Health Plans |

OSHA Safety Violations At Veterans’ Medical Center Reminder To Manage OSHA Compliance

March 1, 2013

The U.S. Department of Labor’s Occupational Safety and Health Administration (OSHA) has issued seven notices of unsafe or unhealthful working conditions found at the Battle Creek Veterans Administration Medical Center, following a safety inspection conducted in July as part of OSHA’s Federal Agency Targeting Inspection Program. OSHA’s announcement of the citations highlights the need for all health care and other employers to manage safety compliance. The citations highlight the high enforcement and penalty risks that public and private health care providers risk by failing to comply with OSHA’s safety, recordkeeping and reporting requirements.

Health Industry Employers High Priority OSHA Enforcement Target

Under these OSHA requirements, all employers, including federal and private health industry employers, are responsible for knowing what hazards exist in their facilities and taking appropriate precautions by following OSHA standards so workers are not exposed to such hazards. Physician practices, hospitals and other health care providers in both the public and private sectors generally are subject to these federal requirements, as well as various state and federal environmental and patient safety requirements. Enforcement of compliance in the health care industry is a high priority for OSHA because of the high rates of occupational accident and injury among health industry workers. Federal agencies generally must comply with the same safety standards as private-sector employers.

OSHA prioritizes monitoring and enforcing occupational safety standards throughout the health care industry because of the high incidence of occupational accidents and illnesses among health care workers. According to OSHA, more workers are injured in the healthcare and social assistance industry sector than any other. This industry has one of the highest rates of work related injuries and illnesses and it continues to rise. In 2020, the healthcare and social assistance industry reported a 40% increase in injury and illness cases which continues to be higher than any other private industry sector – 806,200 cases (2020 Survey of Occupational Injuries and Illnesses, BLS). Over half of these cases (447,890) resulted in at least one day away from work. The total incidence rate for this sector was 5.5 cases per 100 FTE workers in 2020, compared to 3.8 per 100 FTE workers in 2019. Nursing assistants were amongst the occupations with the highest rates of musculoskeletal disorders of all occupations in 2020, with 15,360 cases. Musculoskeletal disorders made up 52% of all days away from work cases for nursing assistants. See here. In addition to the medical staff, large healthcare facilities employ a wide variety of trades that have health and safety hazards associated with them. These include mechanical maintenance, medical equipment maintenance, housekeeping, food service, building and grounds maintenance, laundry, and administrative staff. Because of these risks, OSHA has extensive occupational health and safety requirements for physician practices, hospitals, nursing homes, home health and other health industry employers and targeted audit and enforcement programs to enforce and promote compliance with these requirements. See here.

Violations are common and frequently result in citations, particularly in certain key areas. The most frequently cited areas affecting health industry employers include violations of the following standards:

Section 1910.132, General requirements.
Section1910.133, Eye and face protection.
Section 1910.134, Respiratory protection.
Section 1910 Subpart Z – Toxic and Hazardous Substances
Section 1910.1030, Bloodborne pathogens.
Section 1910.1047, Ethylene oxide.
Section 1910.1048, Formaldehyde.
Section 1910.1096, Ionizing radiation.
Section 1910.1200, Hazard Communication.
Section 1910.1450, Occupational exposure to hazardous chemicals in laboratories.

Battle Creek VA OSHA Safety Violations

In the case of the Battle Creek Veterans Administration Medical Center, OSHA says an inspection uncovered several repeat safety violations, as well as certain other serious safety violations. OSHA reports that three repeat safety violations involved failing to evaluate the workplace to identify if permit-required confined spaces were present and label such spaces with danger signs; failing to adequately guard automated laundry equipment to prevent employees from entering the work area, and failing to fully guard the belt and pulley of an air compressor. To issue notices for repeat violations, OSHA must have issued at least one other notice for the same violation at one of the agency’s establishments within the same standard industrial classification code, commonly known as the SIC code. OSHA previously has cited U.S. Department of Veterans Affairs facilities in Danville and North Chicago, Illinois, and Minneapolis, Minnesota for the same safety and health violations.

The serious safety violations found included three serious safety violations for unguarded floor openings in the general repair shop; failing to inspect powered industrial trucks prior to placing them in service, and failing to remove trucks from service in need of repair. Additionally, OSHA found a circuit breaker panel was not mounted correctly. OSHA issues a serious notice when it finds a substantial probability that death or serious physical harm could result from a hazard about which the employer knew or should have known.

Beyond the repeat and serious violations, OSHA reports it also found one other-than-serious violation for failing to close unused openings on electrical cabinets and junction boxes. An other-than-serious violation is one that has a direct relationship to job safety and health, but probably would not cause death or serious physical harm.

While the medical center and other federal agencies are required to comply with the same OSHA rules as private sector employers, the VA and other federal agencies don’t face the same liabilities when cited. OSHA cannot propose monetary penalties against another federal agency for failure to comply with OSHA standards.

Since private sector employers that don’t enjoy the VA’s immunity liability run much greater risks for failing to maintain workplace safety, including significant civil and in the case of a workplace death, potentially even criminal penalties, private sector hospitals and other organizations should exercise special care to ensure appropriate safety in their workplaces.

For More Information Or Assistance

If you need assistance reviewing or responding to these or other health care related risk management, compliance, enforcement or management concerns, the author of this update, attorney Cynthia Marcotte Stamer, may be able to help. Vice President of the North Texas Health Care Compliance Professionals Association, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has nearly 35 years of experience advising health industry clients about these and other matters. Ms. Stamer has extensive experience advising and assisting health care providers and other health industry clients to establish and administer compliance and risk management policies and to respond to DEA and other health care industry investigation, enforcement and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns. A popular lecturer and widely published author on health industry concerns, Ms. Stamer continuously advises health industry clients about compliance and internal controls, workforce and medical staff performance, quality, governance, reimbursement, and other risk management and operational matters. Ms. Stamer also publishes and speaks extensively on health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns including a number of programs and publications on OCR Civil Rights rules and enforcement actions. Her insights on these and other related matters appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, World At Work, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications. You can get more information about her health industry experience here. If you need assistance with these or other compliance concerns, wish to ask about arranging for compliance audit or training, or need legal representation on other matters please contact Ms. Stamer at (469) 767-8872 or via e-mail here.

About Solutions Law Press

THE FOLLOWING DISCLAIMER IS INCLUDED TO COMPLY WITH AND IN RESPONSE TO U.S. TREASURY DEPARTMENT CIRCULAR 230 REGULATIONS. ANY STATEMENTS CONTAINED HEREIN ARE NOT INTENDED OR WRITTEN BY THE WRITER TO BE USED, AND NOTHING CONTAINED HEREIN CAN BE USED BY YOU OR ANY OTHER PERSON, FOR THE PURPOSE OF (1) AVOIDING PENALTIES THAT MAY BE IMPOSED UNDER FEDERAL TAX LAW, OR (2) PROMOTING, MARKETING OR RECOMMENDING TO ANOTHER PARTY ANY TAX-RELATED TRANSACTION OR MATTER ADDRESSED HEREIN. ©2013 Cynthia Marcotte Stamer, P.C. Non-exclusive license to republish granted to Solutions Law Press. All other rights reserved.

Leave a Comment » | Academic medicine, Affordable Care Act, Anti-KickBack, ASC, Childrens Health Insurance Program, Corporate Compliance, Employer, Federal Health Center, Federal Sentencing Guidelines, Health Care, Health Care Finance, Health Care Fraud, Health Care Provider, Health Care Quality, Health Care Reform, Health Plans, Hospital, Laws, Medicaid, Medicare, Medicare Advantage, Medicare Fee Schedule, Medicare Prescription Drug Program, Mental Heatlh, Money Laundering, OIG, Outpatient, Patient Protection and Affordable Care Act, Pharmacy, Physician, Prescription Drugs, Public Policy, Reimbursement, Rural Health Care, Stark, Substance Abuse | Tagged: Health Care, Health Care Fraud, hospita, Hospital, Medicaid Fraud, Medicare Fraud Task Force, OSHA, Safety | Permalink
Posted by Cynthia Marcotte Stamer

Federal Health Care Fraud & Abuse Recovery of $4.2 Billion In FY 2012 Shows Enforcement Risks Growing

March 1, 2013

A new report from the Department of Health & Human Services (HHS) and the U.S. Department of Justice (DOJ) joint Health Care Fraud and Abuse Control Program (HCFC) documents the growing exposures of health care providers to federal health care fraud enforcement actions.

The charges are provide yet another powerful reminder to health care providers, leaders and organizations of the advisability of tightening compliance practices and taking other steps to guard against ever-expanding health care fraud exposures. Already a lead federal enforcement priority for more than a decade, the Health Care Fraud and Abuse Control Program Annual Report for Fiscal Year 2012 (FY2012 Report) documents that DOJ and HHS health care fraud enforcement activities scored big in 2012, and that qui tam whistleblowers played a big part and shared big in the profits.

Among other things, the FY2012 Report credits HCFC with producing $4.2 Billion in health care fraud judgments and settlements in Fiscal Year 2012 of which more than $284 million of the recovered monies were paid to relators under the qui tam provisions of the False Claims Act (FCA).

The FY2012 Report says the Medicare Trust Fund received more than $2.4 billion, including civil recoveries of $935 million, $1.4 billion in criminal fines, and $89.7 million in HHS Medicare program audit disallowances.

On the enforcement front, the FY2012 Report says DOJ opened 1,131 new criminal health care fraud investigations involving 2,148 potential defendants. Federal prosecutors had 2,032 health care fraud criminal investigations pending, involving 3,410 potential defendants, and filed criminal charges in 452 cases involving 892 defendants. A total of 826 defendants were convicted of health care fraud-related crimes during the year. Also in FY 2012, DOJ opened 885 new civil health care fraud investigations and had 1,023 civil health care fraud matters pending at the end of the fiscal year. In FY 2012, Federal Bureau of Investigation (FBI) health care fraud investigations resulted in the operational disruption of 329 criminal fraud organizations, and the dismantlement of the criminal hierarchy of more than 83 criminal enterprises engaged in health care fraud.

Meanwhile, HHS’ Office of Inspector General (HHS/OIG) excluded 3,131 individuals and entities in FY 2012. Among these were exclusions based on criminal convictions for crimes related to Medicare and Medicaid (912) or to other health care programs (287); for patient abuse or neglect (212); and as a result of licensure revocations (1,463). In addition, HHS/OIG imposed civil monetary penalties against, among others, providers and suppliers who knowingly submitted false claims to the Federal government. HHS/OIG also issued many audits and evaluations with recommendations that, when implemented, would correct program vulnerabilities and save program funds.

Act To Manage Risks

In response to the growing emphasis and effectiveness of Federal officials in investigating and taking action against health care providers and organizations, health care providers covered by federal false claims, referral, kickback and other health care fraud laws should consider auditing the adequacy of existing practices, tightening training, oversight and controls on billing and other regulated conduct, reaffirming their commitment to compliance to workforce members and constituents and taking other appropriate steps to help prevent, detect and timely redress health care fraud exposures within their organization and to position their organization to respond and defend against potential investigations or charges. Along with a broad health care fraud enforcement and compliance programs, these efforts should include targeted efforts to prevent and manage fraud and other whistleblower claims by employees, business partners and others.

For More Information Or Assistance

If you need assistance reviewing or responding to these or other health care related risk management, compliance, enforcement or management concerns, the author of this update, attorney Cynthia Marcotte Stamer, may be able to help. Vice President of the North Texas Health Care Compliance Professionals Association, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has more than 23 years experience advising health industry clients about these and other matters. Ms. Stamer has extensive experience advising and assisting health care providers and other health industry clients to establish and administer compliance and risk management policies and to respond to DEA and other health care industry investigation, enforcement and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns. A popular lecturer and widely published author on health industry concerns, Ms. Stamer continuously advises health industry clients about compliance and internal controls, workforce and medical staff performance, quality, governance, reimbursement, and other risk management and operational matters. Ms. Stamer also publishes and speaks extensively on health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns including a number of programs and publications on OCR Civil Rights rules and enforcement actions. Her insights on these and other related matters appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, World At Work, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications. You can get more information about her health industry experience here. If you need assistance with these or other compliance concerns, wish to ask about arranging for compliance audit or training, or need legal representation on other matters please contact Ms. Stamer at (469) 767-8872 or via e-mail here.

About Solutions Law Press

Leave a Comment » | Academic medicine, Affordable Care Act, Anti-KickBack, ASC, Childrens Health Insurance Program, Corporate Compliance, Durable Medical Equipment, Federal Health Center, Federal Sentencing Guidelines, Health Care, Health Care Finance, Health Care Fraud, Health Care Provider, Health Care Quality, Health Care Reform, Health Plans, Hospital, Laws, Medicaid, Medicare, Medicare Advantage, Medicare Fee Schedule, Medicare Prescription Drug Program, Mental Heatlh, Money Laundering, OIG, Outpatient, Patient Protection and Affordable Care Act, Pharmacy, Physician, Prescription Drugs, Public Policy, Reimbursement, Rural Health Care, Stark, Substance Abuse | Tagged: Health Care Fraud, HEAT, Medicaid Fraud, Medicare, Medicare Fraud, Medicare Fraud Task Force | Permalink
Posted by Cynthia Marcotte Stamer

Medical Device Excise Tax Rules Supplemented

December 9, 2012

Medical device manufacturers heads up! The Internal Revenue Service (IRS) has adopted interim rules for relating to the excise tax on medical devices imposed by § 4191 (the “medical device excise tax”) of the Internal Revenue Code (the “Code”).

Section 4191, enacted by section 1405 of the Health Care and Education Reconciliation Act of 2010 in conjunction with the Patient Protection and Affordable Care Act (the Affordable Care Act) enacted a new excise tax on the sale of certain medical devices. The excise tax imposed by Code section 4191 is 2.3% of the price for which the taxable medical device is sold. The medical device excise tax is codified in chapter 32, subtitle D of the Code (“chapter 32”), which pertains to excise taxes imposed on the sale or use of taxable articles by manufacturers, producers, and importers (commonly referred to as “manufacturers excise taxes”). See § 48.0-2(a)(4)(i) of the Manufacturers and Retailers Excise Tax Regulations (Regulations). The Code defines the term “manufacturer” to include a “producer” and an “importer”.

On December 7, 2012, the Internal Revenue Service (IRS) and the Treasury Department issued TD 9604, containing final regulations under § 4191. The final regulations did not address certain issues that the IRS and the Treasury Department continue to study. These issues included the determination of price under § 4216(b); the tax treatment of medical software licenses; the taxability of donated medical devices; and the taxability of medical convenience kits.

The IRS recently followed up by issuing Notice 2012-77. Notice 2012-77 available here contains the IRS’ rules about:

How to determine price for purposes of the medical device excised tax under Code section 4216(b);
Donated taxable medical devices;
Licensing of taxable medical devices;
The tax treatment of medical convenience kits;
Transition relief to medical device manufacturers from the failure to deposit penalties imposed by § 6656; and
Invites comments from taxpayers about its rules.

As these rules take effect January 1, 2013, device manufacturers should review the new guidance and update their procedures to provide for timely determination and payment of any required device taxes. In addition, device manufacturers also will need to kep an eye out for potential changes in the rules. The IRS and the Treasury Department have said they may issue additional published guidance on these issues in the future.

For Help With Monitoring Developments, Compliance, Investigations Or Other Needs

If you need help reviewing or commenting on the Tests Procedures or monitoring or responding to these or other health care or health IT related risk management, compliance, enforcement or management concerns, the author of this update, attorney Cynthia Marcotte Stamer, can help. Vice President of the North Texas Health Care Compliance Professionals Association, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, and A Fellow in the American Bar Association, State Bar of Texas and other prominent organizations, Ms. Stamer has more than 24 years experience advising health industry clients about these and other matters. Ms. Stamer has extensive experience advising and assisting health care providers, health plans, their business associates and other health industry clients to set up and administer medical privacy, EHR and other technology and other compliance and risk management policies, to health care industry investigation, enforcement and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns. She regularly designs and presents HIPAA and other risk management, compliance and other training for health plans, employers, health care providers, professional associations and others.

You can get more information about her experience here.

Other Recent Updates & Resources

If you found this information of interest, you also may be interested in the following recent updates on health care, health plan and employee benefits, human resources and other risk management and compliance matters. Recent examples on health care compliance and risk management matters include:

Congress Sends Bill Amending Lab Testing Rule Violation Sanctions

Learn Latest On OCR New HIPAA De-Identification Guidance & Other HIPAA Developments In 12/12 HIPAA Update Workshop!

$12M+ Settlement Recoveries In 2 Health Care Fraud Whistleblower Claims Shows Providers, Owners, Management & Staff Must Manage Compliance & Risks

Feds Health Fraud Suit Against Psychiatrists Shows Risks Providers Run From Aggressive Referral or Billing Activities

ONC Releases Next Wave of 2014 Draft Test Methods For Public Review and Comment; Plans 11/13 Virtual Workshop

Recent OIG Audit Reports Provide Insights Where Fraud Audits Likely To Look Next

Hospital Chain HCA Inc. Pays $16.5 Million to Settle False Claims Act Allegations That Hospital

Detroit-Area Doctor Charged for Role in Alleged $40 Million Medicare Fraud Scheme

Five More Individuals Charged in Detroit for Alleged Roles in $24.7 Million Medicare Fraud Scheme

Massachusetts Ear Group To Pay $1.5 Million To Resolve HIPAA Charges

Personal Consumer Information Protection In Health Care Operations Topic of Stamer’s 11/1 Speech

ONC Releases First Wave of EHR Test Procedures; More To Come

OCR Releases HIPAA Compliance Training Tool As Enforcement Risks Rise

Health Care Orgs Disability Exposure High As $475K Paid To Settle Justice Department Charges Medical Fitness Screenings of EMTs, Others Violated ADA

HHS/DOJ Partner With Private Health Plans To Further Ramp Up Health Care Fraud Heat!

AHRQ Issues New Guide for Use of Interactive Preventive Care Record

Nextcare Inc. $10 Million False Claims Act Settlement Shows Qui Tam Role In False Claims Act Prosecutions

For more resources and publications training materials by Ms. Stamer, see here.

If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information – including your preferred e-mail – by creating or updating your profile here. For important information concerning this communication click here. If you do not wish to receive these updates in the future, send an e-mail with the word “Remove” in the Subject to here.

Leave a Comment » | Academic medicine, ARRA, Disease Management, DME, Doctor, Durable Medical Equipment, Electronic Health Records, Electronic Medical Records, Employee Benefits, Employer, Health Care, Health Care Provider, Health Insurance Exchange, Health IT, Health Plan, Health Plans, HIPAA, HITECH Act, Home Health, Hospital, Hospital, Indian Health, Meaningful Use, Mental Heatlh, Pharmacy, Physician, Privacy | Tagged: Affordable Care Act, DME, medical device, medical device excise tax, Tax | Permalink
Posted by Cynthia Marcotte Stamer

Updated 2013 ACA Prescription Drug Fee Calculation & Payment Rules Released; 12/18 Deadline To File Form 8947

December 4, 2012

December 17, 2012 is the deadline for covered entities to file a Form 8947 as part if its reporting and payment of the Form 8947The Internal Revenue Service (IRS) Notice 2012-74 sets forth the instructions for calculation and reporting branded prescription drug fee for the 2013 fee year under Section 9008 of the Patient Protection and Affordable Care Act, as amended by section 1404 of the Health Care and Education Reconciliation Act of 2010 (Affordable Care Act).

The Act imposes an annual fee on covered entities engaged in the business of manufacturing or importing branded prescription drugs. The Branded Prescription Drug Fee Regulations in 26 C.F.R. Part 51 published on August 18, 2011 provide the method for calculating each covered entity’s annual fee and the fee year for purposes of these rules and how the fee must be reported and paid. See 76 Fed. Reg. 51245. These regulations also define terms for the administration of the fee.

Notice 2012-74/s instructions on the 2013 prescription drug fee discusses:

The submission of Form 8947, “Report of Branded Prescription Drug Information,”
The time and manner for notifying covered entities of their preliminary fee calculation;
the time and manner for covered entities to submit error reports for the dispute resolution; process; and
The time for the IRS to notify covered entities of their final fee calculation.

12/18/12 Deadline to File Form 8947

One of the deadlines for this process is rapidly approaching. Section 51.3T provides that annually, each covered entity may submit a completed Form 8947, “Report of Branded Prescription Drug Information,” in accordance with the instructions for the form. Generally, the form solicits information from covered entities on National Drug Codes, orphan drugs, designated entities, rebates, and other information specified by the form or its instructions. The form is to be filed by the date prescribed in guidance published in the Internal Revenue Bulletin.

Notice 2012-74 sets the deadline for a covered entity that chooses to submit Form 8947 for 2013 at December 17, 2012.

Preliminary Fee Calculation

For the 2013 fee year, the IRS will mail each covered entity a paper notice of its preliminary fee calculation by April 1, 2013. This mailing will include a National Drug Code (NDC) attachment (NDC attachment) that lists the covered entity’s NDCs and the sales data reported to the IRS by each government program pursuant to § 51.4T.

A covered entity may request that the IRS send a CD-ROM with the NDC attachment in Microsoft Excel format. The covered entity must make this request by March 15, 2013. This request must be made either by telephone to Ingrid Taylor at (908) 301-2118 or Mi Lim at (312) 292-3775 (not toll-free calls) or by email to it.bpd.fee@irs.gov. If a covered entity makes this request timely, the IRS will mail the covered entity its notice of preliminary fee calculation on paper and the NDC attachment on paper and CD-ROM by April 1, 2013.

Submitting Error Reports For The Dispute Resolution Process

For the 2013 fee year, a covered entity that chooses to submit an error report regarding its preliminary fee calculation must mail the error report by May 16, 2013. When the IRS mails each covered entity a notice of its preliminary fee calculation by April 1, 2013, the IRS will also send each covered entity a template on a CD-ROM that the covered entity must use to prepare its error report. All completed templates and the supporting documentation must be submitted on a CD-ROM to the IRS in a timely fashion.

Final Fee Calculation & Payment

The IRS will notify each covered entity of its final fee calculation for 2013 by August 31, 2013. In accordance with § 51.8T(c), each covered entity must pay this fee by September 30, 2013.

For Help With Monitoring Developments, Compliance, Investigations Or Other Needs

You can get more information about her experience here.

Other Recent Updates & Resources

OIG Recommends CMS, ONC Tighten EMR Incentive Program Rules To Improve Oversight

Congress Sends Bill Amending Lab Testing Rule Violation Sanctions

Learn Latest On OCR New HIPAA De-Identification Guidance & Other HIPAA Developments In 12/12 HIPAA Update Workshop!

$12M+ Settlement Recoveries In 2 Health Care Fraud Whistleblower Claims Shows Providers, Owners, Management & Staff Must Manage Compliance & Risks

Feds Health Fraud Suit Against Psychiatrists Shows Risks Providers Run From Aggressive Referral or Billing Activities

ONC Releases Next Wave of 2014 Draft Test Methods For Public Review and Comment; Plans 11/13 Virtual Workshop

Recent OIG Audit Reports Provide Insights Where Fraud Audits Likely To Look Next

Hospital Chain HCA Inc. Pays $16.5 Million to Settle False Claims Act Allegations That Hospital

Detroit-Area Doctor Charged for Role in Alleged $40 Million Medicare Fraud Scheme

Five More Individuals Charged in Detroit for Alleged Roles in $24.7 Million Medicare Fraud Scheme

Massachusetts Ear Group To Pay $1.5 Million To Resolve HIPAA Charges

Personal Consumer Information Protection In Health Care Operations Topic of Stamer’s 11/1 Speech

ONC Releases First Wave of EHR Test Procedures; More To Come

OCR Releases HIPAA Compliance Training Tool As Enforcement Risks Rise

Health Care Orgs Disability Exposure High As $475K Paid To Settle Justice Department Charges Medical Fitness Screenings of EMTs, Others Violated ADA

HHS/DOJ Partner With Private Health Plans To Further Ramp Up Health Care Fraud Heat!

AHRQ Issues New Guide for Use of Interactive Preventive Care Record

Nextcare Inc. $10 Million False Claims Act Settlement Shows Qui Tam Role In False Claims Act Prosecutions

For more resources and publications training materials by Ms. Stamer, see here.

Leave a Comment » | Academic medicine, ARRA, Disease Management, DME, Doctor, Durable Medical Equipment, Electronic Health Records, Electronic Medical Records, Employee Benefits, Employer, Health Care, Health Care Provider, Health Insurance Exchange, Health IT, Health Plan, Health Plans, HIPAA, HITECH Act, Home Health, Hospital, Hospital, Indian Health, Meaningful Use, Mental Heatlh, Pharmacy, Physician, Privacy | Tagged: CMS, Health Care Fraud, Health Care Fraud Task Force, Health Care Reimbursement, HHS, Hospitals, Inpatient, Medicare, OIG, outpatient, Physicians | Permalink
Posted by Cynthia Marcotte Stamer

Hospitals Urged To Tighten Inpatient & Outpatient Admission Records As OIG Audits Hospitals for New vs. Established Patients,

November 29, 2012

Hospitals should act quickly to adopt appropriate compliance policies and tighten outpatient and inpatient admissions recordkeeping and associated billing activities to minimize exposures signaled by audits announced by the Department of Health & Human Services (HHS) Office of Inspector General (OIG).

OIG reportedly is auditing inpatient and outpatient hospital claims for new and established patients to identify potential overcharges by some hospital-based outpatient clinics that may have resulted from treating established patients as if they were new patients. OIG’s Office of Audit Services reportedly sent letters to some hospitals in October, asking about a handful of claims for new patient visits that OIG suspects the hospital should have billed as established patient visits. In addition to requesting specific information about line items on the claims and their internal controls for billing new versus established patients and provide descriptions of written policies and procedures governing the facilities classification of new versus established patients and internal controls for detecting errors.

Medicare typically pays more for new versus established patients since CMS implemented the outpatient prospective payment system in 2000. Since 2008, CMS rules have specified that patients who visit the hospital outpatient clinic within three years are established patients, and after that they are new, with Medicare paying more for the latter. See(73 Fed. Reg. 68502, 68679 (November 18, 2009). Data mining technology increasingly used by CMS and other federal fraud investigators facilities the ability of Medicare and others to identify errors in coding and billing resulting from misclassication of existing patients as new.

Many hospitals may be exposed under this requirement for a variety of reasons including failure to appropriately track and coordinate inpatient and outpatient admission data, defaults built into recordkeeping systems and omissions to timely update practices or training. In contrast to the risk of overbilling from incorrectly treating patients as new, hospitals that bill all patients as established to overcome inadequacies in their ability to track new versus established patients often leave money on the table unnecessarily by foregoing added reimbursement that the facility otherwise would qualify for it could reliably identify new patients.

While strengthening coding and billing to ward of risks, may debate the appropriateness of CMS’ new versus existing patient distinction outside the physician office context. Critics contend that unlike in the physician office context, the level of care or resources delivered for a new patient compared to a patient who previously visited the hospital doesn’t generally differ. Parties with these concerns should continue to ensure appropriate compliance with existing rules while providing input and feedback to CMS and other regulators about their concerns with the policy’s suitability.

For Help With Monitoring Developments, Compliance, Investigations Or Other Needs

You can get more information about her experience here.

Other Recent Updates & Resources

OIG Recommends CMS, ONC Tighten EMR Incentive Program Rules To Improve Oversight

Congress Sends Bill Amending Lab Testing Rule Violation Sanctions

Learn Latest On OCR New HIPAA De-Identification Guidance & Other HIPAA Developments In 12/12 HIPAA Update Workshop!

$12M+ Settlement Recoveries In 2 Health Care Fraud Whistleblower Claims Shows Providers, Owners, Management & Staff Must Manage Compliance & Risks

Feds Health Fraud Suit Against Psychiatrists Shows Risks Providers Run From Aggressive Referral or Billing Activities

ONC Releases Next Wave of 2014 Draft Test Methods For Public Review and Comment; Plans 11/13 Virtual Workshop

Recent OIG Audit Reports Provide Insights Where Fraud Audits Likely To Look Next

Hospital Chain HCA Inc. Pays $16.5 Million to Settle False Claims Act Allegations That Hospital

Detroit-Area Doctor Charged for Role in Alleged $40 Million Medicare Fraud Scheme

Five More Individuals Charged in Detroit for Alleged Roles in $24.7 Million Medicare Fraud Scheme

Massachusetts Ear Group To Pay $1.5 Million To Resolve HIPAA Charges

Personal Consumer Information Protection In Health Care Operations Topic of Stamer’s 11/1 Speech

ONC Releases First Wave of EHR Test Procedures; More To Come

OCR Releases HIPAA Compliance Training Tool As Enforcement Risks Rise

Health Care Orgs Disability Exposure High As $475K Paid To Settle Justice Department Charges Medical Fitness Screenings of EMTs, Others Violated ADA

HHS/DOJ Partner With Private Health Plans To Further Ramp Up Health Care Fraud Heat!

AHRQ Issues New Guide for Use of Interactive Preventive Care Record

Nextcare Inc. $10 Million False Claims Act Settlement Shows Qui Tam Role In False Claims Act Prosecutions

For more resources and publications training materials by Ms. Stamer, see here.

Leave a Comment » | Academic medicine, ARRA, Disease Management, DME, Doctor, Durable Medical Equipment, Electronic Health Records, Electronic Medical Records, Employee Benefits, Employer, Health Care, Health Care Provider, Health Insurance Exchange, Health IT, Health Plan, Health Plans, HIPAA, HITECH Act, Home Health, Hospital, Hospital, Indian Health, Meaningful Use, Mental Heatlh, Pharmacy, Physician, Privacy | Tagged: CMS, Health Care Fraud, Health Care Fraud Task Force, Health Care Reimbursement, HHS, Hospitals, Inpatient, Medicare, OIG, outpatient, Physicians | Permalink
Posted by Cynthia Marcotte Stamer

OIG Recommends CMS, ONC Tighten EMR Incentive Program Rules To Improve Oversight

November 29, 2012

The Department of Health & Human Services Office of Inspector General is recommending the Centers for Medicare & Medicaid Services (CMS) and the Office of the National Coordinator for Health IT (ONC) act to improve the effectiveness of its oversight and management of the Medicare electronic health record (EHR) incentive program. The recommendations are likely to impact on the requirements that hospitals and other professionals will be required to meet to get and keep EHR program incentive payments. Consequently, hospitals, physicians and other providers and their technology and other systems advisors and vendors should carefully watch and respond to changes that these two agencies implement in response to the OIG feedback.

