to comply with evolving requirements of HIPAA and other laws requiring the protection of protected health information (PHI), personal financial information and sensitive data.

As the HIPAA Privacy, Security and Breach Rules include mandates that covered entities train members of their workforce, the new game could be a helpful component for health care providers as part of their organization’s training efforts.

The mounting list of settlement agreements – most of which have required settlement payments of more than $1 million – that OCR has announced show the growing exposures that covered entities face when violating HIPAA. See HIPAA Heats Up: HITECH Act Changes Take Effect & OCR Begins Posting Names, Other Details Of Unsecured PHI Breach Reports On Website. These settlements and sanctions prove the importance of covered entities strengthening their HIPAA compliance and adopting other suitable safeguards to keep up HIPAA compliance and minimize HIPAA and other exposures that can arise if PHI, personal financial information and other sensitive data. For tips, see here.

For Help With Monitoring Developments, Compliance, Investigations Or Other Needs

You can get more information about her HIPAA and other experience here.

Other Recent Updates & Resources

For additional resources and publications training materials by Ms. Stamer, see here.

Leave a Comment » | Academic medicine, ARRA, Disease Management, DME, Doctor, Durable Medical Equipment, Electronic Health Records, Electronic Medical Records, Employee Benefits, Employer, Health Care, Health Care Provider, Health Insurance Exchange, Health IT, Health Plan, Health Plans, HIPAA, HITECH Act, Home Health, Hospital, Hospital, Indian Health, Meaningful Use, Mental Heatlh, Pharmacy, Physician, Privacy | Tagged: Health Care, Health Plans, HIPAA, PHI, Privacy | Permalink
Posted by Cynthia Marcotte Stamer

HHS/DOJ Partner With Private Health Plans To Further Ramp Up Health Care Fraud Heat!

July 30, 2012

Health care providers and payers should ensure that practices for billing private payers can withstand the scrutiny of federal and state health care fraud enforcers after the July 26, 2012 announcement of a ground-breaking new public-private antifraud initiative between federal and state health care fraud fighters and a private insurers under which private insurers will share an unprecedented amount of private health claims data, fraud detection practices, and other coöperation with federal and state official fraud prevention and prosecution efforts.

Government Health Care Fraud Fighters Partner With Private Insurers

The Federal health care fraud fighting departmental duo of the Departments of Health and Human Services (HHS) Justice (DOJ) last week expanded their network of fraud fighting resources by launching a “ground-breaking” partnership among the federal government, State officials, several leading private health insurance organizations, and other health care anti-fraud groups to prevent health care fraud. HHS and DOJ say the following organizations and government agencies are among the first to join this partnership:

America’s Health Insurance Plans
Amerigroup Corporation
Blue Cross and Blue Shield Association
Blue Cross and Blue Shield of Louisiana
Centers for Medicare & Medicaid Services
Coalition Against Insurance Fraud
Federal Bureau of Investigations
Health and Human Services Office of Inspector General
Humana Inc.
Independence Blue Cross
National Association of Insurance Commissioners
National Association of Medicaid Fraud Control Units
National Health Care Anti-Fraud Association
National Insurance Crime Bureau
New York Office of Medicaid Inspector General
Travelers
Tufts Health Plan
UnitedHealth Group
U.S. Department of Health and Human Services
U.S. Department of Justice
WellPoint, Inc.

HHS & DOJ Say Partnering With Private Insurers Will Give Ongoing Anti-Fraud Efforts Even More Punch

In announcing the new partnership on July 26, 2012, HHS Secretary Kathleen Sebelius and Attorney General Eric Holder touted this new voluntary, collaborative public-private arrangement as the “next step” in the Obama administration’s efforts to combat health care fraud.

“This partnership is a critical step forward in strengthening our nation’s fight against health care fraud,” said Attorney General Holder. “This Administration has established a record of success in combating devastating fraud crimes, but there is more we can and must do to protect patients, consumers, essential health care programs, and precious taxpayer dollars. Bringing additional health care industry leaders and experts into this work will allow us to act more quickly and effectively in identifying and stopping fraud schemes, seeking justice for victims, and safeguarding our health care system.”

“This partnership puts criminals on notice that we will find them and stop them before they steal health care dollars,” Secretary Sebelius said. “Thanks to this initiative today and the anti-fraud tools that were made available by the health care law, we are working to stamp out these crimes and abuse in our health care system.”

Partnership Allows Feds To Use Private Payer Claims Data, Knowledge & Other Fraud Detection Resources

According to HHS and DOJ, the new partnership is designed to share information and best practices in order to improve detection and prevent payment of fraudulent health care billings. Its goal is to reveal and halt scams that cut across a number of public and private payers. HHS and DOJ say the partnership will private insurers to share their anti-fraud insights more easily with investigators, prosecutors, policymakers and other stakeholders and law enforcement officials more effectively to identify and prevent suspicious activities, better protect patients’ confidential information and use the full range of tools and authorities provided by the Patient Protection & Affordable Care Act (Affordable Care Act) and other statutes to combat and prosecute illegal actions.

One unprecedented element of this partnership will involve the sharing of information on specific schemes, utilized billing codes and geographical fraud hotspots between the public and private partners. The partners say the planned sharing of claims data and other information will help partners prevent, detect and respond to potential health care billing fraud by:

Helping partners to take action, to prevent losses to both government and private health plans before they occur;
Improving their ability to spot and stop payments billed to different insurers for care delivered to the same patient on the same day in two different cities;
In the future to use sophisticated technology and analytics on industry-wide healthcare data to predict and detect health care fraud schemes.

Presumably, this will involve the extension of the use of state-of-the-art technology and data mining practices like those the Centers for Medicare & Medicaid Services (CMS) already uses to review claims, to track suspected fraud trends and flag suspected fraudulent activity.

Partnership Expands Use & Reach of New Affordable Care Act & Other Health Care Fraud Detection & Enforcement Tools & Collaboration

The partnership builds upon and extends the reach and use of expanded legal tools created by the Affordable Care Act and other laws that Federal and state officials are using in their highly publicized war against health care fraud, waste and abuse in Medicare, Medicaid, the Children’s Health Insurance Program (CHIP) and, increasingly, private insurance plans. Using these and other new tools, convictions under the Health Care Fraud and Abuse Control Program increased by over 27% (583 to 743) between 2009 and 2011, and the number of defendants facing criminal charges filed by federal prosecutors in 2011 increased by 74% compared with 2008 (1,430 vs. 821).

The Affordable Care Act and other legislative changes and related programs have significantly strengthened the powers of HHS, DOJ and other federal and state agencies to investigate and prosecute health care fraud. Among other things, these amendments and programs included :

Qui tam and other whistleblower incentives and programs that encourage employees, patients, competitors and others to report suspicious behavior;
Require providers, plans to self-identify, self-report and self-correct false claims and certain other non-compliance;
Increase the federal sentencing guidelines for health care fraud offenses by 20-50% for crimes that involve more than $1 million in losses;
Create penalties for obstructing a fraud investigation or audit;
Make it easier for the government to recapture any funds acquired through fraudulent practices;
Make it easier for the Department of Justice (DOJ) to investigate potential fraud or wrongdoing at facilities like nursing homes;
Under the risk-based provider enrollment rules, providers and suppliers wishing to take part in Medicare, Medicaid, and CHIP who federal officials view as posing a higher risk of fraud or abuse now must undergo licensure checks, site visits and other heightened scrutiny including ongoing monitoring as part of the new Automated Provider Screening (APS) system CMS implemented in December 2011. The APS uses existing information from public and private sources to automatically and continuously verify information submitted on a provider’s Medicare enrollment application including licensure status Secretary to impose a temporary moratorium on newly enrolling providers or suppliers of a particular type or in certain geographic areas if necessary to prevent or combat fraud, waste, and abuse.
Increased information sharing and coördination of investigations and enforcement among states, CMS, and its law enforcement partners at the Office of the Inspector General (OIG) and DOJ including the highly publicized activities of the Health Care Fraud Prevention and Enforcement Action Team (HEAT), a joint effort between HHS and DOJ to fight health care fraud.
The power of CMS, in consultation with OIG, to suspend Medicare payments and require States to suspend Medicaid and SCHIP payments to providers or suppliers during the investigation of a credible allegation of fraud;
The deployment and use of the sophisticated data collection and mining technologies of CMS’ new Fraud Prevention System, which since June 30, 2011 has used advanced predictive modeling technology to screen all Medicare fee-for-service claims before payment and target investigative resources on areas that this profile identifies as reflecting heightened risks of health care fraud vulnerability to allow regulators and prosecutors to more efficiently identify and respond to suspected fraudulent claims and emerging trends;
Focused fraud prevention, detection and enforcement activities on Home Health agencies, Durable Medical Equipment, Prosthetics, Orthotics, and Supplies (DMEPOS) suppliers and certain other categories of providers and suppliers that federal officials view as historically presenting heightened concerns;
Expansion of the overpayment detection and recovery activities ofthe Recovery Audit Contractor (RAC) program to Medicaid, Medicare Advantage, and Medicare Part D programs; and
Various other tools.

Health Plan Partnership Latest Wrinkle In Fed’s Efforts To Use Private Whistleblower & Other Resources To Find Fraud

The partnership with the health plans is the latest wrinkle in a growing network of private relationships and outreach that HHS and DOJ use to discover health care fraud. By partnering with health plans, HHS and DOJ have recruited the health plans to help federal officials find and redress potential fraud in public and private health plans.

HHS and DOJ already know the value of getting private citizens to watch for and report suspected illegal behavior. Indeed, expended qui tam and other whistleblower activities already are paying off big for federal officials. For example, a former executive’s qui tam claim helped bring about the settlement announced in June, 2012 under which Christus Spohn Health System Corporation recently paid more than $5 million to settle Justice Departmentclaims that it profited from violations of the False Claims Act by inappropriately admitted patients to inpatient status for outpatient procedures. The investigation leading to the settlement began in March 2008 after Christus – Shoreline’s former director of case management filed a lawsuit under seal under the qui tam provisions of the False Claims Act alleging the six hospitals were submitting false claims to the Medicare program by billing for services that should have been performed on an outpatient basis as if they were more expensive inpatient services. The allegations stated that these hospitals were routinely billing outpatient surgical procedures as if they required an inpatient level of care even though the patients often were discharged from the hospital in less than 24 hours. The federal False Claims Act empowers private citizens with knowledge of fraud against the United States to present those allegations to the United States by bringing a lawsuit on behalf of the United States under seal. If the government’s investigation substantiates those allegations, then the private citizen is entitled to share in any recovery. In this case, that person will receive 20% of the $5,100,481.74 recovery.

With qui tam and other reports of suspected fraud an increasingly frequent and valuable tool in the federal and state wars on health care fraud, officials have added a wide range of programs encouraging and in some cases financially rewarding individuals and businesses that report circumstances leading to fraud convictions. The partnership with health plans reflects the latest wrinkle in these efforts.

Health Care Providers & Health Plans Must Act To Manage Risks

In response to the growing emphasis and effectiveness of Federal officials in investigating and taking action against health care providers and organizations, health care providers covered by federal false claims, referral, kickback and other health care fraud laws should consider auditing the adequacy of existing practices, tightening training, oversight and controls on billing and other regulated conduct, reaffirming their commitment to compliance to workforce members and constituents and taking other appropriate steps to help prevent, detect and timely redress health care fraud exposures within their organization and to position their organization to respond and defend against potential investigations or charges. In light of the growing qui tam risks, health care providers also should tighten internal investigation, exit interview and other human resources and business partner oversight, reporting and investigation policies and practices to help find and redress potential fraud or other qui tam, retaliation and similar exposures early and more effectively.

For More Information Or Assistance

If you need help reviewing or responding to these or other health care related risk management, compliance, enforcement or management concerns, the author of this update, attorney Cynthia Marcotte Stamer, may be able to help. Vice President of the North Texas Health Care Compliance Professionals Association, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has more than 24 years experience advising health industry clients about these and other matters. Her experience includes advising hospitals, nursing home, home health, rehabilitation and other health care providers and health industry clients to establish and administer compliance and risk management policies; prevent, conduct and investigate, and respond to peer review and other quality concerns; and to respond to Board of Medicine, Department of Aging & Disability, Drug Enforcement Agency, OCR Privacy and Civil Rights, HHS, DOD and other health care industry investigation, enforcement and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns.

A popular lecturer and widely published author on health industry concerns, Ms. Stamer continuously advises health industry clients about compliance and internal controls, workforce and medical staff performance, quality, governance, reimbursement, and other risk management and operational matters. Ms. Stamer also publishes and speaks extensively on health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns. Her insights on these and other related matters appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications. You can get more information about her health industry experience here. If you need help responding to concerns about the matters discussed in this publication or other health care concerns, wish to obtain information about arranging for training or presentations by Ms. Stamer, wish to suggest a topic for a future program or update, or wish to request other information or materials, please contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

If you or someone else you know would like to receive future updates about developments on these and other concerns from Ms. Stamer, see here.

About Solutions Law Press

Leave a Comment » | Academic medicine, Anti-KickBack, ASC, DME, Doctor, Durable Medical Equipment, Electronic Health Records, Electronic Medical Records, Employee Benefits, false claims act, Federal Sentencing Guidelines, Grants, Health Care, Health Care Finance, Health Care Fraud, Health Care Provider, Health IT, Medicaid, Medical Malpractice, Medicare, Medicare Advantage, Mental Heatlh, Money Laundering, OIG, Outpatient, Physician, Prescription Drugs, Rural Health Care, Stark, Uncategorized | Tagged: CMS, DOJ, false claims act, Health Care, health care feraud, Health claims, Health Plans, HHS, Hospitals, Justice Department, OIG, qui tam, Whistleblower | Permalink
Posted by Cynthia Marcotte Stamer

Director of Texas Office of e-Health Coodination To Discuss Texas HIE Strategy in 3/14 HHS Sponsored Teleconference

March 14, 2012

On Wednesday, March 14, 2012 at 1 p.m. EDT, National eHealth Collaborative’s NeHC University will host Stephen Palmer, Director of the Office of e-Health Coordination at the Texas Health and Human Services Commission, to describe the HIE strategy being pursued by the state of Texas. Palmer will be joined by Kem McClelland of the Integrated Care Collaboration, Tony Gilman of the Texas Health Services Authority, and Bryan White of the North Texas Accountable Healthcare Partnership to showcase the Texas strategy in action and detail the progress that has been made on the ground.

To participate register and join NeHC University’s Spotlight on the Texas Statewide HIE Strategy.

For Help With Monitoring Developments, Compliance, Investigations Or Other Needs

You can get more information about her HIPAA and other experience here.

If you need help investigating or responding to a known or suspected compliance, litigation or enforcement or other risk management concern, assistance with reviewing, updating, administering or defending a current or proposed employment, employee benefit, compensation or other management practice, wish to inquire about federal or state regulatory compliance audits, risk management or training, or need legal representation on other matters please contact Ms Stamer here or at (469) 767-8872.

[1] The Breach Notification Rule also requires that covered entities report smaller breaches annually to OCR as part of a consolidated disclosure.

For more tips, see here.

For Help With Monitoring Developments, Compliance, Investigations Or Other Needs

You can get more information about her HIPAA and other experience here.

Other Recent Updates & Resources

For additional resources and publications training materials by Ms. Stamer, see here.

[*] The Breach Notification Rule also requires that covered entities report smaller breaches annually to OCR as part of a consolidated disclosure.

Leave a Comment » | Academic medicine, ARRA, Disease Management, DME, Doctor, Durable Medical Equipment, Electronic Health Records, Electronic Medical Records, Employee Benefits, Employer, Health Care, Health Care Provider, Health Insurance Exchange, Health IT, Health Plan, Health Plans, HIPAA, HITECH Act, Home Health, Hospital, Hospital, Indian Health, Meaningful Use, Mental Heatlh, Pharmacy, Physician, Privacy | Tagged: Breach Notification, business associate, Health Care, Health Plan, HIPAA, HITECH Act, OCR | Permalink
Posted by Cynthia Marcotte Stamer

$1.5 Million HIPAA Settlement Reached To Resolve 1st OCR Enforcement Action Prompted By HITECH Act Breach Report

March 13, 2012

Resolution Agreement Also 1^st Announced With Health Plan

Health care providers, health plans and other covered entities beware and prepare! Reporting a large breach under the HITECH Act breach notification rules will trigger a Department of Health & Human Services (HHS) Office of Civil Rights (OCR) investigation into whether OCR should impose civil monetary penalties against the reporting covered entity under the Privacy and Security Rules of the Health Insurance Portability & Accountability Act of 1996 (HIPAA).

Blue Cross Blue Shield of Tennessee (BCBST) has agreed to pay OCR $1,500,000 and to take certain other actions specified in a corrective action plan to avoid civil monetary penalties for charges of HIPAA violations. The BCBST Resolution Agreement is particularly significant, both as:

The first reported enforcement action directly resulting from the filing by a covered entity of a breach report required by the Health Information Technology for Economic and Clinical Health (HITECH) Act Breach Notification Rule; and
The first reported resolution agreement reached with a covered entity that is a health plan.

These notable enforcement firsts show the HITECH Breach Notification Rule’s significance as an OCR HIPAA enforcement tool, the heightened exposure to an OCR opening a HIPAA civil monetary penalty (CMP) investigation following a report, as well as the willingness of OCR to sanction health plans as well as other covered entities that breach HIPAA’s Privacy or Security Rules.

