Uncategorized |

Obamacare Future Unclear After Trial Court Holds Unconstitutional

December 15, 2018

A ruling by a Federal District Court judge on Friday (December 14, 2018) ruled unconstitutional the Patient Protection and Affordable Care Act (ACA) touches off a new wave of uncertainty about the future of the massive healthcare reform law commonly known as Obamacare just as the enrollment period for 2019 health coverage ended. While Federal District Judge Reed O’Connor finds in his ruling released on Friday that amendments passed by Congress last December robbed the ACA of its original constitutionality, only time will tell if the ruling actually will end the ACA reforms or the effect of such ruling on the hotly debated ACA reforms and other statutory and regulatory reforms Congress and the Trump Administration subsequently prospectively or retrospectively. Consequently, health plans, their employer and other sponsors, insurers, administrators, and fiduciaries; health care providers, consumers and others will need to watch developments closely.

Justice O’Connir’s decision was released one day before the last day of the enrollment period for Americans to elect whether and what coverage, if any, to enroll in through the Obamacare exchanges for calendar 2019.

In Texas v. US, Texas Governor Greg Abbott and other Republican governors challenged the constitutionality of the ACA following passage of the Tax Cuts and Jobs Act of 2017 (TCJA). The plaintiffS argued the TCJA rendered the ACA unconstitutional because it repealed the individual mandate of the ACA upon which the Supreme Court previously found the ACA constitutional.

In the 2012 decision in Nat’l Fed’n of Indep. Businesses v. Sebelius (NFIB), 567 U.S. 519, 530–38 (2012) written by Chief Justice Roberts, the Supreme Court ruled that Congress could not rely upon the Commerce Clause for Constitutional authority to enact the ACA. However, the Supreme Court nevertheless found the Individual Mandate provisions of the ACA preserved the constitutionality of the ACA as a constitutional exercise of Congress’ Taxing Power.

In Texas v. US, the plaintiff governors argue that the repeal of the Individual Mandate as part of Congress’ passage of the TCJA last December robbed the ACA of its constitutionality. They say it is no longer fairly readable as an exercise of Congress’s Tax Power and continues to be unsustainable under the Interstate Commerce Clause. They further urge that if they are correct, the balance of the ACA is untenable as inseverable from the Invalid Mandate. Judge O’Connor agreed with the plaintiff’s in his ruling on Friday. Now it remains to be seen if his ruling will face and withstand the appeal and if so, what effect it will have on Obamacare overall and other subsequent statutory and regulatory reforms.

While only time will tell whether the decision stands and its effect, the path to clarity promises to be filled with more drama and uncertainty. Former US Attorney General Jeff Sessions previously had stated that the Justice Department under his leadership would not expend resources to defend the ACA. It remains to be seen how the Justice Department will not respond in light of his recent resignation. Even if the Justice Department does not step up to defend Obamacare, it is likely that states like California that have intervened in support of the ACA in the litigation will attempt to appeal the action. Assuming that an appeal proceeds, a Court of Appeals would hear the appeal before an almost certain appeal by the losing side in that appeal to the United States Supreme Court, where President Trump’s new appointee would hear the action. Along with the possibility that these Courts will uphold the trial court’s ruling, either of these appeals courts could overrule the trial court in whole or in part. Thus, subsequent appeals decisions could:

Reverse Judge O’Connor’s ruling entirely, leaving The ACA intact in its current form; or
Uphold part but not all of the decision, leaving some parts in place but not others.

pending further decisions, it remains unclear if subsidies, prohibitions against preexisting conditions, guaranteed issue, cost regulations, benefit and coverage mandates and other insurance reforms, health care billing and other reforms will survive.

Meanwhile, regardless of the outcome of the appeals, the decision and its fallout almost certainly will touch off more debate in Congress. With health care reform already a hot topic, more Congressional battles were inevitable. However the decision adds a new and significant wrinkle to the politics of the health reform fight.

In January November’s election will cause the leadership of the House of Representatives is set to transfer from Republicans to Democrats while leaving control over the Senate in the hands of Republications. With leadership of the two legislative bodies split, Democrats are unlikely to be able to use their new control of the House to enact legislation that would overrule outright an adverse decision by the courts. Consequently, Democrats will have an uphill battle if the court decision stands unless and until they can regain Senate control. Instead they are likely to be related to the role occupied by the House the past 4 years in which bills to enact the Democrat vision will pass the House only to die a quick death in the Republican controlled Senate or face veto by the Republican President.

On the other hand, Republicans also could not overcome a decision unfavorable to their agenda for the opposite reason: Despite control of the majority in the Senate and having a Republican President opposed to the ACA, Republicans can’t enact legislation without winning a majority of votes in the House.

On the other hand, either party can and almost certainly will use its veto power over the other party’s agenda. The fight likely will spill over into budget, immigration, workforce and other jet legislation that otherwise might and should enjoy bipartisan support in Congress.

As the litigation proceeds, concerned parties will want to keep a close eye of the Courts, the regulation and enforcement actions of the Trump Administration and the Congress.

Meanwhile, it is important to keep in mind that implementation of Judge O’Connor’s decision is stayed pending appeal.

About the Author

Past Chair of the ABA Managed Care & Insurance Interest Group, a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer is nationally recognized as a thoughtleader in health benefits and health care matters domestically and internationally. She has been continuously involved the design, regulation, administration and defense of managed care and other health and employee benefit, health care, human resources and other staffing and workforce arrangements, contracts, systems, and processes. As a continuous component of this work, Ms. Stamer has worked closely with these and other clients on the design, development, administration, defense, and breach and data recovery of health care, workforce, insurance and financial services, trade secret and other information technology, data and related process and systems development, policy and operations throughout her career.

Scribe of the ABA JCEB annual Office of Civil Rights agency meeting, Ms. Stamer also is widely recognized for her extensive work and leadership on leading edge health care and benefit policy and operational issues.

Ms. Stamer’s clients include employers and other workforce management organizations; employer, union, association, government and other insured and self-insured health and other employee benefit plan sponsors, benefit plans, fiduciaries, administrators, and other plan vendors; managed care organizations, insurers, self-insured health plans and other payers and their management; public and private, domestic and international hospitals, health care systems, clinics, skilled nursing, long-term care, rehabilitation and other health care providers and facilities; medical staff, health care accreditation, peer review and quality committees and organizations; managed care organizations, insurers, third-party administrative services organizations and other payer organizations; billing, utilization management, management services organizations; group purchasing organizations; pharmaceutical, pharmacy, and prescription benefit management and organizations; claims, billing and other health care and insurance technology and data service organizations; other health, employee benefit, insurance and financial services product and solutions consultants, developers and vendors; and other health, employee benefit, insurance, technology, government and other management clients.

A former lead consultant to the Government of Bolivia on its Pension Privatization Project with extensive domestic and international public policy concerns in pensions, healthcare, workforce, immigration, tax, education and other areas, Ms. Stamer has been extensively involved in U.S. federal, state and local health care and other legislative and regulatory reform impacting these concerns throughout her career. Her public policy and regulatory affairs experience encompasses advising and representing domestic and multinational private sector health, insurance, employee benefit, employer, staffing and other outsourced service providers, and other clients in dealings with Congress, state legislatures, and federal, state and local regulators and government entities, as well as providing advice and input to U.S. and foreign government leaders on these and other policy concerns.

Beyond her public policy and regulatory affairs involvement, Ms. Stamer also has extensive experience helping these and other clients to design, implement, document, administer and defend workforce, employee benefit, insurance and risk management, health and safety, and other programs, products and solutions, and practices; establish and administer compliance and risk management policies; comply with requirements, investigate and respond to government; accreditation and quality organizations; private litigation and other federal and state health care industry investigations and enforcement actions; evaluate and influence legislative and regulatory reforms and other regulatory and public policy advocacy; training and discipline; enforcement, and a host of other related concerns. Ms. Stamer’s experience in these matters includes supporting these organizations and their leaders on both a real-time, “on demand” basis with crisis preparedness, intervention and response as well as consulting and representing clients on ongoing compliance and risk management; plan and program design; vendor and employee credentialing, selection, contracting, performance management and other dealings; strategic planning; policy, program, product and services development and innovation; mergers, acquisitions, and change management; workforce and operations management, and other opportunities and challenges arising in the course of their operations.

Ms. Stamer also has extensive health care reimbursement and insurance experience advising and defending plan sponsors, administrators, insurance and managed care organizations, health care providers, payers, and others about Medicare, Medicaid, Medicare and Medicaid Advantage, Tri-Care, self-insured group, association, individual and employer and association group and other health benefit programs and coverages including but not limited to advising public and private payers about coverage and program design and documentation, advising and defending providers, payers and systems and billing services entities about systems and process design, audits, and other processes; provider credentialing, and contracting; providers and payer billing, reimbursement, claims audits, denials and appeals, coverage coordination, reporting, direct contracting, False Claims Act, Medicare & Medicaid, ERISA, state Prompt Pay, out-of-network and other nonpar insured, and other health care claims, prepayment, post-payment and other coverage, claims denials, appeals, billing and fraud investigations and actions and other reimbursement and payment related investigation, enforcement, litigation and actions. Scribe for the ABA JCEB annual agency meeting with HHS OCR, she also has worked extensively on health and health benefit coding, billing and claims, meaningful use and EMR, billing and reimbursement, quality measurement and reimbursement, HIPAA, FACTA, PCI, trade secret, physician and other medical, workforce, consumer financial and other data confidentiality and privacy, federal and state data security, data breach and mitigation, and other information privacy and data security concerns.

Author of leading works on a multitude of health care, health plan and other health industry matters, the American Bar Association (ABA) International Section Life Sciences Committee Vice Chair, a Scribe for the ABA Joint Committee on Employee Benefits (JCEB) Annual OCR Agency Meeting, former Vice President of the North Texas Health Care Compliance Professionals Association, past Chair of the ABA Health Law Section Managed Care & Insurance Section, past ABA JCEB Council Representative and CLE and Marketing Committee Chair, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer’s health industry clients include public health organizations; public and private hospitals, healthcare systems, clinics and other health care facilities; physicians, physician practices, medical staff, and other provider organizations; skilled nursing, long-term care, assisted living, home health, ambulatory surgery, dialysis, telemedicine, DME, Pharma, clinics, and other health care providers; billing, management and other administrative services organizations; insured, self-insured, association and other health plans; PPOs, HMOs and other managed care organizations, insurance, claims administration, utilization management, and other health care payers; public and private peer review, quality assurance, accreditation and licensing; technology and other outsourcing; healthcare clearinghouse and other data; research; public and private social and community organizations; real estate, technology, clinical pathways, and other developers; investors, banks and financial institutions; audit, accounting, law firm; consulting; document management and recordkeeping, business associates, vendors, and service providers and other professional and other health industry organizations; academic medicine; trade associations; legislative and other law making bodies and others.

A popular lecturer and widely published author on health industry concerns, Ms. Stamer continuously advises health industry clients about contracting, credentialing and quality assurance, compliance and internal controls, workforce and medical staff performance, quality, governance, reimbursement, privacy and data security, and other risk management and operational matters. Author of works on Payer and Provider Contracting and many other managed care concerns, Ms. Stamer also publishes and speaks extensively on health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns.

A Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her thought leadership, experience and advocacy on these and other related concerns by her service in the leadership of the Solutions Law Press, Inc. Coalition for Responsible Health Policy, its PROJECT COPE: Coalition on Patient Empowerment, and a broad range of other professional and civic organizations including North Texas Healthcare Compliance Association, a founding Board Member and past President of the Alliance for Healthcare Excellence, past Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; former Board President of the early childhood development intervention agency, The Richardson Development Center for Children (now Warren Center For Children); current Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee, current Vice Chair of Policy for the Life Sciences Committee of the ABA International Section, Past Chair of the ABA Health Law Section Managed Care & Insurance Section, a current Defined Contribution Plan Committee Co-Chair, former Group Chair and Co-Chair of the ABA RPTE Section Employee Benefits Group, past Representative and chair of various committees of ABA Joint Committee on Employee Benefits; an ABA Health Law Coordinating Council representative, former Coordinator and a Vice-Chair of the Gulf Coast TEGE Council TE Division, past Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee, a former member of the Board of Directors of the Southwest Benefits Association and others.

For more information about Ms. Stamer or her health industry and other experience and involvements, see here or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources here such as:

If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.

NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advise or an admission. The author reserves the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The presenter and the program sponsor disclaim, and have no responsibility to provide any update or otherwise notify any participant of any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.

Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.

©2018 Cynthia Marcotte Stamer. Non-exclusive right to republish granted to Solutions Law Press, Inc.™ For information about republication, please contact the author directly. All other rights reserved.

Leave a Comment » | Uncategorized | Permalink
Posted by Cynthia Marcotte Stamer

2/11/19 Deadline To Comment On Reducing HIPAA Regulatory Burden

December 13, 2018

February 12, 2019 is the deadline for health care providers, health plans, health care clearinghouses, their business associates, health care consumers, employer and other plan sponsors and fiduciaries, and other concerned persons to provide input on reducing the regulatory burdens of the Health Insurance Portability and Accountability Act (HIPAA) Privacy, Security and Breach Notification Rules in response to the December 12, 2018 invitation of the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR).

OCR issued the invitation for public comment in a December 12, 2019 Request for Information (RFI). The RIF seeks input from the public on how OCR’s HIPAA Privacy and other Rules could be modified to further the HHS Secretary’s goal of promoting coordinated, value-based healthcare. This RFI is a part of the Regulatory Sprint to Coordinated Care, an initiative led by HHS Deputy Secretary Eric Hargan.

HHS developed the HIPAA Rules to protect individuals’ health information privacy and security interests, while permitting information sharing needed for important purposes. However, in recent years, OCR has heard calls to revisit aspects of the Rules that may limit or discourage information sharing needed for coordinated care or to facilitate the transformation to value-based health care. The RFI requests information on any provisions of the HIPAA Rules that may present obstacles to these goals without meaningfully contributing to the privacy and security of protected health information (PHI) and/or patients’ ability to exercise their rights with respect to their PHI.

OCR’s December 12, 2018 press release concerning the RFI indicates that OCR is looking for candid feedback about how the existing HIPAA regulations are working in the real world and how OCR can improve them to improve quality of care and eliminate undue burdens on covered entities while maintaining robust privacy and security protections for individuals’ health information.

In addition to requesting broad input on the HIPAA Rules, the RFI also seeks comments on specific areas of the HIPAA Privacy Rule, including:

Encouraging information-sharing for treatment and care coordination
Facilitating parental involvement in care
Addressing the opioid crisis and serious mental illness
Accounting for disclosures of PHI for treatment, payment, and health care operations as required by the HITECH Act
Changing the current requirement for certain providers to make a good faith effort to obtain an acknowledgment of receipt of the Notice of Privacy Practices

Public comments on the RFI are due by February 11, 2019.

The RFI follows up on OCR’s announcement of another series of high dollar resolution agreements against covered entities and business associates for alleged breaches of HIPAA’s Privacy or Security Rules, as well as publication of various new guidance intended to help patients, their families, covered entities, business associates and others understand when HIPAA restricts or allows the release of protected health information by covered entities and business associates in mass shooting or other disaster situations, when dealing with patients with substance abuse or mental health conditions and in various other scenarios. Covered entities, their business associates as well as employer and other health plan sponsors, fiduciaries and others involved with protected health information transactions and disclosures should review this new guidance and evaluate its implications on their actions and practices in addition to sharing input with OCR about opportunities to improve existing HIPAA Rules.

About the Author

Past Chair of the ABA Managed Care & Insurance Interest Group and, a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer has been continuously involved the design, regulation, administration and defense of managed care and other health care and health benefit arrangements, contracts, systems, and processes throughout her career. In addition to her extensive provider and payer contracting work, Ms. Stamer also is recognized for her knowledge, experience and leadership on health benefit, health care, health, financial and other information technology, data and related process and systems development, policy and operations throughout her career, and scribe of the ABA JCEB annual Office of Civil Rights agency meeting, Ms. Stamer also is widely recognized for her extensive work and leadership on leading edge health care and benefit policy and operational issues. Highly valued for her rare ability to find pragmatic client-centric solutions by combining her detailed legal and operational knowledge and experience with her talent for creative problem-solving, Ms. Stamer’s clients include employers and other workforce management organizations; employer, union, association, government and other insured and self-insured health and other employee benefit plan sponsors, benefit plans, fiduciaries, administrators, and other plan vendors; managed care organizations, insurers, self-insured health plans and other payers and their management; public and private, domestic and international hospitals, health care systems, clinics, skilled nursing, long-term care, rehabilitation and other health care providers and facilities; medical staff, health care accreditation, peer review and quality committees and organizations; managed care organizations, insurers, third-party administrative services organizations and other payer organizations; billing, utilization management, management services organizations; group purchasing organizations; pharmaceutical, pharmacy, and prescription benefit management and organizations; claims, billing and other health care and insurance technology and data service organizations; other health, employee benefit, insurance and financial services product and solutions consultants, developers and vendors; and other health, employee benefit, insurance, technology, government and other management clients.

As a key part of this work, Ms. Stamer throughout her career regularly has worked with health care providers and payers, employer and other health benefit plan sponsors and vendors, health industry, insurers, health IT, life sciences and other health and insurance industry clients design, document and enforce managed care and other contracts, benefit plans and insurance arrangements, practices, policies, systems and solutions; manage regulatory, contractual and other legal and operational compliance; vendors, supplier, and patient and member relations and requirements; deal with Medicare, Medicaid, CHIP, Medicare/Medicaid Advantage, ERISA, state insurance law and other private payer rules and requirements; contracting; licensing; terms of participation; medical billing, reimbursement, claims administration and coordination, and other provider-payer relations; reporting and disclosure, government investigations and enforcement, privacy and data security; and other compliance and enforcement; Form 990 and other nonprofit and tax-exemption; fundraising, investors, joint venture, and other business partners; quality and other performance measurement, management, discipline and reporting; physician and other workforce recruiting, performance management, peer review and other investigations and discipline, wage and hour, payroll, gain-sharing and other pay-for performance and other compensation, training, outsourcing and other human resources and workforce matters; board, medical staff and other governance; strategic planning, process and quality improvement; HIPAA administrative simplification, meaningful use, EMR, HIPAA and other technology, data security and breach and other health IT and data; STARK, antikickback, insurance, and other fraud prevention, investigation, defense and enforcement; audits, investigations, and enforcement actions; trade secrets and other intellectual property; crisis preparedness and response; internal, government and third-party licensure, credentialing, accreditation, HCQIA, HEDIS and other peer review and quality reporting, audits, investigations, enforcement and defense; patient relations and care; internal controls and regulatory compliance; payer-provider, provider-provider, vendor, patient, governmental and community relations; facilities, practice, products and other sales, mergers, acquisitions and other business and commercial transactions; government procurement and contracting; grants; tax-exemption and not-for-profit; 1557 and other Civil Rights; privacy and data security; training; risk and change management; regulatory affairs and public policy; process, product and service improvement, development and innovation, and other legal and operational compliance and risk management, government and regulatory affairs and operations concerns.

For more information about Ms. Stamer or her health industry and other experience and involvements, see here or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

About Solutions Law Press, Inc.™

Leave a Comment » | Academic medicine, ADA, Ambulatory care, Anethesiology, Centers For Disease Control, Child Care, Childrens Health Insurance Program, Civil Rights, Clinical pathway, Conditions of Participation, Consumer Driven Health Care, Corporate Compliance, Cultural diversity, Cyber crime, data breach, DEA, Direct Primary Care, Disability Discrimination, Discrimination, Disease Management, DME, Doctor, drug treatment, Durable Medical Equipment, E-Prescribing, Electronic Health Records, Electronic Medical Records, Employer, FACTA, FDA, Fiduciary Responsibility, GINA, Health Care, Health Care Finance, Health Care Provider, Health Care Quality, Health Insurance, Health IT, Health Plan, Health Plans, healthcare, HIPAA, HIPAA Cyber Crime, HITECH Act, Home Health, home health, Hospice, Hospital, hospitals, Indian Health, managed care, Meaningful Use, medical devices, Medical Licensure, Medical Malpractice, Medical Privacy, Medical Records, Medicare, Mental Health, OCR, pain management, participating provider, Pharmaceudical, Pharmacy, Physician, Physician Licensing, Provider contracting, Reimbursement, Uncategorized, Wellness | Permalink
Posted by Cynthia Marcotte Stamer

Allergy Practice $125,000 Settlement Reminds Health Care Providers, Other HIPAA Entities Of Press-Related HIPAA Risk

November 27, 2018

Physician practices and other health care providers, health plans and insurers, health care clearinghouses (“Covered Entities”) and their business associates should learn from the costly schooling the Allergy Associates of Hartford, P.C. (“Allergy Associates”) is paying to settle charges that its physician violated the Privacy Rules of the Health Insurance Portability and Accountability Act (“HIPAA”) by commenting to a reporter on a patient complaint under a Resolution Agreement and Corrective Action Plan (“Resolution Agreement”) announced by the Department of Health & Human Services (HHS) Office of Civil Rights (“OCR”) yesterday (November 26, 2018). The latest in a series of OCR HIPAA settlements arising from health care providers improperly discussing or disclosing protected health information (PHI) with the press or other media, the Resolution Agreement reminds health care providers and other HIPAA-Covered Entities and their business associates not to discuss or disclose PHI with the media or others without first obtaining a HIPAA compliant authorization even to respond to accusations made by the patient or others.

Allergy Associates HIPAA Complaint Charge & Resolution

On November 26, 2018, OCR announced that Allergy Associates, a three doctor health care practice that specializes in treating individuals with allergies at four locations across Connecticut, has agreed to pay OCR $125,000 and take corrective action under the Resolution Agreement to resolve charges that the comments a physician made to a reporter on a patient dispute with the practice in 2015 violated HIPAA.

According to OCR, the disclosure of patient information that prompted OCR’s HIPAA charges resulted from a physician associated with the practice commenting to a local television station reporter doing on a story about a disabled patient’s complaint to the station that Allergy Associates turned her away from a scheduled appointment because of her use of a service animal. After the patient contacted the television statement to complain about being turned away by the practice when accompanied by her service animal, the Resolution Agreement indicates that the station contacted the doctor for comment about the dispute between the Allergy Associates’ doctor and the patient. Although OCR reports its investigation revealed that Allergy Associates’ Privacy Officer instructed the doctor to either not respond to the media or respond with “no comment,” the doctor nevertheless accepted the television station reporter’s invitation to comment and discussed the dispute with the reporter.

The physician’s comments to the reporter were brought to the attention of OCR when OCR received a copy of an October 6, 2015, HHS civil rights complaint filed on behalf of the patient with the Department of Justice, Connecticut, U.S. Attorney’s Office (DOJ) by the Connecticut Office of Protection and Advocacy for Persons with Disabilities (OPA). In response to this complaint, OCR initiated a joint investigation with DOJ into the civil rights allegations against Allergy Associates. The complaint also alleged that Allergy Associates impermissibly disclosed the patient’s PHI in violation of HIPAA.

OCR found the physician’s discussion of the patient’s complaint without first obtaining a HIPAA-complaint authorization from the patient both violated HIPAA and demonstrated a reckless disregard for the patient’s HIPAA privacy rights. Additionally, Resolution Agreement also states that OCR’s investigation revealed that Allergy Associates did not take any disciplinary or other corrective action against the doctor after learning of his impermissible disclosure to the media.

To resolve the HIPAA charges, Allergy Associates agrees in the Resolution Agreement and Corrective Action Plan to pay $125,000 as well as to undertake a corrective action plan that includes two years of monitoring their compliance with the HIPAA Rules.

Other Providers Also Paid High Price To OCR For Sharing PHI With Media

Of course, OCR enforcement action against and Resolution Agreement with Allergy Associates is just one of several reported OCR actions against health care providers for improperly disclosing or allowing the press or other media access to PHI without patient authorization.

For instance, a Resolution Agreement announced by OCR on June 14, 2013 required Shasta Regional Medical Center (SRMC) to pay OCR $275,000 and implement a series of corrective actions for using and disclosing to the media PHI of a patient while trying to perform public relations damage control against accusations reported in the media that SRMC had engaged in fraud or other misconduct when dealing with the patient. That Resolution Agreement resulted from OCR investigating a January 4, 2012 Los Angeles Times article report that two SRMC senior leaders had met with media to discuss medical services provided to a patient. OCR’s investigation indicated that SRMC failed to safeguard the patient’s PHI from impermissible disclosure by intentionally disclosing PHI to multiple media outlets on at least three separate occasions, without a valid written authorization. OCR’s review also revealed senior management at SRMC impermissibly shared details about the patient’s medical condition, diagnosis and treatment in an email to the entire workforce. Further, SRMC failed to sanction its workforce members for impermissibly disclosing the patient’s records pursuant to its internal sanctions policy.

The sanctions were even greater in the May 10, 2017 Resolution Agreement and Corrective Action Plan OCR announced with the largest not-for-profit health system in Southeast Texas, Memorial Hermann Health System (MHHS) for issuing a press release with the name and other PHI about a patient arrested and charged with presenting an allegedly fraudulent identification card to MHHS office staff to fraudulently obtain care without first obtaining a HIPAA-compliant authorization from the patient. MHHS paid OCR a $2.4 million resolution payment to resolve HIPAA charges OCR brought against MHHS as well as agreed to implement a detailed corrective action plan. See $2.4M HIPAA Settlement Warns Providers About Media Disclosures Of PHI.

The costs of resolution have been even higher when OCR has addressed disclosures to media made by health care providers or other Covered Entities that allowed their desire for media publicity and coverage of their organizations ahead of patient privacy. For instance, OCR collected a $2.2 million resolution payment from New York Presbyterian Hospital (NYP) for allowing unauthorized filming and photographing of patients in its facility by a television film crew and other staff filming for the television program “NY Med” in the hospital. See $2 Million+ HIPAA Settlement, FAQ Warn Providers Protect PHI From Media, Other Recording Or Use.

Furthermore, earlier this year OCR collected a total of $999,0000 from Boston Medical Center (BMC), Brigham and Women’s Hospital (BWH), and Massachusetts General Hospital (MGH)(collectively, the “Hospitals”) for putting publicity before patient privacy by allowing ABC News documentary film crews to film patients and access other patient information for a news documentary without obtaining prior patient authorization under three settlement agreements with the Hospitals announced by OCR in September, 2018. The payments were made under three separate settlement agreements between OCR and each respective Hospital made public by OCR in connection with the September 20, 2018 announcement stemming from the Hospital’s allowing ABC film crews to film in patient treatment and other areas for the ABC medical documentary “Save My Life: Boston Trauma” series. See $999K Price Hospitals Pay To Settle HIPAA Privacy Charges From Allowing ABC To Film Patients Without Authorization.

OCR’s concern about and intolerance for improper disclosures of PHI to the media by health care providers and other Covered Entities is further demonstrated by OCR’s publication of its 2016 Frequently Asked Question (Media FAQ) addressing Covered Entities’ responsibilities when dealing with the media coincident with OCR’s announcement of its Resolution Agreement with NYP in 2016. The Allergy Associates’ Resolution Agreement further reinforces OCR’s continuing commitment to hold health care providers and other Covered Entities and their business associates accountable for complying with HIPAA when dealing with the press and other media. In the fact of this commitment, health care providers and other Covered Entities must take the necessary steps to implement the appropriate policies, training and controls to ensure that they and their staff and representatives comply with these directives when dealing with press and other media.

Resolution Agreement Also Highlights Need For Sensitivity When Dealing With Disabled Patients With Service Animals

Beyond the HIPAA charges and settlement discussed in the Resolution Agreement, health care providers and other Covered Entities also should heed the factual circumstances that prompted the television interview of the Allergy Associates’ physician that prompted the OCR HIPAA enforcement action as a precautionary warning to ensure that their policies, procedures and staff training for dealing with disabled patients supported by service animals are defensible legally and in the court of public opinion.

The Allergy Associates Resolution Agreement states that OCR’s HIPAA investigation was conducted in response to and in tandem with a Department of Justice (“Justice Department”) Office of Civil Rights investigation of a complaint that Allergy Associates violated the patient’s civil rights by improperly refusing to allow the patient’s service animal to accompany the patient during the patient’s appointment. The patient’s complaint about the practice that the television reporter asked for and obtained the comments from the Allergy Associates’ physician that OCR found violated HIPAA related to Allergy Associates refusing to allow the patient to be accompanied by her service animal during her appointment with Allergy Associates.

While research as of the date of the publication of this article did not uncover any published record of any Justice Department prosecution or settlement or other official notification concerning the Justice Department civil rights investigation against Allergy Associates, the Justice Department Office of Civil Rights as well as the HHS OCR Civil Rights Division have in the past pursued enforcement action against health care providers and others for improperly restricting or denying access to care or facilities by disabled persons based on their accompaniment by service animals.

Title III of the Americans With Disabilities Act (“ADA”) generally prohibits places of public accommodations, including the professional office of a health care provider, from discriminating against any individual on the basis of disability in the full and equal enjoyment of the goods, services, facilities, privileges, advantages, or accommodations of any place of public accommodation, by any person who owns, leases (or leases to), or operates a place of public accommodation, including health care services. 42 U.S.C. § 12182(a); 28 C.F.R. § 36.201. The ADA also requires that such entities make reasonable modifications in policies, practices, or procedures to permit the use of service animals by people with disabilities. 42 U.S.C. § 12182(b)(2)(A)(ii); 28 C.F.R. § 36.302(c). Health care providers also generally are prohibited from discriminating against and required to provide accommodation to individuals with disabilities under the Rehabilitation Act and the Medicare statutes.