According to an OIG study reported here, the CMS estimates that it will pay $6.6 billion in EHR incentive payments to providers under the program between 2011 and 2016. Many hospitals, physician organizations and other providers are making substantial investments in EHR and related technologies in reliance of expectation of receiving program incentive payments. Accordingly, parties hoping to qualify for incentive programs need to watch closely the actions that the agencies take in response to this OIG input or otherwise that impacts on qualification and audits.

OIG Study & Findings

OIG’s early assessment of CMS’s oversight of the Program found that because professionals and hospitals self-report data to prove fulfillment of program requirements, CMS’s efforts to verify these data will help make sure the integrity of Medicare EHR incentive payments.

The recommendation comes from an OIG study reviewing CMS’s oversight of professionals’ and hospitals’ self-reported meaningful use of certified EHR technology in 2011, the first year of the program. OIG evaluated self-reported information against program requirements. It also looked at CMS’s audit planning documents, regulations and guidance for the program and conducted structured interviews with CMS staff on CMS’s oversight.

Based on this evaluation, OIG foundCMS faces obstacles to overseeing the Medicare EHR incentive program that leave the program vulnerable to paying incentives to professionals and hospitals that do not fully meet the meaningful use requirements. OIG says CMS has not yet implemented strong prepayment safeguards, and has limited ability to safeguard incentive payments postpayment. OIG also reports that the ONC requirements for EHR reports may contribute to CMS’s oversight obstacles.

OIG Recommended Corrective Action

Based on its study, OIG is recommending that CMS take the following actions.

Obtain and review supporting documentation from selected professionals and hospitals prior to payment to verify the accuracy of their self‑reported information and
Issue guidance with specific examples of documentation that professionals and hospitals should maintain to support their compliance.

CMS did not agree with our first recommendation, stating that prepayment reviews would increase the burden on practitioners and hospitals and could delay incentive payments. Despite this CMS feedback, OIG nevertheless is continuing to recommend that CMS conduct prepayment reviews to improve program oversight. CMS concurred with our second recommendation.

OIG also recommended that ONC take the following actions:

Require that certified EHR technology be capable of producing reports for yes/no meaningful use measures where possible and
Improve the certification process for EHR technology to make sure applicants provide accurate EHR reports.

ONC concurred with both recommendations.

Recommended Provider Action

Hospitals and providers looking to take advantage of the HER incentive payments should carefully monitor the developments resulting from these recommendations and take proper actions to stay compliant with evolving requirements as they move forward.

Along with monitoring these responses, providers participating in the incentive program also need to stay abreast of other developments. For instance, last month, ONC announced the release of the Wave 7 2014 Edition Draft Test Methods (test procedures, tools, and applicable test data and files). See 2014 Edition Draft Test Procedures webpage. Additional waves of test methods are impending. ONC says it expects the final set of Test Methods to be available for use in early 2013.

For Help With Monitoring Developments, Compliance, Investigations Or Other Needs

You can get more information about her experience here.

Other Recent Updates & Resources

Congress Sends Bill Amending Lab Testing Rule Violation Sanctions

Learn Latest On OCR New HIPAA De-Identification Guidance & Other HIPAA Developments In 12/12 HIPAA Update Workshop!

$12M+ Settlement Recoveries In 2 Health Care Fraud Whistleblower Claims Shows Providers, Owners, Management & Staff Must Manage Compliance & Risks

Feds Health Fraud Suit Against Psychiatrists Shows Risks Providers Run From Aggressive Referral or Billing Activities

ONC Releases Next Wave of 2014 Draft Test Methods For Public Review and Comment; Plans 11/13 Virtual Workshop

Recent OIG Audit Reports Provide Insights Where Fraud Audits Likely To Look Next

Hospital Chain HCA Inc. Pays $16.5 Million to Settle False Claims Act Allegations That Hospital

Detroit-Area Doctor Charged for Role in Alleged $40 Million Medicare Fraud Scheme

Five More Individuals Charged in Detroit for Alleged Roles in $24.7 Million Medicare Fraud Scheme

Massachusetts Ear Group To Pay $1.5 Million To Resolve HIPAA Charges

Personal Consumer Information Protection In Health Care Operations Topic of Stamer’s 11/1 Speech

ONC Releases First Wave of EHR Test Procedures; More To Come

OCR Releases HIPAA Compliance Training Tool As Enforcement Risks Rise

Health Care Orgs Disability Exposure High As $475K Paid To Settle Justice Department Charges Medical Fitness Screenings of EMTs, Others Violated ADA

HHS/DOJ Partner With Private Health Plans To Further Ramp Up Health Care Fraud Heat!

AHRQ Issues New Guide for Use of Interactive Preventive Care Record

Nextcare Inc. $10 Million False Claims Act Settlement Shows Qui Tam Role In False Claims Act Prosecutions

For more resources and publications training materials by Ms. Stamer, see here.

Leave a Comment » | Academic medicine, ARRA, Disease Management, DME, Doctor, Durable Medical Equipment, Electronic Health Records, Electronic Medical Records, Employee Benefits, Employer, Health Care, Health Care Provider, Health Insurance Exchange, Health IT, Health Plan, Health Plans, HIPAA, HITECH Act, Home Health, Hospital, Hospital, Indian Health, Meaningful Use, Mental Heatlh, Pharmacy, Physician, Privacy | Tagged: Affordable Care Act, CMS, EHR, Electronic Health Records, Health Care, health care IT, Health Care Provider, Health Plans, HIPAA, OIG, ONC, PHI, Physicians, Privacy | Permalink
Posted by Cynthia Marcotte Stamer

ONC Changes Start Time, Releases Agenda For 11/13 Virtual Workshop On Health IT Test Standards

November 9, 2012

The Office of the National Coordinator for Health IT (ONC) today (November 9, 2012) announced a preliminary agenda of topics and the procedures that health care providers and other interested parties wishing to participate in a public virtual workshop on the ONC Health Information Technology (IT) Certification Program and 2014 Edition Test Methods that ONC plans to host on Tuesday, November 13, 2012 from 8:15 AM-4:30PM EST.

The announced commencement time is 45 minutes earlier than the originally announced 9:00 AM start time that ONC had announced as the start time for the workshop in November 8 announcements.

To review the preliminary agenda for the workshop, see http://www.healthit.gov/policy-researchers-implementers/2014-edition-draft-test-methods.

According to today’s ONC announcement, parties wishing to participate in the virtual workshop should register for ONC Certification Technical Workshop on Nov 13, 2012 8:15 AM EST at https://attendee.gotowebinar.com/register/2114316126469925632 . ONC says that successful registrants will receive a confirmation email containing information about joining the webinar.

The planned workshop follows ONC’s anno0uncement of the release for review of the latest in a series of electronic medical records Test Standards that ONC has issued recently in its march to implement its mandate. ONC says all Test Methods will undergo public review and comment before being finalized and approved by ONC for use in testing and certification. ONC typically allows a two week period of public review and comment from the date posted for public review and comment on each Wave.

In keeping with this process, ONC is inviting interested persons to submit comments and suggestions to ONC.Certification@hhs.gov. All submissions should include “2014 Test Methods” in the subject line. ONC asks that parties submitting input to be as specific as possible in their comment submissions.

ONC says it expects the final set of Test Methods to be available for use in early 2013.

For Help With Monitoring Developments, Compliance, Investigations Or Other Needs

If you need help reviewing or commenting on the Tests Procedures or monitoring or responding to these or other health care or health IT related risk management, compliance, enforcement or management concerns, the author of this update, attorney Cynthia Marcotte Stamer, can help. Vice President of the North Texas Health Care Compliance Professionals Association, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has more than 24 years experience advising health industry clients about these and other matters. Ms. Stamer has extensive experience advising and assisting health care providers, health plans, their business associates and other health industry clients to establish and administer medical privacy and other compliance and risk management policies, to health care industry investigation, enforcement and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns. She regularly designs and presents HIPAA and other risk management, compliance and other training for health plans, employers, health care providers, professional associations and others.

You can get more information about her HIPAA and other experience here.

Other Recent Updates & Resources

For additional resources and publications training materials by Ms. Stamer, see here.

Leave a Comment » | Academic medicine, ARRA, Disease Management, DME, Doctor, Durable Medical Equipment, Electronic Health Records, Electronic Medical Records, Employee Benefits, Employer, Health Care, Health Care Provider, Health Insurance Exchange, Health IT, Health Plan, Health Plans, HIPAA, HITECH Act, Home Health, Hospital, Hospital, Indian Health, Meaningful Use, Mental Heatlh, Pharmacy, Physician, Privacy | Tagged: Affordable Care Act, EHR, Electronic Health Records, Health Care, health care IT, Health Care Provider, Health Plans, HIPAA, ONC, PHI, Privacy | Permalink
Posted by Cynthia Marcotte Stamer

ONC Releases Next Wave of 2014 Draft Test Methods For Public Review and Comment; Plans 11/13 Virtual Workshop

November 8, 2012

The Office of the National Coordinator for Health IT (ONC) today (November 8, 2012) announced the release of the Wave 7 2014 Edition Draft Test Methods (test procedures, tools, and applicable test data and files). To review the 2014 Edition draft Test Methods, visit the 2014 Edition Draft Test Procedures webpage. As a follow up to this announcement, ONC is inviting interested parties to participate in a public workshop on the ONC HIT Certification Program and 2014 Edition Test Methods on Tuesday, November 13^th, 9AM-4:30PM EST.

The Test Procedures announced today are the latest in a series ONC has issued recently. ONC says all Test Methods will undergo public review and comment before being finalized and approved by ONC for use in testing and certification. ONC typically allows a two week period of public review and comment from the date posted for public review and comment on each Wave.

ONC says it expects the final set of Test Methods to be available for use in early 2013.

To help interested parties stay informed about the Test Messages, ONC also announced today it will host a virtual public workshop on the ONC HIT Certification Program and 2014 Edition Test Methods on Tuesday, November 13^th, 9AM-4:30PM EST. According to ONC, the topics to be covered include 2014 Test Procedures, Test Tools, Test Data, ONC Timeline, and the Certified Health IT Product List (CHPL). ONC says additional details regarding access and agenda will be forthcoming. Watch the ONC website.

For Help With Monitoring Developments, Compliance, Investigations Or Other Needs

If you need help reviewing or commenting on the Tests Procedures or monitoring or responding to these or other health care or health IT related risk management, compliance, enforcement or management concerns, the author of this update, attorney Cynthia Marcotte Stamer, can help. Vice President of the North Texas Health Care Compliance Professionals Association, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has more than 24 years experience advising health industry clients about these and other matters. Ms. Stamer has extensive experience advising and assisting health care providers, health plans, their business associates and other health industry clients to establish and administer medical privacy and other compliance and risk management policies, to health care industry investigation, enforcement and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns. She regularly designs and presents HIPAA and other risk management, compliance and other training for health plans, employers, health care providers, professional associations and others.

You can get more information about her HIPAA and other experience here.

Other Recent Updates & Resources

For additional resources and publications training materials by Ms. Stamer, see here.

Leave a Comment » | Academic medicine, ARRA, Disease Management, DME, Doctor, Durable Medical Equipment, Electronic Health Records, Electronic Medical Records, Employee Benefits, Employer, Health Care, Health Care Provider, Health Insurance Exchange, Health IT, Health Plan, Health Plans, HIPAA, HITECH Act, Home Health, Hospital, Hospital, Indian Health, Meaningful Use, Mental Heatlh, Pharmacy, Physician, Privacy | Tagged: Affordable Care Act, EHR, Electronic Health Records, Health Care, health care IT, Health Care Provider, Health Plans, HIPAA, ONC, PHI, Privacy | Permalink
Posted by Cynthia Marcotte Stamer

Five More Individuals Charged in Detroit for Alleged Roles in $24.7 Million Medicare Fraud Scheme

September 23, 2012

New Charges Bring To A Total of 9 Charged for Their Roles in the Scheme

Charges against five more individuals for their alleged participation in a $24.7 million Medicare fraud scheme involving purported home health and psychotherapy services were unsealed and made public in the Eastern District of Michigan on September 20, 2012 bring to a total of nine individuals now charged in the scheme.

The Department of Justice (DOJ), the Federal Bureau of Investigation (FBI) and the Department of Health and Human Services (HHS) jointly announced the charges.

DOJ charges in court documents that the scheme allegedly involved a total of more than $24.7 million in fraudulent claims submitted to Medicare for purported home health care and psychotherapy services that were medically unnecessary and/or never provided. Court documents allege that the defendants are operators, employees and marketers associated with home health care and psychotherapy clinics operating in and around Detroit. Defendants charged in the unsealed court documents unsealed today include: Mohammed Sadiq; Jamella Al-Jumail; Firas Alky; Clarence Cooper and Beverly Cooper.

Four defendants charged in the superseding indictment were previously charged and arrested in May 2012 for their roles in the scheme. Defendants previously charged include: Sachin Sharma, Dana Sharma, Abdul Malik Al-Jumail, and Felicar Williams.

The superseding indictment charges all defendants with one count of conspiracy to commit health care fraud; Sachin Sharma with five counts of health care fraud; Sachin Sharma, Abdul Malik Al-Jumail, Williams, Sadiq, Alky and Clarence Cooper with one count of conspiracy to pay and receive health care kickbacks; and Jamella Al-Jumail with one count of destruction of records in a federal investigation. The superseding indictment also seeks forfeiture from all defendants.

According to the superseding indictment, from January 2007 through April 2012, the defendants operated a large network of purported home health care and psychotherapy companies in the Detroit area through which they conspired to defraud Medicare.

According to court documents, Sachin Sharma, Dana Sharma, Abdul Malik Al-Jumail, Williams, Jamella Al-Jumail, Sadiq, Alky and other alleged co-conspirators incorporated home health care, psychotherapy and other medical service companies to carry out the scheme, including Reliance Home Care, LLC; First Choice Home Health Care Services Inc.; Associates in Home Care Inc.; Haven Adult Day Care Center LLC; Swift Home Care LLC; ABC Home Care Inc.; Accessible Home Care Inc.; and Be Well Home Care LLC. The defendants, along with co-conspirators, allegedly submitted Medicare enrollment applications to let these companies to bill Medicare. Sachin Sharma, Abdul Malik-Al-Jumail, Sadiq, Alky and others allegedly paid kickbacks and bribes to recruiters, including Williams and Clarence Cooper, to get Medicare beneficiaries’ information, which could be used to fraudulently bill Medicare for purported services provided by the companies they operated and controlled. The defendants then allegedly caused these companies to bill Medicare for home health and psychotherapy services, even though these services were not medically necessary and were often not provided.

According to the superseding indictment, the defendants caused Reliance, First Choice, Associates, Haven, Swift, ABC, Accessible and other home health, psychotherapy and medical services companies to bill approximately $24.7 million in claims to Medicare for services that were medically unnecessary and/or not provided. In addition, Jamella Al-Jumail is charged with destroying records relating to Accessible’s Medicare billings upon learning of the May 2012 arrest of Abdul Malik Al-Jumail, her co-conspirator and father.

Clarence and Beverly Cooper, Sadiq and Jamella Al-Jumail were arrested on September 21.

The case is being prosecuted by Fraud Section Assistant Chief Gejaa T. Gobena and Trial Attorney William G. Kanellis. The investigations were conducted jointly by the FBI and HHS-OIG, as part of the Medicare Fraud Strike Force, supervised by the U.S. Attorney’s Office for the Eastern District of Michigan and the Criminal Division’s Fraud Section.

Act To Manage Health Care Fraud Exposures

As health care fraud enforcement remains a lead Federal priority, health care providers face ever-heightening exposures to HEAT task force scrutiny and prosecution. Along with these criminal investigation and enforcement activities, health care providers also face civil monetary penalty, federal program disqualification and other civil and administrative remedies from billing, reimbursement and other health care fraud, billing audits and other enforcement and audit activities.

In response to these and other investigation and oversight activities, health care providers should strengthen their compliance practices and oversight and take other special care to position themselves and their billings to defend against possible challenge.

For Help With Compliance, Investigations Or Other Needs

If you need help providing compliance or other training, reviewing or responding to these or other health care related risk management, compliance, enforcement or management concerns, the author of this update, attorney Cynthia Marcotte Stamer, may be able to help. Vice President of the North Texas Health Care Compliance Professionals Association, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has more than 24 years experience advising health industry clients about these and other matters. Ms. Stamer has extensive experience advising and assisting health care providers and other health industry clients to establish and administer medical privacy and other compliance and risk management policies, to health care industry investigation, enforcement and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns. A popular lecturer and widely published author on health industry concerns, Ms. Stamer continuously advises health industry clients about compliance and internal controls, workforce and medical staff performance, quality, governance, reimbursement, and other risk management and operational matters. Ms. Stamer also publishes and speaks extensively on health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns/ She also regularly designs and presents risk management, compliance and other training for health care providers, professional associations and others. Her publications and insights appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, World At Work, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications. You can get more information about her health industry experience here. Contact Ms. Stamer at (469) 767-8872 or via e-mail here.

About Solutions Law Press

Leave a Comment » | DME, Doctor, false claims act, Federal Sentencing Guidelines, Health Care, Health Care Finance, Health Care Fraud, Health Care Provider, Health Care Quality, Health Plan, Health Plans, Home Health, Hospital, Hospital, Medicaid, Medicare, Medicare Advantage, Money Laundering, OIG, Physician, Physician Licensing, Reimbursement | Tagged: false claims act, Health Care Fraud, HEAT, Medical Licensure, Physician, texas medical board | Permalink
Posted by Cynthia Marcotte Stamer

Massachusetts Ear Group To Pay $1.5 Million To Resolve HIPAA Charges

September 17, 2012

Physician practices and other health care providers, health plans, health care clearinghouses and their business associates have yet another $1 million plus reminder of the importance of taking proper steps to secure electronic protected health information and take other steps required to comply with the Health Insurance Portability & Accountability Act of 1996 (HIPAA).

Massachusetts Eye and Ear Infirmary and Massachusetts Eye and Ear Associates, Inc. (collectively referred to as “MEEI”) will pay the U.S. Department of Health and Human Services’ (HHS) $1.5 million and take a series of corrective actions to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security Rule under the resolution agreement available here (“Resolution Agreement”) announced by the Department of Health & Human Services (HHS) Office of Civil Rights (OCR) on September 17, 2012.

MEEI Resolution Agreement

The Resolution Agreement settles charges that resulted from an OCR investigation commenced in response to a HIPAA breach report submitted by MEEI reporting the theft of an unencrypted personal laptop containing the electronic protected health information (ePHI) of MEEI patients and research subjects. The laptop information included patient prescriptions and clinical information.

OCR’s investigation indicated that MEEI failed to take necessary steps to comply with certain requirements of the HIPAA Security Rule, such as conducting a thorough analysis of the risk to the confidentiality of ePHI maintained on portable devices, implementing security measures sufficient to ensure the confidentiality of ePHI that MEEI created, maintained, and transmitted using portable devices, adopting and implementing policies and procedures to restrict access to ePHI to authorized users of portable devices , and adopting and implementing policies and procedures to address security incident identification, reporting, and response. OCR’s investigation indicated that these failures continued over an extended period of time, demonstrating a long-term organizational disregard for the requirements of the Security Rule.

To settle the charges, MEEI will pay a $1.5 million settlement to OCR. In addition, the Resolution Agreement also requires MEEI to adhere to a corrective action plan which includes reviewing, revising and maintaining policies and procedures to ensure compliance with the Security Rule, and retaining an independent monitor who will conduct assessments of MEEI’s compliance with the corrective action plan and render semi-annual reports to HHS for a 3-year period.

High Dollar Resolution Agreements Increasingly Common

The MEEI Resolution Agreement follows on the resolution agreement previously announced this year with Arizona-based Phoenix Cardiac Surgery, P.C. (PCS). That resolution agreement required PCS to pay $100,000 and take corrective action to implement policies and procedures to safeguard the protected health information of its patients to settle OCR charges PCS violated HIPAA.

Health care providers and other HIPAA-covered entities should heed the MEEI, PSC and other recent settlements as the latest signal of the risks that health care providers and other covered entities run by failing to adequately implement and administer appropriate HIPAA compliance practices.

Following the announcement by OCR last month that Blue Cross Blue Shield of Tennessee (BCBST) would pay $1,500,000 to resolve HIPAA violations charges, and the latest in a series of Resolution Agreements announced by OCR in recent years, the PCS highlights the willingness to sanction health care providers and other covered entities of all sizes. “The case is significant because it highlights a multi-year, continuing failure on the part of this provider to comply with the requirements of the Privacy and Security Rules,” said Leon Rodriguez, director of OCR. “We hope that health care providers pay careful attention to this resolution agreement and understand that the HIPAA Privacy and Security Rules have been in place for many years, and OCR expects full compliance no matter the size of a covered entity.”

Enforcement Actions Highlight Growing HIPAA Exposures For Covered Entities

Like the PCS, BCBST and other announced resolution agreements, the MEEI Resolution Agreement provides more evidence of the growing exposures that health care providers, health plans, health care clearinghouses and their business associates need to carefully and appropriately manage their HIPAA responsibilities. See HIPAA Heats Up: HITECH Act Changes Take Effect & OCR Begins Posting Names, Other Details Of Unsecured PHI Breach Reports On Website. Covered entities are urged to heed these warning by strengthening their HIPAA compliance and adopting other suitable safeguards to minimize HIPAA exposures. For tips, see here.

For Help With Monitoring Developments, Compliance, Investigations Or Other Needs

You can get more information about her HIPAA and other experience here or contact Ms Stamer here or at (469) 767-8872.

[1] The Breach Notification Rule also requires that covered entities report smaller breaches annually to OCR as part of a consolidated disclosure.

For more tips, see here.

Other Recent Updates & Resources

For additional resources and publications training materials by Ms. Stamer, see here.

[*] The Breach Notification Rule also requires that covered entities report smaller breaches annually to OCR as part of a consolidated disclosure.

Leave a Comment » | Academic medicine, ARRA, Disease Management, DME, Doctor, Durable Medical Equipment, Electronic Health Records, Electronic Medical Records, Employee Benefits, Employer, Health Care, Health Care Provider, Health Insurance Exchange, Health IT, Health Plan, Health Plans, HIPAA, HITECH Act, Home Health, Hospital, Hospital, Indian Health, Meaningful Use, Mental Heatlh, Pharmacy, Physician, Privacy | Tagged: Breach Notification, Health Care, Health Insurance Portability & Accountability Act, HIPAA, OCR, Office of Civil Rights, PHI, Privacy | Permalink
Posted by Cynthia Marcotte Stamer

ONC Releases First Wave of EHR Test Procedures; More To Come

September 14, 2012

On September 7th the ONC published the first wave of draft Test Procedures and applicable test data files for the 2014 Edition Elelctronic Health Record (EHR) certification criteria for public review and comment. ONC will release additional Test Procedures in waves on a weekly or bi-weekly basis. Each set of draft test procedures will undergo a two week period of public review and comment from the date posted. You can now provide input on Wave One 2014 draft Test Procedures. Visit the site for detailed information on the 2014 Test Procedure development process at http://www.healthit.gov/policy-researchers-implementers/2014-edition-draft-test-procedures.

For Help With Monitoring Developments, Compliance, Investigations Or Other Needs

If you need help monitoring federal health reform, policy or enforcement developments, or to review or respond to these or other health care or health IT related risk management, compliance, enforcement or management concerns, the author of this update, attorney Cynthia Marcotte Stamer, can help. Vice President of the North Texas Health Care Compliance Professionals Association, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has more than 24 years experience advising health industry clients about these and other matters. Ms. Stamer has extensive experience advising and assisting health care providers, health plans, their business associates and other health industry clients to establish and administer medical privacy and other compliance and risk management policies, to health care industry investigation, enforcement and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns. She regularly designs and presents HIPAA and other risk management, compliance and other training for health plans, employers, health care providers, professional associations and others.

You can get more information about her HIPAA and other experience here.

Other Recent Updates & Resources

For additional resources and publications training materials by Ms. Stamer, see here.

Leave a Comment » | Academic medicine, ARRA, Disease Management, DME, Doctor, Durable Medical Equipment, Electronic Health Records, Electronic Medical Records, Employee Benefits, Employer, Health Care, Health Care Provider, Health Insurance Exchange, Health IT, Health Plan, Health Plans, HIPAA, HITECH Act, Home Health, Hospital, Hospital, Indian Health, Meaningful Use, Mental Heatlh, Pharmacy, Physician, Privacy | Tagged: Affordable Care Act, EHR, Electronic Health Records, Health Care, health care IT, Health Care Provider, Health Plans, HIPAA, ONC, PHI, Privacy | Permalink
Posted by Cynthia Marcotte Stamer

OCR Releases HIPAA Compliance Training Tool As Enforcement Risks Rise

September 14, 2012

Along with its stepped up enforcement and new audit programs, the Department of Health & Human Services (HHS) Office of Civil Rights (OCR) is working to promote and encourage better voluntary compliance by physician and other health care providers by releasing a new interactive security and privacy training game to help educate healthcare providers and their staffs to make more informed decisions regarding privacy and security of health information. Using a game format, the game asks users to respond to privacy and security challenges often faced in a typical medical practice.

With the U.S. Department of Health and Human Services (HHS) Office of Civil Rights (OCR) stepping up enforcement and sanctions for health care providers, health plans, health care providers and their businesses associates (covered entities) that violate the Health Insurance Portability & Accountability Act (HIPAA) Privacy, Security and Breach Notification Rules and OCR now auditing HIPAA compliance, covered entities should self-audit within the scope of attorney-client privilege and tighten as necessary existing policies, practices and documentation to comply with evolving requirements of HIPAA and other laws requiring the protection of protected health information (PHI), personal financial information and sensitive data.

As the HIPAA Privacy, Security and Breach Rules include mandates that covered entities train members of their workforce, the new game could be a helpful component for health care providers as part of their organization’s training efforts.

The mounting list of settlement agreements – most of which have required settlement payments of more than $1 million – that OCR has announced show the growing exposures that covered entities face when violating HIPAA. See HIPAA Heats Up: HITECH Act Changes Take Effect & OCR Begins Posting Names, Other Details Of Unsecured PHI Breach Reports On Website. These settlements and sanctions prove the importance of covered entities strengthening their HIPAA compliance and adopting other suitable safeguards to keep up HIPAA compliance and minimize HIPAA and other exposures that can arise if PHI, personal financial information and other sensitive data. For tips, see here.

For Help With Monitoring Developments, Compliance, Investigations Or Other Needs

You can get more information about her HIPAA and other experience here.

Other Recent Updates & Resources

For additional resources and publications training materials by Ms. Stamer, see here.

Leave a Comment » | Academic medicine, ARRA, Disease Management, DME, Doctor, Durable Medical Equipment, Electronic Health Records, Electronic Medical Records, Employee Benefits, Employer, Health Care, Health Care Provider, Health Insurance Exchange, Health IT, Health Plan, Health Plans, HIPAA, HITECH Act, Home Health, Hospital, Hospital, Indian Health, Meaningful Use, Mental Heatlh, Pharmacy, Physician, Privacy | Tagged: Health Care, Health Plans, HIPAA, PHI, Privacy | Permalink
Posted by Cynthia Marcotte Stamer

Director of Texas Office of e-Health Coodination To Discuss Texas HIE Strategy in 3/14 HHS Sponsored Teleconference

March 14, 2012

On Wednesday, March 14, 2012 at 1 p.m. EDT, National eHealth Collaborative’s NeHC University will host Stephen Palmer, Director of the Office of e-Health Coordination at the Texas Health and Human Services Commission, to describe the HIE strategy being pursued by the state of Texas. Palmer will be joined by Kem McClelland of the Integrated Care Collaboration, Tony Gilman of the Texas Health Services Authority, and Bryan White of the North Texas Accountable Healthcare Partnership to showcase the Texas strategy in action and detail the progress that has been made on the ground.

To participate register and join NeHC University’s Spotlight on the Texas Statewide HIE Strategy.

For Help With Monitoring Developments, Compliance, Investigations Or Other Needs

You can get more information about her HIPAA and other experience here.

If you need assistance with these or other compliance concerns, wish to inquire about arranging for compliance audit or training, or need legal representation on other matters please contact Ms. Stamer at (469) 767-8872 or via e-mail here.

If you need help investigating or responding to a known or suspected compliance, litigation or enforcement or other risk management concern, assistance with reviewing, updating, administering or defending a current or proposed employment, employee benefit, compensation or other management practice, wish to inquire about federal or state regulatory compliance audits, risk management or training, or need legal representation on other matters please contact Ms Stamer here or at (469) 767-8872.

[1] The Breach Notification Rule also requires that covered entities report smaller breaches annually to OCR as part of a consolidated disclosure.

For more tips, see here.

For Help With Monitoring Developments, Compliance, Investigations Or Other Needs

You can get more information about her HIPAA and other experience here.

Other Recent Updates & Resources

For additional resources and publications training materials by Ms. Stamer, see here.

[*] The Breach Notification Rule also requires that covered entities report smaller breaches annually to OCR as part of a consolidated disclosure.

Leave a Comment » | Academic medicine, ARRA, Disease Management, DME, Doctor, Durable Medical Equipment, Electronic Health Records, Electronic Medical Records, Employee Benefits, Employer, Health Care, Health Care Provider, Health Insurance Exchange, Health IT, Health Plan, Health Plans, HIPAA, HITECH Act, Home Health, Hospital, Hospital, Indian Health, Meaningful Use, Mental Heatlh, Pharmacy, Physician, Privacy | Tagged: Breach Notification, business associate, Health Care, Health Plan, HIPAA, HITECH Act, OCR | Permalink
Posted by Cynthia Marcotte Stamer

$1.5 Million HIPAA Settlement Reached To Resolve 1st OCR Enforcement Action Prompted By HITECH Act Breach Report

March 13, 2012

Resolution Agreement Also 1^st Announced With Health Plan

Health care providers, health plans and other covered entities beware and prepare! Reporting a large breach under the HITECH Act breach notification rules will trigger a Department of Health & Human Services (HHS) Office of Civil Rights (OCR) investigation into whether OCR should impose civil monetary penalties against the reporting covered entity under the Privacy and Security Rules of the Health Insurance Portability & Accountability Act of 1996 (HIPAA).