BCBST Investigation Began In Response to HITECH Act Breach Notification Rule Report

The OCR investigation that lead to the BCBST settlement began in response to BCBST making a report required under the Breach Notification Rule of the theft of 57 unencrypted computer hard drives from a leased facility in Tennessee, which contained the protected health information (PHI) of over 1 million individuals. Read more details here.

The Breach Notification Rule enacted as part of amendments to HIPAA under the HITECH Act requires covered entities to report an impermissible use or disclosure of protected health information, or a “breach,” of 500 individuals or more to HHS and the media as well as an annual consolidated report of smaller breaches to HHS.[1] Along with the Breach Notification Rules, the HITECH Act also increased the civil monetary penalties (CMPs) that covered entities like BCBST can incur for HIPAA violations. When it imposed its first ever CMP last year, OCR imposed a $4.3 million CMP against Cignet Health of Prince George’s County, Md. (Cignet).

In an apparent effort to impose a potentially larger CMP assessment arising from the investigation of its breach report, BCBST greed to pay $1,500,000 and adopt other corrective actions detailed in a corrective action plan.

Enforcement Actions Highlight Growing HIPAA Exposures For Covered Entities

The BCBST Resolution Agreements, like the Cignet CMP and other high dollar Resolution Agreements OCR has announced against various health care providers highlight the significance of the HITECH Act amendments to HIPAA’s enforcement and CMP rules, as well as the significance of its Breach Notification Rule as a tool in OCR’s investigation and enforcement efforts.

“This settlement sends an important message that OCR expects health plans and health care providers to have in place a carefully designed, delivered, and monitored HIPAA compliance program,” said OCR Director Leon Rodriguez. “The HITECH Breach Notification Rule is an important enforcement tool and OCR will continue to vigorously protect patients’ right to private and secure health information.”

The BCBST Resolution Agreement provides yet another reminder to covered entities and their business associates of the need to carefully and appropriately manage their HIPAA responsibilities. See HIPAA Heats Up: HITECH Act Changes Take Effect & OCR Begins Posting Names, Other Details Of Unsecured PHI Breach Reports On Website. Covered entities are urged to heed these warning by strengthening their HIPAA compliance and adopting other suitable safeguards to minimize HIPAA exposures. Fortips, see here.

For Help With Monitoring Developments, Compliance, Investigations Or Other Needs

You can get more information about her HIPAA and other experience here.

[1] The Breach Notification Rule also requires that covered entities report smaller breaches annually to OCR as part of a consolidated disclosure.

For more tips, see here.

For Help With Monitoring Developments, Compliance, Investigations Or Other Needs

You can get more information about her HIPAA and other experience here.

Other Recent Updates & Resources

For additional resources and publications training materials by Ms. Stamer, see here.

[*] The Breach Notification Rule also requires that covered entities report smaller breaches annually to OCR as part of a consolidated disclosure.

Leave a Comment » | Academic medicine, ARRA, Disease Management, DME, Doctor, Durable Medical Equipment, Electronic Health Records, Electronic Medical Records, Employee Benefits, Employer, Health Care, Health Care Provider, Health Insurance Exchange, Health IT, Health Plan, Health Plans, HIPAA, HITECH Act, Home Health, Hospital, Hospital, Indian Health, Meaningful Use, Mental Heatlh, Pharmacy, Physician, Privacy | Tagged: Breach Notification, business associate, Health Care, Health Plan, HIPAA, HITECH Act, OCR | Permalink
Posted by Cynthia Marcotte Stamer

Texas Physicians Get New Option For Resolving Some Medical Board Complaints

January 19, 2012

A new non-disciplinary “Remedial Plan” option enacted by the Texas Legislature last session may allow some Texas physicians to resolve charges of professional misconduct pending before the Texas Medical Board without the National Practitioner Data Bank report that normally results when a physician is formally disciplined by the Texas Medical Board.

Previously, Texas law only allowed the Texas Medical Board to resolve complaints against a physician through either:

Dismissal; or
Imposing public discipline.

A public discipline order typically results in a report to the National Practitioner Data Bank in addition to any sanctions and public reporting of the disciplinary action.

Under reforms enacted in Senate Bill 227/House Bill 680 last session, however, the Texas Medical Board now also may resolve some complaints by offering a “Remedial Plan” rather than imposing formal discipline. The primary advantage to a physician of having a complaint resolved by a Remedial Plan rather than formal disciplinary actions is that the Remedial Plan will not result in a misconduct and discipline report to the National Practitioner Data Bank because of the “non-disciplinary” nature of the Remedial Plan remedy.

Under the Remedial Plan option, the physician typically will be required to agree to certain remedial actions dictated by the Texas Medical Board in a public document that will appear on a physician’s public profile. The written Remedial Plan generally will state that the physician is subject to a “non-disciplinary” action for a specified violation. While the basis of the charge leading to the Remedial Plan and agreed to corrective action generally will be included in the posted Remedial Plan, a physician generally will not be required to admit guilt. Since the physician will avoid disciplinary action, resolution by the Remedial Plan avoids the obligation for a report of disciplinary action to the National Practitioner Data Bank. In addition to avoiding a report to the National Practitioner Data Bank, resolution of a complaint by a Remedial Plan also allows a physician to avoid having his name listed in the Board’s newsletter or in the Board’s press releases like would result in the case of a disciplinary action.

Remedial Plans are not available for all charges. Rather, Remedial Plans generally are an option only for a limited number of situations in which the Texas Medical Board decides to offer the option for resolution of a complaint through a Remedial Plan based on its decision that fulfillment of the specified conditions sufficiently corrects the concerns raised by the charge that it is appropriate to forgo formal disciplinary action. Most typically, this could happen when the Texas Medical Board is addressing administrative violations after receiving a complaint or in other instances where the Texas Medical Board decides the nature and circumstances of a charged violation can be adequately addressed through the Remedial Plan without formal discipline. When offered, Remedial Plan resolution is a take it or leave it propositions. The Texas Medical Board decides the required terms of the Remedial Plan and these terms are non-negotiable. Also physicians offered the option of resolution under a Remedial Plan generally must accept the offered Remedial Plan terms by a specific deadline.

While a physician generally cannot insist upon the option for resolution through a Remedial Plan or dictate the terms of a Remedial Plan, a physician facing charges before the Texas Medical Board often can can improve his odds for avoiding discipline by the Texas Medical Board or qualifying for resolution of charges under a Remedial Plan by acting quickly with the assistance of experienced legal counsel to gather and present to the Texas Medical Board factual evidence and documentation that negate or mitigate charges of misconduct as well as signaling his interest and willingness to take action to mitigate the risks reflected by the charges and improve performance whether or not the action resulting in the charge in fact resulted in misconduct.

For Help With Compliance, Investigations Or Other Needs

If you need help dealing with licensing, peer review, or other quality assurance, compliance or other health care related risk management, compliance, enforcement or management concerns, the author of this update, attorney Cynthia Marcotte Stamer, may be able to help. Vice President of the North Texas Health Care Compliance Professionals Association, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has more than 24 years experience advising health industry clients about these and other matters. Ms. Stamer has extensive experience advising and assisting health care providers and other health industry clients to establish and administer and other compliance and risk management policies, to health care industry investigation, enforcement and other compliance, public policy, regulatory, staffing, and other quality and performance concerns, and to address other operations and risk management concerns. A popular lecturer and widely published author on health industry concerns, Ms. Stamer continuously advises health industry clients about compliance and internal controls, workforce and medical staff performance, quality, governance, reimbursement, and other risk management and operational matters. Ms. Stamer also publishes and speaks extensively on health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns/ She also regularly designs and presents risk management, compliance and other training for health care providers, professional associations and others including highly popular programs on “Sex Drugs & Rock ‘N Role: Managing Personal Misconduct in Health Care,” “Managing Physician Performance” and others.. Her publications and insights appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, World At Work, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications. You can get more information about her health industry experience here. If you need assistance with these or other compliance concerns, wish to inquire about arranging for compliance audit or training, or need legal representation on other matters please contact Ms. Stamer at (469) 767-8872 or via e-mail here.

About Solutions Law Press

Leave a Comment » | Doctor, Employment, Health Care, Health Care Provider, Health Care Quality, Hospital, Medical Licensure, Medical Malpractice, Mental Heatlh, Peer Review, Physician, Physician Licensing | Tagged: discipline, Health Care, Medical Licensure, Physician, Sexual Misconduct | Permalink
Posted by Cynthia Marcotte Stamer

North Texas Medical Supply Company Owner Indicted For Health Care Fraud Now Also Charged With Immigration Fraud

December 27, 2011

A Plano, Texas man already indicted for health care fraud now also faces federal immigration fraud related changes. Justice Department officials announced the additional charges against Okey F. Nwagbara, (Nwagbara) on December 20, 2011. Although Nwagbara’s alleged actions reflect potential criminal misconduct in many areas, health care providers should keep in mind that the health care fraud task force participants are targeting health care fraud of all types, including those my health care providers not engaged in other types of criminal misconduct. As a result, all health care providers should tighten their health care billing and other practices to defend against possible scrutiny as part of the federal or state government’s widening fraud audit and investigation efforts.

Nwagbara Indicted For Health Care Fraud In October, 2011

Nwagbara 45 already is awaiting trial later in Spring, 2012 on health care fraud charges announced in October, 2011. According to the Justice Department, a North Texas grand jury indicted Nwagbara along with Jerry C. Bullard, 55, Mesquite, Texas, in October, 2011 on felony charges related to a health care fraud scheme they allegedly ran that defrauded Medicare of more than $500,000.

According to the Justice Department, Nwagbara is the owner/operator of Advanced MedEquip and Supplies Limited, located at 331 Melrose Drive in Richardson, Texas. Bullard is a former employee of Medistat Group Associates, P.A., an association of health care providers located in Desoto, Texas.

The October health care fraud indictment charges Nwagbara and Bullard each with one count of conspiracy to commit health care fraud and six substantive counts of health care fraud. The indictment alleges that from June 2008 through March 2010, Nwagbara and Bullard conspired together to defraud Medicare by submitting more than $500,000 in claims to the Medicare program for enternal nutrition DME, when in fact such DME was not medically necessary and in many cases, not provided.

According to the health care fraud indictment, Bullard worked in the Durable Medical Equipment (DME) section of Medistat where he was in charge of handling physicians’ prescriptions for equipment. Bullard and Nwagbara had a kickback arrangement and Bullard placed orders for DME with Nwagbara’s company, Advanced.

The indictment claims Bullard, using a Medistat physician’s name, would sign prescriptions, DME information forms and certificates of medical necessity for Medicare beneficiaries falsely indicating, among other things, that a beneficiary had a feeding tube when in fact, the beneficiary did not.

The enteral nutrition products which were billed to Medicare are consumed by a patient through a feeding tube. The associated feeding supply kits include tubing and syringes. The indictment claims that both the enteral formula and the kits that Advanced billed to Medicare were not medically necessary because the beneficiaries were not receiving nutrition through a feeding tube, the indictment claims. Instead, beneficiaries were receiving flavored nutritional supplements such as Ensure® and Glucerna® that would be consumed orally. Medicare does not reimburse orally ingested nutritional supplements.

In addition, the health care fraud indictment alleges that Nwagbara supplied only a fraction of the enternal products for which he billed Medicare and many of the beneficiaries never received the feeding supply kits for which he also billed Medicare.

The health care fraud case is being investigated by the Dallas Health Care Fraud Prevention and Enforcement Action Team (HEAT) Strike Force, which includes the U.S. Department of Health and Human Services – Office of Inspector General, the FBI and the Texas Attorney General’s Medicaid Fraud Control Unit. Prior to the announcement of the other charges, his trial on the health care fraud charges was scheduled for March, 2012. It is not clear whether the new charges will delay these proceedings.

New Immigration Charges

On December 20, 2011, the Justice Department announced that a North Texas grand jury now also has indicted Nwagbara for making misrepresentations in immigration and naturalization documents that misled the government and prevented the government from examining material facts that may have prevented his naturalization according to a December 20, 2011 Justice Department announcement.

According to the December 20, 2011 announcement by U.S. Attorney Sarah R. Saldaña, the immigration charges resulted from investigative work by the Dallas Health Care Fraud Strike Force, in concert with U.S. Immigration and Customs Enforcement’s Homeland Security Investigations and U.S. Citizenship and Immigration Services.

The new immigration indictment alleges that Nwagbara entered into a fraudulent marriage and provided false statements to obtain citizenship. On January 30, 2008, he made false statements on his application for naturalization that included:

Verifying that he had been married to and living with the same U.S. citizen for the last three years, when he was not living with his U.S. citizen spouse;
Indicating that he had no children, when in fact he had two children; and
Indicating that he had never previously claimed to be a U.S. citizen, when in fact, he falsely stated on a mortgage application in January 2006 that he was a U.S. citizen.

According to Saldaña, the immigration related indictment charges Nwagbara with three counts of making a false statement in an immigration document and three counts of unlawful procurement of naturalization. If convicted, each count carries a maximum statutory sentence of 10 years in federal prison and a $250,000 fine. Furthermore, should Nwagbara be convicted of unlawfully procuring his naturalization, his status as a U.S. citizen will be revoked by court order.

The Justice Department announcements reminds readers that an indictment is an accusation by a federal grand jury, and a defendant is entitled to the presumption of innocence unless proven guilty.

Health Care Fraud Charges Part of Ongoing National Anti-Health Care Fraud Campaign

The Medicare Fraud Strike Force operations are part of the Health Care Fraud Prevention & Enforcement Action Team (HEAT), a joint initiative between the Department of Justice and HHS to focus their efforts to prevent and deter fraud and enforce current anti-fraud laws around the country. The joint Department of Justice-HHS Medicare Fraud Strike Force is a multi-agency team of federal, state and local investigators designed to combat Medicare fraud through the use of Medicare data analysis techniques and an increased focus on community policing. Since its announcement, the Strike Force has used the combined resources of agents from the FBI, HHS-Office of Inspector General (HHS-OIG), multiple Medicaid Fraud Control Units, and other state and local law enforcement agencies to investigate and prosecute a rising number of organizations and individuals throughout the industry for alleged violations of Federal health care fraud prohibitions. In their September 7, 2011 announcement, HHS and DOJ credited Strike Force Operations in nine locations with resulting in charges against more than 1,140 defendants who the government charged collectively falsely billed the Medicare program for more than $2.9 billion.

In addition, the HHS Centers for Medicare and Medicaid Services, working in conjunction with the HHS-OIG, are using a wide range of new and old tools in their campaign against what they perceive as fraudulent providers and to deter other perceived aggressiveness by health care providers and organizations. See e.g., U.S. to use software to crack down on Medicare, Medicaid, CHIP fraud; Health Care Fraud Enforcement Packs New Heat; OIG Shares Key Insights On When Owners, Officers & Managers Face OIG Program Exclusion Based On Health Care Entity Misconduct; OIG Launch of Health Care Fraud “Most Wanted” List Sign of Enforcement Risks; CMS Delegated Lead Responsibility For Development of New Affordable Care Act-Required Medicare Self-Referral Disclosure Protocol; HHS announces Rules Implementing Tools Added By Affordable Care Act to Prevent Federal Health Program Fraud.

The effectiveness of these Federal efforts to deter, find and prosecute false claims and other perceived abuses of Federal health care law has been significantly strengthened since Congress passed the Patient Protection & Affordable Care Act (Affordable Care Act). Among other things, ACA empowered HHS to:

Suspend payments to providers and suppliers based on credible allegations of fraud in Medicare and Medicaid;
Impose a temporary moratorium on Medicare, Medicaid, and CHIP enrollment on providers and suppliers when necessary to help prevent or fight fraud, waste, and abuse without impeding beneficiaries’ access to care.
Strengthen and build on current provider enrollment and screening procedures to more accurately assure that fraudulent providers are not gaming the system and that only qualified health care providers and suppliers are allowed to enroll in and bill Medicare, Medicaid and CHIP;
Terminate providers from Medicaid and CHIP when they have been terminated by Medicare or by another state Medicaid program or CHIP;
Require provider compliance programs, now required under the Affordable Care Act, that will ensure providers are aware of and comply with CMS program requirements.

Act To Manage Risks

For More Information Or Assistance

Board Certified in Labor & Employment Law, Vice President of the North Texas Health Care Compliance Professionals Association, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has more than 23 years experience advising health industry clients.

Throughout her career, Ms. Stamer has advised and represented health care providers and other health industry clients. She helps health industry clients to establish and administer compliance and risk management policies and to respond to health care, human resources, tax, privacy, safety, antitrust, civil rights, and other laws as well as to handle public policy and government relations, peer review and credentialing, performance and discipline, training, internal investigation, litigation and enforcement and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns.

A popular lecturer and widely published author on health industry concerns, Ms. Stamer continuously advises health industry clients about compliance and internal controls, workforce and medical staff performance, quality, governance, reimbursement, and other risk management and operational matters. Ms. Stamer also publishes and speaks extensively on health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns including a number of programs and publications on health care fraud, privacy, and other rules and enforcement actions. Her insights on these and other related matters appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, World At Work, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications.