The Justice Department, HHS and courts have interpreted these disability prohibition and accommodation laws as making it illegal for a health care provider or its agent to fail to make reasonable accommodations for a person with a service animal unless the health care provider proves (1) the accommodations would fundamentally alter the nature of the facility or service it provides; or (2) based upon an individual assessment, the hospital determines that the service animal poses a substantial and direct threat to health or safety which cannot be mitigated by reasonable accommodations. See, e.g., Tamara v. El Comino Hospital, 964 F.Supp.2d 1077 (N.D.Ca. 2013).

While other types of discriminatory actions by health care providers found to be in violation of these rules often trigger substantial damage awards, administrative penalties, disqualification or restriction of Medicare and other federal program participation for violation of Conditions of Participation, to date the reported agency and judicial enforcement actions brought against health care providers for improperly refusing to allow service animals to accompany patients when accessing facilities or receiving care generally have ordered injunctive or other corrective action but have not imposed substantial damage or administrative penalties upon the culpable provider. Health care providers should avoid the temptation to underestimate the potential seriousness or liability that their organization is likely to incur based on the current lack of substantial financial damage awards or administrative sanctions, however. The 11th Circuit’s ruling in Sheely v. MRI Radiology Network, P.A., 505 F.3d 1173 (11^th Cir. 2007), that noneconomic compensatory damages were available as a remedy for the emotional distressed caused by the violation under the Rehabilitation Act and that the voluntary correction of its policies during the pendency of the litigation did not render moot Sheely’s claim for monetary relief clearly opens the door for a jury to award substantial damages against a health care provider when the jury perceives the circumstances warrant. Furthermore, health care providers need to keep in mind the typically financial and operational burdens of defending litigation or a Justice Department or HHS OCR Civil Rights investigation and costs of implementation and compliance with administrative or injunctive orders to take corrective action as well as the negative public relations attend these types of complaints, their investigation and resolution. Moreover, health care providers participating in Medicare, Medicaid or other federal health care programs also need to take into account the possibility that an alleged violation of these nondiscrimination rules also can serve as a basis for investigation of compliance with applicable Conditions of Participation for program participation and reimbursement. Considering these risks, physician and other health care providers should heed the reminder of their obligations to offer and provide proper accommodation to allow appropriate access to disabled individuals with disabilities requiring service animal support and take steps to review and update their policies, practices and staff training to minimize the risk of potential charges of violation of these requirements.

Health Care Providers, Other Covered Entities Encouraged To Act To Manage HIPAA & Disability Accommodation Risks

The Allergy Associates and other HIPAA Resolution Agreements arising from improper sharing of PHI with the press or other media make clear the need for health care providers and other Covered Entities to exercise great care when dealing with the press and other media.

Clearly, health care providers and other Covered Entities should heed the warning by conducting a risk assessment of their organization’s susceptibility to potential improper disclosures to media or others and reviewing and implementing necessary written policies, procedures and training to prevent the improper disclosure of patient PHI to media or others unless the Covered Entity either secures prior HIPAA-compliant authorization from the patient or can prove the disclosure falls squarely under an exception to the Privacy Rule’s prohibition against disclosure of PHI without authorization except as allowed by the Privacy Rule.

Based on experiences reported in the Allergy Associates and other Resolution Agreements and OCR guidance concerning media disclosures, Covered Entities also generally will want to ensure that their policies, procedures and training extend to all potential sources of communications that could involve patient information and make clear that the Privacy Rule restrictions must be followed even if the circumstances involve allegations of misconduct, special performance by healthcare providers or others that it would benefit the organization or certain individuals to have known to the public, or other circumstances likely to be of interest to the media or other parties.

As part of this process, health care providers and other Covered Entities should ensure they look outside the four corners of their Privacy Policies to ensure that appropriate management, supervision, training and direction is provided to address media, practice transition, workforce communication and other policies and practices that may be covered by pre-existing or other policies of other departments or operational elements not typically under the direct oversight and management of the Privacy Officer such as media relations. Media relations, physician and patients affairs, outside legal counsel, media relations, marketing and other internal and external departments and consultants dealing with the media, the public or other inquiries or disputes should carefully include and coordinate with the privacy officer both to ensure appropriate policies and procedures are followed and proper documentation created and retained to show authorization, account, or meet other requirements.

In conducting this analysis and risk assessment, it also is important that Covered Entities include, but also look beyond the four corners of their Privacy Policies to ensure that their review and risk assessment identifies and assesses and addresses compliance risks on an entity wide basis. This entity-wide assessment should include both communications and requests for information normally addressed to the Privacy Officer as well as requests and communications that could arise in the course of media or other public relations, practice transition, workforce communication and other operations not typically under the direct oversight and management of the Privacy Officer.

For this reason, Covered Entities also generally will not only to adopt and implement specific policies, processes and training in these other departments to prohibit and prevent inappropriate disclosures of PHI in the course of those departments operations. As part of these processes, Covered Entities generally will want to implement a pre-established process for reviewing media or other communications for potential PHI content which includes a requirement for prior review of any proposed public relations and other internal or external communications containing patient PHI or other information by the privacy officer, legal counsel or another suitably qualified party.

Because of the high risk that the preparation or review of media or other public communications reports will involve the use and disclosure of PHI, Covered Entities also generally should verify that all outside media or public relations, legal, or other outside service providers participating in the investigation, response or preparation or review of communications to the media or others both are covered by signed business associate agreements that fulfill the Privacy Rule and other requirements of HIPAA as well as possess detailed knowledge and understanding of the Privacy and Security Rules suitable to participate in and help safeguard the Covered Entity against violations of these and other Privacy Rules. See e.g., Latest HIPAA Resolution Agreement Drives Home Importance Of Maintaining Current, Signed Business Associate Agreements.

About the Author

For more information about Ms. Stamer or her health industry and other experience and involvements, see here or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

About Solutions Law Press, Inc.™

Apply for 2019 CDC Externships in Public Health Law By 1/31/19

November 21, 2018

Now is the time to apply for selection to participate in the Center for Disease Control (CDC) Public Health Law Program (PHLP).

The PHLP offers externships in public health law, tribal public health law, and public health administration and communications. The externships consist of 9–14 weeks of professional work experience with PHLP in Atlanta, Georgia. With rolling start and completion dates during the academic year, unpaid externships must qualify for academic credit as authorized by law and public health schools. Applications for summer 2019 positions are due by January 31, 2019.

About the Author

Ms. Stamer’s legal, management, governmental affairs work and speaking and publications have focused on helping health industry, health benefit and other organizations and their management use the law, performance and risk management tools and process to manage people, performance, quality, compliance, operations and risk.

Highly valued for her rare ability to find pragmatic client-centric solutions by combining her detailed legal and operational knowledge and experience with her talent for creative problem-solving, Ms. Stamer’s clients include public and private, domestic and international hospitals, health care systems, clinics, skilled nursing, long term care, rehabilitation and other health care providers and facilities; medical staff, accreditation, peer review and quality committees and organizations; billing, utilization management, management services organizations, group purchasing organizations; pharmaceutical, pharmacy, and prescription benefit management and organizations; consultants; investors; technology, billing and reimbursement and other services and product vendors; products and solutions consultants and developers; investors; managed care organizations, insurers, self-insured health plans and other payers; and other health industry clients as well as a diverse array of other business and government entities. Ms. Stamer’s health industry clients include public health organizations; public and private hospitals, healthcare systems, clinics and other health care facilities; physicians, physician practices, medical staff, and other provider organizations; skilled nursing, long term care, assisted living, home health, ambulatory surgery, dialysis, telemedicine, DME, Pharma, clinics, and other health care providers; billing, management and other administrative services organizations; insured, self-insured, association and other health plans; PPOs, HMOs and other managed care organizations, insurance, claims administration, utilization management, and other health care payers; public and private peer review, quality assurance, accreditation and licensing; technology and other outsourcing; healthcare clearinghouse and other data; research; public and private social and community organizations; real estate, technology, clinical pathways, and other developers; investors, banks and financial institutions; audit, accounting, law firm; consulting; document management and recordkeeping, business associates, vendors, and service providers and other professional and other health industry organizations; academic medicine; trade associations; legislative and other law making bodies and others.

Ms. Stamer supports these organizations and their leaders on both a real-time, “on demand” basis as well as outsourced operations or special counsel on an interim, special project, or ongoing basis with operational compliance and risk management; strategic planning; product and services development and innovation; workforce and operations management: crisis preparedness and response; public and regulatory affairs and host of other concerns.

As part of this work, Ms. Stamer continuously advises clients about compliance and internal controls, workforce and medical staff performance, quality, governance, reimbursement, privacy and data security, and other risk management and operational matters. She helps clients to establish and administer compliance and risk management policies; comply with requirements, investigate and respond to Board of Medicine, Health, Nursing, Pharmacy, Chiropractic, and other licensing agencies, Department of Aging & Disability, FDA, Drug Enforcement Agency, OCR Privacy and Civil Rights, Department of Labor, IRS, HHS, DOD, FTC, SEC, CDC and other public health, Department of Justice and state attorneys’ general and other federal and state agencies; JCHO and other accreditation and quality organizations; private litigation and other federal and state health care industry investigation, enforcement including insurance or other liability management and allocation; process and product development, contracting, deployment and defense; evaluation, commenting or seeking modification of regulatory guidance, and other regulatory and public policy advocacy; training and discipline; enforcement, and a host of other related concerns for public and private health care providers, health insurers, health plans, technology and other vendors, employers, and others.and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns. She also helps health industry, health plans and insurers, health IT, life sciences and other health industry clients manage regulatory, contractual and other legal and operational compliance; vendors and suppliers; Medicare, Medicaid, CHIP, Medicare/Medicaid Advantage, ERISA and other private payer and other terms of participation, medical billing, reimbursement, claims administration and coordination, and other provider-payer relations, contracting, compliance and enforcement; Form 990 and other nonprofit and tax-exemption; fundraising, investors, joint venture, and other business partners; quality and other performance measurement, management, discipline and reporting; physician and other workforce recruiting, performance management, peer review and other investigations and discipline, wage and hour, payroll, gain-sharing and other pay-for performance and other compensation, training, outsourcing and other human resources and workforce matters; board, medical staff and other governance; strategic planning, process and quality improvement; meaningful use, EMR, HIPAA and other technology, data security and breach and other health IT and data; STARK, antikickback, insurance, and other fraud prevention, investigation, defense and enforcement; audits, investigations, and enforcement actions; trade secrets and other intellectual property; crisis preparedness and response; internal, government and third-party licensure, credentialing, accreditation, HCQIA and other peer review and quality reporting, audits, investigations, enforcement and defense; patient relations and care; internal controls and regulatory compliance; payer-provider, provider-provider, vendor, patient, governmental and community relations; facilities, practice, products and other sales, mergers, acquisitions and other business and commercial transactions; government procurement and contracting; grants; tax-exemption and not-for-profit; 1557 and other Civil Rights; privacy and data security; training; risk and change management; regulatory affairs and public policy; process, product and service improvement, development and innovation, and other legal and operational compliance and risk management, government and regulatory affairs and operations concerns.

Past Chair of the ABA Managed Care & Insurance Interest Group and, a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also has extensive health care reimbursement and insurance experience advising and defending health care providers, payers, and others about Medicare, Medicaid, Medicare and Medicaid Advantage, Tri-Care, self-insured group, association, individual and group and other health benefit programs and coverages including but not limited to advising public and private payers about coverage and program design and documentation, advising and defending providers, payers and systems and billing services entities about systems and process design, audits, and other processes; provider credentialing, and contracting; providers and payer billing, reimbursement, claims audits, denials and appeals, coverage coordination, reporting, direct contracting, False Claims Act, Medicare & Medicaid, ERISA, state Prompt Pay, out-of-network and other nonpar insured, and other health care claims, prepayment, post-payment and other coverage, claims denials, appeals, billing and fraud investigations and actions and other reimbursement and payment related investigation, enforcement, litigation and actions.

Heavily involved in health care and health information technology, data and related process and systems development, policy and operations innovation and a Scribe for ABA JCEB annual agency meeting with OCR for many years who has authored numerous highly-regarded works and training programs on HIPAA and other data security, privacy and use, Ms. Stamer also is widely recognized for her extensive work and leadership on leading edge health care and benefit policy and operational issues including meaningful use and EMR, billing and reimbursement, quality measurement and reimbursement, HIPAA, FACTA, PCI, trade secret, physician and other medical confidentiality and privacy, federal and state data security and data breach and other information privacy and data security rules and many other concerns. Her work includes both regulatory and public policy advocacy and thought leadership, as well as advising and representing a broad range of health industry and other clients about policy design, drafting, administration, business associate and other contracting, risk assessments, audits and other risk prevention and mitigation, investigation, reporting, mitigation and resolution of known or suspected violations or other incidents and responding to and defending investigations or other actions by plaintiffs, DOJ, OCR, FTC, state attorneys’ general and other federal or state agencies, other business partners, patients and others.

As part of this work, Ms. Stamer has worked extensively with health care providers, health plans, health care clearinghouses, their business associates, employers and other plan sponsors, banks and other financial institutions, and others on risk management and compliance with HIPAA, FACTA, trade secret and other information privacy and data security rules, including the establishment, documentation, implementation, audit and enforcement of policies, procedures, systems and safeguards, investigating and responding to known or suspected breaches, defending investigations or other actions by plaintiffs, OCR and other federal or state agencies, reporting known or suspected violations, business associate and other contracting, commenting or obtaining other clarification of guidance, training and and enforcement, and a host of other related concerns. Her clients include public and private health care providers, health insurers, health plans, technology and other vendors, and others. In addition to representing and advising these organizations, she also has conducted training on Privacy & The Pandemic for the Association of State & Territorial Health Plans, as well as HIPAA, FACTA, PCI, medical confidentiality, insurance confidentiality and other privacy and data security compliance and risk management for Los Angeles County Health Department, MGMA, ISSA, HIMMS, the ABA, SHRM, schools, medical societies, government and private health care and health plan organizations, their business associates, trade associations and others.

Author of leading works on a multitude of these and other concerns, the American Bar Association (ABA) International Section Life Sciences Committee Vice Chair, a Scribe for the ABA Joint Committee on Employee Benefits (JCEB) Annual OCR Agency Meeting, former Vice President of the North Texas Health Care Compliance Professionals Association, past Chair of the ABA Health Law Section Managed Care & Insurance Section, past ABA JCEB Council Representative and CLE and Marketing Committee Chair, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, and Board Certified by the Texas Board of Legal Specialization in Labor and Employment Law, Ms. Stamer also shares her thought leadership, experience and advocacy on these and other related concerns by her service in the leadership of the Solutions Law Press, Inc. Coalition for Responsible Health Policy, its PROJECT COPE: Coalition on Patient Empowerment, and a broad range of other professional and civic organizations including North Texas Healthcare Compliance Association, a founding Board Member and past President of the Alliance for Healthcare Excellence, past Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; former Board President of the early childhood development intervention agency, The Richardson Development Center for Children (now Warren Center For Children); current Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee, current Vice Chair of Policy for the Life Sciences Committee of the ABA International Section, Past Chair of the ABA Health Law Section Managed Care & Insurance Section, a current Defined Contribution Plan Committee Co-Chair, former Group Chair and Co-Chair of the ABA RPTE Section Employee Benefits Group, past Representative and chair of various committees of ABA Joint Committee on Employee Benefits; a ABA Health Law Coordinating Council representative, former Coordinator and a Vice-Chair of the Gulf Coast TEGE Council TE Division, past Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee, a former member of the Board of Directors of the Southwest Benefits Association and others.

For more information about Ms. Stamer or experience publications, speaking, public advocacy or other involvements, see here or contact Ms. Stamer via telephone at (469) 767-8872 or via e-mail here.

About Solutions Law Press, Inc.™

Leave a Comment » | Academic medicine, Anethesiology, billing, Border Health, CDC, Centers For Disease Control, Consumer Driven Health Care, Controlled Substances, Corporate Compliance, DEA, Doctor, drug treatment, E-Prescribing, FDA, Health Care, Health Care Finance, Health Care Provider, Health Care Quality, Health Care Reform, Health Plan, Health Plans, healthcare, HHS, Hospice, Hospital, hospitals, Human Subjects Research, Laws, Medicaid, Medical Malpractice, Medical Records, Medicare, Medicare Advantage, Medicare Prescription Drug Program, Mental Health, Mental Heatlh, Opiates, pain management, Patient Empowerment, Pharmacy, Physician, Prescription Drugs, Psychiatric, public health, Public Policy, Reimbursement, Second Amendment, Substance Abuse, substance abuse treatment, Uncategorized, Wellness | Permalink
Posted by Cynthia Marcotte Stamer

DOJ-Atrium Settlement Signals Possible Antitrust Risks From Common Provider Contract Terms

November 18, 2018

Hospitals and other health care providers, health care payers, health care providers, managed care and practice management service providers and others structuring or working with preferred provider or other managed health care contracts should weigh the potential implications on their health plan provider agreements and managed care practices of the antitrust lawsuit jointly brought by the U.S. Department of Justice and the North Carolina Attorney General against North Carolina’s largest healthcare system, The Charlotte-Mecklenburg Hospital Authority d/b/a Atrium Health (“Atrium”) which challenges steering restrictions and other contractual protections of Atrium against competition from other contracted health care providers.

Court documents filed by the Justice Department with the U.S. District Court for the Western District of North Carolina on November 15, 2018, seek Court approval of a Joint Stipulation and Final Judgment (“Consent Decree”), which if approved by the Court, will resolve a civil antitrust lawsuit challenging Atrium’s practice of requiring and enforcing “steering restrictions” in its managed care provider agreements with commercial insurers, self-insured employer and union health plans and other private payer that prohibit the payers from steering patients to, or sharing information about other potentially more cost-effective competitor hospitals, physicians or other health care providers filed by the Justice Department in June, 2016. While the emphasis by the Justice Department of the market dominance of Atrium in the factual allegations contained in its complaint raise questions about whether the Justice Department would undertake similar litigation against less market dominant providers, the charges made by the Justice Department in its complaint and the agreement by Atrium to cease the challenged conduct nevertheless raise a substantial basis for concern by other health care providers and payers about their own potential antitrust risks from negotiating to include, including or enforcing a wide range of provider steering and other contractual provisions commonly included in many preferred provider contracts between health plans, insurers and their managed care organizations and the health care providers that contract to be participating providers for their health plan narrow network or other managed care provider panels.

It should be noted that steering, and commitments to steer and not to steer patients to various providers are a longstanding and key component of the structure of most preferred provider contracts used in the managed care industry. Steering refers to practices payers historically use to offer or encourage patients and other health care consumers to access care from health care providers that the payer perceives as a more cost effective provider. Historically, insurers promised to steer patients to health care providers contracting to become “preferred providers” to health plan members in return for health care provider’s agreement to provide care a preferred rates or in accordance with other health plan rules. With most health care providers now participating in provider networks, however, payers increasingly want to steer members to lower cost providers within the provider network to maximize savings and place pressure on higher cost participating providers to reduce rates. If the higher cost providers have most favored nation or other contractual safeguards like those in Atrium’s provider contracts, however, contractual barriers obstruct these efforts by payers. The insurers in Atrium used antitrust complaints filed with the Justice Department to attack these contractual barriers.

Formerly known as Carolinas HealthCare System, the dominant health care provider in the Charlotte, North Carolina area, and one of the largest not-for-profit healthcare systems in the United States, Atrium provides healthcare services throughout the Carolinas, including in hospitals, freestanding emergency departments, urgent care centers, physician practices, outpatient surgery centers, imaging centers, nursing homes, and laboratories. Atrium’s flagship facility is Carolinas Medical Center, the largest hospital in North Carolina. Atrium also operates eight other general acute-care hospitals in the Charlotte area and owns, manages, or has strategic affiliations with more than 40 hospitals in the Carolinas.

The Justice Department complaint filed on June 9, 2016 charges that Atrium violated federal antitrust law by using its dominant market power to force commercial payers to agree to include various steering and transparency restrictions in their managed care contracts with Atrium in a manner that illegally restricts competition in violation of federal antitrust laws. The challenged provisions include a series of promises historically included in many provider agreements such as provisions requiring that the private payer:

To steer plan members to participating providers;

Not to steer plan members away from participating providers;
To include Atrium providers in any new networks or preferential treatment afforded to any other contracting provider in new or all plans, products, networks and preferred provider classifications; and
Not to exclude from and/or to provide the provider with the right to receive any new preferences or rewards for being a preferred provider.

Although provider contracts historically have included many of these same provisions, the Justice Department in its lawsuit against Atrium charged that Atrium illegally used its dominant market position to negotiate managed care contracts paying higher reimbursement rates than other less dominant contracted providers received and used the challenged contract provisions to insulate itself against competition from other network providers offer care at more cost effective rates. The Justice Department contends the challenged provisions allow Atrium to continue to charge higher prices free from effective competition from other health care providers by prohibiting the private payers from steering patients to other health care providers and guaranteeing Atrium the most preferential treatment available even if its rates are not competitive with those of other providers enjoying the same status. In its Atrium complaint, the Justice Department asserts that Atrium’s steering restrictions harm payers and consumers in violation of federal antitrust laws by obstructing the ability of insurers to design health benefit plans that give patients financial incentives to choose more cost-effective hospitals and physicians. The Justice Department contends these actions by Atrium force health insurers not to encourage consumers to choose other healthcare providers that offer better overall value and from providing consumers and employers with information regarding the cost and quality of alternative health benefit plan.

More than two years after the Justice Department commenced the lawsuit, court documents filed with the Court by the Justice Department on November 15, 2018 reflect the parties now have agreed to settle the lawsuit. The Justice Department filed an unopposed motion that asks to enter a Consent Decree implementing the terms of a settlement which would preclude Atrium from seeking to negotiate or enforce a wide range of steering and transparency restrictions in existing or future preferred provider agreements. While Atrium would not pay any damages under the proposed Consent Degree, the proposed Consent Decree would:

Prohibit Atrium from seeking to negotiate, include or enforce steering or transparency restrictions in its provider agreements with private payers or otherwise seeking contract terms or taking actions that would prohibit, prevent, or penalize payers for steering or sharing information to promote transparency in the future in any Narrow Network Benefit Plan, Tiered Network Benefit Plan, or any Benefit Plan with Reference-Based Pricing or a Center of Excellence as a component in the Charlotte area; and
Void or restrict Atrium from enforcing certain specific existing steering and transparency restrictions in Atrium’s existing preferred provider agreements with various commercial insurers identified in exhibits to the Consent Decree except with respect to certain “carve out networks.”

If approved in its current form, the Consent Decree will both void a host of existing contractual safeguards currently included in Atrium’s existing provider contracts and affirmatively prohibit Atrium from seeking seek or enforce other safeguards insulating it from competition from other lower cost health care providers by defining “penalties” broadly to include any contract term or action with the likely effect of significantly restraining steering through steered plans or transparency under the facts and circumstances considering the contract provision or action; its economic impact; and the extent to which the contract provision or action has potential or actual procompetitive effects in the Charlotte Area.

Special rules applicable to Department of Justice antitrust settlements under the Tunney Act require the Justice Department to publish the proposed settlement to be implemented by the Consent Decree and the Department’s competitive impact statement in the Federal Register and allow a public comment period of 60 days before the court can approve the Consent Decree. Any person may submit written comments concerning the proposed settlement during a 60-day comment period to Peter J. Mucchetti, Chief, Healthcare and Consumer Products Section, Antitrust Division, U.S. Department of Justice, 450 Fifth Street, N.W., Suite 4100, Washington, D.C. 20530. After the comment period closes, the Court will consider the motion taking into account the comments and other factors it determines appropriate. Barring unforeseen circumstances, the U.S. District Court for the Western District of North Carolina likely will approve the proposed consent decree upon finding that it serves the public interest.

Because the contractual provisions challenged as anti-competitive in the Atrium litigation are of a nature widely used within the managed care industry, health care providers, health insurers, self-insured employer and union health plans and their sponsors and others involved in the managed care industry should weigh the potential implications of the Atrium litigation and its anticipated resolution on their own provider contracting strategies and practices as well as those of their competitors.

Contractual provisions like those challenged in the Atrium litigation are widely used throughout the managed care industry. Steerage of patients to the participating provider and associated competitive protections historically has been the primary inducements and considerations that providers receive in return for agreeing to accept payer rates and other rules for a health care provider to qualify for inclusion on the payer’s provider panel. Consequently, provider contracts between payers and participating providers commonly include steering, transparency or other restrictions similar in function if not form to those contested in the Atrium litigation. Moreover, promises regarding steering are not limited to provider agreements between payers and providers. Insurers, preferred provider organizations and other managed care organization typically require employer, union or other health plan sponsors of health plans with preferred provider or other managed care features contractually to commit to design their health plans to incorporate features that steer plan members to use preferred providers and prohibit plan members from taking advantage of potentially lower cash or other rates that a participating provider might offer to patients choosing to circumvent the provider network to access care. Since the Atrium litigation raises questions about potential challenges to the enforceability and legality of similar steering and contractual provisions insulating contracted providers from competition health care providers and payers with or negotiating preferred provider contracts that contain anti-steering or other contractual provisions like those challenged in the Atrium litigation and the self-insured group health plans that contract to access provider networks using these contracts should weigh carefully the potential risks of participating in contractors or seeking to negotiate or enforce these provisions taking into account their own specific facts and circumstances and the current guidance within qualified legal counsel within the scope of attorney-client privilege.

While some might be tempted to assume from Atrium’s market dominance that the Atrium challenge and litigation challenges apply only to provider agreements involving providers with substantial market dominance in their region, this is not necessarily the case. Broader existing antitrust precedent concerning restraints on competition arguably provide some grounds for concern that the Justice Department or private litigants might seek to leverage the antitrust challenges raised in the Atrium litigation to challenge Atrium-like steering restrictions, most favored nation status and other similar clauses in preferred provider and other managed care agreements involving health care providers or others with a much smaller market share. Likewise, it remains whether evidence showing the insurer, rather than the provider, originally proposed the questioned provision could impact the risk or render the contracts more defensible.

Despite these and other questions about the extent to which the challenges raised to the Atrium contracts will be asserted, much less successfully litigated with respect to provider protections contained in other preferred provider agreements, those negotiating or involved in preferred provider agreements containing similar provisions should consider and monitor the potential risks and weigh their options for mitigating these risks. Among other things, it is important to keep in mind that antitrust violations carry potential civil and in some cases, even criminal violations, for participating or conspiring to participate in prohibited anticompetitive arrangements. Thus both payers and providers participating or contemplating participating in contracts or negotiation to interject the challenged provisions into their own provider agreements should weigh their actions carefully. Moreover, even when only civilly prosecuted, potential civil damages and defense costs often are substantial. Accordingly, while the Justice Department prosecution of Atrium was civil, rather than criminal in nature and the agreed upon Judgement presented to the Court to end the litigation does not require Atrium to pay any monetary damages, future plaintiffs should not assume that they would similarly avoid such damages in the event their own practices are successfully challenged. Consequently, health care providers, as well as health insurers, employer and union health plans and other private sector payers, and others participating in the negotiation or administration of, or competing in market regions with preferred provider agreements containing steering restrictions or other contractual provisions similar in form or function to those challenged in the Atrium litigation should seek specific legal advice about the potential implications of antitrust challenges raised in the Atrium Judgement on their practices and market situation and options for mitigating those risks.

About the Author

Past Chair of the ABA Managed Care & Insurance Interest Group and, a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer has been continuously involved the design, regulation, administration and defense of managed care and other health care and health benefit arrangements, contracts, systems, and processes throughout her career. In addition to her extensive provider and payer contracting work, Ms. Stamer also is recognized for her knowledge, experience and leadership on health benefit, health care, health, financial and other information technology, data and related process and systems development, policy and operations throughout her career, and scribe of the ABA JCEB annual Office of Civil Rights agency meeting, Ms. Stamer also is widely recognized for her extensive work and leadership on leading edge health care and benefit policy and operational issues. Highly valued for her rare ability to find pragmatic client-centric solutions by combining her detailed legal and operational knowledge and experience with her talent for creative problem-solving, Ms. Stamer’s clients include employers and other workforce management organizations; employer, union, association, government and other insured and self-insured health and other employee benefit plan sponsors, benefit plans, fiduciaries, administrators, and other plan vendors; managed care organizations, insurers, self-insured health plans and other payers and their management; public and private, domestic and international hospitals, health care systems, clinics, skilled nursing, long term care, rehabilitation and other health care providers and facilities; medical staff, health care accreditation, peer review and quality committees and organizations; managed care organizations, insurers, third party administrative services organizations and other payer organizations; billing, utilization management, management services organizations; group purchasing organizations; pharmaceutical, pharmacy, and prescription benefit management and organizations; claims, billing and other health care and insurance technology and data service organizations; other health, employee benefit, insurance and financial services product and solutions consultants, developers and vendors; and other health, employee benefit, insurance, technology, government and other management clients.

A former lead consultant to the Government of Bolivia on its Pension Privatization Project with extensive domestic and international public policy concerns in pensions, healthcare, workforce, immigration, tax, education and other areas, Ms. Stamer has been extensively involved in U.S. federal, state and local health care and other legislative and regulatory reform impacting these concerns throughout her career. Her public policy and regulatory affairs experience encompassess advising and representing domestic and multinational private sector health, insurance, employee benefit, employer, staffing and other outsourced service providers, and other clients in dealings with Congress, state legislatures, and federal, state and local regulators and government entities, as well as providing advice and input to U.S. and foreign government leaders on these and other policy concerns.