Blue Cross Blue Shield of Tennessee (BCBST) has agreed to pay OCR $1,500,000 and to take certain other actions specified in a corrective action plan to avoid civil monetary penalties for charges of HIPAA violations. The BCBST Resolution Agreement is particularly significant, both as:

The first reported enforcement action directly resulting from the filing by a covered entity of a breach report required by the Health Information Technology for Economic and Clinical Health (HITECH) Act Breach Notification Rule; and
The first reported resolution agreement reached with a covered entity that is a health plan.

These notable enforcement firsts show the HITECH Breach Notification Rule’s significance as an OCR HIPAA enforcement tool, the heightened exposure to an OCR opening a HIPAA civil monetary penalty (CMP) investigation following a report, as well as the willingness of OCR to sanction health plans as well as other covered entities that breach HIPAA’s Privacy or Security Rules.

BCBST Investigation Began In Response to HITECH Act Breach Notification Rule Report

The OCR investigation that lead to the BCBST settlement began in response to BCBST making a report required under the Breach Notification Rule of the theft of 57 unencrypted computer hard drives from a leased facility in Tennessee, which contained the protected health information (PHI) of over 1 million individuals. Read more details here.

The Breach Notification Rule enacted as part of amendments to HIPAA under the HITECH Act requires covered entities to report an impermissible use or disclosure of protected health information, or a “breach,” of 500 individuals or more to HHS and the media as well as an annual consolidated report of smaller breaches to HHS.[1] Along with the Breach Notification Rules, the HITECH Act also increased the civil monetary penalties (CMPs) that covered entities like BCBST can incur for HIPAA violations. When it imposed its first ever CMP last year, OCR imposed a $4.3 million CMP against Cignet Health of Prince George’s County, Md. (Cignet).

In an apparent effort to impose a potentially larger CMP assessment arising from the investigation of its breach report, BCBST greed to pay $1,500,000 and adopt other corrective actions detailed in a corrective action plan.

Enforcement Actions Highlight Growing HIPAA Exposures For Covered Entities

The BCBST Resolution Agreements, like the Cignet CMP and other high dollar Resolution Agreements OCR has announced against various health care providers highlight the significance of the HITECH Act amendments to HIPAA’s enforcement and CMP rules, as well as the significance of its Breach Notification Rule as a tool in OCR’s investigation and enforcement efforts.

“This settlement sends an important message that OCR expects health plans and health care providers to have in place a carefully designed, delivered, and monitored HIPAA compliance program,” said OCR Director Leon Rodriguez. “The HITECH Breach Notification Rule is an important enforcement tool and OCR will continue to vigorously protect patients’ right to private and secure health information.”

The BCBST Resolution Agreement provides yet another reminder to covered entities and their business associates of the need to carefully and appropriately manage their HIPAA responsibilities. See HIPAA Heats Up: HITECH Act Changes Take Effect & OCR Begins Posting Names, Other Details Of Unsecured PHI Breach Reports On Website. Covered entities are urged to heed these warning by strengthening their HIPAA compliance and adopting other suitable safeguards to minimize HIPAA exposures. Fortips, see here.

For Help With Monitoring Developments, Compliance, Investigations Or Other Needs

You can get more information about her HIPAA and other experience here.

[1] The Breach Notification Rule also requires that covered entities report smaller breaches annually to OCR as part of a consolidated disclosure.

For more tips, see here.

For Help With Monitoring Developments, Compliance, Investigations Or Other Needs

You can get more information about her HIPAA and other experience here.

Other Recent Updates & Resources

For additional resources and publications training materials by Ms. Stamer, see here.

[*] The Breach Notification Rule also requires that covered entities report smaller breaches annually to OCR as part of a consolidated disclosure.

Leave a Comment » | Academic medicine, ARRA, Disease Management, DME, Doctor, Durable Medical Equipment, Electronic Health Records, Electronic Medical Records, Employee Benefits, Employer, Health Care, Health Care Provider, Health Insurance Exchange, Health IT, Health Plan, Health Plans, HIPAA, HITECH Act, Home Health, Hospital, Hospital, Indian Health, Meaningful Use, Mental Heatlh, Pharmacy, Physician, Privacy | Tagged: Breach Notification, business associate, Health Care, Health Plan, HIPAA, HITECH Act, OCR | Permalink
Posted by Cynthia Marcotte Stamer

Former Houston Texas Physician Gets 70 Month Prison Sentence For Fraud Conviction

November 27, 2011

A Federal court on November 14, 2011 sentenced Armando Chavez, 42, a former physician and owner of the Chavez Medical Group in East Houston to 60 months for the conspiracy charge and to 70 months for each of the three mail fraud charges. In addition to the prison sentences, which will run concurrently, Chavez was also ordered to pay $3,821,082 in restitution.

The prosecution and sentencing of Chavez highlights the heightened risk that physicians and others engaging in aggressive health care billings risk if Federal officials view their actions as crossing the line. The Chavez case is particularly notable as it primarily stemmed from claims submitted to private health care payers.

The Chavez sentence resulted from Chavez’ guilty plea to one count of conspiracy and three counts of mail fraud in connection with billings made at the Chavez Medical Group.

The charges brought in April, 2011 stem from improper billing at the Chavez Medical Group between 2005 and 2007. Federal prosecutors charged that Chavez billed for services he did not perform through a process of “unbundling” medical codes used on claims he filed to increase the amount he was paid by insurance companies. While most health care providers recognize potential exposures to health care fraud prosecution for making false claims to Medicare, Medicaid or other federal programs, many providers fail to recognize this same exposure also can result from false billings to private health plans and insurers.

Following the initiation of the investigation, Chavez voluntarily surrendered his medical license to the Texas Board of Medicine. Filing false health care claims is one of many types of personal misconduct that justifies loss of licensure or other discipline under Texas Medical Board rules.

According to the documents filed of record in the case, Chavez was board certified in internal medicine, licensed by the Texas Board of Medicine in 1997. He started his medical practice in family medicine and in 2005, began to perform endovenous laser ablation, a procedure used to repair varicose veins in the legs.

For purposes of billing, the medical insurance industry provides certain billing codes for the laser ablation procedure, which include a group of procedures billed under one code for the entire procedure. Chavez instructed his staff to “unbundle” or separate the codes for this procedure and to bill for individual steps in the procedure, resulting in greater reimbursement and payment for each patient. Additionally, Chavez submitted claims alleging he repaired all six veins for each patient, when in fact – in most cases – he repaired fewer than six veins. By alleging he repaired all six veins, Chavez alleged he performed six procedures over a period of six days, another aspect of the fraudulent billing which he used to justify the unbundling of codes and allowed him to be reimbursed at the highest possible rate.

Federal prosecutors claimed The typical patient whose billing was submitted as “bundled” into one code resulted in payment of approximately $6000, while the patient whose billing codes were “unbundled” typically resulted in payment of approximately $14,000. Based on these figures, Federal prosecutors claim that Chavez billed insurance companies and programs, including Medicare and Medicaid, a total of $14.1 million for which he collected $3.8 million between 2005 and 2007.

The investigation of this case was conducted by the FBI and the Texas Attorney General’s Medicaid Fraud Control Unit. Assistant United States Attorney Cedric L. Joubert prosecuted the case. According to the Justice Department, the case is being investigated by the Dallas Health Care Fraud Prevention and Enforcement Action Team (HEAT) Strike Force, which includes the U.S. Department of Health and Human Services Office of Inspector General, the FBI and the Texas Attorney General’s Medicaid Fraud Control Unit. Since their inception in March 2007, Strike Force operations in nine locations have charged more than 1,140 defendants who collectively have falsely billed the Medicare program for more than $2.9 billion.

While health care fraud enforcement remains a lead Federal priority, health care providers in Texas and other HEAT Strike Force targeted regions face heightened exposures to HEAT task force scrutiny and prosecution. In response to these and other investigation and oversight activities, health care providers should strengthen their compliance practices and oversight and take other special care to position themselves and their billings to defend against possible challenge.

For Help With Compliance, Investigations Or Other Needs

If you need assistance providing compliance or other training, reviewing or responding to these or other health care related risk management, compliance, enforcement or management concerns, the author of this update, attorney Cynthia Marcotte Stamer, may be able to help. Vice President of the North Texas Health Care Compliance Professionals Association, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has more than 24 years experience advising health industry clients about these and other matters. Ms. Stamer has extensive experience advising and assisting health care providers and other health industry clients to establish and administer medical privacy and other compliance and risk management policies, to health care industry investigation, enforcement and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns. A popular lecturer and widely published author on health industry concerns, Ms. Stamer continuously advises health industry clients about compliance and internal controls, workforce and medical staff performance, quality, governance, reimbursement, and other risk management and operational matters. Ms. Stamer also publishes and speaks extensively on health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns/ She also regularly designs and presents risk management, compliance and other training for health care providers, professional associations and others. Her publications and insights appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, World At Work, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications. You can get more information about her health industry experience here. If you need assistance with these or other compliance concerns, wish to inquire about arranging for compliance audit or training, or need legal representation on other matters please contact Ms. Stamer at (469) 767-8872 or via e-mail here.

About Solutions Law Press

Medical Identity Theft/Fraud Convictions Highlight Need For Health Care Providers To Safeguard Health Information, Guard Against Fraud Schemes

November 27, 2011

Convictions Highlight Health Care Data Bases Attractive, Vulnerable Target For Medicare Fraud Schemers

A Federal judge sentenced 25 year old Miami resident Yenky Sanchez, 25 to serve more than 5 years in Federal prison for his role in the theft of Medicare numbers and other information of elderly and disabled Florida residents as part of a plan to defraud Medicare, Medicaid and other federal programs. Coming on the heels of a November 3 conviction in West Virginia of Sargis Tadevosyan in a separate identity theft for Medicare fraud scheme, the convictions highlight the growing commitment and effectiveness of Federal and state investigators in investigating and prosecuting individuals who seek to use identity theft schemes to defraud Medicare or other federal programs.

Sanchez Conviction & Sentencing

The sentence arises from criminal charges brought by the U.S. Department of Justice (DOJ) in conjunction with other federal and state agencies, which charged Sanchez considered to commit health care fraud, authentication feature fraud and aggravated identity theft. According to DOJ documents, Sanchez, participated in a scheme with Raul Diaz-Perera, to steal and sell Medicare numbers and other data about clients of their employer, the Florida Department of Children and Families’ (DCF). Diaz-Perera previously was employed with DCF. According to the evidence at trial against Sanchez and a factual proffer filed with the court during the plea hearing for co-defendant Diaz-Perera, Sanchez used his position as employees at a DCF call center in downtown Miami to steal Medicare numbers and other personal information for purposes of committing health care fraud and identity theft. The intent of Sanchez and his co-conspirator was for those numbers to be used to fraudulently bill Medicare for services that were never provided to the DCF beneficiaries. Sanchez was convicted of conspiring to commit health care fraud, in violation of Title 18, United States Code, Section 1349; conspiring to commit authentication feature fraud, in violation of Title 18, United States Code, Sections 1028(a)(3) and (f); and aggravated identity theft, in violation of Title 18, United States Code, Section 1028A(a)(1). Based on these convictions, U.S. District Judge Cecilia M. Altonaga sentenced Sanchez on November 21, 2011 to 65 months in prison, followed by three years of supervised release. Judge Altonaga also imposed a $5,000.00 fine on Sanchez.

Tadevosyan Conviction

Federal officials previously also had scored another Medicare fraud/identity theft prosecution victory just a few short weeks earlier in West Virginia. On November 3, 2011, a federal jury convicted Armenia citizen Sargis Tadevosyan in connection with a health care fraud scheme that intended to defraud millions of dollars from Medicare. Tadevosyan was found guilty of two felony counts: conspiracy to commit health care fraud and wire fraud and aggravated identity theft. Tadevosyan faces up to 20 years in prison for the conspiracy conviction and a mandatory consecutive sentence of two years for aggravated identity theft and a $250,000 fine when he is sentenced on January 26, 2012.

In contrast to the small scale conspiracy that apparently occurred in the Sanchez case, the Tadovosyn scheme apparently was orchestrated by organized crime. Department of Health and Human Resources Office of Inspector General (HHS-OIG) uncovered the activities of Tadovosyn as part of its investigation of fraud schemes involving false front providers, whereby a company posed as a Medicare health care provider, and unlawfully billed Medicare as if they were providing legitimate services. Ultimately, investigators discovered that Tadevosyn and others were involved in defrauding Medicare and other health care payers as part of a scheme that used false front provider companies. In total, more than $4 million in Medicare claims were submitted by the false front providers. To co-conspirators of Tadevosyn pleaded guilty in September to aiding and abetting aggravated identity theft in connection to the health care fraud plot. Those two co-defendants are scheduled to be sentenced on December 1, 2011.

In announcing the Tadevosyan conviction, federal officials affirmed their commitment to finding and prosecuting identity theft targeting Medicare and other health insurance programs. “This investigation revealed that organized criminal groups are still brazenly attempting to steal taxpayer money from our national health insurance programs,” said Nicholas DiGiulio, Special Agent in Charge for the Inspector General’s Office of the United States Department of Health and Human Services. “Today’s results demonstrate that we will do whatever it takes to catch these individuals in the act before they receive a penny of taxpayers’ money.”

Federal Laws, Investigations & Prosecutions of Medical Identity Theft Schemes Tightening

Whether from deliberate schemes to misappropriate data or other less sinister compromises of personal health information or other sensitive data, health care providers, health plans and other businesses face rising responsibilities to protect data and increasing exposures for failing to do so.

Federal law imposes stiff sanctions against organizations and individuals that engage in theft of personal or other sensitive information, health or other federal program fraud or both. In an effort to stem the tide of health care and identity theft fraud, federal and state legislators and regulators have tightened federal and state laws to strengthen laws prohibiting health care fraud and identity theft, to require that health care providers, health plans, federal and state agencies and others that collect, possess or access sensitive personal health information, personal financial information or other sensitive date safeguard and protect sensitive information against improper access or misuse, to increase the penalties for violation of these federal and state laws and to provide law enforcement with expanded tools to investigate and prosecute violations of these laws. See e.g., Cybercrime and Identity Theft: Health Information Security Beyond HIPAA.

As a result of these new and expanded mandates, health care providers, health plans, financial organizations and a broad range of other businesses and governmental agencies face a host of complicated mandates to protect personal health information, personal financial information and other sensitive data under laws such as the Health Information Portability & Accountability Act (HIPAA), the Fair & Accurate Credit Transactions Act (FACTA), state and federal identity theft and data security and other laws and significant liability for failing to fulfill these responsibilities.

Health care providers, health insurers and others handling protected health information are particularly at risk when their data is compromised. Recent amendments to HIPAA require these entities and their business associates to tighten their data privacy and security safeguards and to monitor and timely report data breaches, as well as significantly expand their potential liability exposure for failing to comply with HIPAA’s requirements. See e.g., UCLA Health Systems Payment of $865,500 To Settle HIPAA Charges Shows Rising HIPAA Risk; CVS Settles Privacy Charges; Rite Aid Agrees to Pay $1 Million to Settle HIPAA Privacy Case As Office of Civil Rights Proposes Tighter HIPAA Privacy & Security Regulations; 2 New HIPAA Criminal Actions Highlight Risks From Wrongful Use/Access of Health Information; President Signs Long-Sought Red Flag Rule Exemption Into Law. As part of its ongoing implementation of stepped up enforcement responsibility and powers enacted as part of these recent amendments, the HHS Office of Civil Rights (OCR) announced on November 8, 2011 its kickoff of a new compliance audit effort. These developments send a forceful message that all businesses generally and health care providers, health plans, healthcare clearinghouses and their business associates specifically must get serious about compliance with the privacy, security and data breach requirements of HIPAA and other applicable law by implementing and administering the policies, procedures, training and oversight necessary to comply with these and other federal and state mandates regarding the protection of personal health information and other sensitive data. Learn more about the recent convictions and related data breach exposures here.

For Help With Compliance, Investigations Or Other Needs

About Solutions Law Press

Leave a Comment » | ARRA, Childrens Health Insurance Program, Doctor, Durable Medical Equipment, E-Prescribing, Electronic Health Records, Electronic Medical Records, Employer, FACTA, false claims act, Federal Sentencing Guidelines, Genetic Information, GINA, Health Care, Health Care Fraud, Health Care Provider, Health Care Quality, Health IT, Health Plan, Health Plans, HIPAA, HITECH Act, Home Health, Hospital, Hospital, Indian Health, Meaningful Use, Medicaid, Medicare, Medicare Advantage, Mental Heatlh, Money Laundering, OCR, Reimbursement, Technology, Telemarketing, Telemedicine, Veterans Health Administration | Tagged: Data Security, FACTA, Health Care Fraud, HIPAA, Identity Theft, Justice Department, Medicaid, Medicare, OCR, Privacy | Permalink
Posted by Cynthia Marcotte Stamer

OCR Audit Program Kickoff Further Heats HIPAA Privacy Risks

November 9, 2011

The kickoff of a new compliance audit pilot program provides another reason for health care providers, health plans, healthcare clearinghouses and their business associates to get serious about compliance with the privacy, security and data breach requirements of the Health Insurance Portability and Accountability Act of 1996 (HIPAA).

OCR Pilot Audit Program Begins

On November 8, 2011, the Office of Civil Rights (OCR) of the Department of Health & Human Services (HHS) announced that it will begin auditing HIPAA compliance this month under a new pilot program.

As amended by the American Recovery and Reinvestment Act of 2009 in Section 13411 of the HITECH Act, requires HHS to provide for periodic audits to make sure covered entities and business associates are complying with the HIPAA Privacy and Security Rules and Breach Notification standards. To carry out this mandate, OCR is piloting a program to perform up to 150 audits of covered entities to assess privacy and security compliance between November 2011 and December 2012.

The commencement of OCR HIPAA compliance audits is yet another sign that covered entities and their business associates should get serious about HIPAA compliance. The audit program serves as a new part of OCR’s health information privacy and security compliance program. While OCR says that it presently views the pilot audits as primarily a compliance improvement tool, this does not mean violators should expect a free walk.

Even before the impending audits, HIPAA Privacy exposures of covered entities for failing to comply with HIPAA already had risen significantly. Earlier this year, OCR imposed a $4.3 Million Civil Money Penalty (CMP) against Cignet Health of Prince George’s County (Cignet) for violating HIPAA. Meanwhile, the Department of Justice has secured several criminal convictions or pleas under HIPAA’s criminal provisions. Under amendments made by the HITECH Act, state attorneys general also now are empowered to bring civil lawsuits against covered entities and business associates that commit HIPAA violations that injure citizens in their state under certain circumstances. Eventually, individuals injured by HIPAA violations also will get the right to share in a portion of certain HIPAA recoveries.

These and other audit and enforcement activities send a strong message that covered entities and their business associates need to get serious about HIPAA compliance. As stated by OCR Director Georgina Verdugo when announcing the Mass General Resolution Agreement, “To avoid enforcement penalties, covered entities must ensure they are always in compliance with the HIPAA Privacy and Security Rules,” Verdugo added, “A robust compliance program includes employee training, vigilant implementation of policies and procedures, regular internal audits, and a prompt action plan to respond to incidents.” Learn more here.

For Help With Monitoring Developments, Compliance, Investigations Or Other Needs

Vice President of the North Texas Health Care Compliance Professionals Association, a member of the American College of Employee Benefit Counsel, Past Chair of the ABA RPTE Employee Benefits & Other Compensation Arrangements Group, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has extensive experience advising and assisting health care providers, health plans, their business associates and other health industry clients to establish and administer medical privacy and other compliance and risk management policies. Ms. Stamer also regularly helps clients deal with OCR and other agencies, publishes and speaks extensively on medical and other privacy and data security, health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns. Her publications and insights appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, World At Work, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications. Her insights on the required “culture of compliance” with HIPAA are frequently included in medical privacy related publications of the Atlantic Information Service, Modern Health Care, HealthLeaders and many others. Among others, she has conducted privacy training for the Association of State & Territorial Health Plans (ASTHO), the Los Angeles Health Department, the American Bar Association, the Health Care Compliance Association, a multitude of health industry, health plan, employee benefit and other clients, trade and professional associations and others. You can get more information about her HIPAA and other experience here or may contact her at (469) 767-8872 or via e-mail here.

You can review other selected publications and resources and additional information about the employment, employee benefits and other experience of Ms. Stamer here.

About Solutions Law Press

Leave a Comment » | Academic medicine, ASC, Centers For Disease Control, Childrens Health Insurance Program, DEA, Disease Management, DME, Doctor, Durable Medical Equipment, E-Prescribing, Electronic Medical Records, Employee Benefits, Employer, FACTA, Genetic Information, GINA, Health Care, Health Care Provider, Health IT, Health Plan, Health Plans, HIPAA, HITECH Act, Home Health, Hospital, Hospital, Indian Health, Inpatient Rehabilitation Facility, Medicaid, Medicare, Mental Heatlh, OCR, Outpatient, Pharmacy, Physician, Prescription Drugs, Privacy, Rural Health Care | Tagged: Data Security, Doctor, Health Care Provider, HIPAA, HITECH, home health, Hospital, Physician, Privacy | Permalink
Posted by Cynthia Marcotte Stamer

UCLA Health Systems Payment of $865,500 To Settle HIPAA Charges Shows Rising HIPAA Risk

September 15, 2011

Health care providers, health plans, health care clearinghouses and their business associates got another wake up call about the growing importance of strengthening their policies, practices and safeguards of medical information and records that are “protected health information” under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy and Security Rules with the announcement on July 7 that the University of California at Los Angeles Health System (UCLAHS) has reached an agreement with the U.S. Department of Health & Human Services Office of Civil Rights (OCR) to pay $865,500 and act to strengthen its health information privacy and security practices to settle charges of HIPAA violations.

The latest in a series of recently announced high-dollar Resolution Agreements, the UCLAHS Resolution Agreement highlights the growing risks that covered entities and their business associates run by failing to adequately adopt and administer the policies, systems and other management controls and training necessary to ensure that their organizations and their employees and other members of their workforce actually operationally comply with HIPAA.

Increased penalties, tighter rules and recent enforcement actions by OCR make it more important than ever that covered entities tighten their compliance and risk management policies and procedures.

As a result of amendments enacted as part of the HITECH Act, Congress modified and expanded the HIPAA audit and enforcement obligations of OCR, amended and expanded the potential penalties, made business associates liable for violation of the privacy rules like covered entities, added an obligation for covered entities and business associates to provide notification of breaches of unsecured PHI and tightened other HIPAA obligations. The HITECH Act also gave state attorneys general to bring civil lawsuits against covered entities and business associates that commit HIPAA violations that injure citizens in their state under certain circumstances. Eventually, individuals injured by HIPAA violations will get the right to share in a portion of certain HIPAA recoveries. See HIPAA Heats Up: HITECH Act Changes Take Effect & OCR Begins Posting Names, Other Details Of Unsecured PHI Breach Reports On　Website.

OCR enforcement actions and statistics make clear that OCR is serious about investigation and enforcement of HIPAA violations. This Spring, OCR assessed its first civil monetary penalty (CMP) under HIPAA – a $4.3 million against Cignet Health of Prince George’s County, Md. (Cignet) and entered into a series of Resolution Agreements under which CVS Pharmacy, Inc., General Hospital Corporation and Massachusetts General Physicians Organization Inc., Rite Aid and others paid a million or more dollars as part of the required terms of settlement. See e.g., Rite Aid Pays $1 Million HIPAA Privacy Settlement As OCR Tightens HIPAA Regulations; HIPAA Risks Soar As CVS Agrees To Pay $2.25 Million To Resolve HIPAA Charges & Stimulus Bill Amends HIPAA; Providence To Pay $100,000 & Implement Other Safeguards To Settle HIPAA Penalty Exposures Under HIPAA. Meanwhile, as of January 1, 2011, OCR reported that it had referred more than 484 Privacy Rule breach investigations to the Department of Justice for consideration for potential criminal prosecution and required changes in privacy practices and other corrective actions as part of the requirements for resolution of an additional 12,781 of cases investigated. In addition to these civil enforcement actions by OCR, the Department of Justice has secured several criminal convictions or pleas under HIPAA’s criminal provisions. OCR data confirms that the covered entities involved in these actions included health care providers, health plans, and others. See, e.g., 2 New HIPAA Criminal Actions Highlight Risks From Wrongful Use/Access of Health　Information

Lax HIPAA and other practices for protection of medical and other confidential personal information also increasingly exposes covered entities and other organizations to liability under state laws. State courts allow individual plaintiffs to rely on violations of HIPAA as the basis for bringing state privacy, retaliation or other actions. See, e.g. Sorensen v. Barbuto, 143 P.3d 295 (Utah Ct. App. 2006), Acosta v. Byrum, 638 S.E. 2d 246 (N.C. Ct. App. 2006). Private plaintiffs employed by covered entities also claim HIPAA related misconduct as the basis for their retaliation claims. See, e.g.,　 Retaliation For Filing HIPAA Complaint Recognized As Basis For State Retaliatory Discharge Claim.

HIPAA-specific exposures, wrongful use, access or disclosure of medical information also can expose covered entities, members of their workforce and others improperly using, accessing or disclosing protected health information to liability under other federal or state laws. See, Cybercrime & Identity Theft: Health Information Security Beyond HIPAA; NY AG Cuomo Announcement of 1st Settlement For Violation of NY Security Breach Notification Law; Woman Who Revealed AIDs Info Gets A Year.

These and other developments make clear that covered entities and their business associates must get serious about HIPAA compliance and risk management. These organizations should review and tighten privacy policies, breach and other monitoring, training and other practices to mitigate against exposures in light of recently tightened requirements and new enforcement risks.

For More Details Or Help With HIPAA & Other Risk Management & Compliance Needs

To learn more about the UCLAHS Resolution Agreement and other risk management tips, see UCLA Health Systems Payment of $865,000 To Settle HIPAA Charges Shows Rising HIPAA Risk.

Ms. Stamer also regularly works with OCR and other agencies, publishes and speaks extensively on medical and other privacy and data security, health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns. Her publications and insights appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, World At Work, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications.　 For instance, On May 3, 2011, Ms. Stamer served as the appointed scribe for the ABA Joint Committee on Employee Benefits Agency meeting with OCR and will moderate a teleconference featuring comments by OCR’s Susan McAndrew for the Joint Committee on Employee Benefits scheduled for May 16. Her insights on the required “culture of compliance” with HIPAA also recently were quoted in medical privacy related publications of the Atlantic Information Service. Among others, she has conducted privacy training for the Association of State & Territorial Health Plans (ASTHO), the Los Angeles Health Department, the American Bar Association, the Health Care Compliance Association, a multitude of health industry, health plan, employee benefit and other clients, trade and professional associations and others. You can get more information about her HIPAA and other experience here. To ask for legal help with these or other compliance concerns, inquire about arranging for compliance audit or training, or matters please contact Ms. Stamer at (469) 767-8872 or via e-mail here. You can review other publications and resources and additional information about the employment, employee benefits and other experience of Ms. Stamer here and register to receive future updates about developments on these and other concerns from Ms. Stamer here. For important information concerning this communication click here.Solutions Law Press™ provides business risk management, legal compliance, management effectiveness and other resources, training and education on human resources, employee benefits, compensation, data security and privacy, health care, insurance, and other key compliance, risk management, internal controls and other key operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press resources available at www.solutionslawpress.com.

Leave a Comment » | Academic medicine, ASC, Disease Management, DME, Doctor, Durable Medical Equipment, E-Prescribing, Electronic Medical Records, Employee Benefits, Genetic Information, GINA, Health Care, Health Care Provider, Health IT, Health Plan, Health Plans, HIPAA, HITECH Act, Home Health, Hospital, Indian Health, Medicare Advantage, Mental Heatlh, OCR, Outpatient, Patient Empowerment, Pharmacy, Prescription Drugs, Rural Health Care | Tagged: business associate, Doctor, Health Care, Health Care Provider, Health Plans, HIPAA, Hospital, Physician | Permalink
Posted by Cynthia Marcotte Stamer

Indictment of 91 Shows Growing Health Care Fraud Enforcement Risk

September 8, 2011

A nationwide takedown by Medicare Fraud Strike Force operations in eight cities resulted in the Department of Justice filing criminal charges against 91 defendants, including doctors, nurses, and other medical professionals, for their alleged participation in Medicare fraud schemes involving approximately $295 million in false billing, Attorney General Eric Holder and Health and Human Services (HHS) Secretary Kathleen Sebelius jointly announced the charges on September 7, 2011.

The charges are provide yet another powerful reminder to health care providers, leaders and organizations of the advisability of tightening compliance practices and taking other steps to guard against ever expanding health care fraud exposures. Already a lead federal enforcement priority for more than a decade, HHS recently established the Center for Program Integrity within the Centers for Medicare & Medicaid Services (CMS) to focus on identifying and stopping fraud and acting swiftly to protect beneficiaries.

Charges Announced September 7 Show Strike Force Targeting Fraud Industry Wide

In announcing the most sweeping joint action to date, HHS and Justice Department officials warned that the latest charges demonstrate the willingness and commitment of federal officials to find and prosecute health care fraud throughout the health care industry. The actions are the latest in a series of strong reminders to providers, leaders and others in the health care industry of the need to tighten compliance and risk management to minimize the risk of getting caught up in the Federal government’s ever-tightening health care fraud investigation and enforcement net.

The charges made against the 91 defendants in the indictments announced cover nearly the entire spectrum of healthcare providers for a variety alleged fraudulent schemes. The defendants charged are accused of various health care fraud-related crimes, including conspiracy to defraud the Medicare program, health care fraud, violations of the anti-kickback statutes and money laundering. The charges are based on a variety of alleged fraud schemes involving various medical treatments and services such as home health care, physical and occupational therapy, mental health services, psychotherapy and durable medical equipment (DME). HHS and Justice Department Officials warned these latest sweeping charges clearly signal the resolve of the federal government to find and prosecute health care fraud throughout the industry. Learn more details about September here.