You can learn more information about Ms. Stamer’s health industry experience here. If you need assistance with these or other compliance concerns, wish to inquire about arranging for compliance audit or training, or need legal representation on other matters please contact Ms. Stamer at (469) 767-8872 or via e-mail here.

Other Resources

If you found this update of interest, you also may be interested in reviewing some of the other updates and publications authored by Ms. Stamer available including:

About Solutions Law Press

Leave a Comment » | Academic medicine, Anti-KickBack, ASC, Childrens Health Insurance Program, Corporate Compliance, DME, Doctor, Durable Medical Equipment, false claims act, Federal Health Center, Federal Sentencing Guidelines, Health Care, Health Care Finance, Health Care Fraud, Health Care Provider, Health Care Quality, Home Health, Hospital, Hospital, Medicaid, Medicare Advantage, Mental Heatlh, Money Laundering, OIG, Pharmacy, Physician, Reimbursement, Stark | Tagged: DOJ, Health Care, Health Care Fraud, Hospital, Medicare Fraud, OIG, Physician | Permalink
Posted by Cynthia Marcotte Stamer

DOL Proposes Tighter Overtime, Minimum Wage Rules For Home Care Workers, Continues Scrutiny Of Health Care Employers

December 15, 2011

The U.S. Department of Labor Wage and Hour Division (WHD) plans to propose new rules that would provide minimum wage and overtime protections for nearly two million workers who provide in-home care services for the elderly and infirm. WHD’s focus on home health workers is an extension of its expanded regulation and enforcement efforts targeting a broad range of health care industry employers. Home care and other health industry employers should act to manage their rising exposures to minimum wage, overtime and other federal and state wage and hour law risks. Additionally, health industry and other employers concerned about the potential cost or other implications of the proposed regulatory changes also should consider submitting comments to the WHD by the February comment deadline.

On December 15, 2011 the WHD announced that it will publish a Notice of Proposed Rulemaking [1] (NPRM) to revise the companionship and live-in worker regulations under the Fair Labor Standards Act (FLSA):

To more clearly define the tasks that may be performed by an exempt companion;
To limit the companionship exemption to companions employed only by the family or household using the services; and
To provide that third party employers, such as in-home care staffing agencies, could not claim the companionship exemption or the overtime exemption for live-in domestic workers, even if the employee is jointly employed by the third party and the family or household.

When Congress expanded protections to “domestic service” workers in 1974, it exempted casual babysitters and companions for the aged and inform from both the minimum wage and overtime pay requirements of the FLSA and exempted live-in domestic workers from the overtime pay requirement only. While WHD has left regulations governing this exemption substantially unchanged since first issued in 1975, it now believes the in-home care service industry. workers employed by in-home care staffing agencies are not the workers that Congress envisioned in enacting the companionship exemption (i.e., neighbors performing elder sitting).

As a result of these determines, WHD is moving to modify its existing rules to broaden protections for professionally employed home care workers as well as outreaching to inform employers and workers about the requirements that it perceives employers of these workers must meet.

The proposed tightening of regulations for home health workers follows a general toughening by WHD of its regulation and enforcement of wage and hour laws in the health care industry. See, e.g. Home health care company in Dallas agrees to pay 80 nurses more than $92,000 in back wages following US Labor Department investigation; US Department of Labor secures nearly $62,000 in back overtime wages for 21 health care employees in Pine Bluff, Ark.; US Department of Labor initiative targeted toward increasing FLSA compliance in New York’s health care industry; US Department of Labor initiative targeted toward residential health care industry in Connecticut and Rhode Island to increase FLSA compliance; Partners HealthCare Systems agrees to pay 700 employees more than $2.7 million in overtime back wages to resolve U.S. Labor Department lawsuit; US Labor Department sues Kentucky home health care provider to obtain more than $512,000 in back wages and damages for 22 employees; and Buffalo, Minn.-based home health care provider agrees to pay more than $150,000 in back wages following US Labor Department investigation.

Coupled with these and other enforcement efforts against health industry employers, WHD’s announcement of plans to tighten rules for home care givers. In connection with its announcement of the planned regulatory changes, for instance, WHD highlighted the following guidance about the wage and hour rules that employers of home care workers can anticipate being required to meet when employing these workers:

Violation of wage and hour laws exposes health care and other employers to significant back pay awards, substantial civil penalties and, if the violation is found to be willful, even potential criminal liability. Because states all have their own wage and hour laws, employers may face liability under either or both laws.

In light of the proposed regulatory changes and demonstrated willingness of WHD and private plaintiffs to bring actions against employers violating these rules, health care and others employing home care workers should take well-documented steps to manage their risks. These employers should both confirm the adequacy of their practices under existing rules, as well as evaluate and begin preparing to respond to the proposed modifications to these rules. In both cases, employers of home care or other health care workers are encouraged to critically evaluate their classification or workers, both with respect to their status as employees versus contractor or leased employees, as well as their characterization as exempt versus non-exempt for wage and hour law purposes. In addition, given the nature of the scheduled frequently worked by home care givers, their employers also generally should pay particular attention to the adequacy of practices for recordkeeping.

For More Information Or Assistance

Throughout her career, Ms. Stamer has advised and represented health care providers and other health industry clients to establish and administer compliance and risk management policies and to respond to health care, human resources, tax, privacy, safety, antitrust, civil rights, and other laws as well as with internal investigation, enforcement and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns. A popular lecturer and widely published author on health industry concerns, Ms. Stamer continuously advises health industry clients about compliance and internal controls, workforce and medical staff performance, quality, governance, reimbursement, and other risk management and operational matters. Ms. Stamer also publishes and speaks extensively on health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns including a number of programs and publications on OCR Civil Rights rules and enforcement actions. Her insights on these and other related matters appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, World At Work, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications. You can get more information about her health industry experience here. If you need assistance with these or other compliance concerns, wish to inquire about arranging for compliance audit or training, or need legal representation on other matters please contact Ms. Stamer at (469) 767-8872 or via e-mail here.

Other Resources

If you found this update of interest, you also may be interested in reviewing some of the other updates and publications authored by Ms. Stamer available including:

About Solutions Law Press

[1] WHD’s announcement of the planned rule notes that this draft shared December 15 remains subject to change before formally published in the Federal Register

Leave a Comment » | Academic medicine, Anti-KickBack, ASC, Childrens Health Insurance Program, Corporate Compliance, DME, Doctor, Durable Medical Equipment, false claims act, Federal Health Center, Federal Sentencing Guidelines, Health Care, Health Care Finance, Health Care Fraud, Health Care Provider, Health Care Quality, Home Health, Hospital, Hospital, Medicaid, Medicare Advantage, Mental Heatlh, Money Laundering, OIG, Pharmacy, Physician, Reimbursement, Stark | Tagged: DOJ, Health Care, Health Care Fraud, Home Care, home health, Hospital, Medicare Fraud, Minimum Wage, nurses, OIG, Overtime, Physician, Wage and Hour | Permalink
Posted by Cynthia Marcotte Stamer

Medical Identity Theft/Fraud Convictions Highlight Need For Health Care Providers To Safeguard Health Information, Guard Against Fraud Schemes

November 27, 2011

Convictions Highlight Health Care Data Bases Attractive, Vulnerable Target For Medicare Fraud Schemers

A Federal judge sentenced 25 year old Miami resident Yenky Sanchez, 25 to serve more than 5 years in Federal prison for his role in the theft of Medicare numbers and other information of elderly and disabled Florida residents as part of a plan to defraud Medicare, Medicaid and other federal programs. Coming on the heels of a November 3 conviction in West Virginia of Sargis Tadevosyan in a separate identity theft for Medicare fraud scheme, the convictions highlight the growing commitment and effectiveness of Federal and state investigators in investigating and prosecuting individuals who seek to use identity theft schemes to defraud Medicare or other federal programs.

Sanchez Conviction & Sentencing

The sentence arises from criminal charges brought by the U.S. Department of Justice (DOJ) in conjunction with other federal and state agencies, which charged Sanchez considered to commit health care fraud, authentication feature fraud and aggravated identity theft. According to DOJ documents, Sanchez, participated in a scheme with Raul Diaz-Perera, to steal and sell Medicare numbers and other data about clients of their employer, the Florida Department of Children and Families’ (DCF). Diaz-Perera previously was employed with DCF. According to the evidence at trial against Sanchez and a factual proffer filed with the court during the plea hearing for co-defendant Diaz-Perera, Sanchez used his position as employees at a DCF call center in downtown Miami to steal Medicare numbers and other personal information for purposes of committing health care fraud and identity theft. The intent of Sanchez and his co-conspirator was for those numbers to be used to fraudulently bill Medicare for services that were never provided to the DCF beneficiaries. Sanchez was convicted of conspiring to commit health care fraud, in violation of Title 18, United States Code, Section 1349; conspiring to commit authentication feature fraud, in violation of Title 18, United States Code, Sections 1028(a)(3) and (f); and aggravated identity theft, in violation of Title 18, United States Code, Section 1028A(a)(1). Based on these convictions, U.S. District Judge Cecilia M. Altonaga sentenced Sanchez on November 21, 2011 to 65 months in prison, followed by three years of supervised release. Judge Altonaga also imposed a $5,000.00 fine on Sanchez.

Tadevosyan Conviction

Federal officials previously also had scored another Medicare fraud/identity theft prosecution victory just a few short weeks earlier in West Virginia. On November 3, 2011, a federal jury convicted Armenia citizen Sargis Tadevosyan in connection with a health care fraud scheme that intended to defraud millions of dollars from Medicare. Tadevosyan was found guilty of two felony counts: conspiracy to commit health care fraud and wire fraud and aggravated identity theft. Tadevosyan faces up to 20 years in prison for the conspiracy conviction and a mandatory consecutive sentence of two years for aggravated identity theft and a $250,000 fine when he is sentenced on January 26, 2012.

In contrast to the small scale conspiracy that apparently occurred in the Sanchez case, the Tadovosyn scheme apparently was orchestrated by organized crime. Department of Health and Human Resources Office of Inspector General (HHS-OIG) uncovered the activities of Tadovosyn as part of its investigation of fraud schemes involving false front providers, whereby a company posed as a Medicare health care provider, and unlawfully billed Medicare as if they were providing legitimate services. Ultimately, investigators discovered that Tadevosyn and others were involved in defrauding Medicare and other health care payers as part of a scheme that used false front provider companies. In total, more than $4 million in Medicare claims were submitted by the false front providers. To co-conspirators of Tadevosyn pleaded guilty in September to aiding and abetting aggravated identity theft in connection to the health care fraud plot. Those two co-defendants are scheduled to be sentenced on December 1, 2011.

In announcing the Tadevosyan conviction, federal officials affirmed their commitment to finding and prosecuting identity theft targeting Medicare and other health insurance programs. “This investigation revealed that organized criminal groups are still brazenly attempting to steal taxpayer money from our national health insurance programs,” said Nicholas DiGiulio, Special Agent in Charge for the Inspector General’s Office of the United States Department of Health and Human Services. “Today’s results demonstrate that we will do whatever it takes to catch these individuals in the act before they receive a penny of taxpayers’ money.”

Federal Laws, Investigations & Prosecutions of Medical Identity Theft Schemes Tightening

Whether from deliberate schemes to misappropriate data or other less sinister compromises of personal health information or other sensitive data, health care providers, health plans and other businesses face rising responsibilities to protect data and increasing exposures for failing to do so.

Federal law imposes stiff sanctions against organizations and individuals that engage in theft of personal or other sensitive information, health or other federal program fraud or both. In an effort to stem the tide of health care and identity theft fraud, federal and state legislators and regulators have tightened federal and state laws to strengthen laws prohibiting health care fraud and identity theft, to require that health care providers, health plans, federal and state agencies and others that collect, possess or access sensitive personal health information, personal financial information or other sensitive date safeguard and protect sensitive information against improper access or misuse, to increase the penalties for violation of these federal and state laws and to provide law enforcement with expanded tools to investigate and prosecute violations of these laws. See e.g., Cybercrime and Identity Theft: Health Information Security Beyond HIPAA.

As a result of these new and expanded mandates, health care providers, health plans, financial organizations and a broad range of other businesses and governmental agencies face a host of complicated mandates to protect personal health information, personal financial information and other sensitive data under laws such as the Health Information Portability & Accountability Act (HIPAA), the Fair & Accurate Credit Transactions Act (FACTA), state and federal identity theft and data security and other laws and significant liability for failing to fulfill these responsibilities.

Health care providers, health insurers and others handling protected health information are particularly at risk when their data is compromised. Recent amendments to HIPAA require these entities and their business associates to tighten their data privacy and security safeguards and to monitor and timely report data breaches, as well as significantly expand their potential liability exposure for failing to comply with HIPAA’s requirements. See e.g., UCLA Health Systems Payment of $865,500 To Settle HIPAA Charges Shows Rising HIPAA Risk; CVS Settles Privacy Charges; Rite Aid Agrees to Pay $1 Million to Settle HIPAA Privacy Case As Office of Civil Rights Proposes Tighter HIPAA Privacy & Security Regulations; 2 New HIPAA Criminal Actions Highlight Risks From Wrongful Use/Access of Health Information; President Signs Long-Sought Red Flag Rule Exemption Into Law. As part of its ongoing implementation of stepped up enforcement responsibility and powers enacted as part of these recent amendments, the HHS Office of Civil Rights (OCR) announced on November 8, 2011 its kickoff of a new compliance audit effort. These developments send a forceful message that all businesses generally and health care providers, health plans, healthcare clearinghouses and their business associates specifically must get serious about compliance with the privacy, security and data breach requirements of HIPAA and other applicable law by implementing and administering the policies, procedures, training and oversight necessary to comply with these and other federal and state mandates regarding the protection of personal health information and other sensitive data. Learn more about the recent convictions and related data breach exposures here.

For Help With Compliance, Investigations Or Other Needs

If you need assistance providing compliance or other training, reviewing or responding to these or other health care related risk management, compliance, enforcement or management concerns, the author of this update, attorney Cynthia Marcotte Stamer, may be able to help. Vice President of the North Texas Health Care Compliance Professionals Association, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has more than 24 years experience advising health industry clients about these and other matters. Ms. Stamer has extensive experience advising and assisting health care providers and other health industry clients to establish and administer medical privacy and other compliance and risk management policies, to health care industry investigation, enforcement and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns. A popular lecturer and widely published author on health industry concerns, Ms. Stamer continuously advises health industry clients about compliance and internal controls, workforce and medical staff performance, quality, governance, reimbursement, and other risk management and operational matters. Ms. Stamer also publishes and speaks extensively on health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns/ She also regularly designs and presents risk management, compliance and other training for health care providers, professional associations and others. Her publications and insights appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, World At Work, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications. You can get more information about her health industry experience here. If you need assistance with these or other compliance concerns, wish to inquire about arranging for compliance audit or training, or need legal representation on other matters please contact Ms. Stamer at (469) 767-8872 or via e-mail here.

About Solutions Law Press

Leave a Comment » | ARRA, Childrens Health Insurance Program, Doctor, Durable Medical Equipment, E-Prescribing, Electronic Health Records, Electronic Medical Records, Employer, FACTA, false claims act, Federal Sentencing Guidelines, Genetic Information, GINA, Health Care, Health Care Fraud, Health Care Provider, Health Care Quality, Health IT, Health Plan, Health Plans, HIPAA, HITECH Act, Home Health, Hospital, Hospital, Indian Health, Meaningful Use, Medicaid, Medicare, Medicare Advantage, Mental Heatlh, Money Laundering, OCR, Reimbursement, Technology, Telemarketing, Telemedicine, Veterans Health Administration | Tagged: Data Security, FACTA, Health Care Fraud, HIPAA, Identity Theft, Justice Department, Medicaid, Medicare, OCR, Privacy | Permalink
Posted by Cynthia Marcotte Stamer

Texas Medical Board Suspends Child Psychiatrist For Sexual Misconduct

November 22, 2011

Personal Misconduct By Physicians Or Other Health Care Workers Common Cause of Discipline

On November 22, 2011, a disciplinary panel of the Texas Medical Board temporarily suspended, without notice, the medical license of Charles Henry Fischer, M.D., after determining that Dr. Fischer, a child psychiatrist at the Austin State Hospital in Austin, has demonstrated a pattern of sexually abusing teenage boys in his care for inpatient psychiatric treatment over a period of nearly 20 years. The discipline highlights again that personal misconduct remains a key reason for discipline of medical professionals.

Dr. Fischer, 59, was employed at Austin State Hospital from December 1990 until his termination on November 14, 2011. He also was employed as a psychiatrist at the Waco Center for Youth, the Southwest Neuropsychiatric Institute in San Antonio, Lutheran Social Services Residential Treatment Center for Girls and Central Counties Mental Health and Mental Retardation. The Board imposed the suspension based on information that as many as nine patients had alleged sexual abuse by Dr. Fischer since the first patient report in 1992.

Unprofessional personal misconduct presenting a right to public health and safety is a common trigger for discipline by the Texas Medical Board and other licensing boards. See, e.g. Quality, Recordkeeping & Unprofessional Conduct Lead Reasons For Medical Board Discipline of Physicians. Although complaints based on sexual misconduct occur much less frequently than substance abuse or other types of personal misconduct, the Texas Medical Board and other medical licensing bodies view sexual misconduct as among the most serious types of violations. The prevalence rate of sexual misconduct in physicians is estimated at 6-10 percent but this phenomenon is likely under-reported in physician surveys and by patients. It is believed that the number of false claims made by patients is very low. A 1992 study indicates that only 4-8 percent of patients report a doctor’s sexual misconduct. Physicians found guilty of engaging in prohibited sexual misconduct typically are male, have a mean age of 53, practice in private practice, and have a history of substance abuse, are in the midst of a divorce, separation or other life crisis and tend to engage in higher than typical nonsexual patient touch with patients.