Author of leading works on a multitude of health care, health plan and other health industry matters, the American Bar Association (ABA) International Section Life Sciences Committee Vice Chair, a Scribe for the ABA Joint Committee on Employee Benefits (JCEB) Annual OCR Agency Meeting, former Vice President of the North Texas Health Care Compliance Professionals Association, past Chair of the ABA Health Law Section Managed Care & Insurance Section, past ABA JCEB Council Representative and CLE and Marketing Committee Chair, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer’s health industry clients include public health organizations; public and private hospitals, healthcare systems, clinics and other health care facilities; physicians, physician practices, medical staff, and other provider organizations; skilled nursing, long term care, assisted living, home health, ambulatory surgery, dialysis, telemedicine, DME, Pharma, clinics, and other health care providers; billing, management and other administrative services organizations; insured, self-insured, association and other health plans; PPOs, HMOs and other managed care organizations, insurance, claims administration, utilization management, and other health care payers; public and private peer review, quality assurance, accreditation and licensing; technology and other outsourcing; healthcare clearinghouse and other data; research; public and private social and community organizations; real estate, technology, clinical pathways, and other developers; investors, banks and financial institutions; audit, accounting, law firm; consulting; document management and recordkeeping, business associates, vendors, and service providers and other professional and other health industry organizations; academic medicine; trade associations; legislative and other law making bodies and others.

A Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her thought leadership, experience and advocacy on these and other related concerns by her service in the leadership of the Solutions Law Press, Inc. Coalition for Responsible Health Policy, its PROJECT COPE: Coalition on Patient Empowerment, and a broad range of other professional and civic organizations including North Texas Healthcare Compliance Association, a founding Board Member and past President of the Alliance for Healthcare Excellence, past Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; former Board President of the early childhood development intervention agency, The Richardson Development Center for Children (now Warren Center For Children); current Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee, current Vice Chair of Policy for the Life Sciences Committee of the ABA International Section, Past Chair of the ABA Health Law Section Managed Care & Insurance Section, a current Defined Contribution Plan Committee Co-Chair, former Group Chair and Co-Chair of the ABA RPTE Section Employee Benefits Group, past Representative and chair of various committees of ABA Joint Committee on Employee Benefits; a ABA Health Law Coordinating Council representative, former Coordinator and a Vice-Chair of the Gulf Coast TEGE Council TE Division, past Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee, a former member of the Board of Directors of the Southwest Benefits Association and others.

For more information about Ms. Stamer or her health industry and other experience and involvements, see here or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

About Solutions Law Press, Inc.™

Leave a Comment » | Antitrust, Consumer Driven Health Care, Health Care, Health Care Finance, Health Care Fraud, Health Care Provider, Health Care Quality, health care reimbursement, managed care, participating provider, Provider contracting, Uncategorized | Permalink
Posted by Cynthia Marcotte Stamer

Listen In on Free 11/15 Telemedicine Twitter Chat

November 6, 2018

Health care providers, health plans, communities and others interested in telemedicine should consider listening in on Thursday, November 15 to the Health Resources and Services Administration (HRSA) Twitter chat focusing on telehealth and how technology can help the primary health workforce in rural areas improve quality and accessibility of care. Join subject matter experts, grantees, and key federal and non-federal partners to #Talktelehealth. Follow them on Twitter and join their Twitter chat on November 15 at 2 pm ET.

About the Author

Ms. Stamer’s legal, management, governmental affairs work and speaking and publications have focused on helping health industry, health benefit and other organizations and their management use the law, performance and risk management tools and process to manage patients, providers and other workforce members, vendors and other people and organizations, their performance, quality, compliance, operations and risk.

Highly valued for her rare ability to find pragmatic client-centric solutions by combining her detailed legal and operational knowledge and experience with her talent for creative problem-solving, Ms. Stamer’s clients include public and private, domestic and international hospitals, health care systems, clinics, skilled nursing, long term care, rehabilitation and other health care providers and facilities; medical staff, accreditation, peer review and quality committees and organizations; telemedicine, billing, utilization management, management services organizations, group purchasing organizations; pharmaceutical, pharmacy, and prescription benefit management and organizations; consultants; investors; technology, billing and reimbursement and other services and product vendors; products and solutions consultants and developers; investors; managed care organizations, insurers, self-insured health plans and other payers; and other health industry clients as well as a diverse array of other business and government entities. Ms. Stamer’s health industry clients include public health organizations; public and private hospitals, healthcare systems, clinics and other health care facilities; physicians, physician practices, medical staff, and other provider organizations; skilled nursing, long term care, assisted living, home health, ambulatory surgery, dialysis, telemedicine, DME, Pharma, clinics, and other health care providers; billing, management and other administrative services organizations; insured, self-insured, association and other health plans; PPOs, HMOs and other managed care organizations, insurance, claims administration, utilization management, and other health care payers; public and private peer review, quality assurance, accreditation and licensing; technology and other outsourcing; healthcare clearinghouse and other data; research; public and private social and community organizations; real estate, technology, clinical pathways, and other developers; investors, banks and financial institutions; audit, accounting, law firm; consulting; document management and recordkeeping, business associates, vendors, and service providers and other professional and other health industry organizations; academic medicine; trade associations; legislative and other law making bodies and others.

Past Chair of the ABA Managed Care & Insurance Interest Group and, a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also has extensive health care reimbursement and insurance experience advising and defending health care providers, payers, and others about Medicare, Medicaid, Medicare and Medicaid Advantage, Tri-Care, self-insured group, association, individual and group and other health benefit programs and coverages including but not limited to advising public and private payers about coverage and program design and documentation, advising and defending providers, payers and systems and billing services entities about systems and process design, audits, and other processes; provider credentialing, and contracting; providers and payer billing, reimbursement, claims audits, denials and appeals, coverage coordination, reporting, direct contracting, False Claims Act, Medicare & Medicaid, ERISA, state Prompt Pay, out-of-network and other nonpar insured, and other health care claims, prepayment, post-payment and other coverage, claims denials, appeals, billing and fraud investigations and actions and other reimbursement and payment related investigation, enforcement, litigation and actions.

For more information about Ms. Stamer or experience publications, speaking, public advocacy or other involvements, see here or contact Ms. Stamer via telephone at (469) 767-8872 or via e-mail here.

About Solutions Law Press, Inc.™

Leave a Comment » | Health Care, Rural Health Care, Telemedicine, Uncategorized | Tagged: Telemedicine | Permalink
Posted by Cynthia Marcotte Stamer

CMS Hosts EDGE Server Webinar Series VIII for Health Insurers, TPAs

November 1, 2018

The Centers for Medicare & Medicaid Servhces (CMS) will conduct a webinar session on the EDGE Server 29.0 Maintenance Release Detail and Global Reference Data Updates on Tuesday, November 6, 2018 from 11:30 a.m. – 12:30 p.m. ET.

CMS will conduct this session using two (2)-way audio conferencing for

Health Insurance Issuers of Marketplace and Non-Marketplace Plans § Amazon and On-Premise EDGE server Issuers

Health Plan Third Party Administrators (TPAs)

Register here at least 24 hours prior to the scheduled session.

Leave a Comment » | Affordable Care Act, Consumer Driven Health Care, Corporate Compliance, Electronic Health Records, Employee Benefits, ERISA, Health IT, Health Plan, Health Plans, healthcare, HHS, Medicare Advantage, Reimbursement, Uncategorized | Permalink
Posted by Cynthia Marcotte Stamer

Trump Signs Sweeping Opiate Prescription & Treatment Reform Bill Into Law

October 24, 2018

Today (October 24, 2018), President Trump signed into law bill he and Congress hope will combat the opioid crisis, H.R. 6, the Substance Use-Disorder Prevention that Promotes Opioid Recovery and Treatment (SUPPORT) for Patients and Communities Act.

The bipartisan law takes aim at the U.S. Opiate Addiction Epidemic by combining over 70 bills from the House and Senate to combat the opioid crisis, including:

H.R. 5773, Preventing Addiction for Susceptible Seniors (PASS) Act, which ombines several member bills that aim to prevent opioid overuse by increasing program integrity efforts and resources for beneficiaries to help ensure that they are properly adhering to their prescribed pain medications.

H.R. 5775, Providing Reliable Options for Patients and Educational Resources (PROPER) Act, which combines several member bills that aim to increase educational resources for Medicare beneficiaries. These resources ensure beneficiaries are aware of the adverse effects of prolonged opioid use and their coverage options for the treatment of pain. The PROPER ACT also eliminates pain-related questions from required patient satisfaction surveys in hospitals.

H.R. 5774, Combating Opioid Abuse for Care in Hospitals (COACH) Act, which combines several member bills that aim to educate providers and beneficiaries to reduce opioid use, and promotes the development and adoption of quality measure related to opioid use and opioid use disorder treatments.

H.R. 6110, Dr. Todd Graham Pain Management, Treatment, and Recovery Act, which combines several member bills that aim to eliminate Medicare payment incentives to prescribe opioids instead of non-opioid pain management treatments and expand access to non-opioid alternatives and substance use disorder treatment, including in underserved and rural areas.

H.R. 5723, Expanding Oversight of Opioid Prescribing and Payment Act, which examines incentives under Medicare hospital payments for prescribing of opioids relative to non-opioid alternatives and the ability to track and monitor opioid use through Medicare claims.

H.R. 5676, Stop Excessive Narcotics in our Retirement (SENIOR) Communities Protection Act, which extends the authority of Medicare Prescription Drug Plans to suspend payments pending an investigation of a credible allegation of fraud against the provider or supplier in the same manner already available under Medicare fee-for-service today.

H.R. 5788, Synthetics Trafficking and Overdose Prevention Act of 2018 (STOP Act of 2018), which requires the United States Postal Service to obtain advance electronic data on international mail shipments, which will allow U.S. Customs and Border Protection to target high-risk shipments – including those containing synthetic opioids – for inspection and seizure at the border.

The above bills included measures from many of the following pieces of legislation:

H.R. 5675, To amend title XVIII of the Social Security Act to require prescription drug plan sponsors under the Medicare program to establish drug management programs for at-risk beneficiaries.

H.R 4841, Standardizing Electronic Prior Authorization for Safe Prescribing.

H.R. 5676, Stop Excessive Narcotics in our Retirement (SENIOR) Communities Protection Act.

H.R.5684, Protecting Seniors from Opioid Abuse Act.

H.R. 5699, Hospital Opioid Solutions Toolkit (HOST) Act.

H.R . T 5686, Medicare Clear Health Options in Care for Enrollees (CHOICE) Act.

H.R. 5715, Strengthening Partnerships to Prevent Opioid Abuse Act.

H.R. 5716, Commit to Opioid Medical Prescriber Accountability and Safety for Seniors (COMPASS) Act.

H.R. 5723, Expanding Oversight of Opioid Prescribing and Payment Act.

H.R. 5718, Perioperative Reduction of Opioids (PRO) Act.

H.R. 5714, Education for Disposal of Unused (EDU) Opioids Act.

H.R. 5719, Reduce Overprescribing Opioids in Treatment (ROOT) Act.

H.R. 5725, Benefit Evaluation of Safe Treatment (BEST) Act.

H.R. 5722, Dr. Todd Graham Pain Management Improvement Act of 2018.

H.R. 5779, Promoting Quality of Care in Pain Management Act.

H.R. 5777, Centralized Opioid Guidance (COG) Act of 2018.

H.R. 5790, A bill to amend title XI of the Social Security Act to provide for clinical psychologist services models to be tested by the Center for Medicare and Medicaid Innovation, and for other purposes.

H.R. 5769, Expanding Access to Treatment Act of 2018.

H.R. 5080, A bill based on the Comprehensive Opioid Management and Bundled Addiction Treatment (COMBAT) Act of 2018.

H.R. 5778, Promoting Outpatient Access to Non-Opioid Treatments Act.

The sweeping legislation will significantly impact the responsibilities of providers prescribing opiates as well as impact the legal and illegal access of patients to these medications, treatment for opiate dependency, and reimbursement for opiate and other related care.

About the Author

Past Chair of the ABA Managed Care & Insurance Interest Group and, a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also has extensive health care reimbursement and insurance experience advising and defending health care providers, payers, and others about Medicare, Medicaid, Medicare and Medicaid Advantage, Tri-Care, self-insured group, association, individual and group and other health benefit programs and coverages including but not limited to advising public and private payers about coverage and program design and documentation, advising and defending providers, payers and systems and billing services entities about systems and process design, audits, and other processes; provider credentialing, and contracting; providers and payer billing, reimbursement, claims audits, denials and appeals, coverage coordination, reporting, direct contracting, False Claims Act, Medicare & Medicaid, ERISA, state Prompt Pay, out-of-network and other nonpar insured, and other health care claims, prepayment, post-payment and other coverage, claims denials, appeals, billing and fraud investigations and actions and other reimbursement and payment related investigation, enforcement, litigation and actions.

For more information about Ms. Stamer or experience publications, speaking, public advocacy or other involvements, see here or contact Ms. Stamer via telephone at (469) 767-8872 or via e-mail here.

About Solutions Law Press, Inc.™

Leave a Comment » | Academic medicine, Anethesiology, billing, Centers For Disease Control, Controlled Substances, Corporate Compliance, DEA, Doctor, drug treatment, E-Prescribing, FDA, Health Care, Health Care Finance, Health Care Provider, Health Care Quality, Health Care Reform, Health Plan, Health Plans, HHS, Hospice, Hospital, hospitals, Laws, Medicaid, Medical Malpractice, Medical Records, Medicare, Medicare Advantage, Medicare Prescription Drug Program, Mental Health, Mental Heatlh, Opiates, pain management, Pharmacy, Physician, Prescription Drugs, Psychiatric, Reimbursement, Substance Abuse, substance abuse treatment, Uncategorized, Wellness | Permalink
Posted by Cynthia Marcotte Stamer

Record $16M HIPAA Sanction Shows Need For Current Enterprise Risk Assessment; ONC/OCR Share New Tool To Help HIPAA Covered Entities Comply

October 17, 2018

Following on the heels of Monday’s announcement that Anthem, Inc. is paying a record setting $16 million to resolve charges its violations of the enterprise risk assessment and other requirements of the Health Insurance Portability & Accountability Act (HIPAA) Security Rule allowed cybercriminals to breach the electronic protected health information (ePHI) of more than 79 million patients, physicians and other health care providers, health plans and health insurers, health care clearinghouses (covered entities) and their service providers acting as their business associates (business associates) (hereafter collectively “HIPAA Entities”) should reconfirm their own and their business associates’ compliance with the HIPAA Security Rule’s enterprise risk assessment and other ePHI security requirements.

When conducting these assessments, HIPAA Entities generally will want to ensure that their new enterprise risk assessment documents their consideration of the newly updated Security Risk Assessment (SRA) Tool jointly announced yesterday (October 16, 2018) by the Department of Health & Human Services (HHS) Office of the National Coordinator for Health Information Technology (ONC) and OCR, lessons shared in OCR’s $16 million Anthem, Inc. resolution agreement, $5.55 million resolution agreement with Memorial Healthcare System and other OCR HIPAA resolution agreements, civil monetary penalty assessments and other Security Rule guidance, as well as other emergent internal and external data suggesting potential susceptibilities of their own systems and data to breach or loss.

HIPAA Entities are reminded that HIPAA requires that all HIPAA covered entities and business associates to conduct an accurate and thorough assessment of the potential risks and vulnerabilities to the confidentiality, integrity, and availability of electronic protected health information held by their organization. Any HIPAA Entity that hasn’t already conducted a recent, appropriately documented enterprise wide risk analysis or updated their analysis in response to changes in equipment, vendors or emerging threats and developments should do so as soon as possible.

HIPAA’s requirement that HIPAA entities conduct and maintain an appropriately comprehensive and timely updated enterprise-wide risk analysis of potential security threats to ePHI both an affirmative requirement of the HIPAA Security Rule and an indispensable process to help healthcare organizations understand their security posture to prevent, detect, respond to and mitigate potential legal, operational and reputational costs that commonly result when ePHI or other sensitive information is breached or destroyed.

The importance of HIPAA entities having and being able to produce in the event of a breach or OCR audit an up-to-date, comprehensively enterprise risk assessment and response plan cannot be overstated. Beyond OCR’s publication of extensive regulatory guidance and educational outreach discussing the responsibility to conduct and maintain documentation of appropriate enterprise risk assessments, virtually every announced HIPAA Security Rule civil monetary penalty assessment and other enforcement action identifies violation of the HIPAA Security Rule’s enterprise risk assessment requirements among the material transgressions committed and required to be corrected by HIPAA entities like Anthem, Inc. subjected to Security Rule enforcement.

The updated SRA Tool jointly released by OCR and ONC on October 16, 2018 further reinforces the importance of complying with the enterprise wide risk assessment requirement while simultaneously encouraging and facilitating compliance by small to medium sized health care practices. Particularly designed with an eye to helping health care providers that work as solo practitioners or in groups with 10 or less health care providers and their business associates identify risks and vulnerabilities to ePHI, OCR says the updated SRA Tool “provides enhanced functionality to document how such organizations can implement or plan to implement appropriate security measures to protect ePHI” and incorporates new features to make the tool “more user friendly.” New features OCR hopes will make the SRA tool more user friendly include:

Enhanced User Interface
Modular workflow with question branching logic
Custom Assessment Logic
Progress Tracker
Improved Threats & Vulnerabilities Rating
Detailed Reports
Business Associate and Asset Tracking
Overall improvement of the user experience

HIPAA Entities should take note, however, that as of its October 16, 2018 released date, the updated version of the SRA Tool currently is only available in Windows format. OCR has indicated that the OCR and ONC have not yet updated the OS iPad version of the previously published version of the SRA Tool. While the previous OS iPad version remains available at the Apple App Store exit disclaimer icon (search under “HHS SRA Tool”), HIPAA Entities that presently use or plan to use the OS iPad tool should consider comparing the prior tool against the updated Windows SRA Tool to verify the continued suitability of its continued use and any adjustments in understanding or application that might be warranted by these differences. Additionally, HIPAA Entities also should review the revised User Guide available on the SRA Tool’s website before starting the assessment.

While the SRA Tool provides valuable guidance to help HIPAA Entities to conduct their own enterprise wide risk assessment, HIPAA Entities should keep in mind that the responsibility to assess their enterprise wide risk and to update their security safeguards to respond to these risks is a continuous one. While using the SRA Tool is an excellent starting point for beginning this assessment, HIPAA Entities need to realize that OCR expects HIPAA Entities to tailor their assessments to identify and respond to the full range of risks and exposures to their ePHI and associated systems and to constantly reevaluate and adjust these assessments in response to emerging system and ePHI threats identified in the course of their operations as well as external developments suggesting previously unidentified or inadequately appreciated threats. Moreover, in addition to conducting the risk assessment, OCR regulatory guidance and guidance drawn from OCR’s civil monetary settlements resolution agreements and other enforcement and audit activities also make clear that in addition to conducting the enterprise wide risk analysis, HIPAA entities also need to be prepared to produce documentation that their organizations took appropriate and timely action to address the risks identified in the risk assessment in accordance with the HIPAA Security Rule.

In addition to mitigate their exposure to potentially substantial HIPAA civil monetary penalties for violating the HIPAA Security Rule, HIPAA Entities also should keep in mind the potential role that their conduct and maintenance of appropriately comprehensive enterprise wide security risk assessments can play in helping to mitigate other legal, financial, operational and reputational risks that commonly also arise along with the HIPAA exposures associated with a breach of HIPAA. In addition to HIPAA’s Security Rules for ePHI, HIPAA Entities typically also are subject to a hodgepodge of non-HIPAA statutory, regulatory and/or contractual obligations to safeguard patient, employee, business partners and other individual, financial, health, tax, peer review and credentialing, trade secrets and other confidential information against improper use, access, destruction or disclosure. Examples of such obligations include the privacy and data security rules of the Fair and Accurate Credit Transaction Act (FACTA), the Internal Revenue Code and other tax laws, federal and state consumer debt and information, electronic crime, data security and identity theft statutes; federal and state trade secret and intellectual property laws; and others, for which violations often equal or substantially exceed the civil monetary penalty liability that commonly arise under the HIPAA Security Rule. The experience of Anthem, Inc. illustrates this point. While the $16 million resolution payment that OCR announced Anthem, Inc. is paying to resolve its HIPAA civil monetary penalty exposures for allowing the breach of the ePHI of 79 million individuals, this payment reflects only a very small portion of the overall liability that Anthem, Inc. incurred from data breach that lead to this resolution payment. Anthem, Inc. also separately already reportedly also has paid more than $115 million to settle other statutory and contractual liabilities arising from the breach separate as well as substantial investigatory and defense costs in addition to the HIPAA liabilities settled under the resolution agreement announced Monday. Other HIPAA Entities subjected to HIPAA civil monetary penalties or paying resolution payments to OCR also typically also have incurred substantial non-HIPAA sanctions and settlements, as well as other defense, investigation, operational and reputational losses as a result of their breaches. HIPAA Entities should strive to ensure that their HIPAA enterprise wide risk assessment and compliance efforts are properly coordinated and administered to manage these overall risks and responsibilities in addition to their HIPAA-specific responsibilities and liabilities.

Because enterprise wide risk assessments and discussions of their structuring, scope and findings are likely to produce legally sensitive evidence, HIPAA Entities are encouraged to seek the advice of qualified and suitably experienced legal counsel about the advisability of conducting all or certain aspects of an enterprise wide risk analysis and their documentation of their risk evaluation and response to take advantage of possible attorney-client privilege, work-product or other evidentiary rules before or throughout the risk assessment and response process and deliberations.

About The Author

A practicing attorney and Managing Shareholder of Cynthia Marcotte Stamer, P.C, Cynthia Marcotte Stamer’s more than 30 years’ of leading edge work as an practicing attorney, author, lecturer and industry and policy thought leader have resulted in her recognition as a “Top” attorney in employee benefits, labor and employment and health care law.

Board certified in labor and employment law by the Texas Board of Legal Specialization, a Fellow in the American College of Employee Benefit Counsel, Scribe for the American Bar Association (ABA) Joint Committee on Employee Benefits (JCEB) Annual Agency Meeting with the Office of Civil Rights and a former JCEB Council Representative; former Chair of the ABA Health Law Section Managed Care & Insurance Interest Group; and past Chair, former Welfare Benefit Committee Co-Chair and current Fiduciary Responsibility Committee Co-Chair of the American Bar Association (ABA) RPTE Section Employee Benefits Group, former Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee, Ms. Stamer is recognized nationally and internationally for her practical and creative insights and leadership on HIPAA and other health care, managed care and insurance, and other employee benefit, human resources, and related antitrust, corporate, privacy and data security, tax and other internal controls, regulatory affairs and public policy concerns.

Ms. Stamer’s legal and management consulting work throughout her career has focused on helping organizations and their management use the law and process to manage people, process, compliance, operations and risk. Highly valued for her rare ability to find pragmatic client-centric solutions by combining her detailed legal and operational knowledge and experience with her talent for creative problem-solving, Ms. Stamer helps public and private, domestic and international health, insurance and financial security, and other businesses, governments, and other organizations and their leaders manage their employees, vendors and suppliers, and other workforce members, customers and other’ performance, compliance, compensation and benefits, operations, risks and liabilities, as well as to prevent, stabilize and cleanup legal and operational crises large and small that arise in the course of operations.

In this respect, Ms. Stamer works with businesses and their management, employee benefit plans, governments and other organizations deal with all aspects of human resources and workforce, regulatory compliance and operational and performance management. She supports her clients both on a real time, “on demand” basis and with longer term basis to deal with daily performance management and operations, emerging crises, strategic planning, process improvement and change management, investigations, defending litigation, audits, investigations or other enforcement challenges, government affairs and public policy.

Well known for her extensive work with health care, insurance and other highly regulated entities on corporate compliance, internal controls and risk management, her clients range from highly regulated entities like employers, contractors and their employee benefit plans, their sponsors, management, administrators, insurers, fiduciaries and advisors, technology and data service providers, health care, managed care and insurance, financial services, government contractors and government entities, as well as retail, manufacturing, construction, consulting and a host of other domestic and international businesses of all types and sizes.

As a key part of this work, Ms. Stamer uses her deep and highly specialized health, insurance, labor and employment and other knowledge and experience to help health industry, insurance and financial services and other employers and other employee benefit plan sponsors; health, pension and other employee benefit plans, their fiduciaries, administrators and service providers, insurers, and others design legally compliant, effective compliance and internal controls, risk management, human resources and other workforce performance, discipline, compensation, employee benefits and related programs, products and arrangements.

In the course of this work, Ms. Stamer has accumulated an impressive resume of experience advising and representing clients on HIPAA and other privacy and data security concerns. The scribe for the American Bar Association (ABA) Joint Committee on Employee Benefits annual agency meeting with the Department of Health & Human Services Office of Civil Rights for several years, Ms. Stamer has worked extensively with health plans, health care providers, health care clearinghouses, their business associates, employer and other sponsors, banks and other financial institutions, and others on risk management and compliance with HIPAA and other information privacy and data security rules, investigating and responding to known or suspected breaches, defending investigations or other actions by plaintiffs, OCR and other federal or state agencies, reporting known or suspected violations, business associate and other contracting, commenting or obtaining other clarification of guidance, training and enforcement, and a host of other related concerns. Her clients include public and private health plans, health insurers, health care providers, banking, technology and other vendors, and others. Beyond advising these and other clients on privacy and data security compliance, risk management, investigations and data breach response and remediation, Ms. Stamer also advises and represents clients on OCR and other HHS, Department of Labor, IRS, FTC, DOD and other health care industry investigation, enforcement and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns. She also is the author of numerous highly acclaimed publications, workshops and tools for HIPAA or other compliance including training programs on Privacy & The Pandemic for the Association of State & Territorial Health Plans, as well as HIPAA, FACTA, PCI, medical confidentiality, insurance confidentiality and other privacy and data security compliance and risk management for Los Angeles County Health Department, ISSA, HIMMS, the ABA, SHRM, schools, medical societies, government and private health care and health plan organizations, their business associates, trade associations and others.

Ms. Stamer also is deeply involved in helping to influence the health care, workforce, insurance and financial services, employee benefit, privacy and data security and other federal, state and local laws, regulations and enforcement actions. She both helps her clients respond to and resolve emerging regulations and laws, government investigations and enforcement actions and helps them shape the rules through dealings with Congress and other legislatures, regulators and government officials domestically and internationally. A former lead consultant to the Government of Bolivia on its Social Security reform law and most recognized for her leadership on U.S. health and pension, wage and hour, tax, education and immigration policy reform, Ms. Stamer works with U.S. and foreign businesses, governments, trade associations, and others on workforce, social security and severance, health care, immigration, privacy and data security, tax, ethics and other laws and regulations. Founder and Executive Director of the Coalition for Responsible Healthcare Policy and its PROJECT COPE: the Coalition on Patient Empowerment and a Fellow in the American Bar Foundation and State Bar of Texas. She also works as a policy advisor and advocate to health, insurance and financial services, employee benefits and other business, professional and civic organizations.

Author of the thousands of publications and workshops these and other employment, employee benefits, health care, insurance, workforce and other management matters, Ms. Stamer also is a highly sought out speaker and industry thought leader known for empowering audiences and readers. Ms. Stamer’s insights on employee benefits, insurance, health care and workforce matters in Atlantic Information Services, The Bureau of National Affairs (BNA), InsuranceThoughtLeaders.com, Benefits Magazine, Employee Benefit News, Texas CEO Magazine, HealthLeaders, Modern Healthcare, Business Insurance, Employee Benefits News, World At Work, Benefits Magazine, the Wall Street Journal, the Dallas Morning News, the Dallas Business Journal, the Houston Business Journal, and many other publications. She also has served as an Editorial Advisory Board Member for human resources, employee benefit and other management focused publications of BNA, HR.com, Employee Benefit News, InsuranceThoughtLeadership.com and many other prominent publications. Ms. Stamer also regularly serves on the faculty and planning committees for symposia of LexisNexis, the American Bar Association, ALIABA, the Society of Employee Benefits Administrators, the American Law Institute, ISSA, HIMMs, and many other prominent educational and training organizations and conducts training and speaks on these and other management, compliance and public policy concerns.

Ms. Stamer also has a lifelong history of involvement with and service with a diverse range of professional, community and charitable organizations and causes including as founder and Executive Director of the Coalition for Responsible Health Care Policy and its PROJECT COPE: Coalition for Patient Empowerment; technical advisor to the National Physicians’ Council for Health Care Policy; a founding Board Member and President of the Alliance for Healthcare Excellence and its Patient Empowerment and Health Care Heroes Projects; a Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; the Board President of the early childhood development intervention agency, The Richardson Development Center for Children; a member of the Dallas United Way Long Range Planning Committee; as well as leadership involvement in the ABA Joint Committee on Employee Benefits Council, the North Texas Healthcare Compliance Professionals Association; the ABA RPTE Employee Benefits & Other Compensation Committee, the ABA Health Law Section, the ABA International Section Life Sciences Committee, and the ABA TIPS Employee Benefit Committee; TEGE Coordinator of the Gulf Coast TEGE Council TE Division; Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee; a member of the Board of Directors of the Southwest Benefits Association; Dallas, Regional and State BACPAC Chair of the Texas Association of Business; SHRM Regional Chair and National Advisory Board Chair; WEB Network of Benefits Professionals National and Dallas Boards; as a contributing author and the Advisory Board member of the BNA EBCD CD, InsuranceThoughtLeadership.com, HR.com, Employee Benefit News, and many other publications and as chair or planning faculty of a multitude of symposia.. For additional information about Ms. Stamer, see www.cynthiastamer.com, or contact Ms. Stamer via email here or via telephone to (214) 452.8297.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also may be interested reviewing other Solutions Law Press, Inc.™ resources at www.solutionslawpress.com such as:

Leave a Comment » | Ambulatory care, Anethesiology, Cyber crime, data breach, Doctor, Electronic Medical Records, Employer, ERISA, FACTA, Fiduciary Responsibility, Health Care, Health care coding, Health Care Finance, Health Care Fraud, Health Care Provider, Health Care Quality, Health Care Qulity, health care reimbursement, Health Insurance, Health Insurance Exchange, Health IT, Health Plan, healthcare, HHS, HIPAA, HIPAA Cyber Crime, HITECH Act, Home Health, home health, Hospital, Indian Health, Uncategorized | Permalink
Posted by Cynthia Marcotte Stamer

Record $16M Anthem HIPAA Settlement Signals Need To Tighten HIPAA Compliance & Risk Management

October 16, 2018

Health care providers, managed care organizations, health plans and insurers, health care clearinghouses and their business associates should study and learn from the just announced, record-setting $16 million resolution agreement between health insurance giant, Anthem, Inc. and the Department of Health & Human Services Office of Civil Rights (OCR). The resolution agreement resolves OCR charges that Anthem, Inc.’s violations of the Health Insurance Portability & Accountability Act (HIPAA) Privacy and Security Rules exposed the electronic protected health information (ePHI) of almost 79 million people. In addition to reviewing the adequacy of their own HIPAA privacy and security practices, health care providers, health plans, their employer and union sponsors and fiduciaries also should consider assessing the advisability of tightening their business associate and other agreements with health insurers, third party administrative services providers and other vendors in light of the resolution agreement and practical experiences with the fallout of the Anthem breach to better position themselves to assess and enforce HIPAA compliance, receive notice and respond in the event of an insurer or other vendor breach and mitigate financial costs and liabilities resulting from breaches or other compliance deficiencies.