According to the Justice Department and HHS, 70 individuals were charged by Strike Force prosecutors in indictments unsealed on September 6 and September 7, 2011 in six cities. The indictments allege a variety of Medicare fraud schemes involving approximately $263.6 million in false billings. As part of takedown operations last week, 18 additional defendants were charged in Detroit and one defendant was charged in Miami in cases unsealed on September 1, 2011, for their alleged roles in Medicare fraud schemes involving approximately $29.4 million in fraudulent claims. Additionally, two individuals are scheduled to appear in court on September 7, 2011 on charges filed on August. 24, 2011, for their roles in a separate $2 million health care fraud scheme. According to the September 7 announcement, this coordinated takedown involved the highest amount of false Medicare billings in a single takedown in Strike Force history.

According to court documents, the defendants located in Miami, Houston, Baton Rouge, Los Angeles and Detroit allegedly participated in a diverse array of schemes to submit claims to Medicare for treatments that were medically unnecessary and oftentimes never provided. In many cases, indictments and complaints allege that patient recruiters, Medicare beneficiaries and other co-conspirators were paid cash kickbacks in return for supplying beneficiary information to providers, so that the providers could submit fraudulent billing to Medicare for services that were medically unnecessary or never provided. Collectively, the doctors, nurses, medical professionals, health care company owners and others charged in the indictments and complaints are accused of conspiring to submit a total of approximately $295 million in fraudulent billing. If convicted, the defendants face a broad range of criminal, civil and administrative sanctions including imprisonment, criminal penalties, civil sanctions, federal program disqualification, state licensing board disciplinary action and other consequences.

Charges Part of Ongoing National Anti-Health Care Fraud Campaign

The Medicare Fraud Strike Force operations are part of the Health Care Fraud Prevention & Enforcement Action Team (HEAT), a joint initiative between the Department of Justice and HHS to focus their efforts to prevent and deter fraud and enforce current anti-fraud laws around the country. The joint Department of Justice-HHS Medicare Fraud Strike Force is a multi-agency team of federal, state and local investigators designed to combat Medicare fraud through the use of Medicare data analysis techniques and an increased focus on community policing. Since its announcement, the Strike Force has used the combined resources of agents from the FBI, HHS-Office of Inspector General (HHS-OIG), multiple Medicaid Fraud Control Units, and other state and local law enforcement agencies to investigate and prosecute a rising number of organizations and individuals throughout the industry for alleged violations of Federal health care fraud prohibitions. In their September 7, 2011 announcement, HHS and DOJ credited Strike Force Operations in nine locations with resulting in charges against more than 1,140 defendants who the government charged collectively falsely billed the Medicare program for more than $2.9 billion.

In addition, the HHS Centers for Medicare and Medicaid Services, working in conjunction with the HHS-OIG, are using a wide range of new and old tools in their campaign against what they perceive as fraudulent providers and to deter other perceived aggressiveness by health care providers and organizations. See e.g., U.S. to use software to crack down on Medicare, Medicaid, CHIP fraud; Health Care Fraud Enforcement Packs New Heat; OIG Shares Key Insights On When Owners, Officers & Managers Face OIG Program Exclusion Based On Health Care Entity Misconduct; OIG Launch of Health Care Fraud “Most Wanted” List Sign of Enforcement Risks; CMS Delegated Lead Responsibility For Development of New Affordable Care Act-Required Medicare Self-Referral Disclosure Protocol; HHS announces Rules Implementing Tools Added By Affordable Care Act to Prevent Federal Health Program Fraud.

The effectiveness of these Federal efforts to deter, find and prosecute false claims and other perceived abuses of Federal health care law has been significantly strengthened since Congress passed the Patient Protection & Affordable Care Act (Affordable Care Act). Among other things, ACA empowered HHS to:

Suspend payments to providers and suppliers based on credible allegations of fraud in Medicare and Medicaid;
Impose a temporary moratorium on Medicare, Medicaid, and CHIP enrollment on providers and suppliers when necessary to help prevent or fight fraud, waste, and abuse without impeding beneficiaries’ access to care.
Strengthen and build on current provider enrollment and screening procedures to more accurately assure that fraudulent providers are not gaming the system and that only qualified health care providers and suppliers are allowed to enroll in and bill Medicare, Medicaid and CHIP;
Terminate providers from Medicaid and CHIP when they have been terminated by Medicare or by another state Medicaid program or CHIP;
Require provider compliance programs, now required under the Affordable Care Act, that will ensure providers are aware of and comply with CMS program requirements.

Act To Manage Risks

For More Information Or Assistance

If you need assistance reviewing or responding to these or other health care related risk management, compliance, enforcement or management concerns, the author of this update, attorney Cynthia Marcotte Stamer, may be able to help. Vice President of the North Texas Health Care Compliance Professionals Association, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has more than 23 years experience advising health industry clients about these and other matters. Ms. Stamer has extensive experience advising and assisting health care providers and other health industry clients to establish and administer compliance and risk management policies and to respond to DEA and other health care industry investigation, enforcement and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns. A popular lecturer and widely published author on health industry concerns, Ms. Stamer continuously advises health industry clients about compliance and internal controls, workforce and medical staff performance, quality, governance, reimbursement, and other risk management and operational matters. Ms. Stamer also publishes and speaks extensively on health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns including a number of programs and publications on OCR Civil Rights rules and enforcement actions. Her insights on these and other related matters appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, World At Work, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications. You can get more information about her health industry experience here. If you need assistance with these or other compliance concerns, wish to inquire about arranging for compliance audit or training, or need legal representation on other matters please contact Ms. Stamer at (469) 767-8872 or via e-mail here.

About Solutions Law Press

4th Circuit Rejects Affordable Care Act Constitutional Challenges In 2 Suits

September 8, 2011

The Fourth Circuit this morning (September 8, 2011) published decisions ruled rejecting two lawsuits challenging the constitutionality of the Patient Protection and Affordable Care Act on jurisdictional grounds in Liberty University v. Geithner and Commonwealth of Virgina v. Sebelius.

These decisions add to the growing differences of opinions about the Constitutionality of the Affordable Care Act among the various trial and appeals courts. These disparities make it increasingly likely that the Supreme Court eventually will decide the issue. Absent unforsee circumstances, however, any Supreme Court resolution is unlikely to come before the next round of health plan and exchange deadlines start taking effect in 2012 and the lack of agreement among the courts means that most health care providers and others impacted by the Affordable Care Act must continue to plan and comply absent new rulings or other guidance to the contrary.

If you have about the decisions or other questions about Affordable Care Act or other health care, health plan or related matters, please contact the author, Cynthia Marcotte Stamer at cstamer@solutionslawyer.net or (469) 767-8872.

Leave a Comment » | Affordable Care Act, Consumer Driven Health Care, Doctor, Employer, Health Care, Health Care Reform, Health Plan, Health Plans, Laws, Medicare Fee Schedule, Medicare Prescription Drug Program, Public Policy | Tagged: Affordable Care Act, Constituionality, Constitution, Fourth Circuit, Health Care, Health Care Provider, Health Care Reform, Hospital, insurer, patient protection and afforddale care act, Payer, Physician | Permalink
Posted by Cynthia Marcotte Stamer

Health Care Employers Beat National Average When Offering Health Benefits To Workers

July 29, 2011

A new 2011 U.S. Department of Labor Bureau of Labor Statistics Study of employee benefits offered shares key insights into the availability of employer-provided health and other coverage.

With regard to health benefits, the report reveals that practices vary significantly among employers, on average, medical care benefits were available to 69 percent of private industry workers. 1/2 private industry workers participated in a medical plan. For single coverage, private sector employers paid 80 percent of the medical care premiums for full-time workers and 69 percent of medical care premiums for full-time workers in private industry. Data shows employees often elect not to take offered coverage.

The study shows that health and other benefits offered by employers and utilized by employees varies widely varied by whether the employer is a government or private sector employer, the industry, size and other characteristics of the employer and the income, profession, education and other characteristics of the employee. It is no surprise that government employers that can pass along costs to taxpayers provide coverage more broadly and subsidize more of the cost.

The report reveals that most health care employers offer health coverage and significantly subsidize the cost of this coverage for their workers. According to the report:

73 percent of private sector health care workers are offered health coverage by their employers;
52 percent of health care workers participate in employer provided health care coverage;
The take up rate by private sector health industry workers for employer provided coverage is 72 percent.

The report also shows that private sector health care employers on average paid 81 percent of single coverage health coverage costs, and only required employees to contribute an average of 19 percent of the cost for their single coverage.

In addition to data on medical benefits, the study also reports that paid leave remains the most commonly provided benefit nationally and includes data on other benefits.

The DOL highlights 1st time reporting of domestic partner status for 1st time in its announcement. Data also provided on paid vacation and other leave.

Read report summary and access report at http://www.bls.gov/news.release/ebs2.nr0.htm.

For Help or More Information

If you have questions or need help understanding or responding to the Regulations, with other health benefit design, administration or operations concerns, or with other employee benefits, compensation, labor or employment or other workforce management concerns, please contact the author of this update, Board Certified Labor and Employment attorney and management consultant Cynthia Marcotte Stamer here or at (469)767-8872.

Past Chair of the American Bar Association (ABA) Health Law Section Managed Care & Insurance Interest Group, Chair of the ABA RPTE Employee Benefit and Other Compensation Committee, and a council member of the ABA Joint Committee on Employee Benefits, Vice President of the North Texas Healthcare Compliance Professionals Association, Exempt Organizations Coordinator of the Gulf States Area TEGE Council, and Executive Director of the Project COPE: Coalition On Patient Empowerment, Ms. Stamer is nationally recognized for her more than 23 years pragmatic and innovative health program work.

Board certified in labor and employment law by the Texas Board of Legal Specialization with extensive leading edge health care, human resources and employee benefits experience.

For more than 24 years, Ms. Stamer has worked with health care providers, payers, government and charitable agencies, policymakers and others on managing health, insurance and employee benefits, practices, people, performance, costs, performance and policy. In the health care industry, Ms. Stamer works extensively with hospitals, physician practices, skilled nursing, hospice, and other health care providers to manage their people, compliance, quality and operations. Along side this work, Ms. Stamer also has worked extensively in the payor community on product design, administration, quality, contracting, compliance, public policy and other concerns. As part of this work, she has worked continuously throughout her career helping self-insured and insured, public and private health plan sponsors, fiduciaries, administrators, insurers and others design, administer and defend health and other employee benefit and insurance programs domestically and internationally. She is widely recognized for her experience helping design and implement legally compliant self-insured and insured health reimbursement, mini-med, high-deductible health plans, limited benefit plans, 24-hour and occupational medicine, Medicare and Medicaid Advantage, ex-pat and medical tourism, deductible reimbursement and other creative health benefit programs to solve a wide range of financial and other challenges while coping with changing regulatory and market realities. Her work includes both working with clients to design, document, implement and administer these and other arrangements, as well as the development of wellness and disease management, claims administration and appeals, eligibility, and other administrative services, processes and technologies. Ms. Stamer regularly represents and defends these and other clients in dealings with the Department of Labor, Department of Justice, Department of Health & Human Services, Department of Defense, Internal Revenue Service, Securities and Exchange Commission, state insurance regulators, state attorneys general and other federal and state regulators and prosecutors and private plaintiffs in connection with investigations, prosecutions, audits and other actions arising from employee benefit, insurance and related arrangements and products.

Recognized in the International Who’s Who of Professionals and bearing the Martindale Hubble Premier AV-Rating, Ms. Stamer also is a highly regarded author and speaker, who regularly conducts management and other training on a wide range of health care, insurance, labor and employment, employee benefit, human resources, internal controls, privacy and data security, board governance and other related risk management matters. Her writings frequently are published by the American Bar Association (ABA), Aspen Publishers, Bureau of National Affairs, the American Health Lawyers Association,the American Bar Association, SHRM, World At Work, Government Institutes, Inc., Atlantic Information Services, Employee Benefit News, Modern Healthcare, and many others. For a listing of some of these publications and programs, see here. Her insights on human resources risk management matters also have been quoted in The Wall Street Journal, various publications of The Bureau of National Affairs and Aspen Publishing, the Dallas Morning News, Spencer Publications, Health Leaders, Business Insurance, the Dallas and Houston Business Journals and a host of other publications. In addition to her many ABA leadership involvements, she also serves in leadership positions in numerous human resources, corporate compliance, and other professional and civic organizations. Her insights on these and other matters appear in the Bureau of National Affairs, Spencer Publications, the Wall Street Journal, the Dallas Business Journal, the Houston Business Journal, World At Work, the ICEBS, SHRM and many other national and local publications. For additional information about Ms. Stamer and her experience or to access other publications by Ms. Stamer see here or contact Ms. Stamer directly.

About Solutions Law Press

For assistance with assessing or defending your current worker classification, wage and hour or other health care and human resources policies and controls, please contact Cynthia Marcotte Stamer at cstamer@solutionslawyer.net, 972-419-7188..

For More Information or Assistance

The author of this update, attorney Cynthia Marcotte Stamer, has extensive experience advising and assisting health care providers and other health industry clients to respond to these and other health care industry enforcement and other compliance, public policy, regulatory, staffing, and other operations and risk management matters.

Board Certified in Labor and Employment Law, Vice President of the North Texas Health Care Compliance Professionals Association, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has more than 23 years experience advising physicians, hospitals and other health industry, assisted living, educational and other clients about human resources, employee benefits and compensation, regulatory compliance and enforcement, quality assurance, peer review, licensing and discipline, and other medical staff performance matters. She continuously advises health industry clients about the use of technology, process and other mechanisms to promote compliance and internal controls, workforce and medical staff performance, quality, governance, reimbursement, and other risk management and operational needs. As part of this experience, she has worked extensively with health care providers, payers, health care technology and consulting and other health industry clients, as well as other businesses, on privacy, data security, trade secret and related matters. A popular lecturer and widely published author on health industry concerns, Ms. Stamer also publishes and speaks extensively on health care compliance, staffing and human resources, compensation and benefits, technology, medical staff, public policy, reimbursement, privacy, technology, and other health and managed care industry regulatory, and other operations and risk management concerns for medical societies and staffs, hospitals, the HCCA, American Bar Association, American Health Lawyers Association and many other health industry groups and symposia. Her highly popular and information packed programs include many highly regarded publications on HIPAA, FACTA, medical confidentiality, state identity theft and privacy and other many other related matters. Her insights on these and other related matters appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, World At Work, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications. To review some of her many publications and presentations, or for additional information about Ms. Stamer, her experience, involvements, programs or publications, see here.

Other Recent Developments

If you found this information of interest, you also may be interested in reviewing some of the following recent Updates available online by clicking on the article title:

For More Information

We hope that this information is useful to you. You can review other recent health care and internal controls resources and additional information about the health industry and other experience of Ms. Stamer here. If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information – including your preferred e-mail – by creating or updating your profile at here or e-mailing this information here.

About Solutions Law Press

Solutions Law Press™ provides business risk management, legal compliance, management effectiveness and other resources, training and education on human resources, employee benefits, compensation, data security and privacy, health care, insurance, and other key compliance, risk management, internal controls and other key operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press resources. If you or someone else you know would like to receive future updates and notices about other upcoming Solutions Law Press events, please be sure that we have your current contact information – including your preferred e-mail – by creating or updating your profile at here. For important information concerning this communication click here.

Leave a Comment » | Border Health, Consumer Driven Health Care, Corporate Compliance, Doctor, Employee Benefits, Employer, Employment, Health Care, Health Care Provider, Health Care Quality, Health Plan, Health Plans, Hospital | Tagged: employee benefits, Employer, Group Home, Health Care, health coverage, Health Plans, Hospitals, medical, Minimum Wage, Overtime, Residential Care, Wage & Hour, Worker Classification | Permalink
Posted by Cynthia Marcotte Stamer

Health Care Reform’s 1st Birthday: Share What You Think!

March 23, 2011

On the 1st anniversary of the passage of Health Care Reform, let’s celebrate by accepting the invitation from Joe Biden to “discuss how health care reform is already working.”

Below is the text of an e-mail I (and millions of other Americans, I suspect, received an e-mail from Joe Biden, in which he touts health care reform as already saving patients like a young man from Minnesota. In the e-mail, Biden says: “On the one-year anniversary of the Affordable Care Act, I think we have a duty to discuss how reform is already working.” OK, tell me what you think?

Unquestionably, health care reform produces some winners and loosers. Although few of the reforms enacted are actually in effect yet, Biden says heath care reform is working and credits the law for saving the life of the young man and millions of others. On the other hands, many patients and doctors treating patients with cancer and other life threatening illnesses complain and report fears that in the future increasing Medicare, Medicaid or other government regulations and market distruptions. Some folks think it’s all good. Other’s think it’s all bad. Many American’s think it’s a little bit of both and many just don’t know.

Where does the truth lie? On the 1st anniversary of the passage of health are reform, one thing is certain. The American health care system and it’s impact on our employees, families, friends, communities and goverment and personal budget’s is too great to be complacent. So, as Health Care Reform turns one, let’s accept the invitation of Vice President Biden and share our experiences and thoughts with our elected representatives, regulators, with others on with others on the Coalition for Responsible Health Care Policy linkedin a the following link and keep the discussion going until we get it right:

Coalition for Responsible Health Care Policy

Here’s the e-mail from “Joe Biden [info@barackobama.com]”

Cynthia –I want to tell you about a family in Minnesota.

Justin and Kari live in Brooklyn Park, right outside of Minneapolis. They’re parents to three children. Their three-year-old, William, was born with a genetic disorder called tuberous sclerosis complex.

For the rest of his life, William will wrestle with tumors in his brain, his heart, his kidneys, his skin, and possibly other major organs. He must take medication to control seizures and faces the threat of kidney disease.

What Justin and Kari want for William is a future. And because of health reform, that’s what he’ll have.

Today, insurance companies are no longer able to discriminate against William because of the condition he’s dealt with since birth. Now, Justin and Kari know they’ll be able to get the kind of care that William needs — today and into the future.

Their story isn’t unique, but it’s one of many that need to be told. We all know people whose lives have been changed because of the Affordable Care Act, even if we don’t realize it. So we’ve found a way to show exactly how reform is working for all of us — for our parents, our siblings, our kids, ourselves.

Will you take a minute to take our Health Reform Checkup and let the people you love know how reform is working for them?

Before the Affordable Care Act, Justin and Kari weren’t sure about the future. They worried that they’d never be able to find coverage for William again if Justin lost his job. They worried about the life that William would lead — whether he’d ever be able to work or support a family.

Not anymore. William’s condition isn’t going away, but he’ll always be able to get care. The Affordable Care Act is one year old today, and it has already changed William’s life — and this country — for good.

Today, there are families who feel better about the future than they did a year ago. They’ve found some security, some relief. And these are people we know. They’re our neighbors, our colleagues, our friends, our families — the people next to us every day.

On the one-year anniversary of the Affordable Care Act, I think we have a duty to discuss how reform is already working.

Watch Justin and Kari tell their story, and take a moment to learn how health reform is changing the lives of those you know:

http://my.barackobama.com/Checkup

A year ago, I stood next to the President as he signed health reform into law — and we have you to thank for making that possible.

Yours,

Joe

Paid for by Organizing for America, a project of the Democratic National Committee — 430 South Capitol Street SE, Washington, D.C. 20003. This communication is not authorized by any candidate or candidate’s committee.

Leave a Comment » | Affordable Care Act, Consumer Driven Health Care, Doctor, Employer, Health Care, Health Care Reform, Health Plan, Health Plans, Laws, Medicare Fee Schedule, Medicare Prescription Drug Program, Public Policy | Tagged: Affordable Care Act, Health Care, Health Care Provider, Health Care Reform, Hospital, insurer, patient protection and afforddale care act, Payer, Physician | Permalink
Posted by Cynthia Marcotte Stamer

ONC Touts Research On Health IT Benefits In Health Affairs Article

March 20, 2011

Researchers from the Office of the National Coordinator for Health Information Technology (ONC) and other Department of Health & Human Services (HHS) leaders are touting new studies they say show the benefits of investing in health information technology (health IT).

Under the Health Information Technology for Economic and Clinical Health Act (HITECH), part of the American Recovery and Reinvestment Act of 2009, as much as $27 billion Medicare and Medicaid incentive payments will be available to eligible professionals, eligible hospitals, and critical access hospitals when they adopt certified EHR technology and successfully demonstrate “meaningful use” of the technology in ways that improve quality, safety, and effectiveness of patient-centered care.

On March 8, 2011, ONC researches reported results of a comprehensive review of recent studies it says show the effects of health IT on key aspects of health care on the ONC website and in Health Affairs.

According to Donald Berwick, M.D., administrator of the Centers for Medicare & Medicaid Services, the study supports the investments that the HITECH Act makes in health IT. “These new findings are very significant in helping to confirm that our Nation has made the right choice in moving aggressively toward adoption of health information technology,” said Dr. Berwick. “These new findings are very significant in helping to confirm that our Nation has made the right choice in moving aggressively toward adoption of health information technology.”

The review included articles published from July 2007 up to February 2010, following up on earlier reviews of articles from 1995 to 2004 and from 2004 to 2007. This latest review initially surveyed more than 4,000 peer-reviewed articles, of which 154 were found qualified for the parameters of the study, a number similar to the previous efforts. In addition to quality and efficiency of care, the authors categorized additional outcomes including access to care, preventive care, care process, patient safety, and provider or patient satisfaction.

According to the authors, a current review of 154 peer-reviewed studies from July 2007 to February 2010 found:

More than 92 percent reached positive overall conclusions on the effects of health IT;
30 percent found mixed but predominantly positive results; and
Ten articles were found to have negative or mixed-negative results.

ONC reports that the review also reflected a new balance of evidence between HIT “leader” organizations and other entities, especially smaller medical practices. In previous years, much evidence has come from the “leaders.” The current review shows increased evidence of benefits for others as well.

Examples of positive results highlighted by ONC in its reports include:

One study found that at three New York City dialysis centers, patient mortality decreased by as much as 48 percent while nurse staffing decreased by 25 percent in the three years following implementation of electronic health records (EHRs).
In an inpatient study, a clinical decision support tool designed to decrease unnecessary red blood cell transfusions reduced both transfusions and costs, with no increase in patient length-of-stay or mortality.
Another study addressing HIT in 41 Texas hospitals found that hospitals with more advanced HIT had fewer complications, lower mortality and lower costs than hospitals with less advanced HIT.

ONC researchers report that negative findings in the study were most often associated with provider or staff satisfaction related to difficulties in the process of transitioning from paper-based to electronic-based records and care. The researchers conclude these findings “highlight the need for studies that document the challenging aspects of implementing HIT more specifically and how these challenges might be addressed,” such as through strong leadership or staff participation when adopting and implementing HIT.

Reflecting on the findings, Surgeon General Regina Benjamin, M.D., said, “My own personal experience in switching my practice from paper to EHRs showed that the change requires some initial effort; however, it did not interrupt work flow in the clinic. The results are better care for patients and new opportunities for the physician and staff to improve quality outcomes.” Dr. Benjamin switched to EHRs in her Gulf Coast Alabama family practice after two hurricanes and a fire destroyed the clinic’s paper records.

At the Agency for Healthcare Research and Quality, where research into health informatics has been supported since 1968, agency Director Carolyn Clancy, M.D., called attention to the importance of rapid information feedback and current evidence as the Nation pursues HIT implementation. “As we have known, and this new review of the available literature shows, HIT holds tremendous potential to improve health care quality. It is important that we continue to use experience from the field and scientific evidence to guide our efforts to improve the quality and safety of health care for all Americans.”

For Help With Monitoring Developments, Compliance, Investigations Or Other Needs

If you need assistance monitoring federal health reform, policy or enforcement developments, or to review or respond to these or other health care or health IT related risk management, compliance, enforcement or management concerns, the author of this update, attorney Cynthia Marcotte Stamer, may be able to help. Vice President of the North Texas Health Care Compliance Professionals Association, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has more than 23 years experience advising health industry clients about these and other matters. Ms. Stamer has extensive experience advising and assisting health care providers and other health industry clients to establish and administer medical privacy and other compliance and risk management policies, to health care industry investigation, enforcement and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns. A popular lecturer and widely published author on health industry concerns, Ms. Stamer continuously advises health industry clients about compliance and internal controls, workforce and medical staff performance, quality, governance, reimbursement, and other risk management and operational matters. Ms. Stamer also publishes and speaks extensively on health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns/ She also regularly designs and presents risk management, compliance and other training for health care providers, professional associations and others including highly popular programs on “Sex Drugs & Rock ‘N Role: Managing Personal Misconduct in Health Care,” “Managing Physician Performance” and others.. Her publications and insights appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, World At Work, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications. You can get more information about her health industry experience here. If you need assistance with these or other compliance concerns, wish to inquire about arranging for compliance audit or training, or need legal representation on other matters please contact Ms. Stamer at (469) 767-8872 or via e-mail here.

About Solutions Law Press

Leave a Comment » | DME, Doctor, E-Prescribing, Electronic Health Records, Electronic Medical Records, Federal Health Center, Health Care, Health Care Fraud, Health Care Provider, Health Care Quality, Health Care Reform, Health IT, Health Plan, Health Plans, HITECH Act, Hospital, Hospital, Laws, Meaningful Use, Medicaid, Medicare, Medicare Advantage, Physician, Public Policy, Reimbursement | Tagged: EHR, Electronic Health Records, Electronic Medical Records, EMR, Health Care, Health IT, Health Technology, Heatlh Care Reform, HITECH Act, ONC | Permalink
Posted by Cynthia Marcotte Stamer

CMS Finalizes Allotments To States To Pay Medicaid Part B Premiums For Qualifying Individuals

March 19, 2011

Charts showing the final allotments made by the Centers for Medicare & Medicaid Services (CMS) to States of funds to use to pay the Medicare Part B premiums for Qualifying Individuals (QIs) for the Federal fiscal year (FY) 2010 and the preliminary QI allotments for FY 2011 appear in the March 19, 2011 Federal Register.

The funds allotted are funds authorized by Congress pursuant to Section 111 of the Medicare Improvements for Patients and Providers Act of 2008, (MIPPA), Section 2 of the QI Program Supplemental Funding Act of 2008 (the SFA), Section 5005 of the American Recovery and Reinvestment Act of 2009 (ARRA), the “Emergency Aid to American Survivors of the Haiti Earthquake Act” (Haiti Earthquake Act). The final QI allotments for payment of Medicare Part B premiums for FY 2010 are effective October 1, 2009. The preliminary QI allotments for FY 2011 are effective October 1, 2010.

Review the charts here.

For Help With Monitoring Developments or With Compliance, Investigations, Training Or Other Needs

If you need assistance monitoring federal health policy or enforcement developments, or to review or respond to these or other health care related risk management, compliance, enforcement or management concerns, the author of this update, attorney Cynthia Marcotte Stamer, may be able to help. Vice President of the North Texas Health Care Compliance Professionals Association, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has more than 23 years experience advising health industry clients about these and other matters. Ms. Stamer has extensive experience advising and assisting health care providers and other health industry clients to establish and administer medical privacy and other compliance and risk management policies, to health care industry investigation, enforcement and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns. A popular lecturer and widely published author on health industry concerns, Ms. Stamer continuously advises health industry clients about compliance and internal controls, workforce and medical staff performance, quality, governance, reimbursement, and other risk management and operational matters. Ms. Stamer also publishes and speaks extensively on health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns. She also regularly designs and presents risk management, compliance and other training for health care providers, payers, employers, professional associations and others. Her publications and insights appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, World At Work, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications. You can get more information about her health industry experience here. If you need assistance with these or other compliance concerns, wish to inquire about arranging for compliance audit or training, or need legal representation on other matters please contact Ms. Stamer at (469) 767-8872 or via e-mail here.

About Solutions Law Press

Leave a Comment » | Academic medicine, Affordable Care Act, Childrens Health Insurance Program, Health Care, Health Care Finance, Health Care Reform, Health Plans, Laws, Medicaid, Medicare, Medicare Fee Schedule, Patient Protection and Affordable Care Act, Public Policy | Tagged: Affordable Care Act, ARRA, CMS, Health Care Reform, Medicaid, Medicare, Medicare Part B, Premium Subsidies, Qualitying Individuals | Permalink
Posted by Cynthia Marcotte Stamer

Health Care Providers Brace For New HIPAA Enforcement As OCR Announces Hospital Resolution Agreement Requiring $1 Million Settlement Payment

February 25, 2011

Announcement Made 2 Days After OCR Announces $4.3 Million HIPAA Civil Penalty Against Cignet

General Hospital Corporation and Massachusetts General Physicians Organization Inc. (Mass General) has agreed to pay the U.S. government $1,000,000 to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy Rule. The incident giving rise to the agreement involved the loss of protected health information (PHI) of 192 patients of Mass General’s Infectious Disease Associates outpatient practice The U.S. Department of Health and Human Services (HHS) Office of Civil Rights (OCR) announced the Resolution Agreement two days after announcing that its first official assessment of a civil monetary penalty CMP under HIPAA – a $4.3 million against Cignet Health of Prince George’s County, Md., (Cignet). Read more details here

HIPAA Privacy Rule restricts the use, access and disclosure by covered entities of PHI and other individually identifiable health care information to those outlined within the Rules. Under HIPAA covered entities also are responsible for establishing and enforcing policies and procedures that safeguard PHI against improper use, access or disclosure by employees, business associates, and other third parties. Noncompliance with the Privacy and Security Rules exposes a covered entity to criminal prosecution and penalties, civil penalties or both. The Privacy Rule requires health plans, health care clearinghouses and most health care providers (covered entities) to safeguard the privacy of patient information, including such information during its disposal. Under amendments to HIPAA enacted under the HITECH Act, business associates now also are accountable and subject to direct liability for failing to comply with HIPAA’s requirements. Amendments to HIPAA under the HITECH Act, further expand the risks and responsibilities of health care providers and other covered entities.

Announced just two days before the Mass General Resolution Agreement, the Cignet CMP announced February 22, 2011 is the first CMP ever assessed by OCR under the HIPAA Privacy Rule. The assessment resulted after OCR found Cignet violated 41 patients’ HIPAA rights and committed other HIPAA violations. The $4.3 million CMP against Cignet applies the expanded HIPAA violation categories and increased HIPAA civil monetary penalty amounts authorized by HIPAA amendments made by Section 13410(d) of the Health Information Technology for Economic and Clinical Health (HITECH) Act. Read more details.