Because of their special role and responsibility with respect to patients and the community, the law, the profession and the public impose high expectations upon physicians and other health care professionals in relation to their sexual conduct toward patients and others. State medical practices and other medical licensure bodies, the American Medical Association Code of Conduct, the Joint Commission, peer review and other disciplinary boards and other regulatory and administrative policies and bodies generally prohibit both sexual assault, sexual harassment, and a broad range of other conduct of a sexual nature considered to be inconsistent with the special relationship of trust occupied by the health care professional.

Sexual misconduct charges that can result in discipline can include clear atrocities such as rape or other sexual assaults, as well as engagement in inappropriate sexual relationships or overtures to current or former patients, as well as sexual harassment and certain other types of sexual relationships or conduct involving staff or others. See, e.g., Ringer v. Texas State Bd. of Med. Examiners, 1999 Tex. App. LEXIS 8214 (Tex. App. 1999); Texas State Board of Medical Examiners v. Haynes, 388 S.W.2d 258, 261 (Tex. App. 1965); Texas State Board of Medical Examiners v. Koepsel, 159 Tex. 479 (Tex. 1959). In addition discipline by the Board of Medicine, physicians or other health care providers typically also face other consequences such as medical malpractice, sexual harassment or other similar claims or charges, peer review discipline, data bank reports, employment termination or discipline, practice expulsion, and criminal prosecution. Even if a physician or other heath care provider dodges formal discipline, accusations of sexual misconduct by a physician or other health care provider tends to permanently damage the practice and reputation of the health care.

Sexual misconduct by a physician or other health care provider or workforce member also can create significant exposures for hospitals, clinics, affiliated physicians and health care professionals associated with a physician or health care provider found to have engaged in sexual misconduct. Among other things, the failure of these third parties to take adequate steps to prevent, investigate, report or redress another health care provider’s sexual misconduct or harassment may result in malpractice or other civil litigation, licensure or other professional investigation or discipline, reputational damages and other consequences.

To guard against these exposures, physicians and other health care providers should exercise care to avoid engaging in actions that might expose them to charges of sexual assault, harassment or other inappropriate sexual conduct and should adopt policies, adopt procedures and practices to prohibit and provide training and other oversight to encourage other health care providers and staff to avoid such conduct. If a physician or other health care provider or organization observes, receives a report or charge or otherwise becomes aware of information indicating that a potential sexual assault or other inappropriate sexual conduct may have occurred, it should act promptly and appropriately to investigate and redress the conduct or suspected conduct in a manner designed to strengthen their defenses against possible disciplinary action or other liabilities and risks. Because of the legal sensitivity and risk associated with the allegations of sexual misconduct and the investigation of those charges, physicians and other health care providers and organizations involved in these concerns generally should engage competent legal counsel as soon as possible when these concerns come to light for assistance in responding to the concerns, as well as the ability to use attorney-client privilege and work product, peer review, quality, and other legal privileges and other legal rules and safeguards to help promote confidentiality and defensibility of sensitive communications and conduct in connection with the investigation and response to these concerns.

For Help With Compliance, Investigations Or Other Needs

If you need assistance providing compliance or other training, reviewing or responding to these or other health care related risk management, compliance, enforcement or management concerns, the author of this update, attorney Cynthia Marcotte Stamer, may be able to help. Vice President of the North Texas Health Care Compliance Professionals Association, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has more than 23 years experience advising health industry clients about these and other matters. Ms. Stamer has extensive experience advising and assisting health care providers and other health industry clients to establish and administer medical privacy and other compliance and risk management policies, to health care industry investigation, enforcement and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns. A popular lecturer and widely published author on health industry concerns, Ms. Stamer continuously advises health industry clients about compliance and internal controls, workforce and medical staff performance, quality, governance, reimbursement, and other risk management and operational matters. Ms. Stamer also publishes and speaks extensively on health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns/ She also regularly designs and presents risk management, compliance and other training for health care providers, professional associations and others including highly popular programs on “Sex Drugs & Rock ‘N Role: Managing Personal Misconduct in Health Care,” “Managing Physician Performance” and others.. Her publications and insights appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, World At Work, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications. You can get more information about her health industry experience here. If you need assistance with these or other compliance concerns, wish to inquire about arranging for compliance audit or training, or need legal representation on other matters please contact Ms. Stamer at (469) 767-8872 or via e-mail here.

About Solutions Law Press

Joint Commission Equal Visitation Rules & Guidance Supplement New Medicare Equal Visitation Requirements

November 13, 2011

Following on recently finalized Medicare regulations dictating that hospitals allow patients to control individuals who will be allowed to visit or exercise other patient representative rights , the Joint Commission of the Accreditation recently has released the following new guidance concerning its expectations concerning the responsibilities of hospitals and other accredited entities to create inclusive care enviromentments for lesbian, gay, bisexual and transgender (LGBT) patients and their families:

Joint Commission focuses on improving care for LGBT patients – A new field guide posted November 8, 2011- from The Joint Commission urges U.S. hospitals to create a more welcoming, safe and inclusive environment that contributes to improved health care quality for LGBT patients and their families.
Advancing Effective Communication, Cultural Competence, and Patient- and Family-Centered Care for the Lesbian, Gay, Bisexual, and Transgender (LGBT) Community – A new field guide from the Joint Commission urges US hospitals to create a more welcoming, safe, and inclusive environment that contributes to improved health care quality for lesbian, gay, bisexual, and transgender (LGBT) patients and their families.

Hospitals and others impacted by these rules should review and update visitation, patient representative, privacy, patient notification and consent and other policies and practices to comply with the new Medicare mandates and the applicable requirements of the new Joint Commission standards.

Learn more about these new requirements in the recent Modern Healthcare article Bumpy road for equal visitation.

For More Information Or Assistance

If you need assistance reviewing or responding to these or other health care related risk management, compliance, enforcement or management concerns, the author of this update, attorney Cynthia Marcotte Stamer, may be able to help. Ms. Stamer’s insights on the new Medicare visitation rules recently were quoted in Modern Healthcare. Vice President of the North Texas Health Care Compliance Professionals Association, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has more than 23 years experience advising health industry clients about these and other matters. Ms. Stamer has extensive experience advising and assisting health care providers and other health industry clients to establish and administer compliance and risk management policies and to respond to DEA and other health care industry investigation, enforcement and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns. A popular lecturer and widely published author on health industry concerns, Ms. Stamer continuously advises health industry clients about compliance and internal controls, workforce and medical staff performance, quality, governance, reimbursement, and other risk management and operational matters. Ms. Stamer also publishes and speaks extensively on health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns including a number of programs and publications on OCR Civil Rights rules and enforcement actions. Her insights on these and other related matters appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, World At Work, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications. You can get more information about her health industry experience here. If you need assistance with these or other compliance concerns, wish to inquire about arranging for compliance audit or training, or need legal representation on other matters please contact Ms. Stamer at (469) 767-8872 or via e-mail here.

Leave a Comment » | Academic medicine, Anti-KickBack, ASC, Childrens Health Insurance Program, Corporate Compliance, DME, Doctor, Durable Medical Equipment, false claims act, Federal Health Center, Federal Sentencing Guidelines, Health Care, Health Care Finance, Health Care Fraud, Health Care Provider, Health Care Quality, Home Health, Hospital, Hospital, Medicaid, Medicare Advantage, Mental Heatlh, Money Laundering, OIG, Pharmacy, Physician, Reimbursement, Stark | Tagged: DOJ, equal visitation, Health Care, Health Care Fraud, Hospital, Medicare Fraud, OIG, Physician | Permalink
Posted by Cynthia Marcotte Stamer

OCR Audit Program Kickoff Further Heats HIPAA Privacy Risks

November 9, 2011

The kickoff of a new compliance audit pilot program provides another reason for health care providers, health plans, healthcare clearinghouses and their business associates to get serious about compliance with the privacy, security and data breach requirements of the Health Insurance Portability and Accountability Act of 1996 (HIPAA).

OCR Pilot Audit Program Begins

On November 8, 2011, the Office of Civil Rights (OCR) of the Department of Health & Human Services (HHS) announced that it will begin auditing HIPAA compliance this month under a new pilot program.

As amended by the American Recovery and Reinvestment Act of 2009 in Section 13411 of the HITECH Act, requires HHS to provide for periodic audits to make sure covered entities and business associates are complying with the HIPAA Privacy and Security Rules and Breach Notification standards. To carry out this mandate, OCR is piloting a program to perform up to 150 audits of covered entities to assess privacy and security compliance between November 2011 and December 2012.

The commencement of OCR HIPAA compliance audits is yet another sign that covered entities and their business associates should get serious about HIPAA compliance. The audit program serves as a new part of OCR’s health information privacy and security compliance program. While OCR says that it presently views the pilot audits as primarily a compliance improvement tool, this does not mean violators should expect a free walk.

Even before the impending audits, HIPAA Privacy exposures of covered entities for failing to comply with HIPAA already had risen significantly. Earlier this year, OCR imposed a $4.3 Million Civil Money Penalty (CMP) against Cignet Health of Prince George’s County (Cignet) for violating HIPAA. Meanwhile, the Department of Justice has secured several criminal convictions or pleas under HIPAA’s criminal provisions. Under amendments made by the HITECH Act, state attorneys general also now are empowered to bring civil lawsuits against covered entities and business associates that commit HIPAA violations that injure citizens in their state under certain circumstances. Eventually, individuals injured by HIPAA violations also will get the right to share in a portion of certain HIPAA recoveries.

These and other audit and enforcement activities send a strong message that covered entities and their business associates need to get serious about HIPAA compliance. As stated by OCR Director Georgina Verdugo when announcing the Mass General Resolution Agreement, “To avoid enforcement penalties, covered entities must ensure they are always in compliance with the HIPAA Privacy and Security Rules,” Verdugo added, “A robust compliance program includes employee training, vigilant implementation of policies and procedures, regular internal audits, and a prompt action plan to respond to incidents.” Learn more here.

For Help With Monitoring Developments, Compliance, Investigations Or Other Needs

Vice President of the North Texas Health Care Compliance Professionals Association, a member of the American College of Employee Benefit Counsel, Past Chair of the ABA RPTE Employee Benefits & Other Compensation Arrangements Group, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has extensive experience advising and assisting health care providers, health plans, their business associates and other health industry clients to establish and administer medical privacy and other compliance and risk management policies. Ms. Stamer also regularly helps clients deal with OCR and other agencies, publishes and speaks extensively on medical and other privacy and data security, health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns. Her publications and insights appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, World At Work, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications. Her insights on the required “culture of compliance” with HIPAA are frequently included in medical privacy related publications of the Atlantic Information Service, Modern Health Care, HealthLeaders and many others. Among others, she has conducted privacy training for the Association of State & Territorial Health Plans (ASTHO), the Los Angeles Health Department, the American Bar Association, the Health Care Compliance Association, a multitude of health industry, health plan, employee benefit and other clients, trade and professional associations and others. You can get more information about her HIPAA and other experience here or may contact her at (469) 767-8872 or via e-mail here.

You can review other selected publications and resources and additional information about the employment, employee benefits and other experience of Ms. Stamer here.

About Solutions Law Press

Leave a Comment » | Academic medicine, ASC, Centers For Disease Control, Childrens Health Insurance Program, DEA, Disease Management, DME, Doctor, Durable Medical Equipment, E-Prescribing, Electronic Medical Records, Employee Benefits, Employer, FACTA, Genetic Information, GINA, Health Care, Health Care Provider, Health IT, Health Plan, Health Plans, HIPAA, HITECH Act, Home Health, Hospital, Hospital, Indian Health, Inpatient Rehabilitation Facility, Medicaid, Medicare, Mental Heatlh, OCR, Outpatient, Pharmacy, Physician, Prescription Drugs, Privacy, Rural Health Care | Tagged: Data Security, Doctor, Health Care Provider, HIPAA, HITECH, home health, Hospital, Physician, Privacy | Permalink
Posted by Cynthia Marcotte Stamer

UCLA Health Systems Payment of $865,500 To Settle HIPAA Charges Shows Rising HIPAA Risk

September 15, 2011

Health care providers, health plans, health care clearinghouses and their business associates got another wake up call about the growing importance of strengthening their policies, practices and safeguards of medical information and records that are “protected health information” under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy and Security Rules with the announcement on July 7 that the University of California at Los Angeles Health System (UCLAHS) has reached an agreement with the U.S. Department of Health & Human Services Office of Civil Rights (OCR) to pay $865,500 and act to strengthen its health information privacy and security practices to settle charges of HIPAA violations.

The latest in a series of recently announced high-dollar Resolution Agreements, the UCLAHS Resolution Agreement highlights the growing risks that covered entities and their business associates run by failing to adequately adopt and administer the policies, systems and other management controls and training necessary to ensure that their organizations and their employees and other members of their workforce actually operationally comply with HIPAA.

Increased penalties, tighter rules and recent enforcement actions by OCR make it more important than ever that covered entities tighten their compliance and risk management policies and procedures.

As a result of amendments enacted as part of the HITECH Act, Congress modified and expanded the HIPAA audit and enforcement obligations of OCR, amended and expanded the potential penalties, made business associates liable for violation of the privacy rules like covered entities, added an obligation for covered entities and business associates to provide notification of breaches of unsecured PHI and tightened other HIPAA obligations. The HITECH Act also gave state attorneys general to bring civil lawsuits against covered entities and business associates that commit HIPAA violations that injure citizens in their state under certain circumstances. Eventually, individuals injured by HIPAA violations will get the right to share in a portion of certain HIPAA recoveries. See HIPAA Heats Up: HITECH Act Changes Take Effect & OCR Begins Posting Names, Other Details Of Unsecured PHI Breach Reports On　Website.

OCR enforcement actions and statistics make clear that OCR is serious about investigation and enforcement of HIPAA violations. This Spring, OCR assessed its first civil monetary penalty (CMP) under HIPAA – a $4.3 million against Cignet Health of Prince George’s County, Md. (Cignet) and entered into a series of Resolution Agreements under which CVS Pharmacy, Inc., General Hospital Corporation and Massachusetts General Physicians Organization Inc., Rite Aid and others paid a million or more dollars as part of the required terms of settlement. See e.g., Rite Aid Pays $1 Million HIPAA Privacy Settlement As OCR Tightens HIPAA Regulations; HIPAA Risks Soar As CVS Agrees To Pay $2.25 Million To Resolve HIPAA Charges & Stimulus Bill Amends HIPAA; Providence To Pay $100,000 & Implement Other Safeguards To Settle HIPAA Penalty Exposures Under HIPAA. Meanwhile, as of January 1, 2011, OCR reported that it had referred more than 484 Privacy Rule breach investigations to the Department of Justice for consideration for potential criminal prosecution and required changes in privacy practices and other corrective actions as part of the requirements for resolution of an additional 12,781 of cases investigated. In addition to these civil enforcement actions by OCR, the Department of Justice has secured several criminal convictions or pleas under HIPAA’s criminal provisions. OCR data confirms that the covered entities involved in these actions included health care providers, health plans, and others. See, e.g., 2 New HIPAA Criminal Actions Highlight Risks From Wrongful Use/Access of Health　Information

Lax HIPAA and other practices for protection of medical and other confidential personal information also increasingly exposes covered entities and other organizations to liability under state laws. State courts allow individual plaintiffs to rely on violations of HIPAA as the basis for bringing state privacy, retaliation or other actions. See, e.g. Sorensen v. Barbuto, 143 P.3d 295 (Utah Ct. App. 2006), Acosta v. Byrum, 638 S.E. 2d 246 (N.C. Ct. App. 2006). Private plaintiffs employed by covered entities also claim HIPAA related misconduct as the basis for their retaliation claims. See, e.g.,　 Retaliation For Filing HIPAA Complaint Recognized As Basis For State Retaliatory Discharge Claim.

HIPAA-specific exposures, wrongful use, access or disclosure of medical information also can expose covered entities, members of their workforce and others improperly using, accessing or disclosing protected health information to liability under other federal or state laws. See, Cybercrime & Identity Theft: Health Information Security Beyond HIPAA; NY AG Cuomo Announcement of 1st Settlement For Violation of NY Security Breach Notification Law; Woman Who Revealed AIDs Info Gets A Year.

These and other developments make clear that covered entities and their business associates must get serious about HIPAA compliance and risk management. These organizations should review and tighten privacy policies, breach and other monitoring, training and other practices to mitigate against exposures in light of recently tightened requirements and new enforcement risks.

For More Details Or Help With HIPAA & Other Risk Management & Compliance Needs

To learn more about the UCLAHS Resolution Agreement and other risk management tips, see UCLA Health Systems Payment of $865,000 To Settle HIPAA Charges Shows Rising HIPAA Risk.