Anthem’s Record Setting Breach & Resolution Agreement

The settlement agreement announced October 15, 2018 by OCR requires Anthem, Inc. to pay a $16 million resolution payment to OCR and take a series of corrective actions to resolve HIPAA liabilities to OCR for allowing the largest known U.S. health data breach in history in 2015.

The record $16 million resolution payment eclipses the prior record resolution payment of $5.55 million Memorial Healthcare System (MHS) paid OCR to settle HIPAA charges in 2016.

An independent licensee of the Blue Cross and Blue Shield Association and one of the nation’s largest health benefits companies, Anthem provides medical care coverage to one in eight Americans through its affiliated health plans. The breach that resulted in the settlement agreement affected ePHI Anthem maintained for its affiliated health plans including many employer or union sponsored self-insured and insured group health plans and other HIPAA-covered entity health plans.

On March 13, 2015, Anthem filed a breach report with the HHS Office for Civil Rights that disclosed that Anthem discovered on January 29, 2015 that cyber-attackers had gained access to and engaged in continuous and targeted cyberattack on Anthem’s IT system for the apparent purpose of extracting data, otherwise known as an advanced persistent threat attack. After filing its breach report, Anthem discovered cyber-attackers had infiltrated their system through spear phishing emails sent to an Anthem subsidiary after at least one employee responded to the malicious email and opened the door to further attacks. OCR’s investigation revealed that between December 2, 2014 and January 27, 2015, the cyber-attackers stole the ePHI of almost 79 million individuals, including names, social security numbers, medical identification numbers, addresses, dates of birth, email addresses, and employment information.

In addition to the impermissible disclosure of ePHI, OCR’s investigation revealed that Anthem failed to conduct an enterprise-wide risk analysis, had insufficient procedures to regularly review information system activity, failed to identify and respond to suspected or known security incidents, and failed to implement adequate minimum access controls to prevent the cyber-attackers from accessing sensitive ePHI, beginning as early as February 18, 2014.

Beyond the consequences for the millions of individuals whose ePHI was disclosed through the breach, the breach also triggered responsibilities and concerns for heath care providers who contracted to provide care or services to Anthem plan members, fiduciaries and sponsors of the employer and union-sponsored group health plans administered or insured by Anthem. Health care providers and their patients were forced to deal with the fall out of having patient data exposed in the breach. In addition sponsors and fiduciaries of private sector employer or union sponsored plans struggled to obtain information and cooperation from Anthem necessary to evaluate and fulfill their health plans’ HIPAA obligations as well as the fiduciary responsibility requirements of the Employee Retirement Income Security Act (ERISA).

In addition to the $16 million settlement that Anthem is paying to resolve OCR’s HIPAA charges stemming from the breach, the OCR settlement agreement also requires Anthem to undertake a robust corrective action plan to comply with the HIPAA Rules.

In addition to the $16 million paid under the OCR resolution agreement, anthem already has paid more than $115 million to settle lawsuits arising out of the breach under other laws.

Anthem Follows On Other Recent Enforcement

The record setting Anthem resolution agreement is notable in part as one of the few high dollar settlement agreements involving a health plan. To date, the overwhelming majority of HIPAA enforcement actions have involved health care providers.

Rgeardless of the category of the covered entity involved, however, the Anthem settlement again drives home the risks health care providers, health plans and other covered entities and their business associates run for lax HIPAA compliance and risk management. The latest in the growing list of high dollar HIPAA settlements OCR has collected from health care provider and other covered entities including the $999,0000 in settlement payments OCR announced on September 20, 2018 that Boston Medical Center (BMC), Brigham and Women’s Hospital (BWH), and Massachusetts General Hospital (MGH) paid for putting publicity before patient privacy by allowing ABC News documentary film crews to film patients and access other patient information for a news documentary without obtaining prior patient authorization under three settlement agreements.

Act To Manage Compliance & Risks

Unquestionably, health care providers, other health insurers, employer, union and association sponsored group health plans, and their vendors and business associates should evaluate the adequacy and defensibility of their own health plan privacy and security practices in light of the Anthem breach and resolution agreement. In addition, employer, union or association health plan sponsors, administrative service providers and fiduciaries also should consider the advisability of strengthening their business associate agreements with insurers, third party administrators and other health plan service providers to incorporate safeguards, audit, oversight or other provisions and practices to help prudently monitor potential risks and improve their ability to receive timely notice, respond to, and preserve rights of recourse against insurers or other vendors in the event of a breach or other deficiency.

Since Covered Entities also are likely to be subject to other statutory, ethical, contractual or other privacy or confidentiality requirements beyond those imposed by the Privacy Rule, most Covered Entities also will want to consider and take steps to identify and address other potential legal or ethical responsibilities such as medical confidentiality duties applicable to physicians and other health care providers under medical ethics, professional licensure or other similar rules, contractual responsibilities, as well as common law privacy or other related exposures when conducting this review. Additionally, most Covered Entities also will want to take into account and manage their potential exposure to privacy, theft of likeness or other intellectual property, or other statutory or common law tort or contractual claims that might attached to the unauthorized filming, photographing, or surveillance of individuals under federal or state common or statutory laws.

Since this analysis and review in most cases will result in the uncovering or discussion of potentially legally or politically sensitive information, Covered Entities should consider consulting with or engaging experienced legal counsel for assistance in structuring and executing these activities to maximize their ability to claim attorney-client privilege or other evidentiary protections against discovery or disclosure of certain aspects of these activities.

Finally, Covered Entities should keep in mind that HIPAA compliance and risk management is an ongoing process requiring constant awareness and diligence. Consequently, Covered Entities should both monitor OCR and other regulatory and enforcement developments as well as exercise ongoing vigilance to monitor and maintain compliance within their organizations.

About The Author

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also may be interested reviewing other Solutions Law Press, Inc.™ resources at www.solutionslawpress.com such as:

Leave a Comment » | Health Care, Health Care Provider, Health Care Quality, Health Care Qulity, HIPAA, HIPAA Cyber Crime, Medical Privacy, Privacy, Rural Health Care, Uncategorized, Veterans Health Care | Permalink
Posted by Cynthia Marcotte Stamer

Comments Due Tomorrow (10/17) On ONC Request for Information (RFI) for Input on EHR Reporting Program

October 16, 2018

Comments are due tomorrow on the Department of Health & Human Services Office of the National Coordinator’s (ONC’s) Electronic Health Record (EHR) Reporting Program Request for Information (RFI).

Section 4002(c) of the 21st Century Cures Act requires HHS to establish the program which provides publically available, comparative information on certified health IT. ONC recently issued an RFI for the public to share their views on the components of the EHR Reporting Program, and to provide feedback that will inform the development of EHR Reporting Program criteria and processes as required by the Cures Act.

ONC encourages stakeholders to provide their comments through the online submission process available on the Federal Register. Comments are due at 5:00pm ET tomorrow, October 17, 2018. Interested persons may submit their comments here

About The Author

A practicing attorney and health industry consultant and policy advocate, Cynthia Marcotte Stamer’s more than 30 years’ of leading edge work as an practicing attorney, author, lecturer and industry and policy thought leader have resulted in her recognition as a “Top” attorney in employee benefits, labor and employment and health care law.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also may be interested reviewing other Solutions Law Press, Inc.™ resources at www.solutionslawpress.com such as:

Congress Set To Pass Opiate Addition Crisis Bill

September 26, 2018

Legislation targeting opiate addition crisis in the United States is heading to President Trump for signature.

Yesterday (September 25, 2018), House and Senate leaders reached an agreement on the reconciliation of differences in versions of legislation passed in the House and Senate targeting opiate and other drug addition crisis.

The Opiate Crisis

Opiate addition increasingly is recognized as one of the leading and most costly social and financial challenges in the U.S.

The misuse of and addiction to opioids—including prescription pain relievers, heroin, and synthetic opioids such as fentanyl—is considered a serious national crisis that affects public health as well as social and economic welfare.

according to the National Institutes of Health (NIH), more than 115 people in the United States die after overdosing on opioids every day.

The Centers for Disease Control and Prevention estimates that the total “economic burden” of prescription opioid misuse alone in the United States is $78.5 billion a year, including the costs of healthcare, lost productivity, addiction treatment, and criminal justice involvement.

Concern about the addiction crisis prompted President Trump to make addressing the opiate epidemic a key Administration priority and reform efforts generally enjoy widespread bipartisan support with Congress.

The Bill

In June, the House passed H.R. 6, the SUPPORT for Patients and Communities Act by a vote of 396-14. On September 17th, the Senate passed the Opioid Crisis Response Act of 2018 by a vote of 99-1.

The bipartisan, bicameral agreement allows the final legislation negotiated through the reconciliation process, the “Substance Use–Disorder Prevention that Promotes Opioid Recovery and Treatment for Patients and Communities Act” more commonly referred to as the ‘‘SUPPORT for Patients and Communities Act’’ to move swiftly through both chambers of congress and to the president’s desk.

Among other things, the Bill:

Expands opiate addition treatment coverage, requires added utilization management and oversight for coverage of opiate prescriptions and makes other changes to opiate-related Medicare and federal rules, including adding requirements for automatic escalation to external review under a Medicare part D drug management program for at-risk beneficiaries and suspension of payments by Medicare prescription drug plans and MA–PD plans pending investigations of credible allegations of fraud,
Requiring expanded coverage and Clains reporting about by healthcare payers including requiring reporting by group health plans of prescription drug coverage information for purposes of identifying primary payer situations under the Medicare program,

Modifies provisions regarding electronic prescriptions and post-surgical pain management,
Requires prescription drug plan sponsors to establish drug management programs for at-risk beneficiaries,
Establishes and expands programs to support increased detection and monitoring of fentanyl and other synthetic opioids,
Increases the maximum number of patients that health care practitioners may initially treat with medication-assisted treatment (i.e., under a buprenorphine waiver),
Clarifies FDA regulation of non-addictive pain products.
Requires the FDA to develop and implement guidelines for opiate prescribing and new safety-enhancing packaging,
Targets illegal distribution with new notification, nondistribution, and controlled substances recall rules, expanding controls on illegal importation, and strengthening FDA and CBP coordination and capacity
Creating or expanding a plethora of social, treatment, oversight and other programs and services.

Read the full text of the legislation here. For more information about the Bill or its effects, contact the author.

About the Author

Past Chair of the ABA Managed Care & Insurance Interest Group and, a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also has extensive health care reimbursement and insurance experience advising and defending health care providers, payers, and others about Medicare, Medicaid, Medicare and Medicaid Advantage, Tri-Care, self-insured group, association, individual and group and other health benefit programs and coverages including but not limited to advising public and private payers about coverage and program design and documentation, advising and defending providers, payers and systems and billing services entities about systems and process design, audits, and other processes; provider credentialing, and contracting; providers and payer billing, reimbursement, claims audits, denials and appeals, coverage coordination, reporting, direct contracting, False Claims Act, Medicare & Medicaid, ERISA, state Prompt Pay, out-of-network and other nonpar insured, and other health care claims, prepayment, post-payment and other coverage, claims denials, appeals, billing and fraud investigations and actions and other reimbursement and payment related investigation, enforcement, litigation and actions.

For more information about Ms. Stamer or experience publications, speaking, public advocacy or other involvements, see here or contact Ms. Stamer via telephone at (469) 767-8872 or via e-mail here.

About Solutions Law Press, Inc.™

Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.

Leave a Comment » | Anethesiology, billing, Border Health, Centers For Disease Control, Consumer Driven Health Care, Controlled Substances, Doctor, drug treatment, E-Prescribing, Electronic Health Records, Employee Benefits, Employer, ERISA, Evidence Based Medicine, Health Care, Health Care Finance, Health Care Fraud, Health Care Provider, health care reimbursement, Health IT, Health Plan, Health Plans, home health, Hospital, managed care, Medicaid, Medical Malpractice, Medical Records, Medicare, Medicare Advantage, Medicare Prescription Drug Program, Mental Heatlh, Opiates, Outpatient, pain management, Pharmacy, Physician, Physician Licensing, Prescription Drugs, Reimbursement, Substance Abuse, substance abuse treatment, Uncategorized, Veterans Health Administration | Permalink
Posted by Cynthia Marcotte Stamer

$999K Price Hospitals Pay To Settle HIPAA Privacy Charges From Allowing ABC To Film Patients Without Authorization

September 21, 2018

With New Settlements, OCR Collections From HIPAA Covered Entities For Improperly Allowing Filming Or Other PHI Disclosures To Media Now Exceed $3 Million

$999,0000 is the collective price tag paid by Boston Medical Center (BMC), Brigham and Women’s Hospital (BWH), and Massachusetts General Hospital (MGH)(collectively, the “Hospitals”) for putting publicity before patient privacy by allowing ABC News documentary film crews to film patients and access other patient information for a news documentary without obtaining prior patient authorization under three settlement agreements with the Hospitals just announced by the Department of Health and Human Services (HHS) Office of Civil Rights (OCR).

On Thursday, September 20, 2018, OCR announced the three Hospitals collectively have paid a total of $999,000 to settle OCR charges that each Hospital separately violated each violated patients’ Health Insurance Portability & Accountability Act (HIPAA) privacy rights by allowing ABC television documentary film crews to observe and film patients and otherwise access to patient’s protected health information (“PHI”) without prior HIPAA-compliant patient authorization. The payments were made under three separate settlement agreements between OCR and each respective Hospital made public by OCR in connection with the September 20, 2018 announcement stemming from the Hospital’s allowing ABC film crews to film in patient treatment and other areas for the ABC medical documentary “Save My Life: Boston Trauma” series.

Considered in conjunction with OCR’s April 16, 2016 announcement of its $2.2 million HIPAA settlement (NY-Presby Settlement) with New York-Presbyterian Hospital for allowing film crews from the “NY Med” television series to film patients and OCR’s concurrently-published 2016 Frequently Asked Question (Media FAQ) addressing Covered Entities’ responsibilities when dealing with the media, the three newly-announced settlement agreements drive home the need for physicians, hospitals and other health care providers, health plans, health care clearinghouses and their business associates (“Covered Entities”) to protect patients and their PHI against unauthorized filming, photography, observation and other access by news or other media or even other staff, patients or visitors. With OCR now having collected nearly $3 million in settlement proceeds from 4 separate providers for violating these rules, all Covered Entities should review and tighten their current policies, practices and staff training regarding media access and relations, filming and photographing of patients and patient information within their facilities and other HIPAA compliance to reduce the potential that their organizations will fall subject to similar enforcement by OCR.

Media FAQ Highlights Duty To Protect Patients Against Unauthorized Filming, Photography & Other PHI Disclosures By Media, Others

OCR specifically alerted Covered Entities about their responsibility to safeguard patients and their PHI in dealings with the media in the Media FAQ OCR published in connection with its 2016 announcement of its $2.2 million settlement with New York-Presbyterian Hospital.

Among other things, the Media FAQ states that HIPAA prohibits health care providers and other Covered Entities from inviting or allowing media personnel into treatment or other areas where patients or patient PHI will be accessible in written, electronic, oral, or other visual or audio form, or otherwise making PHI accessible to the media without prior written authorization from each patient or other subject of the PHI who is or will be in the area or whose PHI otherwise will be accessible to the media except in a very limited set of circumstances set forth in the Media FAQ.

The Media FAQ also states, “It is not sufficient for a health care provider to request or require media personnel to mask the identities of patients (using techniques such as blurring, pixilation, or voice alteration software) for whom an authorization was not obtained, because the HIPAA Privacy Rule does not allow media access to the patients’ PHI, absent an authorization, in the first place.

In addition, the Media FAQ states that a health care provider also must ensure that reasonable safeguards are in place to protect against impermissible disclosures or to limit incidental disclosures of other PHI that may be in the area but for which an authorization has not been obtained.

Concerning the limited circumstances when a health care provider or other Covered Entity or business associate may disclose to the media or allow unconsented filming, photographing or use of PHI to the media or other film crews, the Media FAQ also clarifies that the HIPAA Privacy Rule does not require health care providers to prevent members of the media from entering areas of their facilities that are otherwise generally accessible to the public like public waiting areas or areas where the public enters or exits the facility.

In addition, the Media FAQ states a health care provider or other Covered Entity may:

Disclose limited PHI about the incapacitated patient to the media in accordance with the requirements of 45 C.F.R. 164.510(b)(1)(ii) when, in the hospital’s professional judgment, doing so is in the patient’s best interest; or
Disclose a patient’s location in the facility and condition in general terms that do not communicate specific medical information about the individual to any person, including the media, without obtaining a HIPAA authorization where the individual has not objected to his information being included in the facility directory, and the media representative or other person asks for the individual by name as specified in 45 C.F.R. 164.510(a).

The Media FAQ also discusses circumstances where a healthcare provider or other Covered Entity may use the services of a contract film crew to produce training videos or public relations materials on the provider’s behalf if the provider ensures that the film crew acting as a business associate enters into a HIPAA compliant business associate agreement with the Covered Entity which among other things ensures that the film crew will safeguard the PHI it obtains, only use or disclose the PHI for the purposes provided in the agreement, and return or destroy any PHI after the work for the health care provider has been completed as required by 45 C.F.R. 164.504(e)(2). The Media FAQ also states that as a business associate, the film crew must comply with the HIPAA Security Rule and a number of provisions in the Privacy Rule, including the Rule’s restrictions on the use and disclosure of PHI. In addition, the Media FAQ reminds Covered Entities and business associates of the need to obtain prior authorizations from patients whose PHI is included in any materials before any of those materials are posted online, printed in brochures for the public, or otherwise publicly disseminated.

Finally, the Media FAQ states Covered Entities can continue to inform the media of their treatment services and programs so that the media can better inform the public, provided that, in doing so, the covered entity does not share PHI with the media.

4 High Dollar HIPAA Settlements HIPAA Sanctions Covered Entities Risk By Allowing Improper Media & Other Recording, Use Or Access To PHI

The nearly $3 million in total settlement payments collected under the original 2016 NY-Presby Settlement and three additional settlement agreements announced by OCR on September 20, 2018 collectively make clear that health care providers or other Covered Entities risk substantial sanctions from OCR for allowing television or other media to film or access patients or their PHI without first obtaining a HIPAA-compliant authorization from the patient.

$2.2 Million NY-Presby Settlement

OCR originally made clear that its intention that other Covered Entities learn from the NY- Presbyterian experience in its April 21, 2016 announcement of the Resolution Agreement. The announcement quoted OCR Director Jocelyn Samuels as stating, “This case sends an important message that OCR will not permit covered entities to compromise their patients’ privacy by allowing news or television crews to film the patients without their authorization.”

Of course, even without then OCR Director Samuel’s warning, the $2.2 million settlement amount OCR required NY-Presbyterian Hospital to pay under the NY-Presby Resolution Agreement alone strongly signaled OCR’s willingness to harshly sanction health care providers and other Covered Entities for putting media coverage before patients.

According to the NY-Presby Resolution Agreement, OCR’s investigation revealed that NY-Presbyterian “blatantly” violated HIPAA when it allowed ABC film crews and staff virtually unfettered access to its health care facility. OCR says the access NY-Presbyterian allowed ABC effectively created an environment where patients PHI could not be protected from impermissible disclosure to the ABC film crew and staff filming the episode. While the Resolution Agreement reflects allowing the filming and other access to ABC without prior HIPAA-compliant authorization from patients in the facility itself violated HIPAA, OCR also particularly found “egregious” the facility allowing ABC film crews and staff to film a dying patient and another patient in significant distress without first obtaining a HIPAA-compliant authorization from each of those patients and even more so that NY-Presbyterian failed stop the filming even after a medical professional urged the crew to stop.

Based on its investigation, OCR charged NY-Presbyterian with violating 45 C.F.R. §§ 164.502(a) and 164.530(c) by:

Impermissibly disclosing the PHI of two identified patients to the film crew and other staff of “NY Med”; and
Failing appropriately and reasonably to safeguard its patients’ PHI from disclosure during the filming of “NY Med” on its premises; and
Failing to implement policies, procedures and practices to protect the privacy of its filming of aforementioned television show.
BMC Settlement Agreement

The circumstances that resulted in the three resolution agreements announced on September 20, 2018 are strikingly similar to those underlying the NY-Presby Resolution Agreement. Notably, the investigations that resulted in the three settlement agreements all arose out of the respective Hospital’s permitting an ABC documentary film crew filming a medical documentary to access patient areas of their hospitals. OCR’s investigation of MGH arose in response to an announcement about the impending filming on its website while OCR’s investigations of BMC and BWH started in response to a January 12, 2015 Boston Globe article that reported the Hospitals each separately had allowed ABC film crews filming a documentary to access PHI and film patients without obtaining patient authorization. See Boston Medical Center Resolution Agreement (BMC Settlement Agreement); Brigham and Women’s Hospital Resolution Agreement (BWH Settlement Agreement); and Massachusetts General Hospital Resolution Agreement (MGH Resolution Agreement)

The MGH Resolution Agreement reflects that OCR’s investigations began with an investigation of MGH on December 17, 2014 based on a news story posted to MGH’s website on October 3, 2014, indicating that ABC News would be filming a medical documentary program at MGH. The MGH Resolution Reports that the investigation revealed that before allowing the filming between October 2014 to January 2015, MGH reviewed and assessed patient privacy issues related to the filming and implemented various protections regarding patient privacy, including providing the ABC film crew with the same HIPAA privacy training received by MGH’s workforce.

Information contained in the respective settlement agreements reflect that OCR’s investigations of BMC and BWH began about a month later on January 25 and 26, 2015 respectively in response to the Boston Globe article. The BWH Settlement Agreement states that the BWH investigation revealed that like MGH, BWH reviewed and assessed patient privacy issues related to the filming and implemented various protections regarding patient privacy, including providing the ABC film crew with the same HIPAA privacy training received by BWH’s workforce before allowing the filming by the ABC film crew that occurred between October 2014 to January 2015. The BMC Settlement Agreement does not state that OCR found BMC engaged in similar deliberations or undertook the same or other efforts to safeguard patients and their PHI.

The BMC Settlement Agreement reports that the OCR concluded based on the BMC investigation showed that BMC impermissibly disclosed PHI of patients to ABC employees during the production and filming of a television program at BMC in violation of HIPAA. Meanwhile, while acknowledging the privacy deliberations and efforts undertaken at MGH and BWH, OCR also concluded that each of those organizations also violated HIPAA because in allowing the film crew access and to film patients and patient areas:

The timing at which they obtained patient authorizations showed MGH and BWH impermissibly disclosed the PHI of patients to ABC employees during the production and filming of a television program at BWH; and
Despite the various patient privacy protections that were put in place, MGH and BWH failed to appropriately and reasonably safeguard its patients’ PHI from disclosure during a filming project conducted by ABC on its premises in 2014 and January 2015.

To resolve potential HIPAA violations, BMC has paid OCR $100,000, BWH has paid OCR $384,000, and MGH has paid OCR $515,000. In addition, each Hospital agreed to provide workforce training as part of a corrective action plan that will include OCR’s guidance on disclosures to film and media in the 2016 Media FAQ.

OCR To Covered Entities: Prevent Unauthorized Filming, Photography & PHI Access & Disclosures To Media, Other Third Parties

Given the clear warnings communicated by OCR in its Media FAQ and September 20, 2018 and NY-Presby Settlements, all Covered Entities should take steps to verify that their current policies, practices and training are appropriately designed and administered to ensure their ability to demonstrate compliance with OCR’s interpretation of the Privacy Rule as prohibiting health care providers or other Covered Entities from allowing film or media to film, photograph or even access areas where patients or their PHI are accessible or otherwise disclosing PHI to members of the media without first obtaining a HIPAA-compliant authorization from each patient whose presence or PHI could be observed, recorded or otherwise accessed.

When considering the adequacy of their current policies, practices and training concerning filming, photography and other access and disclosure to patients, patient treatment areas and other PHI, Covered Entities should resist the temptation to read the Media FAQ and media settlement agreements as relevant only to their policies concerning filming, photography and PHI access by members of the media. In this respect, it bears noting that the NY-Presby Settlement expressly required NY-Presbyterian as part of its required corrective action to adopt and enforce policies requiring that “all photography, video recording and audio recording conducted on NY-Presbyterian premises” be reviewed, preapproved and actively monitored by appropriate NY-Presbyterian representatives for compliance with the Privacy Rule and NY-Presbyterian’s policies. This requirement to adopt and administer appropriate safeguards to control filming or photography and other access to patients and their PHI generally, rather than just by the media, reflects a recognition by OCR that HIIPAA’s requirement that Covered Entities secure prior HIPAA-compliant authorization before allowing others to access or disclosing PHI to others applies to access or disclosure to “any third party not involved in patient care,” not merely those to media or film crews. Consequently, Covered Entities also should consider the implications of the guidance shared in the Media FAQ and media settlement agreements on the adequacy and defensibility of their current policies, practices and training about filming, photographing, or other access or disclosure to patients, patient treatment areas and PHI by any party within their facilities and organizations.

When evaluating these responsibilities and risks, Covered Entities are encouraged not only to take into account potential risks from filming, photographs or other access to patients or patient treatment or recordkeeping areas by third-parties unaffiliated with their organizations as well as filming, photographs and other access by staff, employees or business associates within their facilities. Covered Entities should take steps to monitor and properly restrict and protect any filming, photography or other observations, records or other access to patients or their information by individuals within their workforce, as well as to regulate the access and activities of unrelated third parties. In this respect, Covered Entities are cautioned about the need to prohibit and enforce restrictions against members of their workforce using their own personal devices or other equipment to film, photograph, and copy or disseminate photographs, film, recordings or other records or data that qualifies as or contains PHI without authorization in accordance with established protocols. Covered Entities should ensure that their policies and training make clear that these prohibitions apply whether or not the workforce member believes that identity of the patient or patient information is concealed or otherwise not discoverable. Moreover, even with respect to photographs, films or other recordings or records legitimately created for treatment, payment or operations purposes, Covered Entities generally need to take steps to restrict use, access and disclosure of the photographs or other recordings to individuals legitimately involved in patient treatment, operations, payment or other activities allowed by the Privacy Rule and to safeguard those materials against use, access or disclosure to others within or outside their workforce except as allowed by HIPAA and other applicable law. .

As part of these activities, Covered Entities should consider conducting a well-documented assessment of their current policies, practices and workforce training on allowing media or other parties to enter, film, photograph or record within their facilities or otherwise disclosing or allowing media access to their facilities as well as their policies about when parties not involved in care of a particular patient can film, photograph, or otherwise record, observe or access areas where patients or patient PHI is or might be present without prior written consent of the patient.

About The Author

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also may be interested reviewing other Solutions Law Press, Inc.™ resources at www.solutionslawpress.com such as:

OCR Issues HIPAA Privacy Rule Relief About Sharing Medical Information, Shares Guidance to Help Ensure Equal Access to Emergency Services During Hurricane Florence

September 13, 2018

In preparation of Hurricane Florence making landfall, the Department of Health and Human Service (HHS) Office for Civil Rights (OCR) has issued guidance:

To help ensure appropriate sharing of medical information during Hurricane Florence; and
To help ensure individuals with disabilities, limited English language proficiency (LEP) and other special needs are properly addressed.

Sharing of Medical Information During Hurricane Florence

In anticipation of Hurricane Florence making landfall, HHS Secretary Alex Azar on September 12, 2018 issued a declaration of a Public Health Emergency (PHE) that temporarily waives sanctions and penalties under the following requirements of the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule that otherwise would prohibit covered hospitals in North Carolina, South Carolina, and Virginia from sharing protected medical information without a HIPAA-complaint authorization from the individual who is the subject of the information:

Requirements to obtain a patient’s agreement to speak with family members or friends involved in the patient’s care. See 45 CFR 164.510(b);
Requirement to honor a request to opt out of the facility directory. See 45 CFR 164.510(a)
Requirement to distribute a notice of privacy practices. See 45 CFR 164.520;
Patient’s right to request privacy restrictions. See 45 CFR 164.522(a); and
Patient’s right to request confidential communications. See 45 CFR 164.522(b).

This waiver applies only to hospitals in North Carolina, South Carolina and Virginia that have instituted a disaster protocol and only up to 72 hours from the time the hospital implements its disaster protocol or, if earlier, when the PHE declaration terminates. When the Presidential or Secretarial declaration terminates, a hospital must then comply with all the requirements of the Privacy Rule for any patient still under its care, even if 72 hours has not elapsed since implementation of its disaster protocol.

As explained in OCR’s Bulletin on Hurricane Florence, even without an emergency waiver, the Privacy Rule has several provisions that allow patient information to be shared to assist patients in receiving the care they need including during disasters. For example, the Privacy Rule permits covered entities to share information with loved ones for treatment purposes, for public health activities, and to prevent or lessen a serious and imminent threat to health or safety. The Privacy Rule also allows the sharing of information with individuals’ family, friends, and others involved in their care in emergency situations to ensure proper care and treatment.