Even before the Mass General Resolution Agreement and Cignet CMP announcements, HIPAA Privacy exposures of covered entities for failing to comply with HIPAA already had risen significantly. While OCR had not assessed any civil monetary penalties against any covered entity for violation of HIPAA before Cignet, OCR’s collection of $1 Million from Rite Aid in a 2010 Resolution Agreement, $2.25 million from CVS Pharmacy, Inc. under a 2009 Resolution Agreement and $100,000 from Providence Health & Services under a 2008 Resolution Agreement demonstrated that covered entities could face significant civil liability for willful violations of the Privacy Rules. In addition to these civil enforcement actions by OCR, the Department of Justice has secured several criminal convictions or pleas under HIPAA’s criminal provisions. OCR data confirms that the covered entities involved in these actions included health care providers, health plans, and others. Coupled with the HITECH Act changes, these and other enforcement actions signal growing potential hazards for covered entities and their business associates that fail to properly manage their HIPAA compliance obligations and risks.

The Mass General and Cignet announcements and other enforcement actions demonstrate that OCR is moving forward on its announced plans to hold health plans, health care providers, health care clearinghouses (covered entities) and their business associates that violate HIPAA accountable. Added to other recent developments, the Mass General and Cignet enforcement actions demonstrate that OCR’s commitment to enforcing HIPAA and illustrate the significant exposures that covered entities and business associates risk by disregarding their HIPAA obligations.

As stated by OCR Director Georgina Verdugo when announcing the Mass General Resolution Agreement, stating, “We hope the health care industry will take a close look at this agreement and recognize that OCR is serious about HIPAA enforcement. It is a covered entity’s responsibility to protect its patients’ health information.”

“To avoid enforcement penalties, covered entities must ensure they are always in compliance with the HIPAA Privacy and Security Rules,” Verdugo added, “A robust compliance program includes employee training, vigilant implementation of policies and procedures, regular internal audits, and a prompt action plan to respond to incidents.”

Covered entities are urged to heed these warning by strengthening their HIPAA compliance and adopting other suitable safeguards to minimize HIPAA exposures. Health plans and other covered entities as well as their business associates should tighten privacy policies, breach and other monitoring, training and other practices to mitigate against exposures in light of recently tightened requirements and new enforcement risks. To minimize the potential that the health plan’s sharing of information with the employer will create or spread HIPAA or other privacy risks to the employer or members of its workforce, employers and other plan sponsors and members of their workforce also should take steps to ensure not only that their health plan documents, policies and procedures, as well as those policies and practices applicable to the employer, its human resources, and benefits advisors when accessing or handling health plan or other medical information on behalf of the employer, rather than the plan, are appropriately designed and administered.

Act To Manage HIPAA Exposures

In response to these expanding exposures, covered entities and their business associates should review the adequacy of their current HIPAA Privacy and Security compliance policies, monitoring, training, breach notification and other practices taking into consideration the Cignet, Rite Aid, Provident and CVS enforcement actions, emerging litigation and other enforcement data; their own and reports of other security and privacy breaches and near misses, and other developments to determine if additional steps are necessary or advisable. As part of these compliance and risk management efforts, most covered entities and their business associates will find it advisable to devote significant attention to the business associate relationship and its associated business associate agreements.

For Help With Investigations, Policy Review & Updates Or Other Needs

If you need assistance in auditing or assessing, updating or defending your HIPAA, or other health or other employee benefit, labor and employment, compensation, privacy and data security, or other internal controls and practices, please contact the author of this update, attorney Cynthia Marcotte Stamer at cstamer@solutionslawyer.net or at (469)767-8872.

The Chair of the American Bar Association (ABA) RPTE Employee Benefits & Other Compensation Committee, a Council Representative on the ABA Joint Committee on Employee Benefits, Government Affairs Committee Legislative Chair for the Dallas Human Resources Management Association, and past Chair of the ABA Health Law Section Managed Care & Insurance Interest Group, Ms. Stamer works, publishes and speaks extensively on HIPAA and other privacy and data security, health plan, health care and other human resources and workforce, employee benefits, compensation, internal controls and related matters.

For more than 23 years, Ms. Stamer has counseled, represented and trained employers and other employee benefit plan sponsors, plan administrators and fiduciaries, insurers and financial services providers, third party administrators, human resources and employee benefit information technology vendors and others privacy and data security, fiduciary responsibility, plan design and administration and other compliance, risk management and operations matters. She also is recognized for her publications, industry leadership, workshops and presentations on privacy and data security and other human resources, employee benefits and health care concerns. Her many highly regarded publications on privacy and data security concerns include “Privacy Invasions of Medical Care-An Emerging Perspective.” ERISA Litigation Manual. BNA, 2003-2009; “Privacy & Securities Standards-A Brief Nutshell.” BNA Tax Management and Compliance Journal. February 4, 2005; “Cybercrime and Identity Theft: Health Information Security beyond HIPAA.” ABA Health eSource. May, 2005 and many others. She also regularly conducts training on HIPAA and other privacy and data security compliance and other risk management matters for a broad range of organizations including the Association of State and Territorial Healthcare Organizations (ASTHO), the Los Angeles County Health Department, a multitude of health plans and their sponsors, health care providers, the American Bar Association, SHRM, the Society for Professional Benefits Administrators and many others. Her insights on these and other matters appear in the Bureau of National Affairs, Spencer Publications, the Wall Street Journal, the Dallas Business Journal, the Houston Business Journal, and many other national and local publications. For additional information about Ms. Stamer and her experience or to access other publications by Ms. Stamer see www.CynthiaStamer.com or contact Ms. Stamer directly.

About Solutions Law Press

Leave a Comment » | Academic medicine, ASC, Childrens Health Insurance Program, Doctor, Electronic Medical Records, Employment, Federal Health Center, Federal Sentencing Guidelines, Genetic Information, GINA, Health Care, Health Care Provider, Health Plan, Health Plans, HIPAA, HITECH Act, Hospital, Hospital, Indian Health, Medicare Advantage, Mental Heatlh, OCR, Pharmacy, Physician, Privacy, Rural Health Care | Tagged: Civil Monetary Penalties, HIPAA, Mass General, OCR, PHI, Privacy | Permalink
Posted by Cynthia Marcotte Stamer

HHS Imposes 1st HIPAA Privacy Civil Penalty of $4.3 million

February 22, 2011

Health Care Providers Should Strengthen HIPAA Compliance & Defenses As Risks Rise

$4.3 million is the amount of the civil monetary penalty (CMP) that the U.S. Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) has ordered Cignet Health of Prince George’s County, Md., (Cignet) to pay for violating the Health Insurance Portability & Accountability Act (HIPAA) Privacy Rule.

The first CMP ever assessed by OCR under the HIPAA Privacy Rule, the Cignet CMP assessment is the latest in a series of developments documenting the rising risks that health care providers, health plans, health care clearinghouses and their business associates (“covered entities”) face for violations of HIPAA. Covered entities and their business associates should tighten privacy policies, breach and other monitoring, training and other practices to mitigate against exposures in light of recently tightened requirements and new enforcement risks. Read more details.

Even before the announcement of the Cignet CMP, the HIPAA Privacy exposures of covered entities for failing to comply with HIPAA already had risen significantly. As of January 1, 2011, OCR reports that 12,781 of the cases it has investigated have been resolved by requiring changes in privacy practices and other corrective actions by the covered entities and has referred more than 484 Privacy Rule breach investigations to the Department of Justice for consideration for potential criminal prosecution.

While OCR had not assessed any civil monetary penalties against any covered entity for violation of HIPAA before Cignet, OCR’s collection of $2.25 million from CVS Pharmacy, Inc. under a 2009 Resolution Agreement and $100,000 from Providence Health & Services under a 2008 Resolution Agreement demonstrated the willingness of OCR to pursue significant civil remedies against covered entities that it determined willfully violated the Privacy Rules.

For Help With Compliance, Investigations Or Other Needs

If you need assistance auditing or tightening your existing HIPAA and other confidentiality practices or addressing other health care related risk management, compliance, enforcement or management concerns, the author of this update, attorney Cynthia Marcotte Stamer, may be able to help. Vice President of the North Texas Health Care Compliance Professionals Association, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has more than 23 years experience advising health industry clients about these and other matters. Ms. Stamer has extensive experience advising and assisting health care providers and other health industry clients to establish and administer medical privacy and other compliance and risk management policies and to respond to OCR, FTC, medical board and other health care industry investigation, enforcement and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns. A popular lecturer and widely published author on health industry concerns, Ms. Stamer continuously advises health industry clients about compliance and internal controls, workforce and medical staff performance, quality, governance, reimbursement, and other risk management and operational matters. Ms. Stamer also publishes and speaks extensively on health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns including a number of programs and publications on Medicare quality and other compliance concerns. Her publications and insights on HIPAA and other related matters appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, World At Work, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications. You can get more information about her health industry experience here. If you need assistance with these or other compliance concerns, wish to inquire about arranging for compliance audit or training, or need legal representation on other matters please contact Ms. Stamer at (469) 767-8872 or via e-mail here.

About Solutions Law Press

Leave a Comment » | Academic medicine, ARRA, ASC, Centers For Disease Control, Disease Management, DME, Doctor, E-Prescribing, Electronic Health Records, Electronic Medical Records, Federal Health Center, Genetic Information, Health Care, Health Care Provider, Health Care Quality, Health IT, Health Plans, HIPAA, HITECH Act, Hospital, Hospital, Indian Health, Medicaid, Medical Licensure, Medicare, Medicare Advantage, Medicare Fee Schedule, Mental Heatlh, OCR, Peer Review, Pharmacy, Physician, Privacy, Reimbursement, Telemedicine | Tagged: covered entity, Health Care, HIPAA, Hospital, Medical Confidentiality, OCR, Physician, Privacy Rule, Security Rule | Permalink
Posted by Cynthia Marcotte Stamer

CMS Physician Compare Tool Gives Patients New Info On Physicians & Other Providers

January 4, 2011

The Centers for Medicare & Medicaid Services (CMS) is giving patients and their families new resources to learn about physicians and certain other health care providers. On December 30, 2010, CMS added a new “Physician Compare” feature to the CMS Healthcare Provider Directory. While the information provided currently is relatively limited, CMS plans to expand the data to help Medicare and non-Medicare patients and their families find and assess the quality of providers. While these and other similar resources can provide valuable information for patients and their families, like all provider directories, patients and their families should be cautioned to properly understand the benefits and limitations of the resource. Accordingly, physicians and other providers covered by the new tool should be aware of the tool and prepare to respond to questions and concerns that it may prompt. Physicians and other providers also should monitor proposed future expansions of this resource and provide input about the proposed content, format and presentation of such information.

Required by the Patient Protection & Affordable Care Act (“Affordable Care Act”), the Physician Compare tool located here has information about Doctors of Medicine, Osteopathy, Optometry, Podiatric Medicine, and Chiropractic and certain other types of health care professionals participating in the Medicare Program, who routinely care for Medicare beneficiaries.

According to CMS, the Physician Compare Web Site is designed to be consumer friendly and help all patients—whether on Medicare or not—locate health professionals in their communities. The information on the site includes contact and address information for offices, the professional’s medical specialty, where the professional completed his or her degree as well as residency or other clinical training, whether the professional speaks a foreign language, and the professional’s gender. The tool can also help Medicare beneficiaries find out which physicians that see Medicare patients.

In addition to information about the physician’s practice, Physician Compare also shows consumers whether the practice reported certain data to CMS through the Physician Quality Reporting System, formerly known as the Physician Quality Reporting Initiative (PQRI). Currently, the PQRI reporting system is a voluntary reporting program that rewards physicians and other eligible healthcare professionals for reporting data on quality measures related to services furnished to Medicare beneficiaries. These quality measures are based on the best available medical evidence and designed to help professionals improve care for patients. In 2009, over 200,000 professionals reported data to CMS through the Physician Quality Reporting System.

According to CMS, it plans a second phase of the Web site which will indicate whether professionals chose to participate in a voluntary effort with the Agency to encourage doctors to prescribe medicines electronically, rather than through traditional paper-based prescription methods later in 2011.

In future years, the Physician Compare Web site will be expanded with information about the quality of care Medicare beneficiaries receive from physicians and the other healthcare professionals profiled on the site. The expansion will include information on quality of care and patient experience that can help consumers learn more about the care provided by Medicare-participating physicians. CMS is required by the Affordable Care Act to develop a plan to implement this expansion by 2013.

The new Physician Compare resource supplements a broad range of resources that patients and their families can use to gather information about an existing or proposed health care provider. Like all directories, however, patients and their families should keep in mind that no single resource or directory provides complete information about any one provider or should be used as a sole basis for selecting or assessing the quality or credentials of any health care provider.

Help patients and their families to constructively use these and other tools by managing your reputation and sharing information with patients and their families about how to properly use and understand the information provided. You also can share your input about how patients and their families should use these and other similar resources and other insights to help other patients and their families better prepare to manage and assist in their own health care and health benefit management by participating in Project COPE: Coalition for Patient Empowerment here.

For More Information Or Assistance

If you need assistance reviewing or responding to the DEA prescribing guidance contained in the Statement or addressing other health care related risk management or compliance concerns, the author of this update, attorney Cynthia Marcotte Stamer, may be able to help. Vice President of the North Texas Health Care Compliance Professionals Association, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has more than 23 years experience advising health industry clients about these and other matters. Ms. Stamer has extensive experience advising and assisting health care providers and other health industry clients to establish and administer compliance and risk management policies and to respond to DEA and other health care industry investigation, enforcement and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns. A popular lecturer and widely published author on health industry concerns, Ms. Stamer continuously advises health industry clients about compliance and internal controls, workforce and medical staff performance, quality, governance, reimbursement, and other risk management and operational matters. Ms. Stamer also publishes and speaks extensively on health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns. Her insights on these and other related matters appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, World At Work, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications. You can get more information about her health industry experience here. If you need assistance with these or other compliance concerns, wish to inquire about arranging for compliance audit or training, or need legal representation on other matters please contact Ms. Stamer at (469) 767-8872 or via e-mail here.

Other Recent Developments

If you found this information of interest, you also may be interested in reviewing some of the following recent Solutions Law Press publications authored by Ms. Stamer including:

For More Information

We hope that this information is useful to you. If you need assistance evaluating or responding to the Health Care Reform Law or health care compliance, risk management, transactional, operational, reimbursement, or public policy concerns, please contact the author of this update, Cynthia Marcotte Stamer, at (469) 767-8872 or via e-mail here.

You can review other recent health care and internal controls resources and additional information about the health industry and other experience of Ms. Stamer here. If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information – including your preferred e-mail – by creating or updating your profile at here or e-mailing this information here.

Leave a Comment » | Affordable Care Act, Conditions of Participation, Consumer Driven Health Care, Doctor, Evidence Based Medicine, Health Care, Health Care Finance, Health Care Provider, Health Care Quality, Health Care Reform, Health Plan, Health Plans, Medicare, Medicare Advantage, Physician, Reimbursement | Tagged: Affordable Care Act, CMS, Consumer Driven Health Care, Credentialing, Health Care, Health Care Reform, Physician, Physician Compare, Provider | Permalink
Posted by Cynthia Marcotte Stamer

Monday 9/13 Deadline To Comment Proposed HITECH Act HIPAA Privacy Rules; 9/14 Meeting Studies Proposed Changes

September 10, 2010

9/14 NTHCPA Meeting on Strategies for Managing HIPAA Privacy Compliance After The HITECH Act

Health care providers, payers, healthcare clearinghouses and their businesses associates (Covered Entities) face a Monday, September 13, 2010 deadline to comment on proposed changes to the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy, Security, and Enforcement Rules proposed by the U.S. Department of Health & Human Services Office for Civil Rights (OCR) on July 8, 2010 in response to amendments enacted under the Health Information Technology for Economic and Clinical Health (HITECH) Act of 2009. If adopted as proposed, the more than 220 page Notice of Proposed Rulemaking (NPRM) will significantly tighten the requirements that existing Standards for Privacy of Individually Identifiable Health Information (Privacy Rule); the Security Standards for the Protection of Electronic Protected Health Information (Security Rule); and the rules pertaining to Compliance and Investigations, Imposition of Civil Money Penalties, and Procedures for Hearings (Enforcement Rule) applicable to Covered Entities under HIPAA. With the risks of HIPAA noncompliance highlighted by OCR’s August announcement that drugstore giant RiteAid would pay $1 million to settle OCR charges that it violated the existing HIPAA’s Privacy & Security Rules and considering , Covered Entities Learn more about Rite Aid Resolution Agreement here. Learn more about Breach Notification Rules here.

The North Texas Health Care Compliance Professionals Association invites health industry compliance professionals share and learn Strategies for Managing HIPAA Privacy Compliance After the HITECH Act by participating in its September 14, 2010 meeting from 11:30 a.m. – 1:30 p.m. hosted by Cynthia Marcotte Stamer, P.C., at One Hanover Park, 16633 North Dallas Parkway, 6^th Floor, Addison Room, Addison, Texas 75001.

The author of this update, attorney Cynthia Marcotte Stamer, has extensive experience advising and assisting health care providers and other health industry clients with HIPAA and other privacy and data security, reimbursement, compliance, public policy, regulatory, staffing, and other operations and risk management matters. Ms. Stamer also regularly conducts training on HIPAA and other health industry compliance, management and operations matters. You can get more information about her health industry experience here. If you need assistance with these or other compliance concerns, wish to inquire about arranging for compliance audit or training, or need legal representation on other matters please contact Ms. Stamer at (469) 767-8872 or via e-mail here.

Other Recent Developments

If you found this information of interest, you also may be interested in reviewing some of the following recent Updates available online by clicking on the article title:

For More Information

Leave a Comment » | Doctor, Electronic Health Records, Electronic Medical Records, Federal Sentencing Guidelines, Genetic Information, GINA, Health Care, Health IT, Health Plan, Health Plans, HIPAA, HITECH Act, Hospital, Physician, Privacy, Technology, Telemedicine | Tagged: Breach Notification, EPHI, Health Care, HIPAA, HIPAA Security, HITECH, PHI, Privacy | Permalink
Posted by Cynthia Marcotte Stamer

Rite Aid Agrees to Pay $1 Million to Settle HIPAA Privacy Case As OCR Moves To Tighten Privacy Rules

August 3, 2010

One of the nation’s largest drug store chains, Rite Aid Corporation and its 40 affiliated entities (Rite Aid) will pay $1 million to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy Rule. The U.S. Department of Health and Human Services (HHS) Office of Civil Rights announcement of the HIPAA resolution agreement with Rite Aid and the concurrent negotiation of a separate consent order of potential FTC Act violations between Rite Aid and the Federal Trade Commission (FTC) follows HHS’ announcement of proposed changes to its HIPAA Privacy Rules and associated penalties in response to changes enacted under the Health Information Technology for Economic and Clinical Health Act of 2009 (HITECH Act). The Rite Aid settlement and the proposed Privacy Rule changes illustrate the growing penalty risks that health care providers, health plans, healthcare clearinghouses and their business associates (Covered Entities) face for violating the Privacy Rules.

Rite Aid Resolution Agreement

The Rite Aid resolution agreements settle charges that Rite Aid failed to appropriately safeguard the privacy of its customers when disposing of identifying information on pill bottle labels and other health information. The settlements apply to all of Rite Aid’s nearly 4,800 retail pharmacies and follow an extensive joint investigation by the HHS Office for Civil Rights (OCR) and the FTC.

OCR opened its investigation of Rite Aid after television media videotaped incidents in which pharmacies were shown to have disposed of prescriptions and labeled pill bottles containing individuals’ identifiable information in industrial trash containers that were accessible to the public in a variety of Rite Aid locations in cities across the United States. OCR and FTC previously settled a similar case involving the national drug store chain CVS in February 2009.

The HIPAA Privacy Rule requires covered entities to safeguard the privacy of patient information and other “protected health information” including during its disposal. In addition to the detailed requirements for protection and safeguarding of protected health information and electronic protected health information under the Privacy Rules, breach notification rules added to HIPAA under the HITECH Act also generally require that Covered Entities investigate and provide timely notification of breach to patients, OCR and in some cases the media when “unsecured protected heath information” is breached. Meanwhile, the FTC Act and associated regulations require those retailers and certain other parties receiving personal financial information to comply with certain requirements for the protection and use of that information and to provide certain notifications of their privacy polices for protecting personal financial information.

The joint OCR and the FTC investigations raised concerns that:

Rite Aid failed to implement adequate policies and procedures to appropriately safeguard patient information during the disposal process;
Rite Aid failed to adequately train employees on how to dispose of such information properly; and
Rite Aid did not maintain a sanctions policy for members of its workforce who failed to properly dispose of patient information.

Under the HHS resolution agreement, Rite Aid agreed to pay a $1 million resolution amount to HHS and must implement a strong corrective action program under which Rite Aid agreed to:

Revise and distribute its policies and procedures regarding disposal of protected health information and sanctioning workers who do not follow them;
Train workforce members on these new requirements;
Conduct internal monitoring; and
Engage a qualified, independent third-party assessor to conduct compliance reviews and render reports to HHS.

In addition, under its FTC consent order, Rite Aid separately agreed to external, independent assessments of its pharmacy stores’ compliance with the FTC consent order.

The HHS corrective action plan will be in place for three years; the FTC order will be in place for 20 years.

Proposed Privacy Rule Changes

The Rite Aid resolution agreement and consent order follows the July 8, 2010 publication by OCR of proposed changes to its existing HIPAA Privacy, Security, and Enforcement Rules in response to amendments enacted under the HITECH Act. Because of the lead time required to implement needed changes in policies, technology and training, Covered Entities need to begin preparations to adjust their health information privacy and data security policies and practices in anticipation of the finalization and implementation of these rules as well as to act quickly to submit their comments about the proposed changes. .

The more than 220 page Notice of Proposed Rulemaking (NPRM) proposes to revise the existing Standards for Privacy of Individually Identifiable Health Information (Privacy Rule); the Security Standards for the Protection of Electronic Protected Health Information (Security Rule); and the rules pertaining to Compliance and Investigations, Imposition of Civil Money Penalties, and Procedures for Hearings (Enforcement Rule) issued under HIPAA.

The author of this update, attorney Cynthia Marcotte Stamer, has extensive experience advising and assisting health care providers and other health industry clients with HIPAA and other privacy and data security, reimbursement, compliance, public policy, regulatory, staffing, and other operations and risk management matters. Ms. Stamer also is regularly conducts training on HIPAA and other health industry compliance, management and operations matters. You can get more information about her health industry experience here. If you need assistance with these or other compliance concerns, wish to inquire about arranging for compliance audit or training, or need legal representation on other matters please contact Ms. Stamer at (469) 767-8872 or via e-mail here.

Other Recent Developments

If you found this information of interest, you also may be interested in reviewing some of the following recent Updates available online by clicking on the article title:

For More Information

Leave a Comment » | Affordable Care Act, American's Affordable Health Choices Act, Doctor, E-Prescribing, Electronic Medical Records, Employer, FACTA, Health Care, Health Care Reform, Health Plan, Health Plans, HIPAA, HITECH Act, Hospital, Hospital, Indian Health, Inpatient Rehabilitation Facility, Laws, Meaningful Use, Medicare, Medicare Advantage, Medicare Prescription Drug Program, OCR, Pharmacy, Prescription Drugs, Technology, Telemedicine | Tagged: Breach Notification, Data Security, FACTA, FTC, HIPAA, HITECH, Privacy, Security | Permalink
Posted by Cynthia Marcotte Stamer

HHS Invites Input On Medicaid Changes To Promote Children’s Health Quality

August 2, 2010

August 30, 2010 is the deadline for interested persons to provide input to Health & Human Services about legislation to improve the quality of care provided to children under Medicaid and the Children’s Health Insurance Program, including recommendations for quality reporting by the States. The Children’s Health Insurance Program Reauthorization Act of 2009 (CHIPRA) requires the Secretary of Health and Human Services to provide to Congress recommendations for legislative changes to improve the quality of care provided to children under Medicaid and the Children’s Health Insurance Program. HHS invited public input for use in preparing these recommendations on July 30, 2010 here.

For More Information or Assistance

The author of this update, attorney Cynthia Marcotte Stamer, has extensive experience advising and assisting health care providers and other health industry clients with licensure, contracting, reimbursement, compliance, public policy, regulatory, staffing, and other operations and risk management matters. Ms. Stamer also regularly publishes and conducts training on these and other compliance, management and operations matters. You can get more information about her health industry experience here. If you need assistance with these or other compliance concerns, wish to inquire about arranging for compliance audit or training, or need legal representation on other matters please contact Ms. Stamer at (469) 767-8872 or via e-mail here. To review the regulations, see here. For a summary, see here.

Other Recent Developments

If you found this information of interest, you also may be interested in reviewing some of the following recent Updates available online by clicking on the article title:

For More Information

Leave a Comment » | Childrens Health Insurance Program, Health Care, Health Care Finance, Health Care Quality, Health Care Reform, Health Plan, Health Plans, Hospital, Indian Health, Medicaid, Physician, Uncategorized | Tagged: children's health, CHIPRA, Health Care, health care quality, HHS, Hospital, Medicaid, Physician, quality reporting, Reimbursement | Permalink
Posted by Cynthia Marcotte Stamer

CMS & ONC To Co-Host 7/22 ONC Certification & Medicare/Medicaid EHR Incentive Program Audio Training

July 20, 2010

The Centers for Medicare & Medicaid Services (CMS) and the Office of the National Coordinator for Health Information Technology (ONC) will co-host an Audio Training on the Final Rules for ONC Certification and Medicare and Medicaid Electronic Health Record (EHR) Incentive Programs on July 22, 2010 from 2:00-3:30 pm EST.

During the training, the Agencies plan to discuss:

Benefits of HIT
Summary of the final rules
ONC temporary certification process
ONC initial set of standards and implementation specifications
Medicare and Medicaid EHR Incentives Programs including the initial definition of meaningful Use

To join the audio training, dial 1-877-251-0301 and enter the Conference ID pass code: 87841621

Materials will be made available prior to the training at the following web address here.

For more information about CMS EMR incentives, see here.

The author of this update, attorney Cynthia Marcotte Stamer, has extensive experience advising and assisting health care providers, health plans and insurers, and other health and insurance industry clients with HIPAA, EMR and other privacy and data security, reimbursement, compliance, public policy, regulatory, staffing, and other operations and risk management matters. Ms. Stamer also regularly conducts training on these and other health industry technology, compliance, management and operations matters. You can get more information about her health industry experience here. If you need assistance with these or other compliance concerns, wish to inquire about arranging for compliance audit or training, or need legal representation on other matters please contact Ms. Stamer at (469) 767-8872 or via e-mail here.

Other Recent Developments

If you found this information of interest, you also may be interested in reviewing some of the following recent Updates available online by clicking on the article title:

For More Information

Leave a Comment » | Affordable Care Act, ARRA, Doctor, E-Prescribing, Electronic Health Records, Genetic Information, GINA, Health Care, Health Care Provider, Health Care Reform, Health IT, Health Plan, Health Plans, HIPAA, HITECH Act, Hospital, Hospital, Meaningful Use, Medicaid, Medicare, Medicare Advantage, OCR, Privacy, Technology, Telemedicine | Tagged: Data Security, EHR, Electronic Health Records, EMR, Health Information Technology, Health IT, Hi-TECH Act, HIPAA, HITECH Act, IT, ONC, ONC Certification, Privacy | Permalink
Posted by Cynthia Marcotte Stamer

Office of Civil Rights Proposes Changes To HIPAA Privacy, Security & Civil Sanctions Rules

July 9, 2010

Stay Tuned To Solutions Law Press For More Details

Get ready for even tighter privacy and security rules and more enforcement! The U.S. Department of Health & Human Services Office for Civil Rights (OCR) on July 8, 2010 proposed changes to its existing Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy, Security, and Enforcement Rules in response to amendments enacted under the Health Information Technology for Economic and Clinical Health (HITECH) Act of 2009. Because of the lead time required to implement needed changes in policies, technology and training, health care providers, health plans, healthcare clearinghouses and their business associates should evaluate and begin preparations to adjust their health information privacy and data security policies and practices in anticipation of the finalization and implementation of these rules.

Solutions Law Press is finalizing arrangements to host a briefing on the proposed changes in August and planning more detailed updates on these developments. Stay tuned to Solutions Law Press for additional updates and details about a future briefing on these proposed HIPAA changes and other developments affecting HIPAA and other health plan and human resources matters. In the meanwhile, you may want to check out other existing Solutions Law Press updates and resources about HITECH Act and other HIPAA developments such as HIPAA Heats Up: HITECH Act Changes Take Effect & OCR Begins Posting Names, Other Details Of Unsecured PHI Breach Reports On Website.

The author of this update, attorney Cynthia Marcotte Stamer, has extensive experience advising and assisting health care providers and other health industry clients with HIPAA and other privacy and data security, reimbursement, compliance, public policy, regulatory, staffing, and other operations and risk management matters. You can get more information about her health industry experience here. If you need assistance with these or other compliance concerns, wish to inquire about arranging for compliance audit or training, or need legal representation on other matters please contact Ms. Stamer at (469) 767-8872 or via e-mail here.

Other Recent Developments

If you found this information of interest, you also may be interested in reviewing some of the following recent Updates available online by clicking on the article title:

For More Information

Leave a Comment » | Corporate Compliance, Doctor, Electronic Health Records, Electronic Medical Records, Employer, FACTA, Federal Sentencing Guidelines, Genetic Information, GINA, Health Care, Health IT, Health Plan, Health Plans, HIPAA, HITECH Act, Hospital, Hospital, Indian Health, OCR, Physician, Technology | Tagged: Data Breach, Data Securty, Health Care Provider, Health Plans, Healthcare Clearinghouse, HIPAA, OCR, Protected Health Information | Permalink
Posted by Cynthia Marcotte Stamer

NCPDP SCRIPT 10.6 Approved As Medicare Part D/Advantage E-Prescribing Option

July 1, 2010

The Centers for Medicare & Medicaid Services (CMS) today (July 1, 2010) issued an interim final rule (Rule) that permits the voluntary use of the National Council for the Prescription Drug Programs (NCPDP) Prescriber/Pharmacist Interface SCRIPT standard, Implementation Guide, Version 10, Release 6 (Version 10.6) (NCPDP SCRIPT 10.6) for conducting certain e-prescribing transactions for the Medicare Part D electronic prescription drug program. Review the Rule here.