Ms. Stamer also regularly works with OCR and other agencies, publishes and speaks extensively on medical and other privacy and data security, health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns. Her publications and insights appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, World At Work, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications.　 For instance, On May 3, 2011, Ms. Stamer served as the appointed scribe for the ABA Joint Committee on Employee Benefits Agency meeting with OCR and will moderate a teleconference featuring comments by OCR’s Susan McAndrew for the Joint Committee on Employee Benefits scheduled for May 16. Her insights on the required “culture of compliance” with HIPAA also recently were quoted in medical privacy related publications of the Atlantic Information Service. Among others, she has conducted privacy training for the Association of State & Territorial Health Plans (ASTHO), the Los Angeles Health Department, the American Bar Association, the Health Care Compliance Association, a multitude of health industry, health plan, employee benefit and other clients, trade and professional associations and others. You can get more information about her HIPAA and other experience here. To ask for legal help with these or other compliance concerns, inquire about arranging for compliance audit or training, or matters please contact Ms. Stamer at (469) 767-8872 or via e-mail here. You can review other publications and resources and additional information about the employment, employee benefits and other experience of Ms. Stamer here and register to receive future updates about developments on these and other concerns from Ms. Stamer here. For important information concerning this communication click here.Solutions Law Press™ provides business risk management, legal compliance, management effectiveness and other resources, training and education on human resources, employee benefits, compensation, data security and privacy, health care, insurance, and other key compliance, risk management, internal controls and other key operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press resources available at www.solutionslawpress.com.

Leave a Comment » | Academic medicine, ASC, Disease Management, DME, Doctor, Durable Medical Equipment, E-Prescribing, Electronic Medical Records, Employee Benefits, Genetic Information, GINA, Health Care, Health Care Provider, Health IT, Health Plan, Health Plans, HIPAA, HITECH Act, Home Health, Hospital, Indian Health, Medicare Advantage, Mental Heatlh, OCR, Outpatient, Patient Empowerment, Pharmacy, Prescription Drugs, Rural Health Care | Tagged: business associate, Doctor, Health Care, Health Care Provider, Health Plans, HIPAA, Hospital, Physician | Permalink
Posted by Cynthia Marcotte Stamer

Indictment of 91 Shows Growing Health Care Fraud Enforcement Risk

September 8, 2011

A nationwide takedown by Medicare Fraud Strike Force operations in eight cities resulted in the Department of Justice filing criminal charges against 91 defendants, including doctors, nurses, and other medical professionals, for their alleged participation in Medicare fraud schemes involving approximately $295 million in false billing, Attorney General Eric Holder and Health and Human Services (HHS) Secretary Kathleen Sebelius jointly announced the charges on September 7, 2011.

The charges are provide yet another powerful reminder to health care providers, leaders and organizations of the advisability of tightening compliance practices and taking other steps to guard against ever expanding health care fraud exposures. Already a lead federal enforcement priority for more than a decade, HHS recently established the Center for Program Integrity within the Centers for Medicare & Medicaid Services (CMS) to focus on identifying and stopping fraud and acting swiftly to protect beneficiaries.

Charges Announced September 7 Show Strike Force Targeting Fraud Industry Wide

In announcing the most sweeping joint action to date, HHS and Justice Department officials warned that the latest charges demonstrate the willingness and commitment of federal officials to find and prosecute health care fraud throughout the health care industry. The actions are the latest in a series of strong reminders to providers, leaders and others in the health care industry of the need to tighten compliance and risk management to minimize the risk of getting caught up in the Federal government’s ever-tightening health care fraud investigation and enforcement net.

The charges made against the 91 defendants in the indictments announced cover nearly the entire spectrum of healthcare providers for a variety alleged fraudulent schemes. The defendants charged are accused of various health care fraud-related crimes, including conspiracy to defraud the Medicare program, health care fraud, violations of the anti-kickback statutes and money laundering. The charges are based on a variety of alleged fraud schemes involving various medical treatments and services such as home health care, physical and occupational therapy, mental health services, psychotherapy and durable medical equipment (DME). HHS and Justice Department Officials warned these latest sweeping charges clearly signal the resolve of the federal government to find and prosecute health care fraud throughout the industry. Learn more details about September here.

According to the Justice Department and HHS, 70 individuals were charged by Strike Force prosecutors in indictments unsealed on September 6 and September 7, 2011 in six cities. The indictments allege a variety of Medicare fraud schemes involving approximately $263.6 million in false billings. As part of takedown operations last week, 18 additional defendants were charged in Detroit and one defendant was charged in Miami in cases unsealed on September 1, 2011, for their alleged roles in Medicare fraud schemes involving approximately $29.4 million in fraudulent claims. Additionally, two individuals are scheduled to appear in court on September 7, 2011 on charges filed on August. 24, 2011, for their roles in a separate $2 million health care fraud scheme. According to the September 7 announcement, this coordinated takedown involved the highest amount of false Medicare billings in a single takedown in Strike Force history.

According to court documents, the defendants located in Miami, Houston, Baton Rouge, Los Angeles and Detroit allegedly participated in a diverse array of schemes to submit claims to Medicare for treatments that were medically unnecessary and oftentimes never provided. In many cases, indictments and complaints allege that patient recruiters, Medicare beneficiaries and other co-conspirators were paid cash kickbacks in return for supplying beneficiary information to providers, so that the providers could submit fraudulent billing to Medicare for services that were medically unnecessary or never provided. Collectively, the doctors, nurses, medical professionals, health care company owners and others charged in the indictments and complaints are accused of conspiring to submit a total of approximately $295 million in fraudulent billing. If convicted, the defendants face a broad range of criminal, civil and administrative sanctions including imprisonment, criminal penalties, civil sanctions, federal program disqualification, state licensing board disciplinary action and other consequences.

Charges Part of Ongoing National Anti-Health Care Fraud Campaign

Suspend payments to providers and suppliers based on credible allegations of fraud in Medicare and Medicaid;
Impose a temporary moratorium on Medicare, Medicaid, and CHIP enrollment on providers and suppliers when necessary to help prevent or fight fraud, waste, and abuse without impeding beneficiaries’ access to care.
Strengthen and build on current provider enrollment and screening procedures to more accurately assure that fraudulent providers are not gaming the system and that only qualified health care providers and suppliers are allowed to enroll in and bill Medicare, Medicaid and CHIP;
Terminate providers from Medicaid and CHIP when they have been terminated by Medicare or by another state Medicaid program or CHIP;
Require provider compliance programs, now required under the Affordable Care Act, that will ensure providers are aware of and comply with CMS program requirements.

Act To Manage Risks

For More Information Or Assistance

If you need assistance reviewing or responding to these or other health care related risk management, compliance, enforcement or management concerns, the author of this update, attorney Cynthia Marcotte Stamer, may be able to help. Vice President of the North Texas Health Care Compliance Professionals Association, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has more than 23 years experience advising health industry clients about these and other matters. Ms. Stamer has extensive experience advising and assisting health care providers and other health industry clients to establish and administer compliance and risk management policies and to respond to DEA and other health care industry investigation, enforcement and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns. A popular lecturer and widely published author on health industry concerns, Ms. Stamer continuously advises health industry clients about compliance and internal controls, workforce and medical staff performance, quality, governance, reimbursement, and other risk management and operational matters. Ms. Stamer also publishes and speaks extensively on health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns including a number of programs and publications on OCR Civil Rights rules and enforcement actions. Her insights on these and other related matters appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, World At Work, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications. You can get more information about her health industry experience here. If you need assistance with these or other compliance concerns, wish to inquire about arranging for compliance audit or training, or need legal representation on other matters please contact Ms. Stamer at (469) 767-8872 or via e-mail here.

About Solutions Law Press

Leave a Comment » | Academic medicine, Affordable Care Act, Anti-KickBack, ASC, Childrens Health Insurance Program, Corporate Compliance, Durable Medical Equipment, Federal Health Center, Federal Sentencing Guidelines, Health Care, Health Care Finance, Health Care Fraud, Health Care Provider, Health Care Quality, Health Care Reform, Health Plans, Hospital, Laws, Medicaid, Medicare, Medicare Advantage, Medicare Fee Schedule, Medicare Prescription Drug Program, Mental Heatlh, Money Laundering, OIG, Outpatient, Patient Protection and Affordable Care Act, Pharmacy, Physician, Prescription Drugs, Public Policy, Reimbursement, Rural Health Care, Stark, Substance Abuse | Tagged: Health Care Fraud, HEAT, Medicaid Fraud, Medicare, Medicare Fraud, Medicare Fraud Task Force | Permalink
Posted by Cynthia Marcotte Stamer

5/18 Deadline to Register For 5/19 CMS Provider Call on Medicare and Medicaid EHR Meaningful Use Incentive Programs

May 17, 2011

Wish you knew more about how to use electronic health records (EHRs) to earn incentive payments from the Centers for Medicare & Medicaid Services (CMS)? CMS plans to host a national provider education call to help you learn more about meaningful use on Thursday, May 19 at 2:30 p.m. EDT. During the call, CMS plans to discuss:

The definition of meaningful use
The requirements for Stage 1 of meaningful use (2011 and 2012)
How to attest to having met meaningful use
Overview of the meaningful use objectives specification sheets
- Stage 1 EHR Meaningful Use Specification Sheets for Eligible Professionals
- Stage 1 EHR Meaningful Use Specification Sheets for Eligible Hospitals
Q&A about meaningful use

In order to receive the call-in information, you must register for the call. It is important to note that if you are planning to sit in with a group, only one person needs to register to receive the call-in data. This registration is solely to reserve a phone line, NOT to allow participation. Registration will close at 2:30 p.m. EDT on May 18, 2011, or when available space has been filled. No exceptions will be made, so please be sure to register prior to this time. In order to register, you should:

Visit the registration page.
Fill in all required information and click “Register.”
You will be taken to the “Thank you for registering” page and will receive a confirmation email shortly thereafter. Please save this page in case your server blocks the confirmation emails. (If you do not receive the confirmation email, check your spam/junk mail filter as it may have been directed there.)
If assistance for hearing impaired services is needed, please email medicare.ttt@palmettogba.com no later than three business days before the call.

Prior to the call, presentation materials will be made available in the “Upcoming Events” section of the Spotlight page on the CMS EHR website.

Want more information about the EHR Incentive Programs?
Make sure to visit the EHR Incentive Programs website for the latest news and updates on the EHR Incentive Programs.

Sixty-two Regional Extension Centers (RECs) across the nation are prepared to offer customized, on-the-ground assistance for eligible professionals and hospitals registering for the CMS EHR Incentive Programs. To locate an REC near you, visit http://www.healthit.

In addition to the May 10 call, recordings of various other recent health information privacy and data security training offered by agencies within the Department of Health and Human Services also now is avaialble on the web. For instance, the National Institute of Standards and Technology (NIST) and the Office for Civil Rights (OCR) are making presentations from the 4th annual conference on “Safeguarding Health Information: Building Assurance through HIPAA Security” co-hosted in Washington, D.C. on May 10 & 11, 2011 available on line for review. The training is part of a series of continuing efforts by the agencies to outreach to various parties on the Privacy and Security Rules of the Health Insurance Portability & Accountability Act of 1996, as amended (HIPAA). Meanwhile, OCR’s Susan McAndrew on Monday shared insights on OCR’s HIPAA regulatory and enforcement agenda at a teleconference to be hosted by the American Bar Association Joint Committee on Employee Benefits at Noon Central on May 16, 2011. Recordings of these presentations are or will be accessible on the sponsoring organizations from their websites. For details about reviewing the May 10-11 presentations, see the 2011 HIPAA Conference website here. For details about the May 16 teleconference, see here.

For Help With Monitoring Developments, Compliance, Investigations Or Other Needs

If you need assistance monitoring federal health reform, policy or enforcement developments, or to review or respond to these or other health care or health IT related risk management, compliance, enforcement or management concerns, the author of this update, attorney Cynthia Marcotte Stamer, may be able to help. Vice President of the North Texas Health Care Compliance Professionals Association, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has more than 23 years experience advising health industry clients about these and other matters. Ms. Stamer has extensive experience advising and assisting health care providers and other health industry clients to establish and administer medical privacy and other compliance and risk management policies, to health care industry investigation, enforcement and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns. A popular lecturer and widely published author on health industry concerns, Ms. Stamer continuously advises health industry clients about compliance and internal controls, workforce and medical staff performance, quality, governance, reimbursement, and other risk management and operational matters. On May 3, 2011, Ms. Stamer served as the appointed scribe for the ABA Joint Commitee on Employee Benefits Agency meeting with OCR and will moderate a teleconference featuring comments by OCR’s Susan McAndrew for the Joint Committee on Employee Benefits scheduled for May 16. Ms. Stamer also publishes and speaks extensively on health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns/ She also regularly designs and presents risk management, compliance and other training for health care providers, professional associations and others including highly popular programs on “Sex Drugs & Rock ‘N Role: Managing Personal Misconduct in Health Care,” “Managing Physician Performance” and others.. Her publications and insights appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, World At Work, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications. You can get more information about her health industry experience here. If you need assistance with these or other compliance concerns, wish to inquire about arranging for compliance audit or training, or need legal representation on other matters please contact Ms. Stamer at (469) 767-8872 or via e-mail here.

About Solutions Law Press

Leave a Comment » | Academic medicine, ASC, DEA, Disease Management, DME, Doctor, Electronic Health Records, Electronic Medical Records, Employer, Genetic Information, GINA, Health Care Provider, Health IT, Health Plan, HIPAA, HITECH Act, Hospital, Medicaid, Medicare, Medicare Advantage, Medicare Fee Schedule, Mental Heatlh, OCR, Physician | Tagged: Health Care, HIPAA, Medical Confidentiality, OCR< Privacy, Security | Permalink
Posted by Cynthia Marcotte Stamer

OCR/NIST Share Training Online, OCR’s McAndrew To Speak On May 16 Teleconference

May 10, 2011

The National Institute of Standards and Technology (NIST) and the Department of Health and Human Services (HHS), Office for Civil Rights (OCR) are making presentations from the 4th annual conference on “Safeguarding Health Information: Building Assurance through HIPAA Security” co-hosted in Washington, D.C. on May 10 & 11, 2011 available on line for review. The training is part of a series of continuing efforts by the agencies to outreach to various parties on the Privacy and Security Rules of the Health Insurance Portability & Accountability Act of 1996, as amended (HIPAA). Meanwhile, OCR’s Susan McAndrew is scheduled to share insights on OCR’s HIPAA regulatory and enforcement agenda at a teleconference to be hosted by the American Bar Association Joint Committee on Employee Benefits at Noon Central on May 16, 2011.

The Security Rule sets federal standards to protect the confidentiality, integrity and availability of electronic protected health information by requiring HIPAA covered entities and their business associates to implement and maintain administrative, physical and technical safeguards. Presentations cover a variety of current topics including updates on HHS health information privacy and security initiatives, OCR’s enforcement of health information privacy and security activities, integrating security safeguards into health IT and security automation, insider threat trends and safeguards, and more.

The conference is designed to explore the current health information technology security landscape and the Health Insurance Portability and Accountability Act (HIPAA) Security Rule, the agencies share their practical strategies, tips and techniques for implementing the HIPAA Security Rule.

For details about reviewing the May 10-11 presentations, see the 2011 HIPAA Conference website here. For details about the May 16 teleconference, see here.

For Help With Monitoring Developments, Compliance, Investigations Or Other Needs

About Solutions Law Press

Health Care Providers Brace For New HIPAA Enforcement As OCR Announces Hospital Resolution Agreement Requiring $1 Million Settlement Payment

February 25, 2011

Announcement Made 2 Days After OCR Announces $4.3 Million HIPAA Civil Penalty Against Cignet

General Hospital Corporation and Massachusetts General Physicians Organization Inc. (Mass General) has agreed to pay the U.S. government $1,000,000 to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy Rule. The incident giving rise to the agreement involved the loss of protected health information (PHI) of 192 patients of Mass General’s Infectious Disease Associates outpatient practice The U.S. Department of Health and Human Services (HHS) Office of Civil Rights (OCR) announced the Resolution Agreement two days after announcing that its first official assessment of a civil monetary penalty CMP under HIPAA – a $4.3 million against Cignet Health of Prince George’s County, Md., (Cignet). Read more details here

HIPAA Privacy Rule restricts the use, access and disclosure by covered entities of PHI and other individually identifiable health care information to those outlined within the Rules. Under HIPAA covered entities also are responsible for establishing and enforcing policies and procedures that safeguard PHI against improper use, access or disclosure by employees, business associates, and other third parties. Noncompliance with the Privacy and Security Rules exposes a covered entity to criminal prosecution and penalties, civil penalties or both. The Privacy Rule requires health plans, health care clearinghouses and most health care providers (covered entities) to safeguard the privacy of patient information, including such information during its disposal. Under amendments to HIPAA enacted under the HITECH Act, business associates now also are accountable and subject to direct liability for failing to comply with HIPAA’s requirements. Amendments to HIPAA under the HITECH Act, further expand the risks and responsibilities of health care providers and other covered entities.

Announced just two days before the Mass General Resolution Agreement, the Cignet CMP announced February 22, 2011 is the first CMP ever assessed by OCR under the HIPAA Privacy Rule. The assessment resulted after OCR found Cignet violated 41 patients’ HIPAA rights and committed other HIPAA violations. The $4.3 million CMP against Cignet applies the expanded HIPAA violation categories and increased HIPAA civil monetary penalty amounts authorized by HIPAA amendments made by Section 13410(d) of the Health Information Technology for Economic and Clinical Health (HITECH) Act. Read more details.