In addition, when a health care provider is sharing information with disaster relief organizations that are authorized by law or by their charters to assist in disaster relief efforts, such as government relief agencies or entities like the American Red Cross, it is unnecessary to obtain a patient’s permission to share health information if doing so would interfere with the organization’s ability to respond to the emergency.

For information about how the HIPAA Privacy Rule applies in an emergency, visit OCR’S HIPAA Emergency Preparedness, Planning, and Response page or you may use the HIPAA Disclosures for Emergency Preparedness Decision Tool.

Proper Accommodation Of Needs Of At-Risk Populations

and other federal agencies are reminding emergency responders and other officials to be mindful of and take reasonable steps to ensure that all segments of the community including people with special needs and others at risk in an emergency receive an equal opportunity to benefit from emergency response efforts in all areas affected by Hurricane Florence in compliance with Federal civil rights laws and that the disaster management in the areas affected by Hurricane Florence is successful.

People with special needs and other at risk persons that may require special efforts may include:

Children
Elderly persons
Persons from diverse cultural origins
Persons including persons with cognitive, vision, hearing, speech, physical mobility or other physical or mental impairments that substantially limit one or more major life activities (“individuals with disabilities”)
A person who does not speak English as their primary language and who has a limited ability to read, write, speak, or understand English well (“Individuals with limited English proficiency” or “LEP”).
Persons who live in institutionalized settings
Persons who do not have access to transportation

To help meet the needs of these at-risk populations, OCR urges emergency responders and officials consider adopting, as circumstances and resources allow, the following practices to help make sure all segments of the community are served:

Employing qualified interpreter services to assist individuals with limited English proficiency and individuals who are deaf or hard of hearing during evacuation, response and recovery activities
Making emergency messaging available in languages prevalent in the area and in multiple formats, such as audio, large print, and captioning and ensuring that websites providing disaster-related information are accessible
Making use of multiple outlets and resources for messaging to reach individuals with disabilities, individuals with limited English proficiency, and members of diverse faith communities
Considering the needs of individuals with mobility impairments and individuals with assistive devices or durable medical equipment in providing transportation for evacuation
Identifying and publicizing accessible sheltering facilities that include accessible features, such as bathing, toileting, and eating facilities and bedding
Avoiding separating people from their sources of support, such as service animals, durable medical equipment, caregivers, medication and supplies
Stocking shelters with items that will help people to maintain independence, such as hearing aid batteries, canes, and walkers.

Guidance previously issued in response to Hurricane Harvey or other disasters also highlights the need for sensitivity to the rights of individuals with a disability to be accompanied by their service animals by the American Red Cross and other state, local, and nongovernmental organizations that operate shelters serving disaster survivors. Under civil rights law, these shelter providers generally are required to allow an individual with a disability to be accompanied by their service animal within the shelter. A service animal is not a pet and is therefore not subject to restrictions applied to pets or other animals (Rumor: Pets in Hotels (Transitional Sheltering Assistance)). The Department of Homeland Security (DHS) Office for Civil Rights and Civil Liberties (CRCL) provides assistance to Individuals with disabilities with service animal turned away from a disaster shelter. For more information about service animals under the Americans with Disabilities Act, see Frequently Asked Questions about Service Animals and the ADA and ADA Requirements: Service Animals.

OCR and FEMA also recognize the potential that concerned about potential immigration law enforcement may deter undocumented aliens impacted by the Hurricane from accepting or applying for disaster relief or assistance. OCR’s disaster emergency page states that FEMA will not proactively provide information gathered through these applications with ICE or CBP for immigration enforcement purposes; however, if a significant law enforcement interest exists (e.g. a national security case) for an individual whose information is contained therein, FEMA may share information with our law enforcement partners, within the Department of Homeland Security (DHS) per their request, in accordance with the intra-agency need to know exception to the general disclosure prohibition of the Privacy Act of 1974.

Other Resources and Tools

Emergency responders, health care providers and others responding to the needs of individuals impacted by Hurricane Florence also should review the other information and resources on recognizing and responding to the needs of Individuals with Disabilities, LEP individuals, and other at-risk individuals available on the HHS Emergency Management Page.

About the Author

Past Chair of the ABA Managed Care & Insurance Interest Group and, a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also has extensive health care reimbursement and insurance experience advising and defending health care providers, payers, and others about Medicare, Medicaid, Medicare and Medicaid Advantage, Tri-Care, self-insured group, association, individual and group and other health benefit programs and coverages including but not limited to advising public and private payers about coverage and program design and documentation, advising and defending providers, payers and systems and billing services entities about systems and process design, audits, and other processes; provider credentialing, and contracting; providers and payer billing, reimbursement, claims audits, denials and appeals, coverage coordination, reporting, direct contracting, False Claims Act, Medicare & Medicaid, ERISA, state Prompt Pay, out-of-network and other nonpar insured, and other health care claims, prepayment, post-payment and other coverage, claims denials, appeals, billing and fraud investigations and actions and other reimbursement and payment related investigation, enforcement, litigation and actions.

For more information about Ms. Stamer or experience publications, speaking, public advocacy or other involvements, see here or contact Ms. Stamer via telephone at (469) 767-8872 or via e-mail here.

About Solutions Law Press, Inc.™

Leave a Comment » | Uncategorized | Permalink
Posted by Cynthia Marcotte Stamer

Device Manufacturers & Health Care Providers Should Update Audits & Controls For New NIST Data Security Guidance

August 23, 2018

Medical device manufacturers whose physical devices include technology that allows them to connect to the internet or other electronic system to communicate with other devices or systems “connected medical devices”) and health care providers installing, providing or using these devices should check out the guidance on connected medical device security provided by the just released 375 page NIST Special Publication 1800-8 (Guidance) from the National Institute of Standards and Technology (NIST).

While the Guidance’s title of “Securing Wireless Infusion Pumps,” suggests a more narrow focus, the Guidance clearly can be read as relevant if not generally applicable to all connected medical devices.

Unlike prior medical devices that were once standalone instruments, today’s wireless infusion pumps and other connected medical devices transmit and/or connect to a variety of electronic health records (EHRs) and other healthcare systems, networks, and other devices. While this connectivity often helps improve certain healthcare delivery processes, a medical device’s connectivity capabilities also can create significant cybersecurity risk, which could lead to health care privacy, operational or safety risks. Tampering or other intentional or inadvertent access or interference with the data sent or received from connected medical devices can expose health care providers and their healthcare enterprises to series risks including, for example:

A breach of electronic protected health information (ePHI) in violation of the privacy and security standards of the Health Insurance Portability & Accountability Act (HIPAA);
Loss or disruption of healthcare services;
Malicious access by malicious actors;
Loss or corruption of enterprise information and patient data and health records; and
Resulting damage to an organization’s reputation, productivity, and bottom-line revenue.

The Guide includes a variety of information NIST intends to help organizations manage these and other risks to connected medical devices and their ePHI and other data. It provides an example that:

Illustrates cybersecurity standards and best-practice guidelines for better securing the wireless infusion pump ecosystem, such as the hardening of operating systems, segmenting the network, file and program whitelisting, code-signing, and using certificates for both authorization and encryption, maintaining the performance and usability of wireless infusion pumps and other connected mobile devices;
Discusses risks and opportunities to reduce risks from the compromise of information, including the potential for a breach or loss of ePHI, as well as not allowing these medical devices to be used for anything other than the intended purposes;
Documentation of a defense-in-depth strategy to introduce layers of cybersecurity controls that avoid a single point of failure and provide strong support for availability that may include a variety of tactics: using network segmentation to isolate business units and user access; applying firewalls to manage and control network traffic; hardening and enabling device security features to reduce zero-day exploits; and implementing strong network authentication protocols and proper network encryption, monitoring, auditing, and intrusion detection systems (IDS) and intrusion prevention systems (IPS);
Highlights best practices for the procurement of wireless infusion pumps, by including the need for cybersecurity features at the point of purchase; and
Calls upon industry to create new best practices for healthcare providers to consider when onboarding medical devices, with a focus on elements such as asset inventory, certificate management, device hardening and configuration, and a clean-room environment to limit the possibility of zero-day vulnerabilities.

As the patient identifiable ePHI these connected medical devices send, store or receive are considered subject to HIPAA’s privacy, security and breach notification rules, health care providers, medical device manufacturers acting as their business associates and other entities covered by these rules as covered entities or business associates are responsible for protecting and safeguarding this ePHI in accordance with HIPAA’s requirements. Since the Department of Health & Human Services Office of Civil Rights (OCR) often points to the NIST guidance as a relevant touchstone for HIPAA covered entities and business associates to comply with HIPAA security requirements, HIPAA covered entities can anticipate that OCR will look to and be influenced by the Guidance in formulating and applying HIPAA to connected mobile devices. Consequently, health care providers and other HIPAA covered entities and their business associates should be prepared to demonstrate their consideration and use of the standards and practices suggested in the Guidance including their analysis and justification for not following those criteria as part of their HIPAA security rule assessments. Meanwhile, connected mobile device manufacturers also will want to evaluate the Guidance and update their products and practices both to meet customer demands and to mitigate their risks as manufacturers to potential product liability claims and associated claims likely to rise from breaches or other events that may result from the failure to address the security and other risks identified in the Guidance as well as, when applicable, their specific business associate risk under HIPAA.

To accomplish this, impacted health care providers, manufacturers and other responsible parties generally will want to assess and confirm within the scope of attorney-client privilege the compliance of the ePHI safeguards of their current connected medical devices as well as require documented verification that any connected medical devices not yet deployed take into account these new standards. To the extent that deficiencies exist in the adherence of currently in use connected medical devices, HIPAA covered entities and their business associates should consult with qualified legal counsel experienced in addressing these HIPAA compliance and risk management concerns about the defensibility and exposures potential arising from the continued use of the devices, if any, and develop an appropriate compliance and risk management plan accordingly.

About the Author

Recognized repeatedly by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: Erisa & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years of health industry, health and other benefit, workforce and other management work, public policy leadership and advocacy, coaching, teachings, and publications.

Highly valued for her rare ability to find pragmatic client-centric solutions by combining her detailed legal and operational knowledge and experience with her talent for creative problem-solving, Ms. Stamer’s clients include employer, associations, government and other health benefit sponsors and administrators, public and private, domestic and international hospitals, health care systems, clinics, skilled nursing, long term care, rehabilitation and other health care providers and facilities; medical staff, accreditation, peer review and quality committees and organizations; billing, utilization management, management services organizations, group purchasing organizations; pharmaceutical, pharmacy, and prescription benefit management and organizations; consultants; investors; technology, billing and reimbursement and other services and product vendors; products and solutions consultants and developers; investors; managed care organizations, insurers, self-insured health plans and other payers; and other health industry, insurance, technology, government and other management clients.

Beyond her public policy and regulatory affairs involvement, Ms. Stamer also has extensive experience helping these and other clients to design and reform programs and practices; establish and administer compliance and risk management policies; comply with requirements, investigate and respond to government; accreditation and quality organizations; private litigation and other federal and state health care industry investigations and enforcement actions; evaluate and influence legislative and regulatory reforms and other regulatory and public policy advocacy; training and discipline; enforcement, and a host of other related concerns. supports these organizations and their leaders on both a real-time, “on demand” basis as well as outsourced operations or special counsel on an interim, special project, or ongoing basis with strategic planning and product and services development and innovation; workforce and operations management, crisis preparedness and response as well as to prevent, stabilize and cleanup legal and operational crises large and small that arise in the course of operations.

Past Chair of the ABA Managed Care & Insurance Interest Group and, a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer has extensive health care reimbursement and insurance experience advising and defending health care providers, payers, and others about Medicare, Medicaid, Medicare and Medicaid Advantage, Tri-Care, self-insured group, association, individual and employer and association group and other health benefit programs and coverages including but not limited to advising public and private payers about coverage and program design and documentation, advising and defending providers, payers and systems and billing services entities about systems and process design, audits, and other processes; provider credentialing, and contracting; providers and payer billing, reimbursement, claims audits, denials and appeals, coverage coordination, reporting, direct contracting, False Claims Act, Medicare & Medicaid, ERISA, state Prompt Pay, out-of-network and other nonpar insured, and other health care claims, prepayment, post-payment and other coverage, claims denials, appeals, billing and fraud investigations and actions and other reimbursement and payment related investigation, enforcement, litigation and actions.

Ms. Stamer helps health industry, health plans and insurers, health IT, life sciences and other health industry clients design, document and enforce plans, practices, policies, systems and solutions; manage regulatory, contractual and other legal and operational compliance; vendors and suppliers; Medicare, Medicaid, CHIP, Medicare/Medicaid Advantage, ERISA and other private payer and other terms of participation, medical billing, reimbursement, claims administration and coordination, and other provider-payer relations, contracting, compliance and enforcement; Form 990 and other nonprofit and tax-exemption; fundraising, investors, joint venture, and other business partners; quality and other performance measurement, management, discipline and reporting; physician and other workforce recruiting, performance management, peer review and other investigations and discipline, wage and hour, payroll, gain-sharing and other pay-for performance and other compensation, training, outsourcing and other human resources and workforce matters; board, medical staff and other governance; strategic planning, process and quality improvement; meaningful use, EMR, HIPAA and other technology, data security and breach and other health IT and data; STARK, antikickback, insurance, and other fraud prevention, investigation, defense and enforcement; audits, investigations, and enforcement actions; trade secrets and other intellectual property; crisis preparedness and response; internal, government and third-party licensure, credentialing, accreditation, HCQIA and other peer review and quality reporting, audits, investigations, enforcement and defense; patient relations and care; internal controls and regulatory compliance; payer-provider, provider-provider, vendor, patient, governmental and community relations; facilities, practice, products and other sales, mergers, acquisitions and other business and commercial transactions; government procurement and contracting; grants; tax-exemption and not-for-profit; 1557 and other Civil Rights; privacy and data security; training; risk and change management; regulatory affairs and public policy; process, product and service improvement, development and innovation, and other legal and operational compliance and risk management, government and regulatory affairs and operations concerns.

Author of leading works on a multitude of health care, health plan and other health industry matters, the American Bar Association (ABA) International Section Life Sciences Committee Vice Chair, a Scribe for the ABA Joint Committee on Employee Benefits (JCEB) Annual OCR Agency Meeting, former Vice President of the North Texas Health Care Compliance Professionals Association, past Chair of the ABA Health Law Section Managed Care & Insurance Section, past ABA JCEB Council Representative and CLE and Marketing Committee Chair, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer’s health industry clients include public health organizations; public and private hospitals, healthcare systems, clinics and other health care facilities; physicians, physician practices, medical staff, and other provider organizations; skilled nursing, long term care, assisted living, home health, ambulatory surgery, dialysis, telemedicine, DME, Pharma, clinics, and other health care providers; billing, management and other administrative services organizations; insured, self-insured, association and other health plans; PPOs, HMOs and other managed care organizations, insurance, claims administration, utilization management, and other health care payers; public and private peer review, quality assurance, accreditation and licensing; technology and other outsourcing; healthcare clearinghouse and other data; research; public and private social and community organizations; real estate, technology, clinical pathways, and other developers; investors, banks and financial institutions; audit, accounting, law firm; consulting; document management and recordkeeping, business associates, vendors, and service providers and other professional and other health industry organizations; academic medicine; trade associations; legislative and other law making bodies and others.

A popular lecturer and widely published author on health industry concerns, Ms. Stamer continuously advises health industry clients about compliance and internal controls, workforce and medical staff performance, quality, governance, reimbursement, privacy and data security, and other risk management and operational matters. Ms. Stamer also publishes and speaks extensively on health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns.

A Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her thought leadership, experience and advocacy on these and other related concerns by her service in the leadership of the Solutions Law Press, Inc. Coalition for Responsible Health Policy, its PROJECT COPE: Coalition on Patient Empowerment, and a broad range of other professional and civic organizations including North Texas Healthcare Compliance Association, a founding Board Member and past President of the Alliance for Healthcare Excellence, past Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; former Board President of the early childhood development intervention agency, The Richardson Development Center for Children (now Warren Center For Children); current Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee, current Vice Chair of Policy for the Life Sciences Committee of the ABA International Section, Past Chair of the ABA Health Law Section Managed Care & Insurance Section, a current Defined Contribution Plan Committee Co-Chair, former Group Chair and Co-Chair of the ABA RPTE Section Employee Benefits Group, past Representative and chair of various committees of ABA Joint Committee on Employee Benefits; a ABA Health Law Coordinating Council representative, former Coordinator and a Vice-Chair of the Gulf Coast TEGE Council TE Division, past Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee, a former member of the Board of Directors of the Southwest Benefits Association and others.

For more information about Ms. Stamer or her health industry and other experience and involvements, see here or contact Ms. Stamer via telephone at (469) 767-8872 or via e-mail here.

About Solutions Law Press, Inc.™

Leave a Comment » | Academic medicine, data breach, data security, Durable Medical Equipment, Electronic Health Records, Genetic Information, GINA, Health Care, Health care coding, Health Care Finance, Health Care Fraud, Health Care Provider, Health Care Quality, Health IT, healthcare, HHS, HIPAA, home health, Hospital, hospitals, Human Subjects Research, Immigration, Inpatient Rehabilitation Facility, Life Sciences, medical devices, Medical Privacy, Medical Records, NIST, Privacy, Uncategorized, Veterans Health Administration | Tagged: connected medical device, Data Breach, Data Privacy Day, Data Security, EPHI, FTC Act, Health Care, health care data security, health care privacy, HIPAA, medical device, NIST, product liability, Technology | Permalink
Posted by Cynthia Marcotte Stamer

House Passess Medical Device Tax Repeal, Other Health Bills; Will Senate Follow Its Lead?

July 24, 2018

Supporters of efforts to repeal a controversial excise tax on medical devices enacted as part of the Patient Protection and Affordable Care Act (ACA) should share their positions with key Senate leaders following the passage by the United States House of Representatives earlier today of legislation that would repeal the excise tax on medical devices.

Medical Device Tax Repeal

One of five health care reform bills passed by the House today, H.R. 184, the Protect Medical Innovation Act of 2018, would amend the Internal Revenue Code to repeal the excise tax on the sale of a medical device by the manufacturer, producer, or importer currently imposed under Subchapter E of Chapter 32 of the Internal Revenue Code of 1986 retroactive to December 31, 2017. Introduced originally by Republican Representative Erik Paulsen, its 278 cosponsors included 233 Republicans and 45 democrats. It passed the House by a vote of 283 to 132.

Of course, the bill requires Senate approval before it can go to the President for signature. While S. 2287, the No Taxation on Device Innovation Act, also calls for repeal of the excise tax, its prospects for passage remain to be seen. While House Republications have realized much success getting health care reform legislation passed in the House during the current and prior Congress and many Senate members have expressed support for repeal of the excise tax, the inability to secure their passage in the Senate has prevented a multitude of widely supported House passed reform proposals from becoming law in the current Congress despite Republican majorities in both bodies. Couple these historical difficulties with the fact that Democrat Senator Edward “Ed” Markey introduced the bill, it is not surprising that the Senate has not taken any action on the bill since the Republican leadership referred it to the Senate Finance Committee following its introduction in January. It remains to be seen whether and when House passage of H.R. 184 will prompt Senate Republicans to move on the legislation before the November elections.

Other Health Care Reform Bills Pass The House

Securing Senate passage also could prove a challenge to the enactment of the following four other health care bills that passed the House by unanimous consent today:

H.R. 1201, the Equitable Access to Care and Health Act, sponsored by Rep. Rodney Davis (R-IL) and cosponsored by Rep. Erik Paulsen (R-MN), Rep. David Schweikert (R-AZ), and Rep. Mike Kelly (R-PA).
H.R. 1476, the Native American Health Savings Improvement Act, sponsored by Rep. John Moolenaar (R-MI).
H.R. 4952, the Improving Seniors Access to Quality Benefits Act, sponsored by Rep. Mike Kelly (R-PA) and Rep. Ron Kind (D-WI).
H.R. 6138, the Ambulatory Surgical Center (ASC) Payment Transparency Act of 2018, sponsored by Rep. Devin Nunes (R-CA) and Rep. John Larson (D-CT).

While many Senate Republicans support many of the reforms proposed in these and other bills, confirmation of President Trump’s latest Supreme Court nominee and various other legislative priorities leading up to the November elections could further complicate the already difficult path to approval health care reform legislation historically has faced in the current Senate. Ultimately, it is likely that the fate of these bills between now and the election will be determined by the level of perceived public support they enjoy. Accordingly, supports of any of these reforms likely will want to express their support to key Senate leaders as soon as possible if they wish to encourage consideration by the current Senate.

About the Author

Highly valued for her rare ability to find pragmatic client-centric solutions by combining her detailed legal and operational knowledge and experience with her talent for creative problem-solving, Ms. Stamer’s clients include employer, associations, government and other health benefit sponsors and administrators, public and private, domestic and international hospitals, health care systems, clinics, skilled nursing, long term care, rehabilitation and other health care providers and facilities; medical staff, accreditation, peer review and quality committees and organizations; billing, utilization management, management services organizations, group purchasing organizations; pharmaceutical, pharmacy, and prescription benefit management and organizations; consultants; investors; technology, billing and reimbursement and other services and product vendors; products and solutions consultants and developers; investors; managed care organizations, insurers, self-insured health plans and other payers; and other health industry, insurance, technology, government and other management clients.

Past Chair of the ABA Managed Care & Insurance Interest Group and, a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer has extensive health care reimbursement and insurance experience advising and defending health care providers, payers, and others about Medicare, Medicaid, Medicare and Medicaid Advantage, Tri-Care, self-insured group, association, individual and employer and association group and other health benefit programs and coverages including but not limited to advising public and private payers about coverage and program design and documentation, advising and defending providers, payers and systems and billing services entities about systems and process design, audits, and other processes; provider credentialing, and contracting; providers and payer billing, reimbursement, claims audits, denials and appeals, coverage coordination, reporting, direct contracting, False Claims Act, Medicare & Medicaid, ERISA, state Prompt Pay, out-of-network and other nonpar insured, and other health care claims, prepayment, post-payment and other coverage, claims denials, appeals, billing and fraud investigations and actions and other reimbursement and payment related investigation, enforcement, litigation and actions.

Author of leading works on a multitude of health care, health plan and other health industry matters, the American Bar Association (ABA) International Section Life Sciences Committee Vice Chair, a Scribe for the ABA Joint Committee on Employee Benefits (JCEB) Annual OCR Agency Meeting, former Vice President of the North Texas Health Care Compliance Professionals Association, past Chair of the ABA Health Law Section Managed Care & Insurance Section, past ABA JCEB Council Representative and CLE and Marketing Committee Chair, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer’s health industry clients include public health organizations; public and private hospitals, healthcare systems, clinics and other health care facilities; physicians, physician practices, medical staff, and other provider organizations; skilled nursing, long term care, assisted living, home health, ambulatory surgery, dialysis, telemedicine, DME, Pharma, clinics, and other health care providers; billing, management and other administrative services organizations; insured, self-insured, association and other health plans; PPOs, HMOs and other managed care organizations, insurance, claims administration, utilization management, and other health care payers; public and private peer review, quality assurance, accreditation and licensing; technology and other outsourcing; healthcare clearinghouse and other data; research; public and private social and community organizations; real estate, technology, clinical pathways, and other developers; investors, banks and financial institutions; audit, accounting, law firm; consulting; document management and recordkeeping, business associates, vendors, and service providers and other professional and other health industry organizations; academic medicine; trade associations; legislative and other law making bodies and others.

A Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her thought leadership, experience and advocacy on these and other related concerns by her service in the leadership of the Solutions Law Press, Inc. Coalition for Responsible Health Policy, its PROJECT COPE: Coalition on Patient Empowerment, and a broad range of other professional and civic organizations including North Texas Healthcare Compliance Association, a founding Board Member and past President of the Alliance for Healthcare Excellence, past Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; former Board President of the early childhood development intervention agency, The Richardson Development Center for Children (now Warren Center For Children); current Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee, current Vice Chair of Policy for the Life Sciences Committee of the ABA International Section, Past Chair of the ABA Health Law Section Managed Care & Insurance Section, a current Defined Contribution Plan Committee Co-Chair, former Group Chair and Co-Chair of the ABA RPTE Section Employee Benefits Group, past Representative and chair of various committees of ABA Joint Committee on Employee Benefits; a ABA Health Law Coordinating Council representative, former Coordinator and a Vice-Chair of the Gulf Coast TEGE Council TE Division, past Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee, a former member of the Board of Directors of the Southwest Benefits Association and others.

For more information about Ms. Stamer or her health industry and other experience and involvements, see here or contact Ms. Stamer via telephone at (469) 767-8872 or via e-mail here.

About Solutions Law Press, Inc.™

Leave a Comment » | Health Care, Health Care Finance, Health Care Fraud, Uncategorized | Permalink
Posted by Cynthia Marcotte Stamer

Bill Delaying Medicaid Personal Services Assistance Payment Reduction For Visits Not Electronically Verified

July 19, 2018

Congress passed and sent to President Trump a bill amending title XIX of the Social Security Act to delay the reduction in Federal medical assistance percentage for Medicaid personal care services furnished without an electronic visit verification system, and for other purposes. Get details on H.R. 6042 here.

Leave a Comment » | Uncategorized | Permalink
Posted by Cynthia Marcotte Stamer

Tuesday Health Care Fraud Hearing Start Time Delayed

July 16, 2018

The House Ways & Means Committee today announced its delay of one of two health care fraud hearings originally scheduled tomorrow.

When it ended it’s work last week, the Committee was scheduled to hold two hearings on health care fraud on Tuesday:

The Ways and Means Committee Oversight Subcommittee Hearing on Combating Fraud in Medicare: A Strategy for Success beginning at 10:00 AM Eastern Time; and
The Ways and Means Committee Subcommittee Hearing on Modernizing Stark Law to Ensure the Successful Transition from Volume to Value in the Medicare Program beginning at 2:00 PM.

Both hearings are scheduled to take place in Room 1100 Longworth Congressional Offices and be live streamed on YouTube.

Today, however, House Ways and Means Health Subcommittee Chairman Peter Roskam announced that the Subcommittee is delaying the start time of the hearing on “Modernizing Stark Law to Ensure the Successful Transition from Volume to Value in the Medicare Program” to 3:30 PM.

This week’s health focused hearings reflect the continued emphasis of members of Congress in both parties on health care reform legislation as they prepare for the impending mid-term elections in November. As a part of these efforts, the House and Senate already over the past several months have held a wide range of hearings in various committees and key votes on a multitude of reform proposals. Numerous other hearings and votes are planned over the next several months as Congressional leaders from both parties work to advance their health care agendas in anticipation of the upcoming elections.

Physicians and other health care providers concerned about existing health care fraud rules should monitor and provide timely input to the Committee and other key members of Congress on the ideas discussed in the Tuesday hearings and other proposed healtg reforms.

About the Author

Highly valued for her rare ability to find pragmatic client-centric solutions by combining her detailed legal and operational knowledge and experience with her talent for creative problem-solving, Ms. Stamer’s clients include employer, associations, government and other health benefit sponsors and administrators, public and private, domestic and international hospitals, health care systems, clinics, skilled nursing, long term care, rehabilitation and other health care providers and facilities; medical staff, accreditation, peer review and quality committees and organizations; billing, utilization management, management services organizations, group purchasing organizations; pharmaceutical, pharmacy, and prescription benefit management and organizations; consultants; investors; technology, billing and reimbursement and other services and product vendors; products and solutions consultants and developers; investors; managed care organizations, insurers, self-insured health plans and other payers; and other health industry, insurance, technology, government and other management clients.

Past Chair of the ABA Managed Care & Insurance Interest Group and, a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer has extensive health care reimbursement and insurance experience advising and defending health care providers, payers, and others about Medicare, Medicaid, Medicare and Medicaid Advantage, Tri-Care, self-insured group, association, individual and employer and association group and other health benefit programs and coverages including but not limited to advising public and private payers about coverage and program design and documentation, advising and defending providers, payers and systems and billing services entities about systems and process design, audits, and other processes; provider credentialing, and contracting; providers and payer billing, reimbursement, claims audits, denials and appeals, coverage coordination, reporting, direct contracting, False Claims Act, Medicare & Medicaid, ERISA, state Prompt Pay, out-of-network and other nonpar insured, and other health care claims, prepayment, post-payment and other coverage, claims denials, appeals, billing and fraud investigations and actions and other reimbursement and payment related investigation, enforcement, litigation and actions.

Author of leading works on a multitude of health care, health plan and other health industry matters, the American Bar Association (ABA) International Section Life Sciences Committee Vice Chair, a Scribe for the ABA Joint Committee on Employee Benefits (JCEB) Annual OCR Agency Meeting, former Vice President of the North Texas Health Care Compliance Professionals Association, past Chair of the ABA Health Law Section Managed Care & Insurance Section, past ABA JCEB Council Representative and CLE and Marketing Committee Chair, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer’s health industry clients include public health organizations; public and private hospitals, healthcare systems, clinics and other health care facilities; physicians, physician practices, medical staff, and other provider organizations; skilled nursing, long term care, assisted living, home health, ambulatory surgery, dialysis, telemedicine, DME, Pharma, clinics, and other health care providers; billing, management and other administrative services organizations; insured, self-insured, association and other health plans; PPOs, HMOs and other managed care organizations, insurance, claims administration, utilization management, and other health care payers; public and private peer review, quality assurance, accreditation and licensing; technology and other outsourcing; healthcare clearinghouse and other data; research; public and private social and community organizations; real estate, technology, clinical pathways, and other developers; investors, banks and financial institutions; audit, accounting, law firm; consulting; document management and recordkeeping, business associates, vendors, and service providers and other professional and other health industry organizations; academic medicine; trade associations; legislative and other law making bodies and others.

A Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her thought leadership, experience and advocacy on these and other related concerns by her service in the leadership of the Solutions Law Press, Inc. Coalition for Responsible Health Policy, its PROJECT COPE: Coalition on Patient Empowerment, and a broad range of other professional and civic organizations including North Texas Healthcare Compliance Association, a founding Board Member and past President of the Alliance for Healthcare Excellence, past Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; former Board President of the early childhood development intervention agency, The Richardson Development Center for Children (now Warren Center For Children); current Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee, current Vice Chair of Policy for the Life Sciences Committee of the ABA International Section, Past Chair of the ABA Health Law Section Managed Care & Insurance Section, a current Defined Contribution Plan Committee Co-Chair, former Group Chair and Co-Chair of the ABA RPTE Section Employee Benefits Group, past Representative and chair of various committees of ABA Joint Committee on Employee Benefits; a ABA Health Law Coordinating Council representative, former Coordinator and a Vice-Chair of the Gulf Coast TEGE Council TE Division, past Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee, a former member of the Board of Directors of the Southwest Benefits Association and others.

For more information about Ms. Stamer or her health industry and other experience and involvements, see here or contact Ms. Stamer via telephone at (469) 767-8872 or via e-mail here.

About Solutions Law Press, Inc.™

Leave a Comment » | Health Care, Health Care Finance, Health Care Fraud, Uncategorized | Permalink
Posted by Cynthia Marcotte Stamer

Key House Committee Votes To Advance HSA & Other Health Choice Reforms; Plans 7/17 Health Care Fraud Hearings

July 13, 2018

A flurry of activity in the House Ways & Means Committee and other Congressional committees over the past few weeks signals the advisability of keeping a close eye on health care and health benefit reform proposals this Summer in anticipation of both the Fall health benefit enrollment and renewal season and the mid-term November Congressional elections.

Certainly continued Congressional commitment to pursue reform is evident from the House Ways & Means Committee’s health care heavy agenda of hearings and votes that this week alone resulted in its voting in favor of 11 health care reform bills promising new flexibility for employers about how to design their health plans and American families more health care choices and choice about how to pay for it and what coverage to buy popular with many providers, patients and employer and other health plan sponsors. While it remains to be seen if the House and Senate can agree on any or all of these proposal, the bi-partisan sponsorship of many of these proposals and the intensity of the focus of the Committee and others in Congress reflects a strong interest in health care reform by both parties leading up to November that could impact health benefit and other health care choices for providers, employers and American families in the Fall annual enrollment season.

The legislation passed by the Ways & Means Committee this weeks include bills that would:

Provide relief for employers relief from the Obamacare’s employer mandate and delay for an additional year the effective date of the widely disliked “Cadillac Tax;”
Overrule the “Use it Or Lose It” requirement in current Internal Revenue Regulations for healthcare flexible spending arrangement plans (HFSAs) that currently forces employers sponsoring HFSAs to draft their plans to require employees to forfeit unused salary reduction contributions in their HFSA accounts at the end of the year;
Offer individuals and families eligible for Obamacare created health premium subsidies more choice about where to obtain that coverage using their subsidies; and
Expand expand the availability and usability of HSAs in a multitude of ways.

While the recurrent stalling of past reform efforts over the past few years calls into question whether any or all of these proposals can make it through the highly politicized and divided Congress, bi-partisian sponsorship of most of the bills reported out this week at least raises the possibility that some of these proposals enjoy sufficient bi-partisan support to potentially pass before the elections. With both parties viewing health care reform as a key issue in the upcoming elections, voter feedback on these proposals could play a big role in determining the prospects for passage this Summer.

Passage of any or all of these proposed reforms between now and year end likely will fuel the need for last minute reconsideration and potential adjustments in plan design choices of employers and other health plan sponsors and administrators, reconsideration of health benefit enrollment choices of individual Americans and their families and a reconsideration of practice billing and health plan participation decisions of physicians and other health care providers. Accordingly, health care providers, employers and other health plan sponsors, American taxpayers and their families and others impacted by health care and health benefit policies will want to carefully monitor these reforms as the Summer progresses:

To provide timely input to Congress on proposed reforms of particular benefit or concern;
To help plan for and deal with rules changes that could impact their options and choices during the upcoming health plan renewal and enrollment season this Fall and going forward; and
To be prepared to make informed choices when voting in the upcoming mid-term Congressional elections in November.

To learn more details about this proposed legislation, its potential implications or other related concerns, see here or contact the author.

About the Author

After holding hearings on health savings account reforms and passing a flurry of health care reform bills intended to give employers relief from two key Obamacare mandates, to allow Obamacare subsidy-eligible Americans the choice to use the subsidies to purchase health care coverage not offered by the Obamacare exchanges, and a host of bills that would expand availability and usability of health savings account (HSA) and health care flexible spending account (HFSA) programs this week, the House Ways and Means Committee will turn its attention to health care fraud oversight and reform next week by holding hearings Tuesday on those health concerns. Health care providers, employer and other health plan sponsors, individual Americans and their families, and others interested in health benefit and health care reform will want to keep a close eye on these and other developments as Congress continues to debate health care reform in the runup to the upcoming 2018 health benefit plan renewal and annual enrollment season and November’s mid-term elections.

Committee Approved 11 Health Care Reform Bills This Week

As a part of its health reform efforts this week, the Committee voted to advance 11 health care reform bills offering new flexibility for employers about how to design their health plans and American families more health care choices and choice about how to pay for it and what coverage to buy popular with many providers, patients and employer and other health plan sponsors.

Among the approved legislation is a bill that would provide key relief for employers from certain key Obamacare mandates that have been widely unpopular with employers. H.R. 4616, the “Employer Relief Act of 2018,” sponsored by Rep. Devin Nunes (R-CA) and Rep. Mike Kelly (R-PA), which would give employers sponsoring health plans for their employees retroactive relief from Obamacare’s onerous employer mandate and delay for an additional year the effective date of another Obamacare requirement that when effective, will forces employers to pay the 40 percent tax on amounts paid for employer sponsored health care coverage that exceeds cost limits specified in the Obamacare legislation commonly known as the “Cadillac Tax.” Relief from the Cadillac Tax is widely perceived as benefiting bother employers and their employees, as its provisions penalize employers for spending more for employee health coverage than limits specified in the Obamacare law. These provisions also are particularly viewed by many as unfair because rising health plan costs since Obamacare’s passage make it likely that many employers will incur the tax penalty simply by sponsoring relatively basic health plans meeting the Obamacare mandates.

In addition to H.R. 4616, the Committee also voted to approve H.R. 6313, the “Responsible Additions and Increases to Sustain Employee Health Benefits Act of 2018,” sponsored by Rep. Steve Stivers (R-OH), which would overrule the “Use it Or Lose It” requirement in current Internal Revenue Regulations for HFSAs. Currently, this rule forces employers sponsoring HFSAs to draft their plans to require employees to forfeit unused salary reduction contributions in their HFSA accounts at the end of the year. The bill would allow employers to eliminate this forfeiture requirement so that employees could carry over any remaining unused balances in their HFSAs at the end of the year to use in a later year.

The Committee also voted to advance legislation to offer individuals and families eligible for Obamacare created health premium subsidies more choice about where to obtain that coverage. H.R. 6311, the “Increasing Access to Lower Premium Plans Act of 2018,” sponsored by Chairman Peter Roskam (R-IL) and Rep. Michael C. Burgess, M.D. (R-TX), would provide individuals receiving subsidies to help purchase health care coverage through the Obamacare-created health insurance exchange the option to use their premium tax credit to purchase health care coverage from qualified plans offered outside of the exchanges. Currently, subsidies may only be used to purchase coverage from health plans offered through the exchange, which often are much more costly and offer substantially fewer coverage options and less provider choice. In addition, the bill would expand access to the lowest-premium plans available for all individuals purchasing coverage in the individual market and allows the premium tax credit to be used to offset the cost of such plans.

Along with these reforms, the Committee also voted to pass a host of bills that would expand the availability and usability of HSAs including:

H.R. 6301, the “Promoting High-Value Health Care Through Flexibility for High Deductible Health Plans Act of 2018,” co-sponsored by Health Subcommittee Chairman Peter Roskam (R-IL) and Rep. Mike Thompson (D-CA), which seeks to expand access and enhance the utility of Health Savings Accounts (HSAs) by offering patients greater flexibility in designing their plan design while still being able to maintain their eligibility for HSA contributions.
H.R. 6305, the “Bipartisan HSA Improvement Act of 2018,” sponsored by Rep. Mike Kelly (R-PA) and Rep. Earl Blumenauer (D-OR), which also would expand HSA access and utility by allowing spouses to also make contributions to HSAs is their spouse has an FSA and lets employers offer certain services to employees through on-site or retail clinics.
H.R. 6317, the “Primary Care Enhancement Act of 2018,” co-sponsored by Rep. Erik Paulsen (R-MN) and Rep. Earl Blumenauer (D-OR), which seeks to protect HSA-eligible individuals who participate in a direct primary care (DPC) arrangement from losing their HSA-eligibility merely because of their participation in a DPC. In addition, it allows DPC provider fees to be covered with HSAs.
H.R. 6312, the “Personal Health Investment Today (PHIT) Act,” sponsored by Rep. Jason Smith (R-MO) and Rep. Ron Kind (D-WI), which seeks to fight obesity and promote wellness by allowing taxpayers to use tax-preferred accounts to pay costs of gym membership or exercise classes, children’s school sports programs and certain other wellness programs and activities.
H.R. 6309, the “Allowing Working Seniors to Keep Their Health Savings Accounts Act of 2018,” sponsored by Rep. Erik Paulsen (R-MN), which would expand HSA eligibility to include Medicare eligible seniors who are still in the workforce.
H.R.6199, the “Restoring Access to Medication Act of 2018,” sponsored by Rep. Lynn Jenkins (R-KS) and Rep. Grace Meng (D-NY), which would reverse Obamacare’s prohibition on using tax-favored health accounts to purchase over-the-counter medical products and would add feminine products to the list of qualified medical expenses for the purposes of these tax-favored health accounts.
H.R. 6306, the “Improve the Rules with Respect to Health Savings Accounts,” sponsored by Rep. Erik Paulsen (R-MN), which would increase the contribution limits for HSAs and further enhances flexibility in plans by allowing both spouses to contribute to make catch-up contributions to the same account and creating a new grace period for medical expenses incurred before the HSA was established.
H.R. 6314, the “Health Savings Act of 2018,” sponsored by Rep. Burgess (R-TX) and Rep. Roskam (R-IL), would expand eligibility and access to HSAs by allowing plans categorized as “catastrophic” and “bronze” in the exchanges to qualify for HSA contributions.

Committee Considers Health Care Fraud Next Week

The Committee next week will turn its attention to health care fraud by holding two hearings on Tuesday.

Tuesday morning, the Ways and Means Committee Oversight Subcommittee plans to hold a Hearing on Combating Fraud in Medicare: A Strategy for Success beginning at 10:00 AM Eastern Time; and
Tuesday afternoon, the Ways and Means Committee Subcommittee plans to hold a Hearing on Modernizing Stark Law to Ensure the Successful Transition from Volume to Value in the Medicare Program beginning at 2:00 PM.

Both hearings are scheduled to take place in Room 1100 Longworth and their proceedings will be live streamed on YouTube.

The Committee’s health care reform focus this week and next are reflective of the continued emphasis of members of Congress in both parties on health care reform legislation as they prepare for the impending mid-term elections in November. As a part of these efforts, the House and Senate already over the past several months have held a wide range of hearings in various committees and key votes on a multitude of reform proposals. Numerous other hearings and votes are planned over the next several months as Congressional leaders from both parties work to advance their health care agendas in anticipation of the upcoming elections.

Key health care and health benefit reform proposals that the Republican Majority has designated for priority consideration include:

Prescription drug costs by checking perceived negative effects of health industry and health plan consolidations involving large health insurers, pharmacy benefit management companies (PBMs), pharmacy companies and other health industry and health insurance organizations on health care costs and patient, plan sponsor and plan sponsor choice and health care quality;
Oversight and reform of existing STARK, anti-kickback and other federal health care rules and exemptions relied upon by PBMs and other health industry organizations;
Efforts to understand and address health care treatment, health care and coverage costs and related social concerns associated with mental health and opioid and other substance abuse conditions and their treatment;
Efforts promote health benefit and health care choice, affordability and coverage; improve patient and employer choice; promote broader health care access and quality; reduce counterproductive regulation; and other health insurance and care improvements through expanded availability of health savings accounts, direct primary care and other consumer directed health care options, association health plan and other program options, streamlining quality reporting and regulation, billing and coding, physician and other health care provider electronic billing and recordkeeping, and other provider, payer, employer, individual and other health insurance mandates and other federal health care and health plan rules; and
More.

Health care providers, employers and other health plan sponsors, American taxpayers and their families and others will want to carefully monitor these reforms as the Summer progresses:

To provide timely input to Congress on proposed reforms of particular benefit or concern;
To help plan for and deal with rules changes that could impact their options and choices during the upcoming health plan renewal and enrollment season this Fall and going forward; and
To be prepared to make informed choices when voting in the upcoming mid-term Congressional elections in November.

About the Author

Highly valued for her rare ability to find pragmatic client-centric solutions by combining her detailed legal and operational knowledge and experience with her talent for creative problem-solving, Ms. Stamer’s clients include employer, associations, government and other health benefit sponsors and administrators, public and private, domestic and international hospitals, health care systems, clinics, skilled nursing, long term care, rehabilitation and other health care providers and facilities; medical staff, accreditation, peer review and quality committees and organizations; billing, utilization management, management services organizations, group purchasing organizations; pharmaceutical, pharmacy, and prescription benefit management and organizations; consultants; investors; technology, billing and reimbursement and other services and product vendors; products and solutions consultants and developers; investors; managed care organizations, insurers, self-insured health plans and other payers; and other health industry, insurance, technology, government and other management clients.

Past Chair of the ABA Managed Care & Insurance Interest Group and, a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer has extensive health care reimbursement and insurance experience advising and defending health care providers, payers, and others about Medicare, Medicaid, Medicare and Medicaid Advantage, Tri-Care, self-insured group, association, individual and employer and association group and other health benefit programs and coverages including but not limited to advising public and private payers about coverage and program design and documentation, advising and defending providers, payers and systems and billing services entities about systems and process design, audits, and other processes; provider credentialing, and contracting; providers and payer billing, reimbursement, claims audits, denials and appeals, coverage coordination, reporting, direct contracting, False Claims Act, Medicare & Medicaid, ERISA, state Prompt Pay, out-of-network and other nonpar insured, and other health care claims, prepayment, post-payment and other coverage, claims denials, appeals, billing and fraud investigations and actions and other reimbursement and payment related investigation, enforcement, litigation and actions.

Author of leading works on a multitude of health care, health plan and other health industry matters, the American Bar Association (ABA) International Section Life Sciences Committee Vice Chair, a Scribe for the ABA Joint Committee on Employee Benefits (JCEB) Annual OCR Agency Meeting, former Vice President of the North Texas Health Care Compliance Professionals Association, past Chair of the ABA Health Law Section Managed Care & Insurance Section, past ABA JCEB Council Representative and CLE and Marketing Committee Chair, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer’s health industry clients include public health organizations; public and private hospitals, healthcare systems, clinics and other health care facilities; physicians, physician practices, medical staff, and other provider organizations; skilled nursing, long term care, assisted living, home health, ambulatory surgery, dialysis, telemedicine, DME, Pharma, clinics, and other health care providers; billing, management and other administrative services organizations; insured, self-insured, association and other health plans; PPOs, HMOs and other managed care organizations, insurance, claims administration, utilization management, and other health care payers; public and private peer review, quality assurance, accreditation and licensing; technology and other outsourcing; healthcare clearinghouse and other data; research; public and private social and community organizations; real estate, technology, clinical pathways, and other developers; investors, banks and financial institutions; audit, accounting, law firm; consulting; document management and recordkeeping, business associates, vendors, and service providers and other professional and other health industry organizations; academic medicine; trade associations; legislative and other law making bodies and others.

A Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her thought leadership, experience and advocacy on these and other related concerns by her service in the leadership of the Solutions Law Press, Inc. Coalition for Responsible Health Policy, its PROJECT COPE: Coalition on Patient Empowerment, and a broad range of other professional and civic organizations including North Texas Healthcare Compliance Association, a founding Board Member and past President of the Alliance for Healthcare Excellence, past Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; former Board President of the early childhood development intervention agency, The Richardson Development Center for Children (now Warren Center For Children); current Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee, current Vice Chair of Policy for the Life Sciences Committee of the ABA International Section, Past Chair of the ABA Health Law Section Managed Care & Insurance Section, a current Defined Contribution Plan Committee Co-Chair, former Group Chair and Co-Chair of the ABA RPTE Section Employee Benefits Group, past Representative and chair of various committees of ABA Joint Committee on Employee Benefits; a ABA Health Law Coordinating Council representative, former Coordinator and a Vice-Chair of the Gulf Coast TEGE Council TE Division, past Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee, a former member of the Board of Directors of the Southwest Benefits Association and others.

For more information about Ms. Stamer or her health industry and other experience and involvements, see here or contact Ms. Stamer via telephone at (469) 767-8872 or via e-mail here.

About Solutions Law Press, Inc.™

Leave a Comment » | Affordable Care Act, Anti-KickBack, Antitrust, Child Care, Consumer Driven Health Care, Controlled Substances, Corporate Compliance, Direct Primary Care, E-Prescribing, Employee Benefits, Employment, Evidence Based Medicine, FDA, Fiduciary Responsibility, Health Care, Health care coding, Health Care Finance, Health Care Fraud, Health Care Provider, Health Care Quality, Health Care Reform, health care reimbursement, Health Insurance, Health Insurance Exchange, Health IT, Health Plan, Health Plans, Health Policy, healthcare, HHS, Home Health, home health, Hospital, hospitals, managed care, Medicaid, Medical Licensure, Medicare, Medicare Advantage, Medicare Fee Schedule, Medicare Prescription Drug Program, Mental Health, Mental Heatlh, Patient Empowerment, Pharmaceudical, Pharmacy, Physician, Preexisting Condition Insurance Plan, Prescription Drugs, Psychiatric, Public Policy, quality reporting, Reimbursement, Rural Health Care, substance abuse treatment, Tax, Tax-Exemption, Uncategorized, Veterans Health, Veterans Health Administration, Veterans Health Care | Permalink
Posted by Cynthia Marcotte Stamer

Agencies Delay To 1/21/19, Grant Limited Transition Relief For “Common Rule” Federal Policy For the Protection of Human Subjects

June 19, 2018

The Department of Health & Human Services(HHS), Department of Labor (DOL) and a plethora of other federal agencies today announced an additional six-month delay from July 19, 2018 to January 21, 2019 of the effective date and general compliance deadline for revised federal standards governing research involving human subjects set forth in the ”) (“Federal Policy for the Protection of Human Subjects” (often referred to as the “Common Rule.

The Common Rule originally was adopted on January 19, 2017 by HHS, DOL and the Department of Homeland Security; Department of Agriculture; Department of Energy; National Aeronautics and Space Administration; Department of Commerce; Consumer Product Safety Commission; Social Security Administration; Agency for International Development; Department of Housing and Urban Development; Department of Defense; Department of Education; Department of Veterans Affairs; Environmental Protection Agency; National Science Foundation; and Department of Transportation. The Consumer Product Safety Commission (CPSC) adopted the same changes in a Final Rule it published on September 18, 2017.

The Agencies originally set January 19, 2018 as the compliance date and effective date for the Common Rule. By an interim final rule issued on January 17, 2018 and published on January 22, 2018, however, HHS and most the other Agencies delayed the compliance and effective date until July 19, 2018. The Department of Housing and Urban Development (HUD) published an interim final rule adopting the same regulatory changes on January 26, 2018. The revised Common Rule, including technical amendments made by the January 22, 2018 interim final rule, is referred to here as the “2018 Requirements.” This delay delayed the effective date of the Common Rule until July 19, 2018 (with the exception of the revisions to its cooperative research provision, which has a compliance date of January 20, 2020).

On April 20, 2018, federal departments and agencies published a notice of proposed rulemaking (NPRM) soliciting comments on two proposals. 83 FR 17595. The first proposed an additional 6-month delay for the general compliance date for the 2018 Requirements (from July 19, 2018 to January 21, 2019). The second proposed a flexibility that would allow regulated entities to take advantage of three burden-reducing provisions of the 2018 Requirements during the delay period.

In the guidance issued today, HHS and the other Agencies adopts the proposals described in the April 20, 2018 NPRM. Consequently, the rule published today delays the general compliance date for the 2018 Requirements for an additional 6-month period, until January 21, 2019. As a result of this delay, regulated entities will be required, with an exception, to continue to comply with the requirements of the pre-2018 version of the Federal Policy for the Protection of Human Subjects (the “pre-2018 Requirements”) until January 21, 2019. The one exception to this general rule is that institutions will be permitted (but not required) to implement, for certain research, the following three burden-reducing provisions of the 2018 Requirements during the delay period (July 19, 2018, through January 20, 2019):

The revised definition of “research,” which deems certain activities not to be research covered by the Common Rule;
The elimination of the requirement for annual continuing review with respect to certain categories of research; and
The elimination of the requirement that institutional review boards (IRBs) review grant applications or other funding proposals related to the research.

Institutions planning to take advantage of the three-burden reducing provisions must comply with all other pre-2018 Requirements during the delay period. The three burden-reducing provisions of the 2018 Requirements can only be implemented during the delay period with respect to studies initiated prior to January 21, 2019 that will transition to compliance with the revised Common Rule. Any study that implements these three burden-reducing provisions during the delay period must, beginning on January 21, 2019, comply with all of the 2018 Requirements for the balance of the study’s duration.

About the Author

Highly valued for her rare ability to find pragmatic client-centric solutions by combining her detailed legal and operational knowledge and experience with her talent for creative problem-solving, Ms. Stamer supports these organizations and their leaders on both a real-time, “on demand” basis as well as outsourced operations or special counsel on an interim, special project, or ongoing basis with strategic planning and product and services development and innovation; workforce and operations management, crisis preparedness and response as well as to prevent, stabilize and cleanup legal and operational crises large and small that arise in the course of operations.

As core components of this work, Ms. Stamer helps health industry, health plans and insurers, health IT, life sciences and other health industry clients manage regulatory, contractual and other legal and operational compliance; vendors and suppliers; Medicare, Medicaid, CHIP, Medicare/Medicaid Advantage, ERISA and other private payer and other terms of participation, medical billing, reimbursement, claims administration and coordination, and other provider-payer relations, contracting, compliance and enforcement; Form 990 and other nonprofit and tax-exemption; fundraising, investors, joint venture, and other business partners; quality and other performance measurement, management, discipline and reporting; physician and other workforce recruiting, performance management, peer review and other investigations and discipline, wage and hour, payroll, gain-sharing and other pay-for performance and other compensation, training, outsourcing and other human resources and workforce matters; board, medical staff and other governance; strategic planning, process and quality improvement; meaningful use, EMR, HIPAA and other technology, data security and breach and other health IT and data; STARK, antikickback, insurance, and other fraud prevention, investigation, defense and enforcement; audits, investigations, and enforcement actions; trade secrets and other intellectual property; crisis preparedness and response; internal, government and third-party licensure, credentialing, accreditation, HCQIA and other peer review and quality reporting, audits, investigations, enforcement and defense; patient relations and care; internal controls and regulatory compliance; payer-provider, provider-provider, vendor, patient, governmental and community relations; facilities, practice, products and other sales, mergers, acquisitions and other business and commercial transactions; government procurement and contracting; grants; tax-exemption and not-for-profit; 1557 and other Civil Rights; privacy and data security; training; risk and change management; regulatory affairs and public policy; process, product and service improvement, development and innovation, and other legal and operational compliance and risk management, government and regulatory affairs and operations concerns.

Her clients include public and private, domestic and international hospitals, health care systems, clinics, skilled nursing, long term care, rehabilitation and other health care providers and facilities; medical staff, accreditation, peer review and quality committees and organizations; billing, utilization management, management services organizations, group purchasing organizations; pharmaceutical, pharmacy, and prescription benefit management and organizations; consultants; investors; technology, billing and reimbursement and other services and product vendors; products and solutions consultants and developers; investors; managed care organizations, insurers, self-insured health plans and other payers; and other health industry clients to establish and administer compliance and risk management policies; comply with requirements, investigate and respond to Board of Medicine, Health, Nursing, Pharmacy, Chiropractic, and other licensing agencies, Department of Aging & Disability, FDA, Drug Enforcement Agency, OCR Privacy and Civil Rights, Department of Labor, IRS, HHS, DOD, FTC, SEC, CDC and other public health, Department of Justice and state attorneys’ general and other federal and state agencies; JCHO and other accreditation and quality organizations; private litigation and other federal and state health care industry investigation, enforcement including insurance or other liability management and allocation; process and product development, contracting, deployment and defense; evaluation, commenting or seeking modification of regulatory guidance, and other regulatory and public policy advocacy; training and discipline; enforcement, and a host of other related concerns for public and private health care providers, health insurers, health plans, technology and other vendors, employers, and others.and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns.

Author of leading works on a multitude of health care, health plan and other health industry matters, the American Bar Association (ABA) International Section Life Sciences Committee Vice Chair, a Scribe for the ABA Joint Committee on Employee Benefits (JCEB) Annual OCR Agency Meeting, former Vice President of the North Texas Health Care Compliance Professionals Association, past Chair of the ABA Health Law Section Managed Care & Insurance Section, past ABA JCEB Council Representative and CLE and Marketing Committee Chair, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer’s health industry clients include public health organizations; public and private hospitals, healthcare systems, clinics and other health care facilities; physicians, physician practices, medical staff, and other provider organizations; skilled nursing, long term care, assisted living, home health, ambulatory surgery, dialysis, telemedicine, DME, Pharma, clinics, and other health care providers; billing, management and other administrative services organizations; insured, self-insured, association and other health plans; PPOs, HMOs and other managed care organizations, insurance, claims administration, utilization management, and other health care payers; public and private peer review, quality assurance, accreditation and licensing; technology and other outsourcing; healthcare clearinghouse and other data; research; public and private social and community organizations; real estate, technology, clinical pathways, and other developers; investors, banks and financial institutions; audit, accounting, law firm; consulting; document management and recordkeeping, business associates, vendors, and service providers and other professional and other health industry organizations; academic medicine; trade associations; legislative and other law making bodies and others.

Past Chair of the ABA Managed Care & Insurance Interest Group and, a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also has extensive health care reimbursement and insurance experience advising and defending health care providers, payers, and others about Medicare, Medicaid, Medicare and Medicaid Advantage, Tri-Care, self-insured group, association, individual and group and other health benefit programs and coverages including but not limited to advising public and private payers about coverage and program design and documentation, advising and defending providers, payers and systems and billing services entities about systems and process design, audits, and other processes; provider credentialing, and contracting; providers and payer billing, reimbursement, claims audits, denials and appeals, coverage coordination, reporting, direct contracting, False Claims Act, Medicare & Medicaid, ERISA, state Prompt Pay, out-of-network and other nonpar insured, and other health care claims, prepayment, post-payment and other coverage, claims denials, appeals, billing and fraud investigations and actions and other reimbursement and payment related investigation, enforcement, litigation and actions.

Ms. Stamer has worked extensively with health care providers, health plans, health care clearinghouses, their business associates, employers and other plan sponsors, banks and other financial institutions, and others on risk management and compliance with HIPAA, FACTA, trade secret and other information privacy and data security rules, including the establishment, documentation, implementation, audit and enforcement of policies, procedures, systems and safeguards, investigating and responding to known or suspected breaches, defending investigations or other actions by plaintiffs, OCR and other federal or state agencies, reporting known or suspected violations, business associate and other contracting, commenting or obtaining other clarification of guidance, training and and enforcement, and a host of other related concerns. Her clients include public and private health care providers, health insurers, health plans, technology and other vendors, and others. In addition to representing and advising these organizations, she also has conducted training on Privacy & The Pandemic for the Association of State & Territorial Health Plans, as well as HIPAA, FACTA, PCI, medical confidentiality, insurance confidentiality and other privacy and data security compliance and risk management for Los Angeles County Health Department, MGMA, ISSA, HIMMS, the ABA, SHRM, schools, medical societies, government and private health care and health plan organizations, their business associates, trade associations and others.

A former lead consultant to the Government of Bolivia on its Pension Privatization Project with extensive domestic and international public policy concerns in Pensions, healthcare, workforce, immigration, tax, education and other areas.

A Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her thought leadership, experience and advocacy on these and other related concerns by her service in the leadership of the Solutions Law Press, Inc. Coalition for Responsible Health Policy, its PROJECT COPE: Coalition on Patient Empowerment, and a broad range of other professional and civic organizations including North Texas Healthcare Compliance Association, a founding Board Member and past President of the Alliance for Healthcare Excellence, past Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; former Board President of the early childhood development intervention agency, The Richardson Development Center for Children (now Warren Center For Children); current Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee, current Vice Chair of Policy for the Life Sciences Committee of the ABA International Section, Past Chair of the ABA Health Law Section Managed Care & Insurance Section, a current Defined Contribution Plan Committee Co-Chair, former Group Chair and Co-Chair of the ABA RPTE Section Employee Benefits Group, past Representative and chair of various committees of ABA Joint Committee on Employee Benefits; a ABA Health Law Coordinating Council representative, former Coordinator and a Vice-Chair of the Gulf Coast TEGE Council TE Division, past Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee, a former member of the Board of Directors of the Southwest Benefits Association and others.

For more information about Ms. Stamer or her health industry and other experience and involvements, see here or contact Ms. Stamer via telephone at (469) 767-8872 or via e-mail here.