Prior to the adoption the Rule, only NCPDP SCRIPT 8.1 was authorized for use in communicating Medicare Part D medication history among sponsors, prescribers and dispensers. The Rule revises Regulation §423.160(b)(4) to specify that entities now may use either NCPDP SCRIPT 10.6 or 8.1 for the communication of Medicare Part D medication history among sponsors, prescribers, and dispensers.

Along with the rule, CMS issued a request for comments on the Rule. The deadline for interested parties to comment is 5 p.m. Eastern Daylight Time on August 30, 2010.

Section 101 of the Medicare Prescription Drug, Improvement, and Modernization Act of 2003 (MMA) (Pub. L. 108-173) requires that Prescription Drug Plan (PDP) sponsors, Medicare Advantage (MA) organizations offering Medicare Advantage-Prescription Drug Plans and other Medicare Part D sponsors (Plans) provide for electronic transmittal the prescribing provider, dispensing pharmacy and the dispenser of information about:

Eligibility,
Benefits (including drugs included in the applicable formulary, any tiered formulary structure and any requirements for prior authorization),
The drug being prescribed or dispensed and other drugs listed in the medication history,
The availability of lower cost, therapeutically appropriate alternatives (if any) for the drug prescribed, and
Certain other information.

Before the Rule, CMS had approved NCPDP SCRIPT 8.1 for conducting these electronic transmittals.

As a consequence of the Rule, Plans, prescribers and dispensers now may use either NCPDP SCRIPT 10.6 or 8.1 when conducting e-Prescribing to conduct:

Get message transaction.
Status response transaction.
Error response transaction.
New prescription transaction.
Prescription change request transaction.
Prescription change response transaction.
Refill prescription request transaction.
Refill prescription response transaction.
Verification transaction.
Password change transaction.
Cancel prescription request transaction.
Cancel prescription response transaction.
Fill status notification transaction.
For the communication of Medicare Part D medication history among sponsors, prescribers, and dispensers.

The MMD does not require that prescribers or dispensers implement e-Prescribing, prescribers and dispensers who electronically transmit prescription and certain other prescription-related information for Medicare Part D covered drugs prescribed for Medicare Part D eligible individuals, directly or through an intermediary, must comply with any applicable final standards that are in effect. The Rule provides new choices on how to accomplish this.

The author of this update, attorney Cynthia Marcotte Stamer, has extensive experience advising and assisting health care providers and other health industry clients with reimbursement, compliance, public policy, regulatory, staffing, and other operations and risk management matters. You can get more information about her health industry experience here. If you need help with these or other compliance concerns, wish to ask about arranging for compliance audit or training, or need legal representation on other matters please contact Ms. Stamer at (469) 767-8872 or via e-mail here.

Other Recent Developments

If you found this information of interest, you also may be interested in reviewing some of the following recent Updates available online by clicking on the article title:

For More Information

Leave a Comment » | Controlled Substances, DEA, Doctor, Electronic Health Records, Electronic Medical Records, Health Care, Health Care Provider, Health IT, Health Plan, Health Plans, Hospital, Hospital, Meaningful Use, Medicare, Medicare Advantage, Pharmacy, Physician, Prescription Drugs, Privacy, Reimbursement, Telemedicine | Tagged: E-Prescribing, Health Care, Health Plans, Medicare Advantage, Medicare Part D NCPDP SCRIPTI, Payers, Physicians, Providers | Permalink
Posted by Cynthia Marcotte Stamer

WellPoint To Ban Coverage Rescissions Before Affordable Care Act Fall 2010 Deadline

April 28, 2010

WellPoint, Inc. will suspend the practice of rescinding patients’ coverage May 1, 2010, months in advance of this Fall’s deadline for insurers stop this practice established by the Affordable Care Act. The nation’s largest health insurer announced here its plans to implement the change in its practices regarding individual market rescissions on April 27, 2010.

Beginning this Fall, the Affordable Care Act will prohibit insurance companies from rescinding policies, except in cases of fraud or intentional misrepresentation of material fact. Wellpoint’s termination of individual policy rescissions announced this week comes months ahead of the effective deadline for terminating rescissions contained in the legislation. The ban against rescissions is one of a number of new federal restrictions on health insurers and group health plans enacted as part of the Affordable Care Act scheduled to take effect this Fall. Wellpoint previously announced it also would change its dependent coverage policies to extend the period that a dependent child can remain on his parent’s coverage to age 26 before the deadline required by the Affordable Care Act.

WellPoint’s announcement comes after Health & Human Services Secretary Kathleen Sebelius sent a letter on April 22 urging the company to immediately stop the practice of rescinding coverage for patients who become ill. Wellpoint recently drew criticism from Secretary Sebelius and others for targeting breast cancer victims for rescission of their policies. Secretary Sebelius’ initial letter to WellPoint can be found here or at here.

For Assistance With Health Industry Concerns

If your organization needs advice or assistance with the proposed regulation, preparing or submitting comments on the regulation or with other health care matters, contact Cynthia Marcotte Stamer at (469) 767-8872 or via e-mail here.

Vice President of the North Texas Health Care Compliance Professionals Association, Exempt Organization Vice-Coordinator of the Southern States IRS TEGE Council, a Council Member of the ABA Joint Committee On Employee Benefits Council, Past Chair of the ABA Health Law Section Managed Care & Insurance Section, the former Board Compliance Chair of the National Kidney Foundation of North Texas and former Board President of the Richardson Development Center for Children (now Warren Center), Ms. Stamer has more than 22 years experience advising health industry clients about health care operations, regulatory and compliance, reimbursement, staffing, risk management, public policy and other matters. A popular lecturer and widely published author on health industry matters, Ms. Stamer advises hospitals and other health industry clients about responding to and using these and other quality measures and other related concerns. Ms. Stamer also publishes and speaks extensively on health and managed care industry quality, regulatory, reimbursement, and other operations, risk management and public policy concerns. Her insights on these and other related matters appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, World At Work, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications. For additional information about Ms. Stamer, her experience, involvements, programs or publications, see here.

Other Recent Developments & Resources

If you found this information of interest, you also may be interested in reviewing some of the following recent Updates available online by clicking on the article title:

For More Information

We hope that this information is useful to you. If you need assistance with auditing or defending these or other health care compliance, risk management, transaction or operation concerns, please contact Cynthia Marcotte Stamer, at (469) 767-8872 or to cstamer@solutionslawyer.net. Ms. Stamer has extensive experience advising clients and writes and speaks extensively on these and other health industry and other internal controls and risk management matters.

Leave a Comment » | Health Care, Health Care Finance, Health Care Reform, Health Plan, Health Plans, Patient Protection and Affordable Care Act, Public Policy, Uncategorized | Tagged: Affordable Care Act, Health Care, Health Insurance, Health Plans, Patient Protection and Affordable Care Act | Permalink
Posted by Cynthia Marcotte Stamer

Agencies Seek Public Input On New Insurer Premium Revenue Reporting Obligations Added By Patient Protection and Affordable Care Act

April 15, 2010

By Cynthia Marcotte Stamer

The Departments of Treasury (IRS), Labor (DOL) and Health & Human Services (HHS) are inviting public comments on impending new federal requirements that will compel health insurance issuers offering individual or group medical coverage to send annual reports to HHS on the percentages of premiums that the coverage spends on reimbursement for clinical services and activities that improve health care quality, and to provide rebates to enrollees if this spending does not meet minimum standards for a given plan year added as Section 2718 of the Public Health Service Act (PHS Act), by the Patient Protection and Affordable Care Act (PPACA), Public Law 111-148, enacted on March 23, 2010.

Among other things, Section 2718 of the PHS Act, Section 715 of the Employee Retirement Income Security Act of 1974 (ERISA) and Section 9815 of the Internal Revenue Code of 1986 (the Code) will require health insurance issuers offering group or individual coverage to report to HHS annually:

The ratio of the incurred loss (or incurred claims) plus the loss adjustment expense (or change in contract reserves) to earned premiums (also known as the medical loss ratio (MLR)); and
The percentage of total premium revenue–after accounting for collections or receipts for risk adjustment and risk corridors and payments of reinsurance–that the coverage spends: (1) on reimbursement for clinical services provided to enrollees; (2) for activities that improve health care quality; and (3) on all other non-claims costs, including an explanation of the nature of these costs, and excluding Federal and State taxes and licensing or regulatory fees.

PPACA also requires that HHS make these reports available to the public on the Internet Web site of HHS. To review the request for comments and its instructions for commenting on the new requirements, see here.

For Assistance With This Opportunity Or Other Health Industry Concerns

If your organization needs advice or help with commenting on the request for comments or to evaluate or respond to other health care reform regulations or other health care matters, contact Cynthia Marcotte Stamer at (469) 767-8872 or via e-mail here.

Vice President of the North Texas Health Care Compliance Professionals Association, Exempt Organization Vice-Coordinator of the Southern States IRS TEGE Council, Chair of the American Bar Association (ABA) Real Property, Probate & Trust Section Employee Benefits & Other Compensation Arrangements Group, a Council Member of the ABA Joint Committee On Employee Benefits Council, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has more than 22 years experience advising health industry clients about these and other matters. A popular lecturer and widely published author on health industry matters, Ms. Stamer advises hospitals and other health industry clients about responding to and using these and other quality measures and other related concerns. Ms. Stamer also publishes and speaks extensively on health and managed care industry quality, regulatory, reimbursement, and other operations, risk management and public policy concerns. Her insights on these and other related matters appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, World At Work, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications. For additional information about Ms. Stamer, her experience, involvements, programs or publications, see here.

Other Recent Developments & Resources

If you found this information of interest, you also may be interested in reviewing some of the following recent Updates available online by clicking on the article title:

For More Information

We hope that this information is useful to you. If you need assistance with auditing or defending these or other health care compliance, risk management, transaction or operation concerns, please contact Cynthia Marcotte Stamer, at (469) 767-8872 or to cstamer@solutionslawyer.net.. Ms. Stamer has extensive experience advising clients and writes and speaks extensively on these and other health industry and other internal controls and risk management matters.

Leave a Comment » | Health Care, Health Care Finance, Health Care Quality, Health Care Reform, Health Insurance Exchange, Health Plan, Health Plans, Medicare Advantage | Tagged: Health Care, Health Care Reform, Health Plans, Patient Protection and Affordable Care Act, PPACA | Permalink
Posted by Cynthia Marcotte Stamer

TSHHRAE Provides Health Industry Managers Employment Law Update & Other Timely Management Training At April Barnstorm 2010: Creating Effective Leaders Programs

March 23, 2010

Get Details & Registration Information here!

A Legal Update on Employment Law presentation by Attorney Cynthia Marcotte Stamer is among 5 hours of “Barnstorm 2010: Creating an Effective Leaders-Tools of the Trade” management training that the Texas Society for Healthcare Human Resources Administration and Education (TSHHRAE) will be hosting for health industry human resources and other managers in five Texas cities between April 26 and April 30, 2010.

Interested health industry human resources and other managers can elect to participate in TSHHRAE’s Barnstorm 2010 management training at the following dates and locations:

April 26 – Weslaco, Knapp Medical Center
April 28 – Sweetwater, Rolling Plains Memorial Hospital
April 28 – Brenham, Trinity Medical Center
April 29 – Lubbock, University Medical Center
April 30 – Odessa, Medical Center Hospital

Update on Employment Law Program Highlights

Ms. Stamer’s Legal Update on Employment Law Program will address:

Recent changes in FMLA, Military Leave, wage and hour, ADA & other disability, COBRA, GINA, HIPAA and other selected federal & Texas employment laws and regulations;
Rising government enforcement of EEOC, HIPAA, wage & hour, worker classification, and other laws and regulations;
Recent developments and increases in retaliation claims;
Recent cases related to supervision; and
Other selected developments impacting health industry human resources management.

Other Barnstorm 2010 Program Highlights and Details

In addition to the Legal Update on Employment Law that Ms. Stamer is scheduled to present, the Barnstorm Program also will feature presentations on:

Leadership in 2010
Dealing with Poor Performers; and
Cultivating a Superstar

For registration and other information about the Barnstorm Program, see here.

About Ms. Stamer

Nationally and internationally recognized for more than 22 years of work with health industry and other organizations, publications, workshops and presentations and leadership on health industry and other labor and employment, staffing and credentialing, employee benefits, performance management and discipline, regulatory compliance and internal controls, risk management, and public policy matters, Ms. Stamer is Chair of the Curran Tomko Tarski Labor & Employment & Health Care Practice Groups, Vice President of the North Texas Health Care Compliance Professionals Association, Government Affairs Committee Legislative Chair for the Dallas Human Resources Management Association, Chair of the American Bar Association (ABA) RPTE Employee Benefits & Other Compensation Committee, a Council Representative on the ABA Joint Committee on Employee Benefits and past Chair of the ABA Health Law Section Managed Care & Insurance Interest Group, Ms. Stamer is. The publisher of Solutions Law Press HR & Benefits Update, the Solutions Law Press Health Care Update, and Solutions Law Press Health Care Privacy & Technology Update and a former legal columnist for MD News, Ms. Stamer also is a popular speaker and author of these topics. She regularly speaks and conducts training for the ABA, American Health Lawyers Association (AHLA), Health Care Compliance Association, Institute of Internal Auditors, Harris County Medical Society, the Medical Group Management Association, SHRM, Southwest Benefits Association and many other organizations. Publishers of her many highly regarded writings on health industry and human resources matters include the Bureau of National Affairs, Aspen Publishers, ABA, AHLA, Spencer Publications, World At Work, SHRM, Business Insurance, James Publishing and many others. You can review other highlights of Ms. Stamer’s health care experience here, and employment experience here. Her insights on these and other matters appear in Managed Care Executive, Modern Health Care, the Wall Street Journal, the Dallas Business Journal, the Houston Business Journal, MDNews, Kentucky Physician, and many other national and local publications.

If you need assistance with health industry human resources or other management, concerns, wish to inquire about compliance, risk management or training, or need legal representation on other matters please contact Cynthia Marcotte Stamer at cstamer@cttlegal.com or 214.270.2402.

Other Resources

If you found this information of interest, you also may be interested in reviewing other updates and publications by Ms. Stamer including:

For More Information

We hope that this information is useful to you. If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information – including your preferred e-mail – by creating or updating your profile at here or e-mailing this information here. To unsubscribe, e-mail here.

Leave a Comment » | Corporate Compliance, Discrimination, Doctor, Employer, Employment, Genetic Information, GINA, Health Care, Health Care Finance, Health Care Provider, Health Plan, Health Plans, HIPAA, HITECH Act, Hospital, Laws, Physician, Veterans Health, Veterans Health Care | Tagged: Corporate Compliance, Doctor, Employer, Health Care, Health Care Policy, Health Care Provider, Health Insurance, Health Plans, retaliation, Retalitory Discharge | Permalink
Posted by Cynthia Marcotte Stamer

House Could Vote On Health Care Reform As Early As Sunday

March 19, 2010

By Cynthia Marcotte Stamer

The stage now appears to be set for the House of Representatives to vote as early as Sunday on the latest version of health care reform backed by President Obama, Speaker Nancy Pelosi and other key Congressional Democrats, the Reconciliation Act of 2010 (H.R. 4872). The impending deadline means that health industry providers and other Americans concerned about the potential outcome of the impending vote need to act quickly if they wish to attempt to influence the decision. For tips about sharing your input with Congress effectively, see Getting Your Health Care Reform Message Heard By Key Congressional Leaders.

Developments Today Start Clock Running For Vote

On Thursday, March 18, 2010, two key developments set the stage for a vote on H.R. 4871 as early as Sunday:

The House Rules Committee posted the text of H.R. 4872 on its website; and
The Congressional Budget Office (CBO) delivered its scoring of H.R 4872 to House Speaker Nancy Pelosi.

The delivery of CBO scoring started the clock running on the 72 hour mandatory period between the release of the CBO scoring and any final vote on the bill. This means the House could vote on H.R. 4872 as early as Sunday, March 21.

If passed by the House, H.R. 4872 would make sweeping changes to the U.S. health care system impacting virtually every American patient, health care provider, employer and taxpayer. To learn the facts about these proposed changes, read the full text of H.R. 4872 here.

According to the CBO, H.R. 4872 will cost $940 billion over 10 years to extend coverage to 32 million uninsured people. To learn more specifics about these cost and other determinations, review the CBO scoring here.

This Is Only The Beginning: Stay Involved

The outcome of this latest health care reform push is only a small part of a continuing process. Whether or not the President’s proposal or some other version of health care reform passes this week, Congress already has and will continue to consider other legislation impacting health care reform. This reality is demonstrated by Congressional actions recently taken on the COBRA premium subsidy extension, Medical reimbursement for physicians, continuing federal efforts to develop and implement federal health care quality and technology standards, and other legislative, regulatory and enforcement actions taken while public attention has been focused largely only on the broader health care reform debate.

Upcoming mid-term elections will significantly impact the nature and scope of these upcoming efforts. Perhaps even more significantly, the enactment of legislation is only a beginning point. The real meaning of these or other health care reforms will be determined largely by the shaping and implementation of regulations and enforcement actions which generally are conducted outside the public eye. Monitoring and staying active in these ongoing processes provides a critical opportunity to continue to monitor your issues and provide input to shape how they are addressed.

Individuals concerned about these and other health care reform proposals and concerns are invited to stay involved in the discussion by sharing their input with Congress, regulators. Concerned individuals also are invited to stay involved in the discussion by joining the Coalition for Responsible Health Care Reform Group on Linkedin and registering to receive these updates here. The author of this article, Curran Tomko and Tarski LLP Health Care Practice Chair Cynthia Marcotte Stamer has extensive experience advising and assisting health industry clients and others about a diverse range of health care policy, regulatory, compliance, risk management and operational concerns. You can get more information about her health industry experience here.

Help Monitoring & Responding To Developments

If you need assistance evaluating or formulating comments on the proposed reforms contained in the House Bill or on other health industry matters please contact Cynthia Marcotte Stamer, CTT Health Care Practice Group Chair, at cstamer@cttlegal.com or 214.270.2402.

From her extensive involvement with federal and state legislative and regulatory licensing, telemedicine, managed care, privacy and other health, pension and other reforms in the U.S. to her involvement as a lead advisor to the Government of Bolivia on its pension privatization legislation, Ms. Stamer’s experience includes significant experience working with clients domestically on key health care and other public policy matters. Vice President of the North Texas Health Care Compliance Professionals Association, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Chairman of the Board of Richardson Development Center for Children and past Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer couples her policy experience with her extensive experience working with health industry clients on regulatory, staffing, reimbursement, risk management and compliance and other operational matters. She has more than 22 years experience advising health industry clients about these and other matters. A popular lecturer and widely published author on health industry matters, Ms. Stamer advises hospitals and other health industry clients about responding to and using these and other quality measures and other related concerns. Ms. Stamer also publishes and speaks extensively on health and managed care industry quality, regulatory, reimbursement, and other operations, risk management and public policy concerns. Her insights on these and other related matters appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, World At Work, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications. For additional information about Ms. Stamer, her experience, involvements, programs or publications, see here.

Other Recent Developments & Resources

If you found this information of interest, you also may be interested in reviewing some of the following recent Updates available online by clicking on the article title:

For More Information

We hope that this information is useful to you. If you need assistance with auditing or defending these or other health care compliance, risk management, transaction or operation concerns, please contact the author of this update, Curran Tomko Tarski LLP Health Practice Group Chair, Cynthia Marcotte Stamer, at (214) 270‑2402, cstamer@cttlegal.com, Edwin J. Tomko at (214) 270-1405 or another Curran Tomko Tarski LLP Partner of your choice. Ms. Stamer has extensive experience advising clients and writes and speaks extensively on these and other health industry and other internal controls and risk management matters.

Leave a Comment » | Anti-KickBack, ASC, Childrens Health Insurance Program, Consumer Driven Health Care, Durable Medical Equipment, Electronic Health Records, Employment, Evidence Based Medicine, Health Care, Health Care Finance, Health Care Fraud, Health Care Provider, Health Care Quality, Health Care Reform, Health Insurance Exchange, Health IT, Health Plan, Health Plans, Hospital, Indian Health, Medical Malpractice, Medicare, Physician, Prescription Drugs, Public Policy, Reimbursement, Stark, Tax, Veterans Health, Veterans Health Care | Tagged: H.R. 4872, Health Care Fraud, Health Care Provider, Health Care Reform, Health insurer, Health IT, Health Plans, Payer, Physician, Provider, Reconciliation Act of 2010 | Permalink
Posted by Cynthia Marcotte Stamer

Medicare Ends Fox Insurance Company Drug Plan Contract As CMS Turns Up Heat on Medicare Advantage & Part D Plan Enforcement & Oversight

March 16, 2010

By Cynthia Marcotte Stamer

The Centers for Medicare & Medicaid Services (CMS) terminated its Medicare Part D prescription drug coverage contract with Fox Insurance Company (Fox) on March 9, 2010. The action highlights CMS’s growing scrutiny and enforcement of Medicare requirements against Medicare Part D, Medicare Advantage Plans and other federal health care program contractors.

CMS terminated the Fox contract after CMS found the failure by Fox’s plan and services to meet Medicare’s requirements to provide enrollees with prescription drugs according to recognized standards of care jeopardized the health and safety of Fox enrollees. When announcing the contract termination, CMS reported that an on-sight review by CMS showed that Fox committed a series of violations, including improperly denying its enrollees coverage of critical HIV, cancer, and seizure medications. CMS issued an enrollment and marketing sanction to Fox on Feb. 26, 2010, because the organization was not following Medicare’s rules for providing prescription drug coverage to its enrollees. According to CMS, an onsite audit conducted between March 2 and March 4 showed that Fox’s problems persisted and that Fox continued to subject its enrollees to obstacles in getting sustaining medicines or other needed medications. Among other things, CMS found Fox:

Failed to provide access to Medicare prescription drugs benefits by imposing unapproved prior authorization and step therapy criteria that made it more difficult for beneficiaries to get drugs that are protected by law;
Failed to meet the plan’s appeals deadlines; and
Did not comply with Medicare regulations requiring enrollees to be transitioned to new drugs at the beginning of the new plan year.
Failed to notify enrollees about prior authorization and step therapy determinations as required by Medicare.

CMS also found that many of the obstacles were in place to limit access to high-cost drugs, which could have led to enrollees’ clinical needs not being met.

In many cases, CMS reported that Fox required enrollees to have unnecessary and invasive medical procedures before they were able to obtain drugs. Finding that Fox was unable to satisfactorily address these compliance concerns and furnish medicines to its Medicare enrollees, CMS immediately terminated the Fox contract.

At the time of the termination, more than 123,000 Medicare beneficiaries were enrolled in Fox plans. Beginning March 10, 2010, CMS indicated that LI-NET, a Medicare run program administered by Humana, would replace the Medicare Part D coverage of enrollees affected by the Fox contract termination on an interim basis. Fox enrollees will be able to choose a new Medicare prescription drug plan through May 1, 2010. Current enrollees who do not choose a plan will be enrolled into a new plan by Medicare. CMS is sending letters explaining the actions taken by CMS to enrollees and has established a 1-800 number to receive questions.

The action against Fox is part of an ongoing series of oversight, disciplinary and enforcement actions by CMS against Medicare Advantage and other federal health care program participants. These programs and CMS’ oversight and enforcement of federal programs are drawing increasing Congressional scrutiny in connection with Congressional health care reform efforts. Amid this heightened scrutiny, Medicare Part D and Medicare Advantage Plans; health care providers, administrative services providers and others contracting with these plans and others involved with this programs should take appropriate action to maintain compliance, tighten their contracts with and oversight of actions of partners and vendors performing critical functions; review complaint reporting, investigation and response processes and procedures; and strengthen other practices to minimize exposures to audit or other enforcement actions.

For Assistance With Medicare Managed Care or Other Matters

If your organization needs advice or assistance about Medicare Part D or other Medicare Advantage contracting or other requirements or about other health plan or health care matters, consider contacting the author of this article, Curran Tomko Tarski LLP Partner Cynthia Marcotte Stamer at (214) 270-2402 or via e-mail here.

Past Chair of the ABA Health Law Section Managed Care & Insurance Section, Chair of the American Bar Association RPTE Employee Benefits & Compensation Committee and an ABA Joint Committee on Employee Benefits Council member, Ms. Stamer has more than 22 years experience advising health plans, health care providers, and other health industry and insurance clients. Her experience includes specific experience assisting Medicare, Medicaid and other health plan sponsors, administrators, or administrative services providers about contracting, compliance, coverage and other matters. A popular lecturer and widely published author on health industry matters, Ms. Stamer also conducts compliance and other training on Medicare Advantage and other contract and compliance matters, as well as a broad range of other health industry related concerns. Ms. Stamer also publishes and speaks extensively on health and managed care industry quality, regulatory, reimbursement, and other operations, risk management and public policy concerns. Her insights on health industry matters appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, World At Work, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications. For additional information about Ms. Stamer, her experience, involvements, programs or publications, see here.

Other Recent Developments & Resources

If you found this information of interest, you also may be interested in reviewing some of the following recent updates available online by clicking on the article title:

You can review other recent health plan, health care and internal controls resources and additional information about the health industry and other experience of Ms. Stamer here. If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information – including your preferred e-mail – by creating or updating your profile at here; e-mailing this information to cstamer@cttlegal.com; or registering to participate in the distribution of these and other Solutions Law Press updates here. For important information concerning this communication click here.

To unsubscribe, e-mail here.

Leave a Comment » | Consumer Driven Health Care, Doctor, false claims act, Health Care, Health Care Finance, Health Care Fraud, Health Care Provider, Health Care Quality, Health Care Reform, Health Plan, Health Plans, Medicaid, Medicare, Medicare Advantage, Medicare Prescription Drug Program, OIG, Physician, Prescription Drugs | Tagged: Doctor, Health Care, Health Care Fraud, Health Care Provider, health care quality, Health Care Reform, Health Care Reimbursement, Health Insurance, Health Plans, Health Policy, HHS, Hospital, Medicare, Medicare Advantage, Medicare Part D, Physician, Physicians, Prescription Drugs, Reimbursement | Permalink
Posted by Cynthia Marcotte Stamer

AHRO Invites Comments On Project To Develop & Test Hospital Toolkit Intended To Guide Hospitals In Using AHRQ Quality Indicators

March 15, 2010

By Cynthia Marcotte Stamer

April 12, 2010 is the deadline for interested person to comment on the request by the Agency for Healthcare Research and Quality (AHRQ) for approval of its proposed “Development and Evaluation of AIIRQ’s Quality Indicators Improvement Toolkit” information collection project.

AHRO’s mission under 42 U.S.C. 299(b)(1)(F); 299a(a)(1) and (2) is to disseminate information and tools that can support improvement in quality and safety in the U.S. health care community. In furtherance of this mission, AHRQ has developed sets of Quality Indicators (QIs) for use by AHRO and others to document quality and safety conditions at U.S. hospitals. These and other federally established quality standards are a key part of ongoing government efforts to promote quality and cost effectiveness in the U.S. medical system, as well as to tie reimbursement to the satisfaction of these or other government-adopted quality standards.

To encourage broader use and adoption of its QIs by hospitals and others, AHRO now is working on developing and evaluating a toolkit to help hospitals to effectively use AHRQ’s QIs. The proposed AHRO toolkit would use two sets of QIs already developed and evaluated by AHRO:

The Inpatient Quality Indicators (IQIs), which contain measures of volume, mortality, and utilization for common medical conditions and major surgical procedures; and
The Patient Safety Indicators (PSIs), which are a set of measures to screen for potentially preventable adverse events that patients may experience during hospitalization.

The QIs and supportive documentation on how to work with them are posted on AHRQ’s Web site here. Many of the QIs have been endorsed by the National Quality Forum through its consensus review process.

To promote the appropriate use of these tools, AHRO plans to develop and then field test an alpha version of the Quality Indicators Improvement Toolkit with six hospitals. The currently open invitation to comment invites public comment on the proposed information collection efforts to be conducted as part of this phase of the project.

To review the pending request for comment for additional details or instructions on submitting comments, see here.

For Assistance With These Or Other Health Industry Concerns

If your organization needs advice or assistance with commenting on the AHRO proposal or to respond to other health care quality or other health care matters, consider contacting the author of this article, Curran Tomko Tarski LLP Partner Cynthia Marcotte Stamer at (214) 270-2402 or via e-mail here.

Other Recent Developments & Resources

If you found this information of interest, you also may be interested in reviewing some of the following recent Updates available online by clicking on the article title:

For More Information

We hope that this information is useful to you. If you need assistance with auditing or defending these or other health care compliance, risk management, transaction or operation concerns, please contact the author of this update, Curran Tomko Tarski LLP Health Practice Group Chair, Cynthia Marcotte Stamer, at (214) 270‑2402, cstamer@cttlegal.com, Edwin J. Tomko at (214) 270-1405 or another Curran Tomko Tarski LLP Partner of your choice. Ms. Stamer has extensive experience advising clients and writes and speaks extensively on these and other health industry and other internal controls and risk management matters.

Leave a Comment » | Evidence Based Medicine, Health Care, Health Care Finance, Health Care Fraud, Health Care Provider, Health Care Quality, Health Care Reform, Health IT, Health Plan, Health Plans, Hospital, Medicaid, Medical Malpractice, Medicare, Medicare Advantage, Outcomes Data, Physician, Public Policy, Reimbursement | Tagged: AHRO, health care quality, Health Care Reform, Health Carfe, Managed Care, Medicaid, Medicare, Quality Indicators | Permalink
Posted by Cynthia Marcotte Stamer

HIPAA Heats Up: HITECH Act Changes Take Effect & OCR Begins Posting Names, Other Details Of Unsecured PHI Breach Reports On Website

February 25, 2010

By Cynthia Marcotte Stamer

The Department of Health and Human Services Office of Civil Rights (OCR) has begun posting on its website the names and certain information about health care providers, health insurers, employer and other health plans, health care clearinghouses and their business associates (Covered Entities) reporting to OCR “breaches” of “unsecured protected health information” (UPHI) under new breach notice rules added by the Health Information Technology for Economic and Clinical Health Act (HITECH Act).