Even before the Mass General Resolution Agreement and Cignet CMP announcements, HIPAA Privacy exposures of covered entities for failing to comply with HIPAA already had risen significantly. While OCR had not assessed any civil monetary penalties against any covered entity for violation of HIPAA before Cignet, OCR’s collection of $1 Million from Rite Aid in a 2010 Resolution Agreement, $2.25 million from CVS Pharmacy, Inc. under a 2009 Resolution Agreement and $100,000 from Providence Health & Services under a 2008 Resolution Agreement demonstrated that covered entities could face significant civil liability for willful violations of the Privacy Rules. In addition to these civil enforcement actions by OCR, the Department of Justice has secured several criminal convictions or pleas under HIPAA’s criminal provisions. OCR data confirms that the covered entities involved in these actions included health care providers, health plans, and others. Coupled with the HITECH Act changes, these and other enforcement actions signal growing potential hazards for covered entities and their business associates that fail to properly manage their HIPAA compliance obligations and risks.

The Mass General and Cignet announcements and other enforcement actions demonstrate that OCR is moving forward on its announced plans to hold health plans, health care providers, health care clearinghouses (covered entities) and their business associates that violate HIPAA accountable. Added to other recent developments, the Mass General and Cignet enforcement actions demonstrate that OCR’s commitment to enforcing HIPAA and illustrate the significant exposures that covered entities and business associates risk by disregarding their HIPAA obligations.

As stated by OCR Director Georgina Verdugo when announcing the Mass General Resolution Agreement, stating, “We hope the health care industry will take a close look at this agreement and recognize that OCR is serious about HIPAA enforcement. It is a covered entity’s responsibility to protect its patients’ health information.”

“To avoid enforcement penalties, covered entities must ensure they are always in compliance with the HIPAA Privacy and Security Rules,” Verdugo added, “A robust compliance program includes employee training, vigilant implementation of policies and procedures, regular internal audits, and a prompt action plan to respond to incidents.”

Covered entities are urged to heed these warning by strengthening their HIPAA compliance and adopting other suitable safeguards to minimize HIPAA exposures. Health plans and other covered entities as well as their business associates should tighten privacy policies, breach and other monitoring, training and other practices to mitigate against exposures in light of recently tightened requirements and new enforcement risks. To minimize the potential that the health plan’s sharing of information with the employer will create or spread HIPAA or other privacy risks to the employer or members of its workforce, employers and other plan sponsors and members of their workforce also should take steps to ensure not only that their health plan documents, policies and procedures, as well as those policies and practices applicable to the employer, its human resources, and benefits advisors when accessing or handling health plan or other medical information on behalf of the employer, rather than the plan, are appropriately designed and administered.

Act To Manage HIPAA Exposures

In response to these expanding exposures, covered entities and their business associates should review the adequacy of their current HIPAA Privacy and Security compliance policies, monitoring, training, breach notification and other practices taking into consideration the Cignet, Rite Aid, Provident and CVS enforcement actions, emerging litigation and other enforcement data; their own and reports of other security and privacy breaches and near misses, and other developments to determine if additional steps are necessary or advisable. As part of these compliance and risk management efforts, most covered entities and their business associates will find it advisable to devote significant attention to the business associate relationship and its associated business associate agreements.

For Help With Investigations, Policy Review & Updates Or Other Needs

If you need assistance in auditing or assessing, updating or defending your HIPAA, or other health or other employee benefit, labor and employment, compensation, privacy and data security, or other internal controls and practices, please contact the author of this update, attorney Cynthia Marcotte Stamer at cstamer@solutionslawyer.net or at (469)767-8872.

The Chair of the American Bar Association (ABA) RPTE Employee Benefits & Other Compensation Committee, a Council Representative on the ABA Joint Committee on Employee Benefits, Government Affairs Committee Legislative Chair for the Dallas Human Resources Management Association, and past Chair of the ABA Health Law Section Managed Care & Insurance Interest Group, Ms. Stamer works, publishes and speaks extensively on HIPAA and other privacy and data security, health plan, health care and other human resources and workforce, employee benefits, compensation, internal controls and related matters.

For more than 23 years, Ms. Stamer has counseled, represented and trained employers and other employee benefit plan sponsors, plan administrators and fiduciaries, insurers and financial services providers, third party administrators, human resources and employee benefit information technology vendors and others privacy and data security, fiduciary responsibility, plan design and administration and other compliance, risk management and operations matters. She also is recognized for her publications, industry leadership, workshops and presentations on privacy and data security and other human resources, employee benefits and health care concerns. Her many highly regarded publications on privacy and data security concerns include “Privacy Invasions of Medical Care-An Emerging Perspective.” ERISA Litigation Manual. BNA, 2003-2009; “Privacy & Securities Standards-A Brief Nutshell.” BNA Tax Management and Compliance Journal. February 4, 2005; “Cybercrime and Identity Theft: Health Information Security beyond HIPAA.” ABA Health eSource. May, 2005 and many others. She also regularly conducts training on HIPAA and other privacy and data security compliance and other risk management matters for a broad range of organizations including the Association of State and Territorial Healthcare Organizations (ASTHO), the Los Angeles County Health Department, a multitude of health plans and their sponsors, health care providers, the American Bar Association, SHRM, the Society for Professional Benefits Administrators and many others. Her insights on these and other matters appear in the Bureau of National Affairs, Spencer Publications, the Wall Street Journal, the Dallas Business Journal, the Houston Business Journal, and many other national and local publications. For additional information about Ms. Stamer and her experience or to access other publications by Ms. Stamer see www.CynthiaStamer.com or contact Ms. Stamer directly.

About Solutions Law Press

Leave a Comment » | Academic medicine, ASC, Childrens Health Insurance Program, Doctor, Electronic Medical Records, Employment, Federal Health Center, Federal Sentencing Guidelines, Genetic Information, GINA, Health Care, Health Care Provider, Health Plan, Health Plans, HIPAA, HITECH Act, Hospital, Hospital, Indian Health, Medicare Advantage, Mental Heatlh, OCR, Pharmacy, Physician, Privacy, Rural Health Care | Tagged: Civil Monetary Penalties, HIPAA, Mass General, OCR, PHI, Privacy | Permalink
Posted by Cynthia Marcotte Stamer

HHS Imposes 1st HIPAA Privacy Civil Penalty of $4.3 million

February 22, 2011

Health Care Providers Should Strengthen HIPAA Compliance & Defenses As Risks Rise

$4.3 million is the amount of the civil monetary penalty (CMP) that the U.S. Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) has ordered Cignet Health of Prince George’s County, Md., (Cignet) to pay for violating the Health Insurance Portability & Accountability Act (HIPAA) Privacy Rule.

The first CMP ever assessed by OCR under the HIPAA Privacy Rule, the Cignet CMP assessment is the latest in a series of developments documenting the rising risks that health care providers, health plans, health care clearinghouses and their business associates (“covered entities”) face for violations of HIPAA. Covered entities and their business associates should tighten privacy policies, breach and other monitoring, training and other practices to mitigate against exposures in light of recently tightened requirements and new enforcement risks. Read more details.

Even before the announcement of the Cignet CMP, the HIPAA Privacy exposures of covered entities for failing to comply with HIPAA already had risen significantly. As of January 1, 2011, OCR reports that 12,781 of the cases it has investigated have been resolved by requiring changes in privacy practices and other corrective actions by the covered entities and has referred more than 484 Privacy Rule breach investigations to the Department of Justice for consideration for potential criminal prosecution.

While OCR had not assessed any civil monetary penalties against any covered entity for violation of HIPAA before Cignet, OCR’s collection of $2.25 million from CVS Pharmacy, Inc. under a 2009 Resolution Agreement and $100,000 from Providence Health & Services under a 2008 Resolution Agreement demonstrated the willingness of OCR to pursue significant civil remedies against covered entities that it determined willfully violated the Privacy Rules.

For Help With Compliance, Investigations Or Other Needs

If you need assistance auditing or tightening your existing HIPAA and other confidentiality practices or addressing other health care related risk management, compliance, enforcement or management concerns, the author of this update, attorney Cynthia Marcotte Stamer, may be able to help. Vice President of the North Texas Health Care Compliance Professionals Association, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has more than 23 years experience advising health industry clients about these and other matters. Ms. Stamer has extensive experience advising and assisting health care providers and other health industry clients to establish and administer medical privacy and other compliance and risk management policies and to respond to OCR, FTC, medical board and other health care industry investigation, enforcement and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns. A popular lecturer and widely published author on health industry concerns, Ms. Stamer continuously advises health industry clients about compliance and internal controls, workforce and medical staff performance, quality, governance, reimbursement, and other risk management and operational matters. Ms. Stamer also publishes and speaks extensively on health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns including a number of programs and publications on Medicare quality and other compliance concerns. Her publications and insights on HIPAA and other related matters appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, World At Work, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications. You can get more information about her health industry experience here. If you need assistance with these or other compliance concerns, wish to inquire about arranging for compliance audit or training, or need legal representation on other matters please contact Ms. Stamer at (469) 767-8872 or via e-mail here.

About Solutions Law Press

Leave a Comment » | Academic medicine, ARRA, ASC, Centers For Disease Control, Disease Management, DME, Doctor, E-Prescribing, Electronic Health Records, Electronic Medical Records, Federal Health Center, Genetic Information, Health Care, Health Care Provider, Health Care Quality, Health IT, Health Plans, HIPAA, HITECH Act, Hospital, Hospital, Indian Health, Medicaid, Medical Licensure, Medicare, Medicare Advantage, Medicare Fee Schedule, Mental Heatlh, OCR, Peer Review, Pharmacy, Physician, Privacy, Reimbursement, Telemedicine | Tagged: covered entity, Health Care, HIPAA, Hospital, Medical Confidentiality, OCR, Physician, Privacy Rule, Security Rule | Permalink
Posted by Cynthia Marcotte Stamer

Health Care Fraud Enforcement Packs New Heat

December 16, 2010

As part of ongoing efforts to prevent and fight health care fraud, US Department of Health and Human Services Secretary Kathleen Sebelius and Attorney General Eric Holder today announced that the Centers for Medicare and Medicaid Services (CMS) plans to acquire and new state-of-the-art predictive modeling fraud fighting analytic tools to prevent wasteful and fraudulent payments in Medicare, Medicaid and the Children’s Health Insurance Program before they occur As Sebelius and Holder made the announcement at a Fraud Prevention Summit held at the University of Massachusetts in Boston, CMS issued a solicitation for state-of-the-art fraud fighting analytic tools to help the agency predict and prevent potentially wasteful, abusive or fraudulent payments before they occur. These actions come as CMS and the Justice Department are touting record recoveries from already ongoing enforcement actions.

CMS intends to use these new tools into the National Fraud Prevention Program and to complement and expand fraud detection and enforcement work and practices utilized by the joint HHS and Department of Justice Health Care Fraud Prevention and Enforcement Action Team (HEAT) in recent years.

CMS is already starting to take administrative action to stop payments in various pilot programs or other anti-fraud initiatives. The move to acquire and use additional predictive model tools comes as CMS is implementing new and expanded health care fraud detection and enforcement authority provided in the Patient Protection and Affordable Care Act (Affordable Care Act). CMS and the Justice Department are moving aggressively to take advantage of these new powers and resources. In recent months HHS founded the new Center for Program Integrity within CMS would focus on identifying and stopping fraud and acting swiftly to protect beneficiaries. It also proposed new rules implementing enhanced health care fraud investigation and enforcement powers enacted as part of the Affordable Care Act.

Meanwhile, CMS and the Justice Department have continued to aggressively investigate and prosecute suspected health care fraud. Already, stepped up fraud enforcement efforts have produced significant recoveries. In Fiscal Year 2010, the Department of Justice obtained settlements and judgments of more than $2.5 billion in False Claims Act matters alleging health care fraud. This is more than ever before obtained in a single year, up from $1.68 billion in Fiscal Year 2009.

In light of these developments, health care providers should tighten billing and other compliance practices and monitoring of enforcement and other oversight activities by CMS and the Justice Department. Get more details here.

For Assistance

The author of this update, attorney Cynthia Marcotte Stamer, has extensive experience advising and assisting health care providers and other health industry clients to respond to these and other health care industry enforcement and other compliance, public policy, regulatory, staffing, and other operations and risk management matters.

Vice President of the North Texas Health Care Compliance Professionals Association, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has more than 23 years experience advising physicians, hospitals and other health industry clients about regulatory compliance and enforcement, quality assurance, peer review, licensing and discipline, and other medical staff performance matters. She continuously advises health industry clients about the use of technology, process and other mechanisms to promote compliance and internal controls, workforce and medical staff performance, quality, governance, reimbursement, and other risk management and operational needs. As part of this experience, she has worked extensively with health care providers, payers, health care technology and consulting and other health industry clients, as well as other businesses, on privacy, data security, trade secret and related matters. A popular lecturer and widely published author on health industry concerns, Ms. Stamer also publishes and speaks extensively on health care compliance, staffing and human resources, compensation and benefits, technology, medical staff, public policy, reimbursement, privacy, technology, and other health and managed care industry regulatory, and other operations and risk management concerns for medical societies and staffs, hospitals, the HCCA, American Bar Association, American Health Lawyers Association and many other health industry groups and symposia. Her highly popular and information packed programs include many highly regarded publications on HIPAA, FACTA, medical confidentiality, state identity theft and privacy and other many other related matters. Her insights on these and other related matters appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, World At Work, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications. To review some of her many publications and presentations, or for additional information about Ms. Stamer, her experience, involvements, programs or publications, see here.

Other Recent Developments

If you found this information of interest, you also may be interested in reviewing some of the following recent Updates available online by clicking on the article title:

For More Information

We hope that this information is useful to you. You can review other recent health care and internal controls resources and additional information about the health industry and other experience of Ms. Stamer here. If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information – including your preferred e-mail – by creating or updating your profile at here or e-mailing this information here. To unsubscribe, e-mail here.

About Solutions Law Press

Solutions Law Press™ provides business risk management, legal compliance, management effectiveness and other resources, training and education on human resources, employee benefits, compensation, data security and privacy, health care, insurance, and other key compliance, risk management, internal controls and other key operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press resources. If you or someone else you know would like to receive future updates and notices about other upcoming Solutions Law Press events, please be sure that we have your current contact information – including your preferred e-mail- by creating or updating your profile at here. For important information concerning this communication click here. For important information concerning this communication click here.

Leave a Comment » | Anti-KickBack, DME, false claims act, Health Care, Health Care Fraud, Health Care Provider, Health Care Quality, Hospital, Medicaid, Medicare, Medicare Advantage, Medicare Fee Schedule, Mental Heatlh, Physician | Tagged: CHIP, CMS, enforcement, false claims act, Health Care Fraud, HEAT, Justice Department, Medicaid, Medicare, Reimbursement | Permalink
Posted by Cynthia Marcotte Stamer

OIG Shares Key Insights On When Owners, Officers & Managers Face OIG Program Exclusion Based On Health Care Entity Misconduct

October 21, 2010

The Department of Health & Human Services Office of Inspector General (OIG) this morning (October 21, 2010) posted to its website key guidance about when OIG will exercise its authority under the permissive exclusion rules of Social Security Act (Act) § 1128(b)(15)(A)(ii) to exclude from Federal health program participation owners, officers or managing employees of health care organizations based on their role, involvement or ownership interest in a health industry company convicted of certain offenses or excluded from Federal health program participation.

The Guidance For Implementing Permissive Exclusion of Authority under Section 1128(b)(15) of the Social Security Act (Guidance) provides valuable insights for health care organizations, their owners, officers and managers about how OIG expects them to act and the evidence that OIG likely will require should OIG bring an OIG exclusion action against them personally following the conviction or OIG exclusion of their health care organization for misconduct. To position themselves to survive OIG or related exclusion or prosecution, health care organizations and their owners, officers and management use the Guidance as a guide to help strengthen the defensibility of their daily actions against potential OIG scrutiny and consider the advisability of updating their personal and organizational practices, policies and leadership training in response to this Guidance.

The Guidance discusses the guiding principles and core factors and presumptions that OIG generally will apply to decide if the OIG will should exclude an individual from Federal health program participation based on the involvement of the individual as an owner, officer or manager of company that has been excluded from Federal program participation or convicted of certain health care crimes.. Because these OIG has identified these factors as core considerations in its exclusion analysis, the Guidance provides invaluable guidance for health care entities, their owners, officers and management employees about opportunities position their conduct for defensibility against OIG enforcement exposures. Consequently, owners, officers and managers alike concerned about their exposure to Federal program exclusion or other personal liability under Federal health care fraud laws should use the Guidance to help strengthen their ability to avoid personal exclusion or other prosecution by the OIG as a result of their involvement with a health care organization excluded from Federal program participation or convicted of other crimes. For a more detailed discussion of the Guidance, see here

For More Information or Assistance

If you need assistance evaluating or responding to this development of other health care compliance, risk management, transactional, operational, reimbursement, enforcement or public policy concerns, please contact the author of this update, Cynthia Marcotte Stamer, at (469) 767-8872, cstamer@Solutionslawyer.net.