About Solutions Law Press, Inc.™

Leave a Comment » | Academic medicine, Accreditation, Biological Wafar3e, Biological Warfare, FDA, Health Care, Health care coding, Health Care Finance, Health Care Fraud, Health Care Provider, Health Care Quality, Human Subjects Research, Life Sciences, Pandemic, research, Uncategorized, Veterans Health, Veterans Health Administration, Veterans Health Care | Tagged: academic medicine, Health Care, human resources, human subject research, Life Sciences, medical, Medical Ethics, Pharma, Public Policy, research, School, Technology | Permalink
Posted by Cynthia Marcotte Stamer

Texas Physicians Should Review New TMB Rules

May 11, 2018

Constant changes in medical board and other rules make it important that physicians and other health care providers stay up to date with new developments. The Texas Medical Board, for instance, published a slew of new rules in March 2018 that impact Texas physicians and medical practice including many which provide relief from previously more burdensome maintenance of certification and other requirements.. Texas physicians should review these new rules for possible implications on their responsibilities or other aspects of their practice.

The following is a summary of the new Texas Medical Board Rules published in March, 2018, the full text of which may be found in the Texas Administrative Code here.

MOC REFORM

The amendments to §163.11, concerning Active Practice of Medicine, were adopted in accordance with Senate Bill 1148, adopted by the 85th Legislature, which prohibits the Board from requiring maintenance of certification by an applicant to be eligible for a medical license.

The amendments to §166.3, concerning Retired Physician Exception, and §166.6, concerning Exemption From Registration Fee for Retired Physician Providing Voluntary Charity Care, were adopted in accordance with Senate Bill 1148, adopted by the 85th Legislature, which prohibits the Board from requiring maintenance of certification by an applicant to be eligible for initial or renewal registration permit for a medical license.

The amendments to §172.12, concerning Out-of-State Telemedicine License, were adopted in accordance with Senate Bill 1148, adopted by the 85th Legislature, which prohibits the Board from requiring maintenance of certification by an applicant to be eligible for a medical license.

FEES AND PENALTIES

The amendments to §175.1, concerning Application and Administrative Fees, corrects language in paragraph (1)(H)(i) so that fees related to physician-in-training permits are lowered to $200. Further language is added outlining application and administrative fees for processing licenses for medical physicists, medical radiologic technologists, non-certified technicians, perfusionists, and respiratory care practitioners.

The amendments to §175.2, concerning Registration and Renewal Fees, adds language outlining renewal fees for continuing licenses, permits, and certificates for medical physicists, medical radiologic technologists, non-certified technicians, perfusionists, and respiratory care practitioners.

The amendments to §175.3, concerning Penalties, moves language providing an exemption for individuals serving as military members to new paragraph (11). The amendments further add language outlining penalty amounts for late renewals of licenses for perfusionists, respiratory care practitioners, medical physicists, and medical radiologic technologists.

The amendment to §175.5, concerning Payment of Fees or Penalties, amends language clarifying the rule’s allowance for fee refunds applies to applicants who timely withdraw applications, in addition to other requirements. Further language is added clarifying that refunds of fees may be granted to licensees who retire or request cancellation of their licenses within 90 days of paying a renewal fee.

BUSINESS ORGANIZATIONS AND AGREEMENTS

The amendments to §177.18 (Subchapter E), concerning Purpose and Scope, and §177.20, concerning Call Coverage Minimum Requirements, and repeal of §177.19, concerning Definitions, provide a more flexible framework for call coverage agreements between physicians practicing in Texas so as to provide continuity of care to patients during a regular treating physician’s absence, while ensuring the covering physician’s accountability for meeting the standard of care and documenting the care provided during the call coverage period. The amendments eliminate the two-model approach under §177.20(b), allow all call coverage agreements to be contracted orally or in writing, and eliminate the requirement that certain agreements require real-time access to a patient’s medical records at the time of the call coverage period.

PROCEDURAL RULES

The amendments to §187.21(a), concerning Board and District Review Committee Members Participation, and §187.44(3), concerning Probationer Show Compliance Proceedings, correct the title of the reference to §187.18 of this chapter, which was recently changed to “ISC Scheduling, Process, and Procedures.”

The amendment to §187.76(c)(3), concerning Notice of Intention to Impose Administrative Penalty; Response, removes the undefined term “informal meeting” and replaces it with “ISC,” which is defined in §187.2 of this chapter (relating to Definitions). The amendment to §187.79, concerning Personal Appearance at an Informal Meeting, changes the title to “Personal Appearance at an ISC,” as “Informal Meeting” is not a defined term and “ISC” is a defined term and is the correct reference within the rule. The amendment in subsection (a) corrects the reference to “informal meeting” and replaces it with “ISC.” The amendment in subsection (b) also corrects the reference to “informal meeting” and replaces it with “ISC” and corrects the title of the reference to §187.18 of this chapter, which was recently changed to “ISC Scheduling, Process, and Procedures.” The amendment to §187.80(c), concerning Imposition of Administrative Penalty, removes the undefined term “informal meeting” and replaces it with “ISC,” which is defined in §187.2.

COMPLIANCE PROGRAM

The amendments to §189.11, concerning Process for Approval of Physicians, Other Professionals, Group Practices and Institutional Settings, eliminates the words “or remedial plan” from the provision describing the mechanism under which the Board may require a licensee to practice with an approved physician or other professional to serve as a proctor, monitor, or supervisor or in an approved group practice or institutional setting, as §164.0015 of the Texas Occupations Code states that Remedial Plans may not contain provisions that limit or restrict a licensee’s practice.

ACUPUNCTURE

The amendments to §183.4, concerning Licensure, add new language under subsection (a)(5) that allows an applicant for licensure to appear before the licensure committee of the Board to request reconsideration of the applicant’s ineligibility based on their failure to pass the NCCAOM examination within five attempts. Such amendment allows the Board discretion to reconsider such ineligibility determination. The proposed amendments delete obsolete language from subsection (a)(7). The proposed amendments to subsection (a)(9) provide an alternate mechanism to cure active practice issues faced by some licensure applicants. The remainder of the changes are corrections to punctuation and grammar.

The amendments to §183.19, concerning Acupuncture Advertising, remove language requiring that an acupuncturist include their license number on print advertising. The amendments to §183.20, concerning Continuing Acupuncture Education, add language to subsection (b)(1) to clarify the criteria for the courses from which the requisite CAE hours are taken. The proposed amendment adds new subsection (b)(2) to specify the number of CAE hours and specific topics which must be taken each year. New subsection (b)(3) is added to clarify the number of CAE hours from courses approved under each category delineated under subsection (b)(1). Spelling corrections were made in subsections (h) and (o).

RESPIRATORY CARE

The amendment to §186.2, concerning Definitions, adds new language under paragraph (41) that defines “voluntary charity care.”

The amendments to §186.4, concerning Procedural Rules and Qualifications for Certificate Applicants, add language to subsection (a)(2) to specify that application fees are set forth in 22 T.A.C. §175.1. The amendments also add language to subsection (g) to detail alternative certification procedures for military service members and military veterans, in addition to military spouses.

The amendments to §186.6, concerning Biennial Renewal of Certificate, add language to subsections (a), (d), and (j)(1) to reference specific rules in Chapter 175 that list certain fees.

The amendments to §186.7, concerning Temporary Permit, add language to subsection (a)(1) to detail that temporary permits issued under this subsection pertain to applicants who have signed an Agreed Order or Remedial Plan and are awaiting board approval. The amendments also add language to subsection (a)(3) to reference fees listed in 22 T.A.C. §175.1. Additionally, the amendments add language to subsection (c) to make clear that requirements listed in this subsection apply only to those applicants who have active practice issues. The amendments to §186.8, concerning Inactive Certificate, add language to subsection (a) to clarify that inactive certificates must be renewed each year.

The amendments to §186.10, concerning Continuing Education Requirements, add language to subsection (a) to state that at least two hours of the required 24 hours must be in the topic of ethics. Additionally, the amendments add subsection (b)(2) (C) to give non-traditional continuing education credit to those who teach or instruct a course in an accredited respiratory care educational program. The amendments also add language to subsection (b)(3) to clarify that credit may be awarded for credentialing or re-credentialing examinations listed in this subsection. The National Asthma Education Certification Board (NAECB) Certified Asthma Educator (AE-C) and neonatal resuscitation program (NRP) examinations are also added to this subsection. Language is also added to subsection (b)(3)(J) to explain how often credit may be awarded when the same examination is taken for initial credentialing purposes and recredentialing purposes.

The amendments to §186.13, concerning Identification Requirements, adds subsection (b) to require respiratory care practitioners holding a temporary permit to hold themselves out as temporary care practitioners or TRCPs.

The amendments to §186.17, concerning Grounds for Denial of Certification and for Disciplinary Action, adds language in paragraph (4) to make clear that disciplinary action or denial of certification based on criminal history is done in accordance with Chapter 53 of the Texas Occupations Code.

The amendments to §186.28, concerning Retired Certificate, adds language in subparagraph (2)(A) to reference the new definition of voluntary charity care adopted in 22 T.A.C. §186.2 (41).

MEDICAL RADIOLOGIC TECHNOLOGY

The amendment to §194.3, concerning Meetings and Committees, deletes subsection (f) and language providing that the board may at a regular or special meeting remove the secretary from office upon a majority vote, with other amendments re-lettering the remaining subsections. Language related to licensure and disciplinary committee functions is revised to clarify that the committees do not draft rules, but rather review draft language prepared by staff. Amendments further add a new paragraph (4) to subsection (f), setting forth new rules related to the creation of a new Education Committee. The proposed committee’s functions include recommending rules to the full board regarding education and training requirements certification as a radiologic technologist or registration as a non-certified technician (NCT), continuing education requirements for renewal of a Texas MRT certificate or NCT registration, and standards for the approval or rescinding approval of radiologic technologist certificate education program curricular and instructors.

The amendments to §194.5, concerning Applicability of Chapter; Exemptions, delete language referring to §194.14 of this title (relating to Alternate Training Requirements for Podiatric Medical Assistants), reflecting the repeal of §194.14.

The amendments to §194.6, concerning Procedural Rules and Minimum Eligibility Requirements for Applicants for a Certificate or Placement on the Board’s Non-Certified Technician General Registry, amend language so that an applicant is not deemed per se ineligible for a certificate or registration, based upon action taken against another license issued by a licensing authority in this or another state that is subject to probation or other disciplinary action not involving revocation or suspension. The board will continue to have the authority to deny a certificate or placement on the general registry based upon all such action, regardless if it is an action not involving revocation or suspension, but the amendments will allow the board more discretion in certain cases. The amendments further delete language under subsection (c)(8) and move it to a new paragraph (2), maintaining the board’s discretion to consider the nature of any final disciplinary action, other than suspension or revocation, when determining whether to issue the certificate or other authorization.

Amendments to subsection (f)(3) and subsection (i), with language referring to §194.14 of this title, are deleted, to reflect the repeal of §194.14. Amendments to subsection (j) adding clarifying language to make it clearer that non-certified technicians must comply with the active practice requirements under the rules in order to show eligibility for placement on the general registry.

Amendment to subsection (l) makes corrections to typographical errors.

The repeal of §194.14, concerning Alternate Training Requirements for Podiatric Medical Assistants, was adopted to comport with S.B. 674, which amended Texas Occupations Code, Chapter 601, and eliminated dual registration for non-certified technicians by certain state licensing boards, including the Podiatry Board. The MRT Board will maintain a single set of minimum training requirements in order to obtain eligibility for placement on a general registry for non-certified technicians (NCT).

The amendment to §194.16, concerning Hardship Exemptions, amends language in order to comport with S.B. 674, which amended Texas Occupations Code, §601.203, so that in order to show that an applicant faces a hardship in hiring a certificate holder or NCT due to an inability to attract and retain medical radiologic technologists, the applicant must also show evidence that the location for which the hardship exemption is sought must be located in a county with a population of less than 50,000.

Amendments further delete subsection (b)(4)(B) (vi), so that the use of only a hand-held fluoroscope with a maximum operating capability of 65 kilovolts and 1 milliampere, or similar type of x-ray unit for upper extremities only, with the radiation produced by the radiographic equipment representing a minimal threat to the patient and the operator of the equipment, no longer qualifies for a hardship exemption. The basis for the repeal is that the use of such equipment should be performed by individuals who have completed minimum training and obtained registration as a NCT or certification as a MRT or LMRT.

The amendment to §194.17, concerning Dangerous or Hazardous Procedures, removes language referring to §194.14 of this title, reflecting the repeal of §194.14.

Physicians and others that may be impacted by TMB rules should check with the TMB monthly for possible changes that could impact their rules of practice.

About the Author

Highly valued for her rare ability to find pragmatic client-centric solutions by combining her detailed legal and operational knowledge and experience with her talent for creative problem-solving, Ms. Stamer supports these organizations and their leaders on both a real-time, “on demand” basis as well as outsourced operations or special counsel on an interim, special project, or ongoing basis with strategic planning and product and services development and innovation; workforce and operations management, crisis preparedness and response as well as to prevent, stabilize and cleanup legal and operational crises large and small that arise in the course of operations.

As core components of this work, Ms. Stamer helps health industry, health plans and insurers, health IT, life sciences and other health industry clients manage regulatory, contractual and other compliance; vendors and suppliers; Medicare, Medicaid, CHIP, Medicare/Medicaid Advantage, ERISA and other private payer and other terms of participation, medical billing, reimbursement, claims administration and coordination, and other provider-payer relations, contracting, compliance and enforcement; Form 990 and other nonprofit and tax-exemption; fundraising, investors, joint venture, and other business partners; quality and other performance measurement, management, discipline and reporting; physician and other workforce recruiting, performance management, peer review and other investigations and discipline, wage and hour, payroll, gain-sharing and other pay-for performance and other compensation, training, outsourcing and other human resources and workforce matters; board, medical staff and other governance; strategic planning, process and quality improvement; meaningful use, EMR, HIPAA and other technology, data security and breach and other health IT and data; STARK, antikickback, insurance, and other fraud prevention, investigation, defense and enforcement; audits, investigations, and enforcement actions; trade secrets and other intellectual property; crisis preparedness and response; internal, government and third-party licensure, credentialing, accreditation, HCQIA and other peer review and quality reporting, audits, investigations, enforcement and defense; patient relations and care; internal controls and regulatory compliance; payer-provider, provider-provider, vendor, patient, governmental and community relations; facilities, practice, products and other sales, mergers, acquisitions and other business and commercial transactions; government procurement and contracting; grants; tax-exemption and not-for-profit; 1557 and other Civil Rights; privacy and data security; training; risk and change management; regulatory affairs and public policy; process, product and service improvement, development and innovation, and other legal and operational compliance and risk management, government and regulatory affairs and operations concerns.

Author of leading works on a multitude of health care, health plan and other health industry matters, the American Bar Association (ABA) International Section Life Sciences Committee Vice Chair, a Scribe for the ABA Joint Committee on Employee Benefits (JCEB) Annual OCR Agency Meeting, former Vice President of the North Texas Health Care Compliance Professionals Association, past Chair of the ABA Health Law Section Managed Care & Insurance Section, past ABA JCEB Council Representative and CLE and Marketing Committee Chair, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer’s health industry clients include public health organizations; public and private hospitals, healthcare systems, clinics and other health care facilities; physicians, physician practices, medical staff, and other provider organizations; skilled nursing, long term care, assisted living, home health, ambulatory surgery, dialysis, telemedicine, DME, Pharma, clinics, and other health care providers; billing, management and other administrative services organizations; insured, self-insured, association and other health plans; PPOs, HMOs and other managed care organizations, insurance, claims administration, utilization management, and other health care payers; public and private peer review, quality assurance, accreditation and licensing; technology and other outsourcing; healthcare clearinghouse and other data; research; public and private social and community organizations; real estate, technology, clinical pathways, and other developers; investors, banks and financial institutions; audit, accounting, law firm; consulting; document management and recordkeeping, business associates, vendors, and service providers and other professional and other health industry organizations; academic medicine; trade associations; legislative and other law making bodies and others.

Past Chair of the ABA Managed Care & Insurance Interest Group and, a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also has extensive health care reimbursement and insurance experience advising and defending health care providers, payers, and others about Medicare, Medicaid, Medicare and Medicaid Advantage, Tri-Care, self-insured group, association, individual and group and other health benefit programs and coverages including but not limited to advising public and private payers about coverage and program design and documentation, advising and defending providers, payers and systems and billing services entities about systems and process design, audits, and other processes; provider credentialing, and contracting; providers and payer billing, reimbursement, claims audits, denials and appeals, coverage coordination, reporting, direct contracting, False Claims Act, Medicare & Medicaid, ERISA, state Prompt Pay, out-of-network and other nonpar insured, and other health care claims, prepayment, post-payment and other coverage, claims denials, appeals, billing and fraud investigations and actions and other reimbursement and payment related investigation, enforcement, litigation and actions.

A Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her thought leadership, experience and advocacy on these and other related concerns by her service in the leadership of the Solutions Law Press, Inc. Coalition for Responsible Health Policy, its PROJECT COPE: Coalition on Patient Empowerment, and a broad range of other professional and civic organizations including North Texas Healthcare Compliance Association, a founding Board Member and past President of the Alliance for Healthcare Excellence, past Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; former Board President of the early childhood development intervention agency, The Richardson Development Center for Children (now Warren Center For Children); current Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee, current Vice Chair of Policy for the Life Sciences Committee of the ABA International Section, Past Chair of the ABA Health Law Section Managed Care & Insurance Section, a current Defined Contribution Plan Committee Co-Chair, former Group Chair and Co-Chair of the ABA RPTE Section Employee Benefits Group, past Representative and chair of various committees of ABA Joint Committee on Employee Benefits; a ABA Health Law Coordinating Council representative, former Coordinator and a Vice-Chair of the Gulf Coast TEGE Council TE Division, past Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee, a former member of the Board of Directors of the Southwest Benefits Association and others.

For more information about Ms. Stamer or her health industry and other experience and involvements, see here or contact Ms. Stamer via telephone at (469) 767-8872 or via e-mail here.

About Solutions Law Press, Inc.™

Leave a Comment » | Doctor, drug treatment, Electronic Medical Records, Licensing, Medical Licensure, Physician Licensing, Prescription Drugs, Uncategorized | Permalink
Posted by Cynthia Marcotte Stamer

TMB Urging Texas Drs., PAs To Register For Prescription Monitoring Program

May 11, 2018

The Texas Medical Board (TMB) is encouraging physicians and physician assistants to register with the Texas Prescription Monitoring Program (PMP) whether or not prescribing controlled substances in Texas.

Technically, physicians and physician assistants that do not prescribe controlled substances in Texas required to complete the PMP registration. However, TMB encourages PMP registration even for physicians and physician assistants who are not prescribing.

The primary reason to register is to allow licensees to periodically review the system to ensure that no prescriptions are being inaccurately or fraudulently attributed to the licensee. The PMP can be used to verify a practitioner’s own records and prescribing history as well as inquiring about patients. In addition, the program may be used to generate and disseminate information regarding prescription trends.

TMB is alerting physicians that as required by HB 2561, TMB provides licensee contact information to the Texas State Board of Pharmacy, the agency which administers the Texas Prescription Monitoring Program (PMP), for the purposes of pre-registering prescribers for the program.

The Texas State Board of Pharmacy has begun using this information to contact licensees by e-mail with a link to register with PMP. TMB says physicians will receive an email notification from the Texas State Board of Pharmacy if the physician does not have a PMP account registered to the email address of record with TMB. In some cases, the e-mail that a physician used to register for a PMP account may not match the e-mail on file with TMB. In this case, TMB says a physician with a PMP account under another email address need not complete an additional PMP registration.

As with all e-mail requests for information or registeration, physicians and physicians assistants should use care when responding to these and other e-mails to confirm that the inquiry or other correspondence is not a spoofed, phishing or other malicious e-mail seeking to improperly access data or gain other undesirable system access by using the appearance of coming from a legitimate source.

For more information about PMP, visit here. For registration FAQs see here.

About the Author

Highly valued for her rare ability to find pragmatic client-centric solutions by combining her detailed legal and operational knowledge and experience with her talent for creative problem-solving, Ms. Stamer supports these organizations and their leaders on both a real-time, “on demand” basis as well as outsourced operations or special counsel on an interim, special project, or ongoing basis with strategic planning and product and services development and innovation; workforce and operations management, crisis preparedness and response as well as to prevent, stabilize and cleanup legal and operational crises large and small that arise in the course of operations.

As core components of this work, Ms. Stamer helps health industry, health plans and insurers, health IT, life sciences and other health industry clients manage regulatory, contractual and other compliance; vendors and suppliers; Medicare, Medicaid, CHIP, Medicare/Medicaid Advantage, ERISA and other private payer and other terms of participation, medical billing, reimbursement, claims administration and coordination, and other provider-payer relations, contracting, compliance and enforcement; Form 990 and other nonprofit and tax-exemption; fundraising, investors, joint venture, and other business partners; quality and other performance measurement, management, discipline and reporting; physician and other workforce recruiting, performance management, peer review and other investigations and discipline, wage and hour, payroll, gain-sharing and other pay-for performance and other compensation, training, outsourcing and other human resources and workforce matters; board, medical staff and other governance; strategic planning, process and quality improvement; meaningful use, EMR, HIPAA and other technology, data security and breach and other health IT and data; STARK, antikickback, insurance, and other fraud prevention, investigation, defense and enforcement; audits, investigations, and enforcement actions; trade secrets and other intellectual property; crisis preparedness and response; internal, government and third-party licensure, credentialing, accreditation, HCQIA and other peer review and quality reporting, audits, investigations, enforcement and defense; patient relations and care; internal controls and regulatory compliance; payer-provider, provider-provider, vendor, patient, governmental and community relations; facilities, practice, products and other sales, mergers, acquisitions and other business and commercial transactions; government procurement and contracting; grants; tax-exemption and not-for-profit; 1557 and other Civil Rights; privacy and data security; training; risk and change management; regulatory affairs and public policy; process, product and service improvement, development and innovation, and other legal and operational compliance and risk management, government and regulatory affairs and operations concerns.

Author of leading works on a multitude of health care, health plan and other health industry matters, the American Bar Association (ABA) International Section Life Sciences Committee Vice Chair, a Scribe for the ABA Joint Committee on Employee Benefits (JCEB) Annual OCR Agency Meeting, former Vice President of the North Texas Health Care Compliance Professionals Association, past Chair of the ABA Health Law Section Managed Care & Insurance Section, past ABA JCEB Council Representative and CLE and Marketing Committee Chair, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer’s health industry clients include public health organizations; public and private hospitals, healthcare systems, clinics and other health care facilities; physicians, physician practices, medical staff, and other provider organizations; skilled nursing, long term care, assisted living, home health, ambulatory surgery, dialysis, telemedicine, DME, Pharma, clinics, and other health care providers; billing, management and other administrative services organizations; insured, self-insured, association and other health plans; PPOs, HMOs and other managed care organizations, insurance, claims administration, utilization management, and other health care payers; public and private peer review, quality assurance, accreditation and licensing; technology and other outsourcing; healthcare clearinghouse and other data; research; public and private social and community organizations; real estate, technology, clinical pathways, and other developers; investors, banks and financial institutions; audit, accounting, law firm; consulting; document management and recordkeeping, business associates, vendors, and service providers and other professional and other health industry organizations; academic medicine; trade associations; legislative and other law making bodies and others.

Past Chair of the ABA Managed Care & Insurance Interest Group and, a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also has extensive health care reimbursement and insurance experience advising and defending health care providers, payers, and others about Medicare, Medicaid, Medicare and Medicaid Advantage, Tri-Care, self-insured group, association, individual and group and other health benefit programs and coverages including but not limited to advising public and private payers about coverage and program design and documentation, advising and defending providers, payers and systems and billing services entities about systems and process design, audits, and other processes; provider credentialing, and contracting; providers and payer billing, reimbursement, claims audits, denials and appeals, coverage coordination, reporting, direct contracting, False Claims Act, Medicare & Medicaid, ERISA, state Prompt Pay, out-of-network and other nonpar insured, and other health care claims, prepayment, post-payment and other coverage, claims denials, appeals, billing and fraud investigations and actions and other reimbursement and payment related investigation, enforcement, litigation and actions.

A Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her thought leadership, experience and advocacy on these and other related concerns by her service in the leadership of the Solutions Law Press, Inc. Coalition for Responsible Health Policy, its PROJECT COPE: Coalition on Patient Empowerment, and a broad range of other professional and civic organizations including North Texas Healthcare Compliance Association, a founding Board Member and past President of the Alliance for Healthcare Excellence, past Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; former Board President of the early childhood development intervention agency, The Richardson Development Center for Children (now Warren Center For Children); current Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee, current Vice Chair of Policy for the Life Sciences Committee of the ABA International Section, Past Chair of the ABA Health Law Section Managed Care & Insurance Section, a current Defined Contribution Plan Committee Co-Chair, former Group Chair and Co-Chair of the ABA RPTE Section Employee Benefits Group, past Representative and chair of various committees of ABA Joint Committee on Employee Benefits; a ABA Health Law Coordinating Council representative, former Coordinator and a Vice-Chair of the Gulf Coast TEGE Council TE Division, past Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee, a former member of the Board of Directors of the Southwest Benefits Association and others.

For more information about Ms. Stamer or her health industry and other experience and involvements, see here or contact Ms. Stamer via telephone at (469) 767-8872 or via e-mail here.

About Solutions Law Press, Inc.™

Physicians Pay $700,000 to Settle False Claims Act Violation Charges Arising from Financial Relationship with Drug Testing Lab

May 8, 2018

Three physicians are paying a total of $700,000 to settle Justice Department (DOJ) charges stemming from financial relationships with a drug testing lab. The settlement highlights the continuing need for providers to exercise care to avoid entering into financial arrangements with laboratories that DOJ, the Department of Health & Human Services Office of Inspector General (OIG) considers improper under federal health care fraud laws.

Dr. Robert Fetchero, D.O., Dr. Sridhar Pinnamaneni, M.D., and Dr. Thelma Green-Mack, M.D., separately agreed to settle allegations that they each received improper payments for referrals from Greensburg, Pennsylvania drug testing lab Universal Oral Fluid Laboratories, and caused false claims to be submitted to Medicare for drug testing services, United States Attorney Scott W. Brady announced yesterday.

The settlements announced resolve allegations that the settling physicians referred Medicare patients to Universal Oral Fluid Laboratories (“UOFL”) for drug testing services while engaged in a financial relationship with the lab. Specifically, UOFL paid the settling physicians to refer their patients to the lab for drug tests; UOFL then submitted claims to Medicare for the drug testing services from 2011 to 2014.

The settlements follow the earlier guilty plea on related charges of UOFL’s former medical director, Dr. John H. Johnson.

UOFL was owned and operated by William Hughes. The United States alleged that the financial arrangement between the settling physicians and UOFL violated the physician self-referral law, commonly known as the “Stark Law,” and the Anti-Kickback Statute, giving rise to liability under the False Claims Act. Pursuant to separately executed settlement agreements, Dr. Fetchero agreed to pay $200,000; Dr. Pinnamaneni agreed to pay $370,000; and Dr. Green-Mack agreed to pay $130,000.

The Stark Law forbids physicians from making referrals for certain designated health services payable by Medicare to an entity with which he or she (or an immediate family member) has a financial relationship, unless an exception applies. The Anti-Kickback Statute prohibits offering, paying, soliciting, or receiving remuneration to induce referrals of services covered by federal health care programs, such as Medicare. Violations of the Stark Law or Anti-Kickback Statute may give rise to civil liability for treble damages and penalties under the False Claims Act.

The settlements and underlying charges the resolve illustrate the risks that physicians and other providers run for participating in financial arrangements not structured to clearly meet applicable federal anti-kickback and STARK rules.

About the Author

Highly valued for her rare ability to find pragmatic client-centric solutions by combining her detailed legal and operational knowledge and experience with her talent for creative problem-solving, Ms. Stamer supports these organizations and their leaders on both a real-time, “on demand” basis as well as outsourced operations or special counsel on an interim, special project, or ongoing basis with strategic planning and product and services development and innovation; workforce and operations management, crisis preparedness and response as well as to prevent, stabilize and cleanup legal and operational crises large and small that arise in the course of operations.

As core components of this work, Ms. Stamer helps health industry, health plans and insurers, health IT, life sciences and other health industry clients manage regulatory, contractual and other compliance; vendors and suppliers; Medicare, Medicaid, CHIP, Medicare/Medicaid Advantage, ERISA and other private payer and other terms of participation, medical billing, reimbursement, claims administration and coordination, and other provider-payer relations, contracting, compliance and enforcement; Form 990 and other nonprofit and tax-exemption; fundraising, investors, joint venture, and other business partners; quality and other performance measurement, management, discipline and reporting; physician and other workforce recruiting, performance management, peer review and other investigations and discipline, wage and hour, payroll, gain-sharing and other pay-for performance and other compensation, training, outsourcing and other human resources and workforce matters; board, medical staff and other governance; strategic planning, process and quality improvement; meaningful use, EMR, HIPAA and other technology, data security and breach and other health IT and data; STARK, antikickback, insurance, and other fraud prevention, investigation, defense and enforcement; audits, investigations, and enforcement actions; trade secrets and other intellectual property; crisis preparedness and response; internal, government and third-party licensure, credentialing, accreditation, HCQIA and other peer review and quality reporting, audits, investigations, enforcement and defense; patient relations and care; internal controls and regulatory compliance; payer-provider, provider-provider, vendor, patient, governmental and community relations; facilities, practice, products and other sales, mergers, acquisitions and other business and commercial transactions; government procurement and contracting; grants; tax-exemption and not-for-profit; 1557 and other Civil Rights; privacy and data security; training; risk and change management; regulatory affairs and public policy; process, product and service improvement, development and innovation, and other legal and operational compliance and risk management, government and regulatory affairs and operations concerns.