Covered Entities should anticipate the posting of the breach information and other HITECH Act breach notices coupled with amendments to the medical privacy and security requirements of the Health Insurance Portability & Accountability Act (HIPAA) effective since February 17, 2010, will heighten enforcement risks and public sensitivities about medical information privacy safeguards. As failing to comply with the amended rules effective February 17, 2010 can trigger obligations under the Breach Regulations and other significant liability exposures, Covered Entities should act quickly to manage these emerging risks.

Covered Entity Breach Notification Requirements

The initial list of Covered Entities reporting breaches of UPHI affecting 500 or more individuals posted by OCR on February 22, 2010 discloses the Covered Entity’s name and State, the approximate number of individuals affected, the date and type of breach and the location of the breached information. OCR’s posting of this information is required under the HITECH Act breach notification requirements as part of its implementation and enforcement of new breach notification requirements added to HIPAA by Section 13402(e)(3) of the HITECH Act.

The HITECH Act amended HIPAA to require Covered Entities to require Covered Entities provide notification to individuals, OCR and others when certain breaches of UPHI happen. The implementing interim “Breach Notification For Unsecured Protected Health Information” regulations (Breach Regulation) published by OCR here require Covered Entities subject to HIPAA to notify affected individuals, OCR and in some cases the media within specified periods following a “breach” of UPHI occurring on or after September 23, 2009 unless the Covered Entity can demonstrate that the breach qualified as exempt from the breach notification obligation under the Breach Regulations.

Covered Entities generally should consider the need to provide breach notification under the Breach Regulation whenever electronic or non-electronic protected health information which is not adequately encrypted or destroyed to qualify as “secured” under the breach rules is used, accessed or disclosed in violation of HIPAA.

Since the potential need to provide breach notification is triggered by an impermissible use, access or disclosure of UPHI, up-to-date maintenance, monitoring and enforcement is at the heart of compliance with the Breach Regulation as well as HIPAA generally.

You can review the currently posted list of Covered Entities that have reported breaches on the OCR website here. Learn more about the Breach Regulation requirements here.

Broader & Stricter Medical Privacy Mandates Effective 2/17/210

The new breach notification requirements are part of a series of changes made to HIPAA under the HITECH Act that are increasing the responsibilities and liability exposures of Covered Entities. On February 17, 2010, Covered Entities and their business associates also became subject to tighter federal requirements for the use, access, protection and disclosure of protected health information under amendments to HIPAA’s Privacy & Security Standards enacted in the HITECH Act. When the HITECH Act was signed into law on February 17, 2009, Covered Entities also became subject to expanded sanctions and remedies for HIPAA violations.

To comply with the HITECH Act changes to HIPAA effective on February 17, 2010, most Covered Entities and their business associates generally will need to update their written policies, operational procedures, technical safeguards, privacy notices, vendor and other agreements, training, and other management procedures in several respects. For more details, see here.

While the HITECH Act gave Covered Entities and business associates a year to complete the necessary arrangements to comply with these HITECH Act changes, many Covered Entities and business associates have not adequately implemented the necessary arrangements. To mitigate these exposures, Covered Entities and their business associates should act quickly to review and update their policies, procedures, training, business associate and other services agreements, and other practices and procedures, as well as to implement the training, oversight, and other management necessary to comply with the HITECH Act changes and to mitigate other HIPAA risks.

Exposures Significant & Growing

HIPAA-associated exposures for Covered Entities are significant and growing. Timely action to comply with the amended HIPAA requirements and Breach Regulations is important to avoid triggering the breach notification requirements; to prevent loss of public trust and reputation; and to minimize exposures to legal actions, administrative complaints and sanctions and the investigation, defense and correction costs likely to result when a Covered Entity violates or is accused of violating HIPAA or otherwise mishandling medical or other personal information.

Even before the HITECH Act changes became effective, federal regulators were stepping up HIPAA enforcement. The HITECH Act amendments further increase the risk that Covered Entities violating HIPAA face investigation and sanction. The HITECH Act amendments increase the likelihood that Covered Entities violating HIPAA will get caught and will face some form of damage or penalty assessment. Heightened awareness of UPHI breaches resulting from HITECH Act mandated breach notifications are likely to fuel new HIPAA-related complaints, charges and demands. Covered Entities, workforce members who wrongfully access protected health information now face potential civil penalties, criminal prosecution, civil lawsuits and other actions. Allowing state attorneys general to bring suit adds more manpower to the enforcement team. Furthermore, the wrongful use, access or disclosure of protected health information or other confidential information also increasingly is the basis of civil or criminal actions brought under a variety of other federal and state laws.

New Risks Created By HITECH Act Amendments

Heightened HIPAA exposures stem in part from the HITECH Act’s amendments to HIPAA’s remedy provisions. Among other things, the HITECH Act amended HIPAA to:

Allow a State Attorney General to sue Covered Entities that commit HIPAA violations after February 16, 2009 for damages caused to state citizens;
Expand the mandate by OCR to investigate violations and audit compliance with HIPAA;
Require OCR to impose civil sanctions against Covered Entities and business associates involved in violations of HIPAA in accordance with tightened standards added to HIPAA by the HITECH Act;
Revise the criminal sanctions that the Department of Justice can seek against Covered Entities and others for violations of HIPAA; and
Amend HIPAA to make clear that workforce members and others improperly using, accessing or disclosing protected health information in violation of HIPAA can face criminal prosecution.

State Attorney General Lawsuit Exposures

Covered Entities must be concerned about the potential that a state Attorney General may bring civil suit to remedy damages caused to state citizens by a breach of HIPAA. In certain situations, the HITECH Act empowers a state attorney general to sue Covered Entities for damages if their HIPAA violations harm state citizens. Statutory damages equal to the sum of the number of violations multiplied by 100 up to a maximum of $25,000 per calendar year plus attorneys fees and costs are authorized.

A HIPAA civil lawsuit demonstrates the willingness of at least some states to exercise the new authority to sue Covered Entities. On January 13, 2010 Connecticut Attorney General Richard Blumenthal sued Health Net of Connecticut, Inc. (Health Net) for failing to secure private patient medical records and financial information involving 446,000 Connecticut enrollees and promptly notify consumers endangered by the security breach. The first attorney general enforcement action brought based on amendments made to HIPAA under the HITECH Act, Connecticut charges that Health Net violated HIPAA by failing to safeguard protected medical records and financial information on almost a half million Health Net enrollees in Connecticut then allowing this information to remain exposed for at least six months before notifying authorities and consumers. The suit also names UnitedHealth Group Inc. and Oxford Health Plans LLC, who have acquired Health Net.

Stepped Up Federal Enforcement

Even before the HITECH Act amendments, OCR and Department of Justice increased HIPAA investigation and enforcement. The Department of Justice has obtained a variety of criminal convictions against violators of HIPAA. See, e.g., 2 New HIPAA Criminal Actions Highlight Risks From Wrongful Use/Access of Health Information. Meanwhile, OCR also is emphasizing HIPAA enforcement. In February, 2009, OCR announced that CVS Pharmacies, Inc. would pay $2.25 million to resolve HIPAA charges. This announcement followed OCR’s announcement in July, 2008 that Providence Health Care would pay $100,000 to resolve HIPAA violation charges. OCR also has taken HIPAA enforcement actions against a broad range of other Covered Entities. See more details here. While not resulting in the significant payments involved in CVS or Providence, all Covered Entities involved in these and other enforcement actions or investigations have incurred significant legal and other defense costs, loss of community trust, or both.

In addition to these HIPAA-specific exposures, wrongful use, access or disclosure of medical information also can expose Covered Entities, members of their workforce and others improperly using, accessing or disclosing protected health information to liability under other federal or state laws. Federal and state prosecutors may and increasingly do bring criminal or civil actions against organizations or individuals for improperly accessing or using medical or other personal information under a variety of other federal or state laws . See e.g., Cybercrime & Identity Theft: Health Information Security Beyond HIPAA; NY AG Cuomo Announcement of 1st Settlement For Violation of NY Security Breach Notification Law; Woman Who Revealed AIDs Info Gets A Year.

State Civil Lawsuits

Covered Entities also need to prepare to defend HIPAA-related conduct in state civil actions. Individual plaintiffs increasingly used alleged HIPAA violations in state privacy, negligence, retaliation, wrongful discharge or other lawsuits. State courts have allowed private plaintiffs to use the obligations imposed by HIPAA as the basis of a Covered Entity’s duty for purposes of certain state law lawsuits. In Sorensen v. Barbuto, 143 P.3d 295 (Utah Ct. App. 2006), for example, a Utah appeals court ruled a private plaintiff could use HIPAA standards to establish that a physician owed a duty of confidentiality to his patients for purposes of maintaining a state law damages claim. Similarly, the Court in Acosta v. Byrum, 638 S.E. 2d 246 (N.C. Ct. App. 2006) ruled that a plaintiff could use HIPAA to establish the “standard of care” in a negligence lawsuit. Meanwhile, disgruntled employees or other business partners performing services for Covered Entities also increasingly are pointing to HIPAA as the basis for their retaliation or wrongful discharge claims. See, e.g., Retaliation For Filing HIPAA Complaint Recognized As Basis For State Retaliatory Discharge Claim. Read more here.

Coupled with the HITECH Act changes, these and other enforcement actions signal growing potential hazards for Covered Entities that fail to properly manage their HIPAA compliance obligations and risks. To help guard against these exposures, Covered Entities should act quickly to strengthen their HIPAA defenses by updating policies, contracts, practices, security, training, oversight, documentation and management.

Covered Entities & Business Associates Urged To Act Promptly To Manage Mitigating Expanded HIPAA Risks & Obligations

Faced with these expanding obligations and exposures, Covered Entities should prepare for the need to defend the adequacy of their HIPAA compliance efforts on paper and in operation. As part of these efforts, Covered Entities should consider:

Reviewing the adequacy of the practices, policies and procedures of the Covered Entities, business associates, and others that may come into contact with protected health information within the scope of attorney-client privilege taking into consideration the Corrective Action Plan, published OCR noncompliance and enforcement statistics, their own and reports of other security and privacy breaches and near misses, and other developments to determine if additional steps are necessary or advisable;
Updating policies, privacy and other notices, practices, procedures, training and other practices as needed to promote compliance and defensibility;
Renegotiating and enhancing service provider agreements to detail the specific compliance obligations of each party; to clarify the respective rights, procedures and responsibilities of each party in regards to compliance audits, investigation, breach reporting, and mitigation; to clarify rights of indemnification; and other related relevant matters;
Improving technological and other tracking, documentation and safeguards and controls to the use, access and disclosure of protected health information;
Conducting well-documented training as necessary to ensure that members of the Covered Entity’s workforce understand and are prepared to comply with the expanded requirements of HIPAA, can detect potential breaches or other compliance concerns, and understand and are prepared to follow appropriate procedures for reporting and responding to suspected violations;
Tracking actual and near miss violations and making adjustments to policies, practices, training, safeguards and other compliance components as necessary to deter future concern
Establishing and providing well-documented monitoring of compliance;
Establishing and providing well-documented timely investigation and redress of reported violations or other compliance concerns;
Establishing contingency plans for responding in the event of a breach;
Establishing a well-documented process for monitoring and updating policies, practices and other efforts in response to changes in risks, practices and requirements;
Preparing and maintaining a well-documented record of compliance activities; and
Pursuing other appropriate strategies to enhance the Covered Entity’s ability to demonstrate its compliance commitment both on paper and in operation.

For Assistance With Compliance Or Other Concerns

The author of this article, Ms. Stamer has extensive experience advising and assisting health care practitioners and other businesses and business leaders to establish, administer, investigate and defend health care fraud and other compliance and internal control policies and practices to reduce risk under federal and state health care and other laws. If you need assistance with these or other compliance concerns, wish to inquire about arranging for compliance audit or training, or need legal representation on other matters please contact the author of this article, Cynthia Marcotte Stamer, CTT Health Care Practice Group Chair, at cstamer@cttlegal.com, 214.270.2402 or another Curran Tomko Tarski LLP attorney of your choice. You can get more information about the CTT Health Care Practice and more specifics about Ms. Stamer’s health industry experience here.

Ms. Stamer is nationally known for her work, training and presentations, and publications on privacy and security of health and other sensitive information in health and managed care, employment, employee benefits, financial services, education and other contexts.

Vice President of the North Texas Health Care Compliance Professionals Association, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has more than 22 years experience advising clients, conducting workshops and other training, and providing policy advice about health care, privacy, data security, and other matters. She advises health care providers, health insurers and administrators, employer and other health plan sponsors, employee benefit plan fiduciaries, schools, financial services providers, governments and others about privacy and data security, health care, insurance, human resources, ERISA, technology, and other legal and operational concerns. Ms. Stamer also publishes and speaks extensively on health and managed care industry privacy, data security and other technology, regulatory and operational risk management matters. A widely published author on privacy, data security, health care and other related matters, Ms. Stamer is the author of “Protecting & Using Patient Data In Disease Management: Opportunities, Liabilities And Prescriptions,” “Privacy Invasions of Medical Care-An Emerging Perspective,” “Cybercrime and Identity Theft: Health Information Security Beyond HIPAA,” and a host of other highly regarded publications. Her insights on health care, health insurance, human resources and related matters appear in the Atlantic Information Service, Bureau of National Affairs, World At Work, The Wall Street Journal, Business Insurance, the Dallas Morning News, Managed Healthcare, Health Leaders, and a many other national and local publications. For additional information about Ms. Stamer, her experience, involvements, programs or publications, see here.

Other Helpful Resources & Other Information

If you found these updates of interest, you also be interested in one or more of the following other recent articles:

If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information – including your preferred e-mail- by creating or updating your profile at here. You can access other recent updates and other informative publications and resources provided by Curran Tomko Tarski LLP attorneys and get information about its attorneys’ experience, briefings, speeches and other credentials here.

For important information concerning this communication click here. If you do not wish to receive these updates in the future, send an e-mail with the word “Remove” in the Subject to here.

Leave a Comment » | ARRA, Electronic Health Records, Genetic Information, GINA, Health Care, Health Care Provider, Health IT, Health Plan, Health Plans, HIPAA, HITECH Act, Hospital, Medicare, Medicare Advantage, Mental Heatlh, Pharmacy, Prescription Drugs, Privacy, Wellness | Tagged: ARRA, Corporate Compliance, Data Security, Doctor, Federal Sentencing Guidelines, Health Care, Health Care Policy, Health Care Provider, Health Insurance, Health Plans, HIPAA, Hospital, Identity Theft, Physicians, Privacy, retaliation, Retalitory Discharge | Permalink
Posted by Cynthia Marcotte Stamer

HIT Policy Committee’s Nationwide Health Information Network Workgroup Meets December 16, 2009

December 1, 2009

The Office of the National Coordinator for Health Information Technology (ONC) HIT Policy Committee’s Nationwide Health Information Network Workgroup will hold a public meeting on December 16, 2009. The meeting is scheduled from 10 a.m. to 5 p.m./Eastern Time at the OMNI Shoreham Hotel, 2500 Calvert Street, NW., Washington, DC. Members of the public care invited to participate live, via telephone, or Webcast. For details about options for participation, instructions to present input, and other details, see here.

For More Information

We hope that this information is useful to you. If you need assistance with these or other health care public policy, regulatory, compliance, risk management, workforce and other staffing, transactional or operational concerns, please contact the author of this update, Curran Tomko Tarski LLP Health Practice Group Chair, Cynthia Marcotte Stamer, at (214) 270‑2402, cstamer@cttlegal.com. Ms. Stamer has extensive experience advising clients and writes and speaks extensively on these and other health industry and other reimbursement, operations, internal controls and risk management matters. You can review other recent health care and related resources and additional information about the health industry and other experience of Ms. Stamer here.

If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information – including your preferred e-mail – by creating or updating your profile at here or e-mailing this information here and/or by participating in the SLP Health Care Risk Management & Operations Group on LinkedIn. To unsubscribe, e-mail here.

Leave a Comment » | Electronic Health Records, Health Care, Health Care Reform, Health IT, Health Plan, Health Plans, HIPAA, HITECH Act, Hospital, Inpatient Rehabilitation Facility, Privacy | Tagged: ARRA, Corporate Compliance, Electronic Health Records, Electronic Medical Records, EMR, Health Care, Health Care Policy, Health Care Provider, Health Care Reform, Health Care Reimbursement, Health Plans, Health Policy, HHS, Hospital | Permalink
Posted by Cynthia Marcotte Stamer

Senate Finance Committee Releases Statutory Language of America’s Healthy Future Act To Present To Full Senate

October 22, 2009

Americans finally have a chance to read the actual statutory language of the painfully negotiated package of proposed health care reforms that the Senate Finance Committee proposes for adoption. The Senate Finance Committee leadership finally finished drafting has posted the 1506 page long text of the proposed statutory language of the health care reform provisions of the “America’s Healthy Future Act” on its website here.

When the Senate Finance Committee vote passing the America’s Health Future Act, members of the Senate Finance Committee had not yet had the opportunity to review the actual statutory language to be proposed to implement the package of heatlh care reforms painfully hashed out in their committee. As the actual statutory language had not been completed at the time a majority of the Democrats and one Republican Senator serving on the Senate Finance Committee voted to send the legislation to the the full Senate, the vote actually was taken based on a narative description of the intended reforms set forth in a revised draft of the “Chairman’s Mark” of the legislation. Since that time Senate Finance Committee Chairman Max Baucus and other key Democrat Senators on the Senate Finance Committee have worked behind closed doors to prepare the actual statutory language to be presented to the full Senate.

As proposed, the America’s Healthy Future Act would require sweeping changes to the U.S. health care systems that if adopted will radically impact the roles and responsibilities of every patient, health care provider, health care payor, employer and other American. Because of the potential implications on the way health care is financed, delivered and administered and the projections that the legislation will cost approximately $1 Trillion, all parties are urged to carefully review the complex and lengthy legislation to gain an understanding of the legislation and to act quickly to make any concerns known to elected leaders in Congress.

For More Information

If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information – including your preferred e-mail – by creating or updating your profile at here or e-mailing this information here and/or by participating in the SLP Health Care Risk Management & Operations Group on LinkedIn. To unsubscribe, e-mail here.

Leave a Comment » | America's Healthy Futures Act, Anti-KickBack, ASC, Childrens Health Insurance Program, Consumer Driven Health Care, Doctor, Electronic Medical Records, Employer, Health Care, Health Care Finance, Health Care Fraud, Health Care Provider, Health Care Quality, Health Care Reform, Health Insurance Exchange, Health IT, Health Plan, Health Plans, Hospital, Indian Health, Inpatient Rehabilitation Facility, Medicaid, Medical Licensure, Medical Malpractice, Medicare, Medicare Advantage, Mental Heatlh, OIG, Physician, Prescription Drugs, Reimbursement, Rural Health Care | Permalink
Posted by Cynthia Marcotte Stamer

Forms & Instructions To Provide HITECH Act-Required Notice To OCR Of Breach of Unsecured Protected Health Information Posted

October 15, 2009

The Department of Health and Human Services (HHS) Office of Civil Rights (OCR) recently posted online forms and instructions for submitting notice of breaches of unsecured protected health information to OCR required under new protected health information breach notification rules enacted under the Health Information Technology for Economic and Clinical Health (HITECH) Act.

Under Section 13402 of the Health Information Technology for Economic and Clinical Health (HITECH) Act as implemented by the Interim Final Breach Notification Regulations published by OCR in August, health care providers, health plans, and health care clearinghouses (covered entities) and their business associates within the meaning of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) must provide certain notifications within 60 days following discovery of a breach of unsecured protected health information to individuals whose protected health information was breached, OCR, and certain other parties. The new breach notification requirements apply to breaches occurring after September 23, 2009.

The required form to submit notice to and deadline for submitting notice to OCR depends on the number of affected individuals. For breaches affecting 500 or more individuals, notice of the breach must be submitted without unreasonable delay and no later than 60 days from the discovery of the breach. In other cases, notice to affected individuals still must be provided without unreasonable delay and within 60 days of discovery; but notification to CMS may be provided within 60 days of the end of the calendar year of discovery of the breach.

The author of this update, Curran Tomko Tarski LLP Partner Cynthia Marcotte Stamer has extensive experience advising covered entities, their business associates and others about HIPAA and other privacy and data security matters affecting covered entities and their business associates and has conducted training on the breach notification and other new HITECH Act rules and other HIPAA Privacy and Security matters. You can review her experience, learn how to access recordings of her presentations and other details here.

Other Recent Developments

If you found this information of interest, you also may be interested in reviewing some of the following recent Solution Law Press Health Care Updates available online by clicking on the article title below:

For More Information

We hope that this information is useful to you. If you need assistance with these or other health care public policy, regulatory, compliance, risk management, workforce and other staffing, transactional or operational concerns, please contact the author of this update, Curran Tomko Tarski LLP Health Practice Group Chair, Cynthia Marcotte Stamer, at (214) 270‑2402, cstamer@cttlegal.com, Ms. Stamer has extensive experience advising clients and writes and speaks extensively on these and other health industry and other reimbursement, operations, internal controls and risk management matters.

Ms. Stamer has extensive experience in these and other health industry related representation. You can review other recent health care and related resources and additional information about the health industry and other experience of Ms. Stamer here.

If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information – including your preferred e-mail – by creating or updating your profile at here, or e-mailing this information to cstamer@cttlegal.com, and/or by participating in the SLP Health Care Risk Management & Operations Group

Leave a Comment » | ARRA, Electronic Health Records, Health Care, Health IT, Health Plan, Health Plans, Health Policy, HIPAA, HITECH Act | Tagged: Data Breach, Health Care, HIPAA, HITECH Act, Unsecured Protected Health Information | Permalink
Posted by Cynthia Marcotte Stamer

HIT Committee To Meet October 14 In Washington, D.C.

September 29, 2009

The next meeting of the HIT Standards Committee of the Office of the National Coordinator for Health Information Technology (ONC) will be held on October 14, 2009, from 9 a.m. to 3 p.m./Eastern Time at the Omni Shoreham Hotel, 2500 Calvert Street, NW., Washington, DC. The hotel telephone number is 202-234-0700. Interested members of the public are invited to attend.

Created under the American Recovery and Reinvestment Act of 2009 (ARRA), the HIT Standards Committee is charged with making recommendations to the Office of National Coordinator for Health Information Technology (ONC) on standards, implementation specifications, and certification criteria for the electronic exchange and use of health information consistent with the implementation of the Federal Health IT Strategic Plan, and in accordance with policies developed by the HIT Policy Committee. Even as Congress debates further reforms, the activities of the HIT Committee and other components of the ONC are key actors in the continuing efforts of the Obama Administration to promote health care efficiency by reengineering health care technology.

During a previous meeting on August 20, 2009, the HIT Committee finalized certain recommendations concerning meaningful use of electronic medical records, clinical quality, and privacy and security of protected health information, which are available for review here.

According to the ONC announcement regarding the upcoming meeting in today’s (September 29, 2009) Federal Register available here, the Committee plans during the meeting to:

Discuss reports from its Clinical Operations, Clinical Quality, and Privacy and Security Workgroups
Take testimony from invited experts in the field of security as it relates to health information technology

Interested persons may present data, information, or views, orally or in writing, on issues pending before the committee. Written submissions may be made to the contact person on or before October 6, 2009. Oral comments from the public will be scheduled between approximately 2:30 p.m. to 3 p.m. Time allotted for each presentation may be limited. If the number of speakers requesting to comment is greater than can be reasonably accommodated during the scheduled open public hearing session, ONC will take written comments after the meeting until close of business.

ONC hopes to make background material available to the public at least two (2) business days prior to the meeting. However, if ONC is unable to post the background material on its Web site before the meeting, it will make that material publicly available at the location of the advisory committee meeting, and post the background material on ONC’s web site after the meeting here.

The designated person to contact for additional information is Jonathan Ishee, Office of the National Coordinator, HHS, 200 Independence Ave, SW., Room 729-G, Washington, DC 20201, 202-205-8493, Fax: 202-690-6079, e-mail: jonathan.ishee@hhs.gov.

If you need assistance preparing or presenting comments to the HIT Standards Committee or with monitoring or responding to other health care IT, privacy and data security, regulatory, operational, public policy or other health care concerns, please contact the author of this update, Curran Tomko Tarski LLP Health Practice Chair and Partner Cynthia Marcotte Stamer at (214) 270-2402 or via e-mail at CStamer@CTTLegal.com.

Other Recent Developments

If you found this information of interest, you also may be interested in reviewing some of the following recent Solution Law Press Updates available online by clicking on the applicable article title below:

For More Information

We hope that this information is useful to you. If you need assistance with auditing or defending these or other health care compliance, risk management, transaction or operation concerns, please contact the author of this update, Curran Tomko Tarski LLP Health Practice Group Chair, Cynthia Marcotte Stamer, at (214) 270‑2402, cstamer@cttlegal.com, Ms. Stamer has extensive experience advising clients and writes and speaks extensively on these and other health industry and other reimbursement, operations, internal controls and risk management matters.

Leave a Comment » | ARRA, Doctor, Electronic Health Records, Electronic Medical Records, Health Care, Health Care Finance, Health Care Provider, Health Care Quality, Health Care Reform, Health IT, Health Plan, Health Plans, HIPAA, HITECH Act, Hospital, Laws, Medicaid, Medicare, Medicare Advantage, Outcomes Data, Physician, Technology | Tagged: ARRA, Health Care, Health Care Policy, Health Care Provider, Health Care Reform, Health Care Reimbursement, Health Insurance, Health IT, Health Plans, Health Policy, Health Technology, HHS, HIPAA, Hospital, Identity Theft, Medicare, Medicare Part B, PBMs, Privacy, Public Policy, Reimbursement, Technology | Permalink
Posted by Cynthia Marcotte Stamer

Medicare Cautions Medicare-Contracted Insurance Companies & Drug Plans About Health Care Reform Advocacy Mailings As Investigation Opened Into Humana, Inc. Reform Related Communications To Beneficiaries

September 21, 2009

The Centers for Medicare & Medicaid Services (CMS) is considering taking action against Humana, Inc. based on communications about health care reform it sent to enrollees in its Medicare Advantage Plans and calling on other Medicare-contracted health insurance and prescription drug plans to suspend potentially misleading mailings to beneficiaries about health care and insurance reform.

According to a CMS announcement distributed today, CMS is investigating whether Humana, Inc. acted improperly in connection with its communications with enrollees in its plans about health care reform. The CMS investigation reportedly initiated at the request of Senate Finance Chair Max Baucus (D-Mont.) questions the propriety of letters sent by Humana, Inc. to Medicare enrollees alleging that they could lose their benefits under healthcare reform bills moving through Congress.

According to CMS, CMS learned that Humana had been contacting enrollees in one or more of its plans and, in mailings that CMS obtained, made claims that current health care reform legislation affecting Medicare could hurt Medicare beneficiaries. The message from Humana urges enrollees to contact their congressional representatives to protest the actions referenced in the letter.

The Humana Letter allegedly letter told beneficiaries that “millions of seniors and disabled individuals could lose many of the important benefits and services that make Medicare Advantage health plans so valuable” and urged enrollees to contact their congressional representatives and protest the possible changes. Humana, Inc. sent the letter in an envelope stating that the envelop contained ‘important information about beneficiaries’ plans.’

CMS has commenced an investigation into whether the Humana, Inc. mailings violate Federal laws. Specifically, CMS is investigating whether Humana inappropriately used the lists of Medicare enrollees for unauthorized purposes or violated regulations requiring CMS prior approval of advertisements to beneficiaries.

Late last week, CMS requested that Humana, Inc. end similar mailings and remove related communications from its website pending the completion of its investigation. CMS reports that Humana has agreed to do so.

In an announcement e-mailed to members of its list-serve today, CMS notified other Medicare contracted health insurance and prescription drug plans of the investigation and urged them to abstain from engaging in similar communications. “We are concerned that the materials Humana sent to our beneficiaries may violate Medicare rules by appearing to contain Medicare Advantage and prescription drug benefit information, which must be submitted to CMS for review” said Jonathan Blum, acting director of CMS’ Center for Drug and Health Plan Choices. “We also are asking that no other plan sponsors are mailing similar materials while we investigate whether a potential violation has occurred.”

Other Recent Developments

For More Information

We hope that this information is useful to you. If you need assistance with these or other Medicare Advantage or other health care public policy, regulatory, compliance, risk management, workforce and other staffing, transactional or operational concerns, please contact the author of this update, Curran Tomko Tarski LLP Health Practice Group Chair, Cynthia Marcotte Stamer, at (214) 270‑2402, cstamer@cttlegal.com, Ms. Stamer has extensive experience advising clients and writes and speaks extensively on these and other health industry and other reimbursement, operations, internal controls and risk management matters.

Ms. Stamer has extensive experience in these and other health industry related representation including specific experience assisting Medicare/Medicaid Advantage and other health plans, their outsourcers and others about regulatory compliance, contracting and other risk management and public policy matters. You can review other recent health care and related resources and additional information about the health industry and other experience of Ms. Stamer here.

If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information – including your preferred e-mail – by creating or updating your profile at here, or e-mailing this information to cstamer@cttlegal.com, and/or by participating in the SLP Health Care Risk Management & Operations Group on LinkedIn.

Leave a Comment » | America's Healthy Futures Act, Corporate Compliance, Health Care, Health Care Reform, Health Plan, Health Plans, Health Policy, Medicaid, Medicare, Medicare Advantage, Pharmacy, Prescription Drugs, Public Policy, Reimbursement | Permalink
Posted by Cynthia Marcotte Stamer

Baucus’ America’s Healthy Future Act of 2009 Calls For Significant Tightening of Tax Exemption Rules

September 21, 2009

Senate Finance Set To Begin Markup Session Proposal September 22 – Repeal of Rebuttable Presumption Rule In Reasonable Compensation Rules, Other Tightening of Requirements Threatened

With Senate Finance Committee meetings to mark up Chairman Max Baucus’ health care reform proposal as outlined in his 220-page “Chairman’s Mark of America’s Healthy Future Act of 2009” (the “Baucus Proposal”) scheduled to begin tomorrow (September 22, 2009), tax-exempt health care and other non-profit organizations should evaluate carefully proposed amendments that could impact their tax-exempt status or related obligations in addition to the widely-discussed proposal to create “Consumer Operated and Oriented Plans (CO-OPs).

Markup Scheduled To Begin Tuesday

The Senate Committee on Finance plans on Tuesday, September 22, 2009 to hash out how to convert into proposed legislation the health care reform proposal outlined in the “Chairman’s Mark America’s Healthy Future Act of 2009” introduced by Committee Chairman Max Baucus on September 16, 2009, the text of which may be reviewed here.