Other Resources

We hope that this information is useful to you. If you found this information of interest, you also may be interested in reviewing some of the following recent Updates available online by clicking on the article title:

About Solutions Law Press

You can review other recent health care and internal controls resources and additional information about the health industry and other experience of Ms. Stamer here. If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information – including your preferred e-mail – by creating or updating your profile at here or e-mailing this information here.

Leave a Comment » | ASC, Centers For Disease Control, Childrens Health Insurance Program, Conditions of Participation, Corporate Compliance, Disability Discrimination, DME, Doctor, E-Prescribing, false claims act, Federal Health Center, Federal Sentencing Guidelines, Health Care, Health Care Finance, Health Care Fraud, Health Care Provider, Health Care Quality, Hospital, Hospital, Indian Health, Medicaid, Medicare, Medicare Advantage, Medicare Fee Schedule, Medicare Fee Schedule, Mental Heatlh, Money Laundering, OIG, Outpatient, Physician, Prescription Drugs, Reimbursement, Rural Health Care, Stark | Permalink
Posted by Cynthia Marcotte Stamer

HHS Invites Input on Proposed Strategic Framework on Multiple Chronic Conditions

May 19, 2010

June 18, 2010 is the deadline for interested persons to submit comments to the Office of Public Health and Science of the Department of Health & Human Services (HHS) on the draft “HHS Strategic Framework on Multiple Chronic Conditions” in response to the request for information published here in the May 19, 2010 Federal Register. Interested parties can review the draft strategic framework here.

Approximately 75 million Americans have multiple (2 or more) concurrent chronic conditions, including problems such as hypertension, heart disease, arthritis, diabetes, mental health conditions, and chronic respiratory infections. As these combined morbidities drive significant health costs, HHS through the Office of Public Health and Science (OPHS) and its HHS Interagency Workgroup on Multiple Chronic Conditions has drafted a “Strategic Framework on Multiple Chronic Conditions” to address approaches to improving the health of individuals with concurrent multiple chronic conditions by providing options for HHS to strengthen coordination of its efforts internally and collaboration with stakeholders externally. The strategic framework seeks to improve the foundation for realizing optimum health and quality of life for individuals with multiple chronic conditions. In the request for information published May 19, 2010, HHS is seeking comments from stakeholders and the public on the draft strategic framework.

If you need assistance to submit comments in response to the request for information or with any other health industry regulatory or operational matter, please contact Cynthia Marcotte Stamer at (469) 767-8872 or e-mail her here.

Other Recent Developments

If you found this information of interest, you also may be interested in information about upcoming programs to be presented by Ms. Stamer, acquiring a copy of a recording or materials from previous programs she has presented, or arranging training for your organization. For more information about these opportunities, contact Ms. Stamer directly.

If you found this information of interest, you also may be interested in reviewing some of the following recent Updates available online by clicking on the article title:

For More Information

We hope that this information is useful to you. If you need assistance evaluating or responding to the Health Care Reform Law or health care compliance, risk management, transactional, operational, reimbursement, or public policy concerns, please contact the author of this update, Cynthia Marcotte Stamer, at (469) 767-8872, cstamer@Solutionslawyer.net.

Leave a Comment » | Health Care, Health Care Quality, Medicaid, Medicare, Mental Heatlh, Physician, Reimbursement, Uncategorized, Wellness | Permalink
Posted by Cynthia Marcotte Stamer

HIPAA Heats Up: HITECH Act Changes Take Effect & OCR Begins Posting Names, Other Details Of Unsecured PHI Breach Reports On Website

February 25, 2010

By Cynthia Marcotte Stamer

The Department of Health and Human Services Office of Civil Rights (OCR) has begun posting on its website the names and certain information about health care providers, health insurers, employer and other health plans, health care clearinghouses and their business associates (Covered Entities) reporting to OCR “breaches” of “unsecured protected health information” (UPHI) under new breach notice rules added by the Health Information Technology for Economic and Clinical Health Act (HITECH Act).

Covered Entities should anticipate the posting of the breach information and other HITECH Act breach notices coupled with amendments to the medical privacy and security requirements of the Health Insurance Portability & Accountability Act (HIPAA) effective since February 17, 2010, will heighten enforcement risks and public sensitivities about medical information privacy safeguards. As failing to comply with the amended rules effective February 17, 2010 can trigger obligations under the Breach Regulations and other significant liability exposures, Covered Entities should act quickly to manage these emerging risks.

Covered Entity Breach Notification Requirements

The initial list of Covered Entities reporting breaches of UPHI affecting 500 or more individuals posted by OCR on February 22, 2010 discloses the Covered Entity’s name and State, the approximate number of individuals affected, the date and type of breach and the location of the breached information. OCR’s posting of this information is required under the HITECH Act breach notification requirements as part of its implementation and enforcement of new breach notification requirements added to HIPAA by Section 13402(e)(3) of the HITECH Act.

The HITECH Act amended HIPAA to require Covered Entities to require Covered Entities provide notification to individuals, OCR and others when certain breaches of UPHI happen. The implementing interim “Breach Notification For Unsecured Protected Health Information” regulations (Breach Regulation) published by OCR here require Covered Entities subject to HIPAA to notify affected individuals, OCR and in some cases the media within specified periods following a “breach” of UPHI occurring on or after September 23, 2009 unless the Covered Entity can demonstrate that the breach qualified as exempt from the breach notification obligation under the Breach Regulations.

Covered Entities generally should consider the need to provide breach notification under the Breach Regulation whenever electronic or non-electronic protected health information which is not adequately encrypted or destroyed to qualify as “secured” under the breach rules is used, accessed or disclosed in violation of HIPAA.

Since the potential need to provide breach notification is triggered by an impermissible use, access or disclosure of UPHI, up-to-date maintenance, monitoring and enforcement is at the heart of compliance with the Breach Regulation as well as HIPAA generally.

You can review the currently posted list of Covered Entities that have reported breaches on the OCR website here. Learn more about the Breach Regulation requirements here.

Broader & Stricter Medical Privacy Mandates Effective 2/17/210

The new breach notification requirements are part of a series of changes made to HIPAA under the HITECH Act that are increasing the responsibilities and liability exposures of Covered Entities. On February 17, 2010, Covered Entities and their business associates also became subject to tighter federal requirements for the use, access, protection and disclosure of protected health information under amendments to HIPAA’s Privacy & Security Standards enacted in the HITECH Act. When the HITECH Act was signed into law on February 17, 2009, Covered Entities also became subject to expanded sanctions and remedies for HIPAA violations.

To comply with the HITECH Act changes to HIPAA effective on February 17, 2010, most Covered Entities and their business associates generally will need to update their written policies, operational procedures, technical safeguards, privacy notices, vendor and other agreements, training, and other management procedures in several respects. For more details, see here.

While the HITECH Act gave Covered Entities and business associates a year to complete the necessary arrangements to comply with these HITECH Act changes, many Covered Entities and business associates have not adequately implemented the necessary arrangements. To mitigate these exposures, Covered Entities and their business associates should act quickly to review and update their policies, procedures, training, business associate and other services agreements, and other practices and procedures, as well as to implement the training, oversight, and other management necessary to comply with the HITECH Act changes and to mitigate other HIPAA risks.

Exposures Significant & Growing

HIPAA-associated exposures for Covered Entities are significant and growing. Timely action to comply with the amended HIPAA requirements and Breach Regulations is important to avoid triggering the breach notification requirements; to prevent loss of public trust and reputation; and to minimize exposures to legal actions, administrative complaints and sanctions and the investigation, defense and correction costs likely to result when a Covered Entity violates or is accused of violating HIPAA or otherwise mishandling medical or other personal information.

Even before the HITECH Act changes became effective, federal regulators were stepping up HIPAA enforcement. The HITECH Act amendments further increase the risk that Covered Entities violating HIPAA face investigation and sanction. The HITECH Act amendments increase the likelihood that Covered Entities violating HIPAA will get caught and will face some form of damage or penalty assessment. Heightened awareness of UPHI breaches resulting from HITECH Act mandated breach notifications are likely to fuel new HIPAA-related complaints, charges and demands. Covered Entities, workforce members who wrongfully access protected health information now face potential civil penalties, criminal prosecution, civil lawsuits and other actions. Allowing state attorneys general to bring suit adds more manpower to the enforcement team. Furthermore, the wrongful use, access or disclosure of protected health information or other confidential information also increasingly is the basis of civil or criminal actions brought under a variety of other federal and state laws.

New Risks Created By HITECH Act Amendments

Heightened HIPAA exposures stem in part from the HITECH Act’s amendments to HIPAA’s remedy provisions. Among other things, the HITECH Act amended HIPAA to:

Allow a State Attorney General to sue Covered Entities that commit HIPAA violations after February 16, 2009 for damages caused to state citizens;
Expand the mandate by OCR to investigate violations and audit compliance with HIPAA;
Require OCR to impose civil sanctions against Covered Entities and business associates involved in violations of HIPAA in accordance with tightened standards added to HIPAA by the HITECH Act;
Revise the criminal sanctions that the Department of Justice can seek against Covered Entities and others for violations of HIPAA; and
Amend HIPAA to make clear that workforce members and others improperly using, accessing or disclosing protected health information in violation of HIPAA can face criminal prosecution.

State Attorney General Lawsuit Exposures

Covered Entities must be concerned about the potential that a state Attorney General may bring civil suit to remedy damages caused to state citizens by a breach of HIPAA. In certain situations, the HITECH Act empowers a state attorney general to sue Covered Entities for damages if their HIPAA violations harm state citizens. Statutory damages equal to the sum of the number of violations multiplied by 100 up to a maximum of $25,000 per calendar year plus attorneys fees and costs are authorized.

A HIPAA civil lawsuit demonstrates the willingness of at least some states to exercise the new authority to sue Covered Entities. On January 13, 2010 Connecticut Attorney General Richard Blumenthal sued Health Net of Connecticut, Inc. (Health Net) for failing to secure private patient medical records and financial information involving 446,000 Connecticut enrollees and promptly notify consumers endangered by the security breach. The first attorney general enforcement action brought based on amendments made to HIPAA under the HITECH Act, Connecticut charges that Health Net violated HIPAA by failing to safeguard protected medical records and financial information on almost a half million Health Net enrollees in Connecticut then allowing this information to remain exposed for at least six months before notifying authorities and consumers. The suit also names UnitedHealth Group Inc. and Oxford Health Plans LLC, who have acquired Health Net.

Stepped Up Federal Enforcement

Even before the HITECH Act amendments, OCR and Department of Justice increased HIPAA investigation and enforcement. The Department of Justice has obtained a variety of criminal convictions against violators of HIPAA. See, e.g., 2 New HIPAA Criminal Actions Highlight Risks From Wrongful Use/Access of Health Information. Meanwhile, OCR also is emphasizing HIPAA enforcement. In February, 2009, OCR announced that CVS Pharmacies, Inc. would pay $2.25 million to resolve HIPAA charges. This announcement followed OCR’s announcement in July, 2008 that Providence Health Care would pay $100,000 to resolve HIPAA violation charges. OCR also has taken HIPAA enforcement actions against a broad range of other Covered Entities. See more details here. While not resulting in the significant payments involved in CVS or Providence, all Covered Entities involved in these and other enforcement actions or investigations have incurred significant legal and other defense costs, loss of community trust, or both.

In addition to these HIPAA-specific exposures, wrongful use, access or disclosure of medical information also can expose Covered Entities, members of their workforce and others improperly using, accessing or disclosing protected health information to liability under other federal or state laws. Federal and state prosecutors may and increasingly do bring criminal or civil actions against organizations or individuals for improperly accessing or using medical or other personal information under a variety of other federal or state laws . See e.g., Cybercrime & Identity Theft: Health Information Security Beyond HIPAA; NY AG Cuomo Announcement of 1st Settlement For Violation of NY Security Breach Notification Law; Woman Who Revealed AIDs Info Gets A Year.

State Civil Lawsuits

Covered Entities also need to prepare to defend HIPAA-related conduct in state civil actions. Individual plaintiffs increasingly used alleged HIPAA violations in state privacy, negligence, retaliation, wrongful discharge or other lawsuits. State courts have allowed private plaintiffs to use the obligations imposed by HIPAA as the basis of a Covered Entity’s duty for purposes of certain state law lawsuits. In Sorensen v. Barbuto, 143 P.3d 295 (Utah Ct. App. 2006), for example, a Utah appeals court ruled a private plaintiff could use HIPAA standards to establish that a physician owed a duty of confidentiality to his patients for purposes of maintaining a state law damages claim. Similarly, the Court in Acosta v. Byrum, 638 S.E. 2d 246 (N.C. Ct. App. 2006) ruled that a plaintiff could use HIPAA to establish the “standard of care” in a negligence lawsuit. Meanwhile, disgruntled employees or other business partners performing services for Covered Entities also increasingly are pointing to HIPAA as the basis for their retaliation or wrongful discharge claims. See, e.g., Retaliation For Filing HIPAA Complaint Recognized As Basis For State Retaliatory Discharge Claim. Read more here.

Coupled with the HITECH Act changes, these and other enforcement actions signal growing potential hazards for Covered Entities that fail to properly manage their HIPAA compliance obligations and risks. To help guard against these exposures, Covered Entities should act quickly to strengthen their HIPAA defenses by updating policies, contracts, practices, security, training, oversight, documentation and management.

Covered Entities & Business Associates Urged To Act Promptly To Manage Mitigating Expanded HIPAA Risks & Obligations

Faced with these expanding obligations and exposures, Covered Entities should prepare for the need to defend the adequacy of their HIPAA compliance efforts on paper and in operation. As part of these efforts, Covered Entities should consider:

Reviewing the adequacy of the practices, policies and procedures of the Covered Entities, business associates, and others that may come into contact with protected health information within the scope of attorney-client privilege taking into consideration the Corrective Action Plan, published OCR noncompliance and enforcement statistics, their own and reports of other security and privacy breaches and near misses, and other developments to determine if additional steps are necessary or advisable;
Updating policies, privacy and other notices, practices, procedures, training and other practices as needed to promote compliance and defensibility;
Renegotiating and enhancing service provider agreements to detail the specific compliance obligations of each party; to clarify the respective rights, procedures and responsibilities of each party in regards to compliance audits, investigation, breach reporting, and mitigation; to clarify rights of indemnification; and other related relevant matters;
Improving technological and other tracking, documentation and safeguards and controls to the use, access and disclosure of protected health information;
Conducting well-documented training as necessary to ensure that members of the Covered Entity’s workforce understand and are prepared to comply with the expanded requirements of HIPAA, can detect potential breaches or other compliance concerns, and understand and are prepared to follow appropriate procedures for reporting and responding to suspected violations;
Tracking actual and near miss violations and making adjustments to policies, practices, training, safeguards and other compliance components as necessary to deter future concern
Establishing and providing well-documented monitoring of compliance;
Establishing and providing well-documented timely investigation and redress of reported violations or other compliance concerns;
Establishing contingency plans for responding in the event of a breach;
Establishing a well-documented process for monitoring and updating policies, practices and other efforts in response to changes in risks, practices and requirements;
Preparing and maintaining a well-documented record of compliance activities; and
Pursuing other appropriate strategies to enhance the Covered Entity’s ability to demonstrate its compliance commitment both on paper and in operation.

For Assistance With Compliance Or Other Concerns

The author of this article, Ms. Stamer has extensive experience advising and assisting health care practitioners and other businesses and business leaders to establish, administer, investigate and defend health care fraud and other compliance and internal control policies and practices to reduce risk under federal and state health care and other laws. If you need assistance with these or other compliance concerns, wish to inquire about arranging for compliance audit or training, or need legal representation on other matters please contact the author of this article, Cynthia Marcotte Stamer, CTT Health Care Practice Group Chair, at cstamer@cttlegal.com, 214.270.2402 or another Curran Tomko Tarski LLP attorney of your choice. You can get more information about the CTT Health Care Practice and more specifics about Ms. Stamer’s health industry experience here.

Ms. Stamer is nationally known for her work, training and presentations, and publications on privacy and security of health and other sensitive information in health and managed care, employment, employee benefits, financial services, education and other contexts.

Vice President of the North Texas Health Care Compliance Professionals Association, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has more than 22 years experience advising clients, conducting workshops and other training, and providing policy advice about health care, privacy, data security, and other matters. She advises health care providers, health insurers and administrators, employer and other health plan sponsors, employee benefit plan fiduciaries, schools, financial services providers, governments and others about privacy and data security, health care, insurance, human resources, ERISA, technology, and other legal and operational concerns. Ms. Stamer also publishes and speaks extensively on health and managed care industry privacy, data security and other technology, regulatory and operational risk management matters. A widely published author on privacy, data security, health care and other related matters, Ms. Stamer is the author of “Protecting & Using Patient Data In Disease Management: Opportunities, Liabilities And Prescriptions,” “Privacy Invasions of Medical Care-An Emerging Perspective,” “Cybercrime and Identity Theft: Health Information Security Beyond HIPAA,” and a host of other highly regarded publications. Her insights on health care, health insurance, human resources and related matters appear in the Atlantic Information Service, Bureau of National Affairs, World At Work, The Wall Street Journal, Business Insurance, the Dallas Morning News, Managed Healthcare, Health Leaders, and a many other national and local publications. For additional information about Ms. Stamer, her experience, involvements, programs or publications, see here.

Other Helpful Resources & Other Information

If you found these updates of interest, you also be interested in one or more of the following other recent articles:

If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information – including your preferred e-mail- by creating or updating your profile at here. You can access other recent updates and other informative publications and resources provided by Curran Tomko Tarski LLP attorneys and get information about its attorneys’ experience, briefings, speeches and other credentials here.

For important information concerning this communication click here. If you do not wish to receive these updates in the future, send an e-mail with the word “Remove” in the Subject to here.

Leave a Comment » | ARRA, Electronic Health Records, Genetic Information, GINA, Health Care, Health Care Provider, Health IT, Health Plan, Health Plans, HIPAA, HITECH Act, Hospital, Medicare, Medicare Advantage, Mental Heatlh, Pharmacy, Prescription Drugs, Privacy, Wellness | Tagged: ARRA, Corporate Compliance, Data Security, Doctor, Federal Sentencing Guidelines, Health Care, Health Care Policy, Health Care Provider, Health Insurance, Health Plans, HIPAA, Hospital, Identity Theft, Physicians, Privacy, retaliation, Retalitory Discharge | Permalink
Posted by Cynthia Marcotte Stamer

HHS Delays 2010 HHS Federal Poverty Rate Update To March 1, 2010

January 22, 2010

Rates Often Impact Federal Low Income & Other Charity Programs

By Cynthia Marcotte Stamer

Health care, educational and other charity care and other organizations participating in federal programs that determine eligibility based on the Federal Poverty Rate may continue to rely on 2009 Federal Poverty Rates until at least March 1, 2010. However these federal program participants and other organizations and programs that otherwise rely on Federal Poverty Rates for purposes of making eligibility, sliding scale fees or other determinations will want to watch for the updated guidelines and make appropriate updates as necessary when the new guidelines are released over the next few months.

The U.S. Department of Health & Human Services (HHS) usually issues annual updates to the Federal Poverty Rates in January. However, HHS announced January 22, 2010 that its annual update of Federal Poverty Rates for 2010 will be delayed until at least March 1, 2010. As a result of this announcement, 2009 Federal Poverty Rates will remain in effect for the time being until at least March 1, 2010.

Health care organizations and a wide range of other organizations and programs use the Federal Poverty Guidelines to decide program eligibility or fees. Many federal programs use the federal poverty guidelines as one criterion for federal program eligibility. For example, the Medicaid and State Children’s Health Insurance (SCHIP) programs determine eligibility largely on the basis of whether the applicant’s income is below the federal poverty guidelines. Other programs determine financial eligibility based on a percentage or multiplier of the federal poverty guidelines (for example, 125 percent of federal poverty guidelines). In addition, the federal poverty guidelines are used in the immigration context, such as Form I-864 Affidavit of Support.

Under the 2009 Federal Poverty Guidelines continued in force by the HHS announcement, the applicable income amounts under the 2009 Federal Poverty Guideline in the 48 contiguous states and Washington, D.C. are as follows:

2009 Poverty Guidelines for the 48 Contiguous States and the District of Colombia*
Number of Family Members	Poverty Guideline Income
1	$10,830
2	$14,570
3	$18,310
4	$22,050
5	$25,790
6	$29,530
7	$33,270
8	$37,010
8+	Add $3,740 for each additional person.
* Alaska and Hawaii have slightly higher poverty guidelines.

In addition to determining eligibility for purposes of many federal programs, many health care and social services organizations, especially non-profit organizations, utilize a sliding fee scale or fee waiver based on the federal poverty guidelines. In addition, many health care organizations base their charitable care policies on the federal poverty guidelines. For programs where the use of federal poverty guidelines is optional, organizations may want to evaluate whether business or operational needs or other considerations merit any adjustment or use of alternative standards at this time.

While use of the federal poverty guidelines is not mandated by law except by federally funded programs, the Joint Commission as part of its accreditation and survey process may ask whether the organization has utilized the most recent update to the federal poverty guidelines in its sliding scale or fee waiver policies. Therefore, hospitals and other organizations subject to Joint Commission or other accreditation relying on the Federal Poverty Guidelines should review their charity care or fee waiver policies and monitor for planned updates.

Solutions Law Press author and Curran Tomko and Tarski LLP Health Care Practice Chair Cynthia Marcotte Stamer has extensive experience advising and assisting health care practitioners and other businesses and business leaders to establish, administer, investigate and defend health care fraud and other compliance and internal control policies and practices to reduce risk under federal and state health care and other laws. You can get more information about the CTT Health Care Practice and Ms. Stamer’s health industry experience here.

If you need assistance with these or other compliance concerns, wish to inquire about arranging for compliance audit or training, or need legal representation on other matters please contact Cynthia Marcotte Stamer, CTT Health Care Practice Group Chair, at cstamer@cttlegal.com, 214.270.2402or another Curran Tomko Tarski LLP attorney of your choice.

Other Helpful Resources & Other Information

We hope that this information is useful to you. If you found these updates of interest, you also be interested in other updates on HEAT activities such as the following:

If you or someone else you know would like to receive future updates about developments on these and other concerns, please register to receive this Solutions Law Press Health Care Update here and be sure that we have your current contact information – including your preferred e-mail- by creating or updating your profile at here. You can access other recent updates and other informative publications and resources provided by Curran Tomko Tarski LLP attorneys and get information about its attorneys’ experience, briefings, speeches and other credentials here.

For important information concerning this communication click here. If you do not wish to receive these updates in the future, send an e-mail with the word “Remove” in the Subject here.

Leave a Comment » | Centers For Disease Control, Childrens Health Insurance Program, Corporate Compliance, Doctor, Grants, Health Care, Health Care Finance, Health Care Provider, Health Plan, Hospital, Indian Health, Medicaid, Medicare Advantage, Mental Heatlh, Nonprofits, Reimbursement, Rural Health Care, Tax, Tax-Exemption | Tagged: 501(c)(3), Charity, Health Care, HHS, Joint Commission, Medicaid, Poverty Guidelines, SCHIP | Permalink
Posted by Cynthia Marcotte Stamer

Senate Finance Committee Releases Statutory Language of America’s Healthy Future Act To Present To Full Senate

October 22, 2009

Americans finally have a chance to read the actual statutory language of the painfully negotiated package of proposed health care reforms that the Senate Finance Committee proposes for adoption. The Senate Finance Committee leadership finally finished drafting has posted the 1506 page long text of the proposed statutory language of the health care reform provisions of the “America’s Healthy Future Act” on its website here.

When the Senate Finance Committee vote passing the America’s Health Future Act, members of the Senate Finance Committee had not yet had the opportunity to review the actual statutory language to be proposed to implement the package of heatlh care reforms painfully hashed out in their committee. As the actual statutory language had not been completed at the time a majority of the Democrats and one Republican Senator serving on the Senate Finance Committee voted to send the legislation to the the full Senate, the vote actually was taken based on a narative description of the intended reforms set forth in a revised draft of the “Chairman’s Mark” of the legislation. Since that time Senate Finance Committee Chairman Max Baucus and other key Democrat Senators on the Senate Finance Committee have worked behind closed doors to prepare the actual statutory language to be presented to the full Senate.

As proposed, the America’s Healthy Future Act would require sweeping changes to the U.S. health care systems that if adopted will radically impact the roles and responsibilities of every patient, health care provider, health care payor, employer and other American. Because of the potential implications on the way health care is financed, delivered and administered and the projections that the legislation will cost approximately $1 Trillion, all parties are urged to carefully review the complex and lengthy legislation to gain an understanding of the legislation and to act quickly to make any concerns known to elected leaders in Congress.

For More Information

We hope that this information is useful to you. If you need assistance with these or other health care public policy, regulatory, compliance, risk management, workforce and other staffing, transactional or operational concerns, please contact the author of this update, Curran Tomko Tarski LLP Health Practice Group Chair, Cynthia Marcotte Stamer, at (214) 270‑2402, cstamer@cttlegal.com. Ms. Stamer has extensive experience advising clients and writes and speaks extensively on these and other health industry and other reimbursement, operations, internal controls and risk management matters. You can review other recent health care and related resources and additional information about the health industry and other experience of Ms. Stamer here.

If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information – including your preferred e-mail – by creating or updating your profile at here or e-mailing this information here and/or by participating in the SLP Health Care Risk Management & Operations Group on LinkedIn. To unsubscribe, e-mail here.

Leave a Comment » | America's Healthy Futures Act, Anti-KickBack, ASC, Childrens Health Insurance Program, Consumer Driven Health Care, Doctor, Electronic Medical Records, Employer, Health Care, Health Care Finance, Health Care Fraud, Health Care Provider, Health Care Quality, Health Care Reform, Health Insurance Exchange, Health IT, Health Plan, Health Plans, Hospital, Indian Health, Inpatient Rehabilitation Facility, Medicaid, Medical Licensure, Medical Malpractice, Medicare, Medicare Advantage, Mental Heatlh, OIG, Physician, Prescription Drugs, Reimbursement, Rural Health Care | Permalink
Posted by Cynthia Marcotte Stamer

Health Care Providers & Other HIPAA-Covered Entities & Their Business Associates Must Comply With New HHS Health Information Data Breach Rules By September 24

August 24, 2009

Register Now To Participate in September 9 “HITECH Act Health Data Security & Breach Update”

Health care providers, health clearinghouses, health plans and their business associates generally must start complying with new federal data breach notification rules on September 24, 2009.

The new “Breach Notification For Unsecured Protected Health Information” regulation (Breach Regulation) published here in today’s Federal Register requires health care providers, health plans, health care clearinghouses and their business associates (Covered Entities) covered under the personal health information privacy and security rules of the Health Insurance Portability & Accountability Act (HIPAA) to notify affected individuals following a “breach” of “unsecured” protected health information. The Breach Regulation is part of a series of guidance that HHS is issuing to implement new and stricter personal health information privacy and data security requirements for Covered Entities added to HIPAA under the Health Information Technology for Economic and Clinical Health (HITECH) Act signed into law on February 17, 2009 as part of American Recovery and Reinvestment Act of 2009 (ARRA).

You are invited to catch up on what these new rules mean for your organization and how it must respond by participating in the “HITECH Act Health Data Security & Breach Update” on Wednesday, September 9, 2009 from Noon to 1:30 P.M. Central Time.

HITECH Act Data Breach and Unsecured PHI Rules

Scheduled for publication in the Federal Register on August 24, 2009, the new Breach Regulation implements the HITECH Act requirement that Covered Entities and their business associates notify affected individuals, the Secretary of HHS, and in some cases, the media, when a breach of “unsecured protected health information” happens and the form, manner, and timing of that notification. Covered Entities must begin complying with the new Breach Regulation on September 24, 2009.

Part of a series of new HHS rules implementing recent changes to HIPAA enacted under the HITECH Act to strengthen existing federally mandates requiring Covered Entities to safeguard protected health information, the Breach Regulation will obligate Covered Entities and business associates to provide certain notifications following a breach of “protected health information” that not secured at the time of the breach through the use of a technology or methodology meeting minimum standards issued by HHS pursuant to other provisions of the HITECH Act.

Under the HITECH Act, the breach notification obligations contained in the Breach Notification only apply to a breach of “unsecured protected health information.” The Breach Regulation exempts breaches of protected health information that qualify as “secured” under separately issued HHS and Federal Trade Commission (FTC) standards for encryption and destruction of protected health information from its breach notification requirements.

For purposes of the HITECH Act, electronic protected health information is considered “unsecured” unless the Covered Entity has satisfied certain minimum standards for the protection of that data established pursuant to the HITECH Act. Earlier this year, HHS and the FTC issued interim rules defining the minimum encryption and destruction technologies and methodologies that Covered Entities must use to render protected health information unusable, unreadable, or indecipherable to unauthorized individuals for purposes of determining when protected health information is “unsecured” for purposes of the HITECH Act. Concurrent with its publication of the Breach Regulation, HHS also released guidance updating and clarifying this previously issued guidance.

Read the Breach Regulation here. To review the HITECH Act Breach Notification Guidance and Request for Information, see here.

September 9 “HITECH Act Health Data Security & Breach Update” Briefing

Interested persons are invited to register here now to learn what these new rules mean for your organization and how it must respond by participating in the “HITECH Act Health Data Security & Breach Update” on Wednesday, September 9, 2009 from Noon to 1:30 P.M. Central Time. For a registration fee of $45.00, registrants will have the option to participate via teleconference or in person at the offices of Curran Tomko Tarski LLP, 2001 Bryan Street, Suite 2050, Dallas Texas 75201. For information about registering for this program or other questions here.

Conducted by Curran Tomko and Tarski LLP Partner Cynthia Marcotte Stamer, the briefing will cover:

Who must comply
What your organization must do
How to qualify protected health information as exempt from the breach regulations as “secure” protected health information
What is considered a breach of unsecured protected health information
What steps must a covered entity take if a breach of unsecured protected information happens
What liabilities do covered entities face for non-compliance
What new contractual requirements, policies and procedures Covered Entities and Business Associates will need
How the Breach Regulation, the Privacy Regulation, impending FTC red flag rules and state data breach and privacy rules interrelate
Other recent developments
Practical tips for assessing, planning, moving to and defending compliance
Participant questions
More

About The Presenter

The program will be presented by Curran Tomko Tarski LLP Partner Cynthia Marcotte Stamer. Ms. Stamer is nationally known for her work, publications and presentations on privacy and security of health and other sensitive information in health and managed care, employment, employee benefits, financial services, education and other contexts.

Vice President of the North Texas Health Care Compliance Professionals Association and Past Chair of the ABA Health Law Section Managed Care & Insurance Section, and Former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has more than 20 years experience advising clients about health and other privacy and security matters. A popular lecturer and widely published author on privacy and data security and other related health care and health plan matters, Ms. Stamer is the Editor in Chief of the forthcoming 2010 edition of the Information Security Guide to be published by the American Bar Association Information Security Committee in 2010, as well as the author of “Protecting & Using Patient Data In Disease Management: Opportunities, Liabilities And Prescriptions,” “Privacy Invasions of Medical Care-An Emerging Perspective,” “Cybercrime and Identity Theft: Health Information Security Beyond HIPAA,” and a host of other highly regarded publications. She has continuously advises employers, health care providers, health insurers and administrators, health plan sponsors, employee benefit plan fiduciaries, schools, financial services providers, governments and others about privacy and data security, health care, insurance, human resources, technology, and other legal and operational concerns. Ms. Stamer also publishes and speaks extensively on health and managed care industry privacy, data security and other technology, regulatory and operational risk management matters. Her insights on health care, health insurance, human resources and related matters appear in the Atlantic Information Service, Bureau of National Affairs, World At Work, The Wall Street Journal, Business Insurance, the Dallas Morning News, Managed Healthcare, Health Leaders, and a many other national and local publications. For additional information about Ms. Stamer, her experience, involvements, programs or publications, see here.

We hope that this information is useful to you. If you need assistance monitoring, evaluating or responding to these or other compliance, risk management, transaction or operation concerns, please contact the author of this update, Cynthia Marcotte Stamer, at (214) 270-2402, cstamer@cttlegal.com or another Curran Tomko Tarski LLP Partner of your choice.

Other Helpful Resources & Other Information

If you found these updates of interest, you also be interested in one or more of the following other recent articles published on our electronic Curran Tomko Tarski LLP publications available for review here. If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information – including your preferred e-mail- by creating or updating your profile at here. You can access other recent updates and other informative publications and resources provided by Curran Tomko Tarski LLP attorneys and get information about its attorneys’ experience, briefings, speeches and other credentials here.

Leave a Comment » | ARRA, Disease Management, Doctor, Electronic Health Records, Electronic Medical Records, Employer, FACTA, FDA, Health Care, Health IT, Health Plan, Health Plans, HIPAA, Hospital, Indian Health, Inpatient Rehabilitation Facility, Medicaid, Medical Licensure, Medical Malpractice, Medicare, Medicare Advantage, Mental Heatlh, OCR, Outcomes Data, Peer Review, Physician, Prescription Drugs, Privacy, Reimbursement, Tax | Tagged: ARRA, Corporate Compliance, Data Security, Doctor, Health Care, Health Care Provider, Health Care Reimbursement, HHS, HIPAA, Hospital, Identity Theft, Long Term Care Hospital, Medicare, Medicare Part B, Physician, Physicians, Privacy, public health, Public Policy, Red Flag Rules, Reimbursement | Permalink
Posted by Cynthia Marcotte Stamer

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Health Industry Employers High Priority OSHA Enforcement Target

Battle Creek VA OSHA Safety Violations

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Partnership Expands Use & Reach of New Affordable Care Act & Other Health Care Fraud Detection & Enforcement Tools & Collaboration

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Health Care Providers Should Strengthen HIPAA Compliance & Defenses As Risks Rise

Share this:

Share this:

Share this:

Share this:

Covered Entity Breach Notification Requirements

Broader & Stricter Medical Privacy Mandates Effective 2/17/210

Exposures Significant & Growing

New Risks Created By HITECH Act Amendments

State Attorney General Lawsuit Exposures

Stepped Up Federal Enforcement

State Civil Lawsuits

Covered Entities & Business Associates Urged To Act Promptly To Manage Mitigating Expanded HIPAA Risks & Obligations

For Assistance With Compliance Or Other Concerns

Other Helpful Resources & Other Information

Share this:

Share this:

Share this:

Share this:

Recent Posts

Archives

About Cynthia Marcotte Stamer

Share this blog

Archives

Solutions Law Press Health Care Update