Since no text of the proposed legislation itself has been released yet, it is impossible to fully evaluate the specific nature and implications of the Baucus Proposal. While this week’s planned Senate Finance Committee mark up will further clarify these matters, a review of the description of changes proposed by Chairman Baucus in the Baucus Proposals nevertheless provides significant insight of what health care organizations can expect to be discussed and, in all likelihood incorporated into the draft legislation ultimately proposed. Accordingly, tax-exempt health care organizations should carefully evaluate and act promptly to share their input with members of the Senate Finance Committee and other members of Congress about a series of proposed amendments that would impact their tax-treatment and other responsibilities.

Proposal To Tighten Tax-Exemption & Reporting

Requirements For Tax-Exempt Hospitals

While the Senate Finance Committee as of yet has not released text of the proposed legislation itself, a review of the description of changes proposed by Chairman Baucus in the Baucus Proposals and other subsequently proposed amendments to the Baucus Proposal reveal plans to materially change the tax-exemption qualification, governance and reporting requirements for tax-exempt hospitals beyond the proposal to create CO-OPs. Among other things, the Baucus Proposal calls for the Internal Revenue Code § 50!(c)(3) and its related provisions to be amended to require:

The hospital to conduct or participate in and share with the public a community-needs analysis with input from a broad cross section of the community at least once every 3 years and thereafter to report on its implementation, including explaining where applicable why identified needs were unaddressed. These additional requirements would supplement rather than replace existing community benefit standards already generally applicable to charitable entities
The hospital to provide non-discriminatory emergency care
The hospital to have, implement and widely disseminate a written financial assistance policy defining among other things:
- The rules for determining who qualifies for financial assistance
- How the hospital determines amounts to be billed to patients in manner that provides for patient discounts to be based on Medicare rates, “best” commercial rates or other approved statutory measures rather than “chargemaster rates”
- Require hospital to notify patients of the financial assistance policy on admission, on bills and in telephone calls of its financial assistance policy before initiating various collection actions or reporting the account to a credit rating agency
The hospital make its audited financial statements (and where applicable, the consolidated financial report of any entity of which it is a part) available widely
The Internal Revenue Service (IRS) to conduct a SEC-type review of each 501(c)(3) hospital’s community benefit activities at least once every three years based on data reported on Schedule H of the Form 990
The IRS and the Department of Health and Human Services (HHS) to report annually to Congress on community benefit activities of non-governmental tax-exempt hospitals, charity care, bad debt, and unreimbursed costs of government programs (means-tested and non-means-tested) incurred by tax-exempt, taxable, and governmental hospitals.

In addition to the proposed amendments included in the Baucus Proposal as originally introduced, health care organizations also will need a close eye on discussions and proposals to amend the Baucus Proposal to further modify the tax-exemption requirements for tax-exempt hospitals and other health care organizations. For instance, late last week, Ranking Member Senator Chuck Grassley submitted a proposal to amend the Baucus Proposal to further tighten requirements for tax-exempt health care organizations:

For the stated purpose of avoiding wasteful legal challenges to the management and governance questions on the revised Form 990, to specifically grant statutory authority to the Internal Revenue Service to ask management and governance questions on the Form 990; and
To make it easier for the Internal Revenue Service to challenge as unreasonable compensation payments made by tax-exempt entities by shifting the burden to the taxpayer of proving the reasonability of compensation and removing the burden currently borne by the Internal Revenue Service of going forward with the evidence on comparability. This would be accomplished by overruling the rebuttable presumption of reasonableness currently set forth in Treasury Regulation § 53.4958-6 of the intermediate sanctions rules and replacing it with a requirement that public charities due diligence demonstrate that their compensation payments meet the 3 current elements of the presumption:
- Review by an authorized body made of members without a conflict of interest
- Use of appropriate data as to comparability and
- Adequate and contemporaneous documentation. This amendment is expected to raise revenue, according to the summary.

With these provisions already targeting their tax-exempt status, tax-exempt hospitals and other non-profits and others likely to surface as the legislative discussion proceeds, tax-exempt health care and other organizations should keep a close eye on proposed tax provisions of the Baucus Proposal and other related proposals.

CO-Ops As Health Coverage Alternative

Much more widely discussed is the Chairman’s CO-OP proposal. The Baucus Proposal calls for the creation of a new vehicle to provide an alternative source of health care coverage called “CO-Ops.” As contemplated by the Baucus Proposal, CO-Ops would be associations controlled by a beneficiary board unrelated to existing organizations providing health insurance as of July 16, 2009. Subject to their meeting non-inurement and other common existing requirements for charitable status as well as other conditions, CO-Ops would be able to apply for tax-exempt status as well as federal funding.

New Taxes and Fees On Insurers & Others

The Baucus Proposal proposes to finance its health care reforms through a variety of mechanisms including, excise taxes and penalties on employers and individuals that fail to purchase the government specified health care package, taxes on premiums paid for health insurance coverage in excess of certain specified annual limits, the imposition of certain premium taxes and “sector fees” on healthcare insurers (with some exceptions possible under certain circumstances for certain 501(c)(3) and (c)(4) HMOs not providing commercial-type insurance within the meaning of Section 501(m)).

Other Baucus Proposal Highlights

In its current summary form, the 220-page Baucus Proposal includes a host of other sweeping reforms, which are certain to be further expanded and refined during this week’s scheduled Senate Finance Committee markup session. Many of these other proposed reforms were highlighted in an overview of the Baucus Proposal published here. You can join the discussion of these and other proposed health care forms and exchange updates and other resources about health care reform and related concerns by registering to participate in the Coalition For Responsible Health Care Policy Group on Linkedin.

Other Recent Developments

For More Information

We hope that this information is useful to you. If you need assistance with these or other health care public policy, regulatory, compliance, risk management, workforce and other staffing, transactional or operational concerns, please contact the author of this update, Curran Tomko Tarski LLP Health Practice Group Chair, Cynthia Marcotte Stamer, at (214) 270‑2402, cstamer@cttlegal.com, Ms. Stamer has extensive experience advising clients and writes and speaks extensively on these and other health industry and other reimbursement, operations, internal controls and risk management matters.

If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information – including your preferred e-mail – by creating or updating your profile at here, or e-mailing this information to cstamer@cttlegal.com, and/or by participating in the SLP Health Care Risk Management & Operations Group on LinkedIn.

Leave a Comment » | Corporate Compliance, Health Care, Health Care Finance, Health Care Provider, Health Care Reform, Health Insurance Exchange, Health Plan, Health Plans, Hospital, Reimbursement, Rural Health Care, Tax-Exemption | Tagged: America's Healthy Future Act, Doctor, Health Care, Health Care Policy, Health Care Provider, Health Care Reform, Health Care Reimbursement, Health Insurance, Hospital, Medicare, Nonprofits, Public Policy | Permalink
Posted by Cynthia Marcotte Stamer

Senate Finance To Begin Markup Session on Baucus Health Care Reform Proposal On September 22

September 18, 2009

The Senate Committee on Finance plans on Tuesday, September 22, 2009 to being meetings to hash out how to convert into proposed legislation the health care reform proposal outlined in the “Chairman’s Mark America’s Healthy Future Act of 2009” introduced by Committee Chairman Max Baucus on September 16, 2009, the text of which may be reviewed here.

While the Chairman’s Markup outlining the health care reform elements that Chairman Baucus’ proposes for adoption by Congress, the specific legislation that the Chairman proposes to be used to implement these proposals has not yet been introduced. Deciding the language and other features of such legislation -i.e., actually drafting the statutory language – is a primary purpose of the September 22, 2009 meeting.

Until actually reduced to specific legislative language, it is difficult for members of Congress and the Americans they represent to know and assess the changes proposed and their potential implications. However, a review of the proposal outlined in the Chairman’s Markup indicates that the adoption of the proposed would impose significant burdens and costs on employers and their employees, while substantially curtailing their health coverage choices. For instance, the Chairman’s Markup would:

Set up insurance “exchanges” through which some individuals and families could receive federal subsidies topurchase coverage;
Allow for the creation of “CO-OPs” as an alternative source of coverage
Mandate that most legal residents of the United States obtain health insurance and impose an income based penalty for Americans failing to secure that coverage;
While not explicitly requiring employers to offer health insurance, the Chairman’s markup would among other things subject businesses with more than 50 workers that did not offer coverage to a penalty for any workers who obtained subsidized coverage through the insurance exchanges also to be established under the legislation. As a rule, full-time employees who were offered coverage from their employer would not be eligible to obtain subsidies via the exchanges but an exception to that “firewall” would be allowed for workers who had to pay more than 13 percent of their income for their employer’s insurance (in which case the employer would also be penalized). Under certain circumstances, firms with relatively few employees and relatively low average wages would also be eligible for tax credits to cover up to half of their contributions toward health insurance premiums.
Deter employers and their employees from investing in higher grade coverage that might otherwise be available for purchase in the marketplace by subjecting insurance policies with relatively high total premiums to a 35 percent excise tax on the amount by which the premiums exceeded a specified threshold. In general, that threshold would be set initially at $8,000 for single policies and $21,000 for family policies; after 2013, those amounts would be indexed to overall inflation.
Significantly expand eligibility for Medicaid;
Significantly tighten tax-exemption requirements for hospitals and other charitable health care organizations;
Radically reduce the growth of Medicare’s payment rates for most services (relative to the growth rates projected under current law) and make various other changes to the Medicaid and Medicare programs and the federal tax code to reduce government program costs. The Congressional Budget Office projects that among the proposed provisions that would result in the largest budget savings are:
- Make permanent reductions in the annual updates to Medicare’s payment rates for most services in the fee-for-service sector (other than physicians’ services)
- Set payment rates in the Medicare Advantage program based on the average of the bids submitted by Medicare Advantage plans in each market
- Reduce Medicare and Medicaid payments to hospitals that serve a large number of low-income patients, known as disproportionate share (DSH) hospitals
- Establish a Medicare Commission, which would be required, under certain circumstances, to recommend changes to the Medicare program to limit the rate of growth in that program’s spending. Those recommendations would go into effect automatically unless blocked by subsequent legislative action. Before 2019, such recommendations would be required if the Medicare Trustees project that Medicare spending per beneficiary will grow more rapidly than a measure of inflation (the average of the growth rates of the consumer price index for medical services and the overall index for all urban consumers). After 2019, recommendations would be required if projected growth exceeded the rate of increase in gross domestic product (GDP) per capita plus 1 percentage point. Because the proposal would prohibit the Commission from modifying eligibility or benefits, its recommendations probably would focus on changes to payment rates or methodologies. The Commission would develop its first set of recommendations during 2013 for implementation in 2015.

Other Recent Developments

For More Information

We hope that this information is useful to you. If you need assistance with these or other health care public policy, regulatory, compliance, risk management, workforce and other staffing, transactional or operational concerns, please contact the author of this update, Curran Tomko Tarski LLP Health Practice Group Chair, Cynthia Marcotte Stamer, at (214) 270‑2402, cstamer@cttlegal.com, Ms. Stamer has extensive experience advising clients and writes and speaks extensively on these and other health industry and other reimbursement, operations, internal controls and risk management matters.

If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information – including your preferred e-mail – by creating or updating your profile at here, or e-mailing this information to cstamer@cttlegal.com, and/or by participating in the SLP Health Care Risk Management & Operations Group

Leave a Comment » | Disease Management, Doctor, Employer, false claims act, Health Care, Health Care Finance, Health Care Quality, Health Care Reform, Health Plan, Health Plans, Hospital, Inpatient Rehabilitation Facility, Medicaid, Medicare, Medicare Advantage, Pharmacy, Physician, Reimbursement | Permalink
Posted by Cynthia Marcotte Stamer

Two Recent Criminal Prosecutions For HIPAA Privacy Rule Violations Signal Rising Criminal Enforcement Risks

September 8, 2009

Register here To Participate In September 9 or September 17 Briefings on New HIPAA Data Breach Rules

September 8, 2009

Two recent separate criminal actions against hospital workers for wrongfully accessed medical records in violation of the medical privacy provisions of the Health Insurance Portability & Accountability Act of 1996, as amended (HIPAA) are the latest reminders to health care providers, health plans, health care clearinghouses, their business associates and members of their workforce that the criminal provisions of the HIPAA Privacy Rules have teeth.

Palmetto General Hospital Employee And Accomplice Indicted For Stealing Patient Records As Part Of Fraud

In Miami-Dade County, federal felony charges are pending against Jacquettia L. Brown, 29, and Tear Renee Barbary, 25, prosecution on for offenses relating to the theft of patient profile records from Palmetto General Hospital to further a fraud scheme.

A seven-count Indictment announced by the Department of Justice on May 26, 2009 charges Brown and Barbary with conspiracy to commit access device fraud in violation of Title 18, United States Code, Section 1029(b)(2), and criminal violations of HIPAA. In addition, Brown is charged with aggravated identity theft, in violation of Title 18, United States Code, Section 1028A(a)(1). If convicted, the defendants face a statutory maximum of five (5) years’ imprisonment on Count 1, and a statutory maximum of ten (10) years’ imprisonment as to each of Counts 2, 3, and 7. As to Counts 4-6, Brown faces a two (2) year mandatory prison sentence per count.

According to the Indictment, Brown, a medical records employee of Palmetto General Hospital, took records containing personal profile information of Palmetto General Hospital patients. Defendant Brown and Barbary then used the stolen personal information to further a credit card fraud conspiracy. The patient profile records that Brown stole included personal identifying information, such as patients’ names, birthdates, Social Security numbers, addresses, driver’s license numbers, and next of kin contacts. Brown used the stolen identifying information to obtain patients’ credit card account numbers. She gave patient profile records and credit card account numbers to Barbary, who used the information to make unauthorized credit card purchases. When law enforcement officials disrupted the scheme, Brown was in possession of 41 patient profile records and Barbary was in possession of six patient profile records.

Curiosity Check of Medical Records Results In Arkansas Doctor, 2 Former Hospital Employees Guilty Plea To HIPAA Violation

Three Arkansas health care workers could be sentenced to up to 1 year in prison, a fine of not more than $50,000, or both after pleading guilty in July, 2009 to misdemeanor violations of the health information privacy provisions of HIPAA for accessing a patient’s record without any legitimate purpose.

United States Magistrate Judge Henry L. Jones, Jr. accepted the guilty pleas of Dr. Jay Holland, age 56, of Little Rock, Arkansas; Sarah Elizabeth Miller, age 28, of England Arkansas; and Candida Griffin, age 34 of Little Rock, Arkansas after each admitted to accessing patient records to satisfy their own curiosity.

Dr. Holland, Medical Director of Select Specialty Hospital, located on the 6 floor of the St. Vincent Infirmary Medical Center (SVIMC), admitted that after watching news reports on television, he logged on to the SVIMC patient records from his computer at home and accessed a patient’s files to determine if the news reports were accurate. He admitted he accessed the file because he was curious even though he had had HIPAA training and understood he was violating HIPAA when he accessed the file. SVIMC suspended Dr. Holland’s privileges for two weeks and required him to complete on-line HIPAA training.

Sarah Elizabeth Miller, formerly an account representative at SVIMC, Sherwood Campus, was responsible for checking patients in and out of the clinic and for processing patient billing. In order to perform her duties, she had access to the SVIMC patient records program which includes all locations, not just that of the Sherwood clinic. Miller admitted that on October 20 and 21, 2008, she accessed a patient’s files approximately 12 times out of curiosity. She admitted that she accessed the records without any legitimate purpose. Records show that Miller was trained on HIPAA privacy laws by SVIMC. SVIMC fired Miller from her position.

Candida Griffin was the emergency room unit coordinator at SVIMC. Her responsibilities were to order patient tests, perform data entry into electronic patient files for patients and perform other secretarial functions in the emergency room. Griffin admitted that on October 20, 2008, she was told by the charge nurse to set-up an alias for a particular patient admitted to the emergency room. On October 21, 2008, after the patient had been moved to ICU, Griffin admitted that she became curious about the patient’s status and accessed the medical chart to find out if the patient was still living. Although Griffin did not inform anyone about accessing the chart, hospital records show that the patient’s records were accessed three times that day by Ms. Griffin. SVIMC records show that Griffin was trained on HIPAA privacy laws. SVIMC fired Griffin from her position.

Pursuant to plea agreements with the United States, Holland, Miller and Griffin pleaded guilty to a misdemeanor a violation of the health information privacy provisions of HIPAA based on their accessing a patient’s record without any legitimate purpose. Each faces a maximum penalty of 1 year imprisonment, a fine of not more than $50,000, or both. A sentencing date has not yet been set, but is expected within the next few weeks.

Criminal Referral and Enforcement Continues

Together with the HIPAA-related criminal convictions of in 2008 of David Gibson, Ferando Ferrer, Jr. and Andrea Smith discussed here, these new Arkansas and Florida criminal actions document the willingness of Justice Department attorneys to investigate and prosecute certain criminal violations. Because they involved the theft of health information for use in furtherance of other health care fraud schemes, many have viewed as predictable and understandable the prosecution of Gibson, Ferrer, Brown and Barbary. In contrast, the willingness of Jane W. Duke, United States Attorney for the Eastern District of Arkansas, to prosecute criminally the wrongful access by the SVIMC health care workers and Andrea Smith in the absence of other health care fraud motives challenges the perception widely held among certain segments of the health care and health plan industry that the criminal provisions of HIPAA have little teeth. Since U.S. Attorney Duke pursued both the SVIMC and Smith prosecutions, it remains to be seen whether other U.S. Attorneys will be equally willing to pursue prosecution of HIPAA violations in the absence of evidence of other federal health care crimes.

Less speculative is the growing readiness of the Department of Health & Human Services Office of Civil Rights to pursue civil remedies for HIPAA violations. On February 18, 2009, for instance, OCR and the Federal Trade Commission (“FTC”) issued a joint announcement (the “Announcement”) ordering CVS Pharmacy, Inc., the nation’s largest retail pharmacy chain, to pay the U.S. government a $2.25 million settlement and to take other corrective action to ensure that it does not violate the privacy rights patients under HIPAA when disposing of patient information such as identifying information on pill bottle labels. In a coordinated action, CVS Caremark Corp., the parent company of the pharmacy chain, also signed a consent order and agreed to a settlement with the FTC to settle potential violations of the FTC Act. The investigation resulting in the settlement marks the first instance where the OCR formally coordinated on investigation and resolution of a case with the FTC.

Coming as new data breach notification requirements for HIPAA-covered entities are set to take effect on September 23, 2009, these and other stepped up oversight and enforcement activities make it critical that all health care providers, health plans, health care clearinghouses and their business associates need to update their policies and practices, tighten their compliance and data breach monitoring processes, and strengthen their internal controls, compliance in preparation for defending their actions under the newly strengthened Privacy Rules. Covered entities and their business associates more than ever must ensure their ability to demonstrate to federal regulators the effectiveness of their HIPAA compliance efforts by both adopting the written policies and procedures required by HIPAA and continuously monitoring and administering these safeguards. Covered entities should consider reviewing the adequacy of their current HIPAA Privacy and Security compliance practices taking into consideration the Corrective Action Plan, published OCR noncompliance and enforcement statistics, their own and reports of other security and privacy breaches and near misses, and other developments to determine if additional steps are necessary or advisable.

If you need assistance with auditing, updating or defending your organizations HIPAA and other privacy and data security practices, please contact Curran Tomko Tarski LLP Partner Cynthia Marcotte Stamer at (214) 270-2402 or via e-mail at CStamer@CTTLegal.com.

Register Now For Upcoming September Health Industry Update Programs

If you found this information of interest, you also may be interested in one of the following upcoming health industry programs to be presented by Ms. Stamer during September:

HITECH ACT Health Data Security & Breach Update on September 9, 2009 hosted live or via teleconference by Curran Tomko Tarski LLP
How to Ensure That Your Organization Is In Compliance With Regulations Governing Discrimination — What You Should Be Doing To Be Prepared for the New, Stepped Up Enforcement Actions on September 10, 2009 hosted via teleconference by Health Resources Publishing
Health Information Security & Data Breach Under HITECH Act on September 17, 2009 hosted via teleconference by the Health Care Compliance Association

To register or for other details about these and other upcoming programs and presentations by Ms. Stamer and other Curran Tomko Tarski members, see here.

Other Recent Developments

If you found this information of interest, you also may be interested in reviewing some of the following recent Curran Tomko Tarski LLP Latest in Health Care Updates available online by clicking on the article title:

For More Information

We hope that this information is useful to you. If you need assistance with auditing or defending these or other health care compliance, risk management, transaction or operation concerns, please contact the author of this update, Curran Tomko Tarski LLP Health Practice Group Chair, Cynthia Marcotte Stamer, at (214) 270‑2402, cstamer@cttlegal.com, Edwin J. Tomko at (214) 270-1405 or another Curran Tomko Tarski LLP Partner of your choice. Ms. Stamer has extensive experience advising clients and writes and speaks extensively on these and other health industry and other internal controls and risk management matters.

Leave a Comment » | Corporate Compliance, Electronic Medical Records, FACTA, Health Care, Health Care Provider, Health IT, Health Plan, Health Plans, HIPAA, OCR | Tagged: ARRA, Doctor, Federal Sentencing Guidelines, Health Care, Health Care Provider, Health Insurance, HIPAA, Hospital, Identity Theft, Physician, Physicians, Privacy | Permalink
Posted by Cynthia Marcotte Stamer

Health Care Providers & Other HIPAA Covered Entities Must Comply With New Data Breach Rules By September 23

August 26, 2009

Health care providers, health clearinghouses, health plans and their business associates generally must start complying with new federal data breach notification rules on September 23, 2009.

The new “Breach Notification For Unsecured Protected Health Information” regulation (Breach Regulation) published here in today’s Federal Register requires health care providers, health plans, health care clearinghouses and their business associates (Covered Entities) covered under the personal health information privacy and security rules of the Health Insurance Portability & Accountability Act (HIPAA) to notify affected individuals following a “breach” of “unsecured” protected health information. The Breach Regulation is part of a series of guidance that HHS is issuing to implement new and stricter personal health information privacy and data security requirements for Covered Entities added to HIPAA under the Health Information Technology for Economic and Clinical Health (HITECH) Act signed into law on February 17, 2009 as part of American Recovery and Reinvestment Act of 2009 (ARRA).

HITECH Act Data Breach and Unsecured PHI Rules

Published in the Federal Register on August 24, 2009, the new Breach Regulation implements the HITECH Act requirement that Covered Entities and their business associates notify affected individuals, the Secretary of HHS, and in some cases, the media, when a breach of “unsecured protected health information” happens and the form, manner, and timing of that notification. Covered Entities must begin complying with the new Breach Regulation on September 23, 2009.

Part of a series of new HHS rules implementing recent changes to HIPAA enacted under the HITECH Act to strengthen existing federally mandates requiring Covered Entities to safeguard protected health information, the Breach Regulation will obligate Covered Entities and business associates to provide certain notifications following a breach of “protected health information” that not secured at the time of the breach through the use of a technology or methodology meeting minimum standards issued by HHS pursuant to other provisions of the HITECH Act.

Under the HITECH Act, the breach notification obligations contained in the Breach Notification only apply to a breach of “unsecured protected health information.” The Breach Regulation exempts breaches of protected health information that qualify as “secured” under separately issued HHS and Federal Trade Commission (FTC) standards for encryption and destruction of protected health information from its breach notification requirements.

For purposes of the HITECH Act, electronic protected health information is considered “unsecured” unless the Covered Entity has satisfied certain minimum standards for the protection of that data established pursuant to the HITECH Act. Earlier this year, HHS and the FTC issued interim rules defining the minimum encryption and destruction technologies and methodologies that Covered Entities must use to render protected health information unusable, unreadable, or indecipherable to unauthorized individuals for purposes of determining when protected health information is “unsecured” for purposes of the HITECH Act. Concurrent with its publication of the Breach Regulation, HHS also released guidance updating and clarifying this previously issued guidance.

Read the Breach Regulation here. To review the HITECH Act Breach Notification Guidance and Request for Information, see here.

OCR officials are continuing to work on other guidance concerning the amendments to HIPAA’s privacy and security rules enacted under the HITECH Act and the Genetic Information and Nondiscrimination Act (GINA). Differences in the effective dates of certain requirements generally will necessitate that Covered Entitites and their business associates move forward to comply with the Breach Regulations and other aspects of these changes before some of these other rules or guidance relating to them takes effect.

About The Author

The author of this update, Curran Tomko Tarski LLP Health Practice Leader Cynthia Marcotte Stamer is nationally known for her work, publications and presentations on privacy and security of health and other sensitive information in health and managed care, employment, employee benefits, financial services, education and other contexts.

Vice President of the North Texas Health Care Compliance Professionals Association and Past Chair of the ABA Health Law Section Managed Care & Insurance Section, and Former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has more than 20 years experience advising clients about health and other privacy and security matters. A popular lecturer and widely published author on privacy and data security and other related health care and health plan matters, Ms. Stamer is the Editor in Chief of the forthcoming 2010 edition of the Information Security Guide to be published by the American Bar Association Information Security Committee in 2010, as well as the author of “Protecting & Using Patient Data In Disease Management: Opportunities, Liabilities And Prescriptions,” “Privacy Invasions of Medical Care-An Emerging Perspective,” “Cybercrime and Identity Theft: Health Information Security Beyond HIPAA,” and a host of other highly regarded publications. She has continuously advises employers, health care providers, health insurers and administrators, health plan sponsors, employee benefit plan fiduciaries, schools, financial services providers, governments and others about privacy and data security, health care, insurance, human resources, technology, and other legal and operational concerns. Ms. Stamer also publishes and speaks extensively on health and managed care industry privacy, data security and other technology, regulatory and operational risk management matters. Her insights on health care, health insurance, human resources and related matters appear in the Atlantic Information Service, Bureau of National Affairs, World At Work, The Wall Street Journal, Business Insurance, the Dallas Morning News, Managed Healthcare, Health Leaders, and a many other national and local publications. For additional information about Ms. Stamer, her experience, involvements, programs or publications, see here.

We hope that this information is useful to you. If you need assistance monitoring, evaluating or responding to these or other compliance, risk management, transaction or operation concerns, please contact the author of this update, Cynthia Marcotte Stamer, at (214) 270-2402, cstamer@cttlegal.com or another Curran Tomko Tarski LLP Partner of your choice.

Other Helpful Resources & Other Information

If you found this updates of interest, you also be interested in one or more of the following other recent articles published on our electronic Curran Tomko Tarski LLP publications available for review here. If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information – including your preferred e-mail- by creating or updating your profile at here. You can access other recent updates and other informative publications and resources provided by Curran Tomko Tarski LLP attorneys and get information about its attorneys’ experience, briefings, speeches and other credentials here.

Leave a Comment » | ARRA, Doctor, Electronic Health Records, Electronic Medical Records, Employer, FACTA, Health Care, Health IT, Health Plan, Health Plans, HIPAA, Physician | Permalink
Posted by Cynthia Marcotte Stamer

CDC Healthcare Infection Control Practices Advisory Committee Schedules Teleconference on Draft Guideline for Prevention of Catheter-Associated Urinary Tract Infections 2008

August 25, 2009

The Centers for Disease Control and Prevention Healthcare Infection Control Practices Advisory Committee (HICPAC) plans to hold a public meeting by teleconference on September 9, 2009 from 2 p.m.-3 p.m. Eastern Time on the Draft Guideline for Prevention of Catheter-Associated Urinary Tract Infections 2008, available at here. Members of the public can participate in the teleconference meeting subject to the availability of telephone ports. To participate in the teleconference, dial 1-888-324-8568 and enter conference code 7126207. HICPAC announced the planned meeting in the August 25, 2009 Federal Register. Agenda items are subject to change as priorities dictate.

HICPAC is charged with providing advice and guidance to Health & Human Services, the Centers for Disease Control and the National Center for Preparedness, Detection, and Control of Infectious Diseases (NCPDCID), regarding: (1) The practice of hospital infection control; (2) strategies for surveillance, prevention, and control of infections (e.g., nosocomial infections), antimicrobial resistance, and related events in settings where healthcare is provided; and (3) periodic updating of guidelines and other policy statements regarding prevention of healthcare-associated infections and healthcare-related conditions.

For more information, contact: Wendy Vance, HICPAC, Division of Healthcare Quality Promotion, NCPDCID, CDC, 1600 Clifton Road, NE., Mailstop A-07, Atlanta, Georgia 30333.

Other Helpful Resources & Other Information

We hope that this information is useful to you. If you need assistance monitoring, evaluating or responding to these or other health industry, public policy, staffing and workforce, regulatory and compliance, risk management, transactional or operational concerns, please contact the author of this update, Cynthia Marcotte Stamer, at (214) 270-2402, cstamer@cttlegal.com or another Curran Tomko Tarski LLP Partner of your choice.

If you found these updates of interest, you also be interested in one or more of the following other recent articles published on our electronic Curran Tomko Tarski LLP publications available for review here. If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information – including your preferred e-mail- by creating or updating your profile at here. You can access other recent updates and other informative publications and resources provided by Curran Tomko Tarski LLP attorneys and get information about its attorneys’ experience, briefings, speeches and other credentials here.

Leave a Comment » | Centers For Disease Control, Disease Management, Doctor, Health Care, Health Care Quality, Health Plan, Health Plans | Permalink
Posted by Cynthia Marcotte Stamer

Health Industry Employers High Priority OSHA Enforcement Target

Battle Creek VA OSHA Safety Violations

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Coalition for Responsible Health Care Policy

Share this:

Share this:

Share this:

Share this:

Health Care Providers Should Strengthen HIPAA Compliance & Defenses As Risks Rise

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Covered Entity Breach Notification Requirements

Broader & Stricter Medical Privacy Mandates Effective 2/17/210

Exposures Significant & Growing

New Risks Created By HITECH Act Amendments

State Attorney General Lawsuit Exposures

Stepped Up Federal Enforcement

State Civil Lawsuits

Covered Entities & Business Associates Urged To Act Promptly To Manage Mitigating Expanded HIPAA Risks & Obligations

For Assistance With Compliance Or Other Concerns

Other Helpful Resources & Other Information

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Recent Posts

Archives

About Cynthia Marcotte Stamer

Share this blog

Archives

Solutions Law Press Health Care Update