Author of leading works on a multitude of health care, health plan and other health industry matters, the American Bar Association (ABA) International Section Life Sciences Committee Vice Chair, a Scribe for the ABA Joint Committee on Employee Benefits (JCEB) Annual OCR Agency Meeting, former Vice President of the North Texas Health Care Compliance Professionals Association, past Chair of the ABA Health Law Section Managed Care & Insurance Section, past ABA JCEB Council Representative and CLE and Marketing Committee Chair, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer’s health industry clients include public health organizations; public and private hospitals, healthcare systems, clinics and other health care facilities; physicians, physician practices, medical staff, and other provider organizations; skilled nursing, long term care, assisted living, home health, ambulatory surgery, dialysis, telemedicine, DME, Pharma, clinics, and other health care providers; billing, management and other administrative services organizations; insured, self-insured, association and other health plans; PPOs, HMOs and other managed care organizations, insurance, claims administration, utilization management, and other health care payers; public and private peer review, quality assurance, accreditation and licensing; technology and other outsourcing; healthcare clearinghouse and other data; research; public and private social and community organizations; real estate, technology, clinical pathways, and other developers; investors, banks and financial institutions; audit, accounting, law firm; consulting; document management and recordkeeping, business associates, vendors, and service providers and other professional and other health industry organizations; academic medicine; trade associations; legislative and other law making bodies and others.

Past Chair of the ABA Managed Care & Insurance Interest Group and, a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also has extensive health care reimbursement and insurance experience advising and defending health care providers, payers, and others about Medicare, Medicaid, Medicare and Medicaid Advantage, Tri-Care, self-insured group, association, individual and group and other health benefit programs and coverages including but not limited to advising public and private payers about coverage and program design and documentation, advising and defending providers, payers and systems and billing services entities about systems and process design, audits, and other processes; provider credentialing, and contracting; providers and payer billing, reimbursement, claims audits, denials and appeals, coverage coordination, reporting, direct contracting, False Claims Act, Medicare & Medicaid, ERISA, state Prompt Pay, out-of-network and other nonpar insured, and other health care claims, prepayment, post-payment and other coverage, claims denials, appeals, billing and fraud investigations and actions and other reimbursement and payment related investigation, enforcement, litigation and actions.

A Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her thought leadership, experience and advocacy on these and other related concerns by her service in the leadership of the Solutions Law Press, Inc. Coalition for Responsible Health Policy, its PROJECT COPE: Coalition on Patient Empowerment, and a broad range of other professional and civic organizations including North Texas Healthcare Compliance Association, a founding Board Member and past President of the Alliance for Healthcare Excellence, past Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; former Board President of the early childhood development intervention agency, The Richardson Development Center for Children (now Warren Center For Children); current Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee, current Vice Chair of Policy for the Life Sciences Committee of the ABA International Section, Past Chair of the ABA Health Law Section Managed Care & Insurance Section, a current Defined Contribution Plan Committee Co-Chair, former Group Chair and Co-Chair of the ABA RPTE Section Employee Benefits Group, past Representative and chair of various committees of ABA Joint Committee on Employee Benefits; a ABA Health Law Coordinating Council representative, former Coordinator and a Vice-Chair of the Gulf Coast TEGE Council TE Division, past Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee, a former member of the Board of Directors of the Southwest Benefits Association and others.

For more information about Ms. Stamer or her health industry and other experience and involvements, see here or contact Ms. Stamer via telephone at (469) 767-8872 or via e-mail here.

About Solutions Law Press, Inc.™

May 8, 2018

Check Out CMS 2018 Qualified Clinical Data Registry

February 23, 2018

Physicians and other practitioners should check out the measure specifications for the approved 2018 Qualified Clinical Data Registry (QCDR) measures posted by the Centers for Medicare & Medicaid Services (CMS) yesterday (February 22, 2018).

Rather than being grouped by QCDR, this file allows users to group measures by specialty and topic to see what QCDR measures are most applicable to their practice and/or specialty.

CMS also says, the posting of this specification file will act as a reference tool for existing and potential new QCDR vendors who may be interested in developing their own QCDR measures, and should help them to avoid developing and submitting measures that are duplicative of existing QCDR measures.

About The Author

Repeatedly recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, a Fellow in the American College of Employee Benefit Council, the American Bar Foundation and the Texas Bar Foundation and board certified in labor and employment law by the Texas Board of Legal Specialization, Cynthia Marcotte Stamer is a practicing attorney, management consultant, author, public policy advocate and lecturer widely known for health and managed care, employee benefits, insurance and financial services, data and technology and other management work, public policy leadership and advocacy, coaching, teachings, and publications. Nationally recognized for her work, experience, leadership and publications on HIPAA and other medical privacy and data use and security, FACTA, GLB, trade secrets and other privacy and data security concerns, Ms. Stamer has worked extensively with health care providers, health plans, insurers and financial services, and other clients and the government on cybersecurity, technology and processes and other issues involved in the use and management of medical, insurance and other financial, workforce, trade secrets and other sensitive data and information throughout her career. Scribe or co-scribe of the ABA Joint Committee on Employee Benefits Agency meeting with OCR since 2011 and author of a multitude of highly regarded publications on HIPAA and other health care, insurance, financial and other privacy and data security, Ms. Stamer is widely known for her extensive and leading edge experience, advising, representing, training and coaching health care providers, health plans, healthcare clearinghouses, business associates, their information technology and other solutions providers and vendors, and others on HIPAA and other privacy, data security and cybersecurity design, documentation, administration, audit and oversight, business associate and other data and technology contracting, breach investigation and response, and other related concerns including extensive involvement representing clients in dealings with OCR and other Health & Human Services, Federal Trade Commission, Department of Labor, Department of Treasury, state health, insurance and attorneys’ general, Congress and state legislators and other federal officials.

Ms. Stamer also has an extensive contributes her leadership and insights with other professionals, industry leaders and lawmakers. Her insights on HIPAA risk management and compliance often appear in medical privacy related publications of a broad range of health care, health plan and other industry publications Among others, she has conducted privacy training for the Association of State & Territorial Health Plans (ASTHO), the Los Angeles Health Department, SHRM, HIMMS, the American Bar Association, the Health Care Compliance Association, a multitude of health plan, insurance and financial services, education, employer employee benefit and other clients, trade and professional associations and others. You can get more information about her HIPAA and other experience here. For additional information about Ms. Stamer, see here, e-mail her here or telephone Ms. Stamer at (214) 452-8297.

About Solutions Law Press, Inc.™

Fresenius Medical Care Pays $3.5 Million HIPAA Settlement

CDC Director Fitzgerald Resigns

Development of Potentially Preventable Hospitalization Measures for Home Health Agencies Panelist Nominations Due 9/22

MAC Operations Continue During Shutdown

HHS Proposes “Conscience Rule” Expanding Abortion And Other Religious Choice

New Medicaid Guidance Gives States More Flexibility On Abortion

New Trump Executive Order Directs More Veterans Health Care Choice, Mental Health Care

Bankrupt Oncology Provider’s $2.3M Settlement Payment & Other HIPAA Breach Consequences Shows Why To Prioritize HIPAA Compliance In 2018

Bill Allowing FDA Emergency Use Authorizations To Protect Military From Biological Warfare Threats Sent to President

OIG Tells Texas Stop Paying Medicaid MCOs For Dead Patients

Michigan Doctor Pleads Guilty To Billing Medicare For Illegally Prescribed Drugs

Anesthesiology Practice Nailed For Improperly Billing For Moderate Sedation

Florida Doctor Sentenced For Multi-Million Dollar Drug & Alcohol Addiction Treatment Health Care Fraud, Money Laundering & Forced Prostitution Scheme

CMS Announces New Medicare Provider Ombudsman

Comment By 1/8 on Guidance for Industry on Expedited Programs for Serious Conditions– Drugs and Biologics

Time To Tighten Business Travel Policies

DOL Spending Reports Required As Taxpayer Tool Need Improvement

Check & Protect Health & Other Electronic Systems & Data Against New Security Threat

Success 2018

April 1 New Deadline To Update Benefit Plan Disability Determination Claims & Appeals Procedures; Hear More on 1/26

Arizona Proposal To Ban Sexual Harassment Confidentiality Agreements Sign Of Growing Employer Risks

$23M Penalty Small Part of 21st Century’s Data Breach Fallout; Offers Data Breach Lessons For Other Businesses

Take Care of Your Good People

Read Tax Cuts and Jobs Act Conference Report For Tax Reform From Source

Check How IRS 2018 Retirement & Saving Plan Limits and Amounts Cost Of Living Adjustments Impact Your HR & Retirement Plan Administration & Planning

Confirm Your Benefit Plans Ready For New Disability Determination Rules on 1/1/18

Individual Accountability For Performance Matters

Give NLRB Your Input On Union Representation Election Regulations

IRS Prepares To Nail Employers Under Obamacare Mandate While Giving Some Individual Mandate Relief

HHS Picks Hargan As Acting HHS Secretary

OCR Gives Health Care Providers, Other Covered Entities Post-Las Vegas Shooting HIPAA Medical Privacy Guidance On Disclosures To Family, Media & Others For Notification & Other Purposes

RAISE Act Immigration Visa, Visa Holder Public Benefit Limits Create Potential Health Industry Concerns

SCOTUS Bars State Law Restrictions On Health, Other Arbitration Agreement Enforceability

Health Care, Health Plan & Other Health IT Systems Warned of E-Mail Cyber Attack

$2.4M HIPAA Settlement Warns Providers About Media Disclosures Of P HI

CardioNet $2.5M HIPAA Resolution Agreement Schools HIPAA Entities To Clean Up Their Acts

Medical Clinic HIPAA Resolution Agreement Shows Need For Current Business Associate Agreements

NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author reserves the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The presenter and the program sponsor disclaim, and have no responsibility to provide any update or otherwise notify any participant of any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.

Leave a Comment » | Academic medicine, Accreditation, Affordable Care Act, Ambulatory care, Anethesiology, billing, Conditions of Participation, Corporate Compliance, DME, Doctor, Durable Medical Equipment, Electronic Medical Records, Evidence Based Medicine, false claims act, Health Care, Health care coding, Health Care Fraud, Health Care Provider, Health Care Quality, health care reimbursement, Health Plan, Health Plans, healthcare, HHS, Home Health, home health, Hospice, Hospital, hospitals, Inpatient Rehabilitation, Inpatient Rehabilitation Facility, managed care, Meaningful Use, Medicare Advantage, Medicare Fee Schedule, Outcomes Data, Physician, quality reporting, quality repoting, Reimbursement, Rural Health Care, Skilled Nursing Facility, Uncategorized | Permalink
Posted by Cynthia Marcotte Stamer

ONC Usability Change Package WebEx

February 21, 2018

The Office of the National Coordinator (ONC) will host a webinar that previews a new ONC-sponsored resource, the Usability Change Package (UCP). ONC intends that the UCP will help health IT end users in hospital settings identify usability challenges, adapt their systems to improve the usability of their systems, and assess the impact of these system changes. The Tool also may be useful for other providers.

ONC says this resource will be made available in the future on the Health IT Playbook.

Presenters will provide an overview of the UCP, the process used to develop it, and the gaps and future considerations that were uncovered during development.

The details for the webinar are:

Date & Time: Thursday, March 1, 2018 at 2:00-3:00pm ET

About The Author

About Solutions Law Press, Inc.™

Fresenius Medical Care Pays $3.5 Million HIPAA Settlement

CDC Director Fitzgerald Resigns

Development of Potentially Preventable Hospitalization Measures for Home Health Agencies Panelist Nominations Due 9/22

MAC Operations Continue During Shutdown

HHS Proposes “Conscience Rule” Expanding Abortion And Other Religious Choice

New Medicaid Guidance Gives States More Flexibility On Abortion

New Trump Executive Order Directs More Veterans Health Care Choice, Mental Health Care

Bankrupt Oncology Provider’s $2.3M Settlement Payment & Other HIPAA Breach Consequences Shows Why To Prioritize HIPAA Compliance In 2018

Bill Allowing FDA Emergency Use Authorizations To Protect Military From Biological Warfare Threats Sent to President

OIG Tells Texas Stop Paying Medicaid MCOs For Dead Patients

Michigan Doctor Pleads Guilty To Billing Medicare For Illegally Prescribed Drugs

Anesthesiology Practice Nailed For Improperly Billing For Moderate Sedation

Florida Doctor Sentenced For Multi-Million Dollar Drug & Alcohol Addiction Treatment Health Care Fraud, Money Laundering & Forced Prostitution Scheme

CMS Announces New Medicare Provider Ombudsman

Comment By 1/8 on Guidance for Industry on Expedited Programs for Serious Conditions– Drugs and Biologics

Time To Tighten Business Travel Policies

DOL Spending Reports Required As Taxpayer Tool Need Improvement

Check & Protect Health & Other Electronic Systems & Data Against New Security Threat

Success 2018

April 1 New Deadline To Update Benefit Plan Disability Determination Claims & Appeals Procedures; Hear More on 1/26

Arizona Proposal To Ban Sexual Harassment Confidentiality Agreements Sign Of Growing Employer Risks

$23M Penalty Small Part of 21st Century’s Data Breach Fallout; Offers Data Breach Lessons For Other Businesses

Take Care of Your Good People

Read Tax Cuts and Jobs Act Conference Report For Tax Reform From Source

Check How IRS 2018 Retirement & Saving Plan Limits and Amounts Cost Of Living Adjustments Impact Your HR & Retirement Plan Administration & Planning

Confirm Your Benefit Plans Ready For New Disability Determination Rules on 1/1/18

Individual Accountability For Performance Matters

Give NLRB Your Input On Union Representation Election Regulations

IRS Prepares To Nail Employers Under Obamacare Mandate While Giving Some Individual Mandate Relief

HHS Picks Hargan As Acting HHS Secretary

OCR Gives Health Care Providers, Other Covered Entities Post-Las Vegas Shooting HIPAA Medical Privacy Guidance On Disclosures To Family, Media & Others For Notification & Other Purposes

RAISE Act Immigration Visa, Visa Holder Public Benefit Limits Create Potential Health Industry Concerns

SCOTUS Bars State Law Restrictions On Health, Other Arbitration Agreement Enforceability

Health Care, Health Plan & Other Health IT Systems Warned of E-Mail Cyber Attack

$2.4M HIPAA Settlement Warns Providers About Media Disclosures Of P HI

CardioNet $2.5M HIPAA Resolution Agreement Schools HIPAA Entities To Clean Up Their Acts

Medical Clinic HIPAA Resolution Agreement Shows Need For Current Business Associate Agreements

NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author reserves the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The presenter and the program sponsor disclaim, and have no responsibility to provide any update or otherwise notify any participant of any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.

Leave a Comment » | Uncategorized | Permalink
Posted by Cynthia Marcotte Stamer

HIPAA Lessons Every Health Plan, Health Care Provider & Business Associate Should Learn From Bankrupt FileFax’s HIPAA Settlement

February 16, 2018

Health care providers, health plans and insurers, health care clearinghouses (Covered Entities) and their business associates within the meaning of the Health Insurance Portability & Accountability Act (HIPAA) should heed the warnings contained in the new Resolution Agreement (FileFax Resolution Agreement) with former HIPAA business associate FileFax, Inc. announced by the Department of Health & Human Services (HHS) Office of Civil Rights (OCR) about their own need to ensure that they and their business associates comply with HIPAA’s business associate and other Privacy, Security, Breach Notification rules as well as the advisability of tightening up their risk management and oversight of business associates that handle protected health information (PHI).

Significant for business associates as what appears to be the first announced resolution agreement with a business associate directly charged by OCR with violating HIPAA and the second resolution agreement pursued and reached with a HIPAA-regulated entity in bankruptcy, the FileFax, Inc. Resolution Agreement OCR announced February 13, 2018 also contains critical lessons for Covered Entities about their dealings with their own business associates when read in conjunction with the April, 2017 resolution agreement the Center for Children’s Digestive Health (CCDH) agreed to resolve OCR charges CCDC, as a Covered Entity, violated HIPAA by allowing FileFax, Inc. to act as its business associate without adequately complying with HIPAA’s business associate requirements.

With widespread media coverage over large scale breaches of health care and other sensitive information placing further pressure upon OCR and other governmental agencies to act to protect Americans’ privacy and data fueling even greater demands for OCR and other agencies to take meaningful action to enforce HIPAA and other privacy and data security requirements, health plans, health care providers, health care clearinghouses (Covered Entities) and their business associates can expect OCR and other agencies to continue to turn up the heat on investigation and enforcement of HIPAA compliance.

In the face of these developments, Covered Entities, their business associates and those responsible for their leadership and operations need to recognize and take the necessary steps both effectively to manage their own HIPAA compliance and risk management as well as to anticipate and make provision to deal with the likelihood that they may face HIPAA responsibilities, exposures and other fallout from their own or another business partner’s breach of PHI or other sensitive data or other HIPAA violations, bankruptcy or other business distress, or other compliance or business event.

HIPAA Privacy, Security & Breach Notification Rule Responsibilities & Risks

The Privacy Rule requires that Covered Entities and their vendors that qualify as “business associates” under HIPAA comply with detailed requirements concerning the protection, use, access, destruction and disclosure of PHI. As part of these requirements, Covered Entities and their business associates must adopt, administer and enforce detailed policies and practices, assess, monitor and maintain the security of electronic protected health information (ePHI) and other protected health information, provide notices of privacy practices and breaches of “unsecured” ePHI, afford individuals that are the subject of protected health information certain rights and comply with other requirements as specified by the Privacy, Security and Breach Notification Rules. In addition, Covered Entities and business associates also must enter into a written and signed business associate agreement that contains the elements specified in Privacy Rule § 164.504(e) before the business associate creates, uses, accesses or discloses PHI of the Covered Entity. Furthermore, the Privacy Rule includes extensive documentation and keeping requirements require that Covered Entities and BAs maintain copies of these BAAs for a minimum of six years and to provide that documentation to OCR upon demand.

Violations of the Privacy Rule can carry stiff civil monetary penalties or even criminal penalties. Pursuant to amendments to HIPAA enacted as part of the HITECH Act, civil penalties typically do not apply to violations punished under the criminal penalty rules of HIPAA set forth in Social Security Act , 42 U.S.C § 1320d-6 (Section 1177).

Resolution Agreements the just announced FileFax Resolution Agreement allow Covered Entities and business associates to resolve potentially substantially larger civil monetary penalty liabilities that OCR can impose under the civil enforcement provisions of HIPAA for HIPAA violations through a negotiated settlement process. As amended by the HITECH Act, the civil enforcement provisions of HIPAA empower OCR to impose Civil Monetary Penalties on both Covered Entities and BAs for violations of any of the requirements of the Privacy or Security Rules. The penalty ranges for civil violations depends upon the circumstances associated with the violations and are subject to upward adjustment for inflation. As most recently adjusted here effective September 6, 2016, the following currently are the progressively increasing Civil Monetary Penalty tiers:

A minimum penalty of $100 and a maximum penalty of $50,000 per violation, for violations which the CE or BA “did not know, and by exercising reasonable diligence would not have known” about using “the business care and prudence expected from a person seeking to satisfy a legal requirement under similar circumstances;”
A minimum penalty of $1,000 and a maximum penalty of $50,000 per violation, for violations for “reasonable cause” which do not rise to the level of “willful neglect” where “reasonable cause” means the “circumstances that would make it unreasonable for the Covered Entity, despite the exercise of ordinary business care and prudence, to comply with the violated Privacy Rule requirement;”
A minimum penalty of $10,000 and a maximum penalty of $50,000 per violation, for violations attributed to “willful neglect,” defined as “the conscious, intentional failure or reckless indifference to the obligation to comply” with the requirement or prohibition; and
A minimum penalty of $50,000 and a maximum penalty of $1.5 million per violation, for violations attributed to “willful neglect” not remedied within 30 days of the date that the Covered Entity or BA knew or should have known of the violation.

For continuing violations such as failing to implement a required BAA, OCR can treat each day of noncompliance as a separate violation. However, sanctions under each of these tiers generally are subject to a maximum penalty of $1,500,000 for violations of identical requirements or prohibitions during a calendar year. For violations such as the failure to implement and maintain a required BAA where more than one Covered Entity bears responsibility for the violation, OCR an impose Civil Monetary Penalties against each culpable party. OCR considers a variety of mitigating and aggravating facts and circumstances when arriving at the amount of the penalty within each of these applicable tiers to impose.

In addition to these potential civil liability exposures, Covered Entities, their business associates and other individuals or organizations that wrongfully use, access or disclose electronic or other protected health information also can face civil liability under various circumstances. The criminal enforcement provisions of HIPAA authorize the Justice Department to prosecute a person who knowingly in violation of the Privacy Rule (1) uses or causes to be used a unique health identifier; (2) obtains individually identifiable health information relating to an individual; or (3) discloses individually identifiable health information to another person, punishable by the following criminal sanctions and penalties:

A fine of up to $50,000, imprisoned not more than 1 year, or both;
If the offense is committed under false pretenses, a fine of up to $100,000, imprisonment of not more than 5 years, or both; and
If the offense is committed with intent to sell, transfer, or use individually identifiable health information for commercial advantage, personal gain, or malicious harm, a fine of up to $250,000, imprisoned not more than 10 years, or both.

Because HIPAA Privacy Rule criminal violations are Class A Misdemeanors or felonies, Covered Entities and business associates should include HIPAA compliance in their Federal Sentencing Guideline Compliance Programs and practices and need to be concerned both about criminal exposure for their own direct violations, as well as imputed organizational liability for violations committed by their employees or agents under the Federal Sentencing Guidelines, particularly where their failure to implement or administer these required compliance policies and practices or failure to properly investigate or redress potential violations enables, perpetuates or covers up the criminal breach.

FileFax, Inc. Breach & Resolution Agreement

While Congress amended the Civil Monetary Penalty provisions of HIPAA enforced by OCR to make many of the requirements and Civil Monetary Penalty sanctions of HIPAA directly enforceable by OCR against business associates as part of the Health Information Technology for Economic and Clinical Health (HITECH) Act, enacted as part of the American Recovery and Reinvestment Act of 2009, the FileFax Resolution Agreement appears to be the first HIPAA resolution agreement with a business associate announced by OCR.

Indeed, OCR’s enforcement action that resulted in the FileFax Resolution Agreement would never have occurred had FileFax, Inc. not become involved in handling medical records containing PHI in the capacity of a business associate for Covered Entities.

Before filing for bankruptcy in 2016, FileFax, Inc. advertised it provided HIPAA-compliant storage, maintenance, and delivery of medical records for HIPAA Covered Entities including Illinois based health care provider CCDC, which entered into a resolution agreement with OCR in April, 2017 to resolve OCR charges that it violated HIPAA by allowing FileFax, Inc. to handle PHI without fulfilling HIPAA’s business associate agreement requirements.

Like the CCDC Resolution Agreement, the FileFax, Inc. Resolution Agreement resulted from an investigation of FileFax, Inc. that OCR began in response to a February 10, 2015 anonymous complaint filed with OCR about FileFax, Inc. about deficiencies in its delivery of these HIPAA services in its capacity as a business associate to Covered Entities. The complaint to OCR alleged that FileFax, Inc. violated these requirements because an individual transported medical records obtained from FileFax, Inc. to a shredding and recycling facility to sell on February 6 and 9, 2015.

OCR’s investigation of the complaint against FileFax, Inc. confirmed that an individual had left medical records of approximately 2,150 patients at the shredding and recycling facility, and that these medical records contained patients’ PHI. OCR’s investigation additionally found that between January 28, 2015, and February 14, 2015, FileFax, Inc. impermissibly disclosed the PHI of 2,150 individuals by leaving the PHI in an unlocked truck in the FileFax, Inc. parking lot, or by granting permission to an unauthorized person to remove the PHI from FileFax, Inc. and leaving the PHI unsecured outside the FileFax, Inc. facility.

After OCR commenced its investigation of the complaint, FileFax, Inc. was placed into bankruptcy and a receiver was appointed to liquidate FileFax, Inc.’s assets for distribution to creditors and others in 2016. Despite the bankruptcy, OCR continued to pursue enforcement against FileFax, Inc. for the HIPAA violations it found through its investigation. On February 13, 2018, OCR announced that that the receiver on behalf of FileFax, Inc. had agreed in the FileFax Resolution Agreement to pay a $100,000 monetary settlement out of the bankruptcy estate and to arrange to properly store and dispose of remaining medical records found at FileFax, Inc.’s facility in compliance with HIPAA to resolve OCR’s HIPAA charges against FileFax, Inc.

OCR Previously Sanctioned Covered Entity For Involvement With FileFax, Inc.

Beyond affirming the exposure business associates to OCR civil monetary penalties or other enforcement for violating HIPAA, the FileFax Resolution Agreement in conjunction with OCR’s previously announced April 20, 2017 resolution agreement (CCDC Resolution Agreement) with CCDC also demonstrates the need for Covered Entities to recognize that their organizations are likely to face HIPAA investigations or enforcement from HIPAA violations by or OCR audits or investigations of the conduct of their business associates.

In fact, this is exactly what happened to CCDC. A small, Illinois based Covered Entity, CCDC used FileFax, Inc. to store and dispose of medical records. As a consequence of the FileFax, Inc. investigation, OCR conducted a compliance review of CCDC. OCR reports that its compliance review revealed that while CCDC had disclosed to and allowed FileFax, Inc. to store records containing PHI for CCDC since in 2003, neither party could produce a signed business associate agreement (BAA) prior to October 12, 2015. As a consequence, OCR charged CCDC with violating HIPAA by disclosing PHI to FileFax, Inc. in violation of HIPAA’s business associate requirements.

To resolve its exposure to potentially much greater civil monetary penalties associated with this charge, CCDC agreed under the CCDC Resolution Agreement to pay OCR a $31,000 resolution payment and take a variety of corrective actions. Beyond requiring CCDC to implement and maintain written business associate agreements before allowing business associates to possess or access PHI, the corrective action plan imposed as part of the CCDC Resolution Agreement also expressly requires CCDC to promptly investigate information of a possible violation of its HIPAA policies and procedures by a “workforce member,” which the Privacy Rule defines to include a business associate, and if the investigation reveals a violation, to report the violation and corrective action taken to OCR.

OCR Enforces HIPAA Against Covered Entities & Business Associates In Bankruptcy

OCR’s announcement of the FileFax Resolution Agreement also is significant in its reaffirmation of OCR to its commitment to HIPAA enforcement, even if the HIPAA-violating Covered Entity or business associate goes bankruptcy.

OCR’s enforcement action against FileFax, Inc. despite its bankruptcy and its successful negotiation of the FileFax Resolution Agreement within the bankruptcy should alert Covered Entities and business associates that OCR does not consider the bankruptcy of a Covered Entity or business associate as an obstacle to OCR enforcement against Covered Entities or business associates that violate HIPAA. The seriousness of OCR’s commitment to enforcement, even in the face of bankruptcy is driven home by its announcement of the FileFax Resolution Agreement on the heels of its December, 2017 announcement of its first OCR HIPAA resolution agreement secured with the formal approval of a bankruptcy court, a resolution agreement (21CO Resolution Agreement) against bankrupt health care provider, 21CO.

Secured with bankruptcy court approval, the 21CO Resolution Agreement resolved potentially much larger civil monetary penalties that the Fort Myers, Florida based provider of cancer care services and radiation oncology could have faced for alleged HIPAA breaches OCR charged it committed in connection with its failure to adequately act to prevent and respond to hacking and misappropriation of records containing sensitive electronic protected health information (ePHI) of up to 2,213597 individuals.

The OCR charges against 21CO arose from an OCR investigation commenced after the Federal Bureau of Investigation (FBI) notified 21CO on November 13, 2015 and a second time on December 13, 2015 than unauthorized third party illegally obtained 21CO sensitive patient information and produced 21CO patient files purchased by a FBI informant. As part of its internal investigation, 21CO hired a third party forensic auditing firm in November 2015. 21CO determined that the attacker may have accessed 21CO’s network SQL database as early as October 3, 2015, through Remote Desktop Protocol from an Exchange Server within 21CO’s network. 21CO determined that it is possible that 2,213,597 individuals may have been affected by the impermissible access to their names, social security numbers, physicians’ names, diagnoses, treatment and insurance information.

Although it knew of the breaches in November and December, 2015, 21CO waited more than three months after the FBI notified it of the breaches before it sent HIPAA or other breach notifications about the data breach to patients or notified investors in March, 2016. Its March 4, 2016 Securities and Exchange Commission 8-K on Data Security Incident (Breach 8-K) states 21CO delayed notification at the request of the FBI to avoid interfering in the criminal investigation of the breach.

When announcing the breach, 21CO provided all individuals affected by the breach with a free one-year subscription to the Experian ProtectMyID fraud protection service. At that time, 21CO said it had no evidence that any patient information actually had been misused. However some victims of the breach subsequently have claimed being victimized by a variety of scams since the breach in news reports and lawsuits about the breach.

At the time of the breach and its March 4, 2016 announcement of the breach, 21CO already was working to resolve other compliance issues. On December 16, 2015, 21CO announced that a 21CO subsidiary had agreed to pay $19.75 million to the United States and $528,000 in attorneys’ fees and costs and comply with a corporate integrity agreement related to a qui tam action in which it was accused of making false claims to Medicare and other federal health programs. See 21CO 8-K Re: Entry into a Material Definitive Agreement (December 22, 2015). Among other things, the corporate integrity agreement required by that settlement required 21CO to appoint a compliance officer and take other steps to maintain compliance with federal health care laws. In addition, five days after releasing the March 4, 2017 Breach 8-K, 21CO notified investors that its subsidiary, 21st Century Oncology, Inc. (“21C”), had agreed to pay $37.4 million to settle health care fraud law charges relating to billing and other protocols of certain staff in the utilization of state-of-the-art radiation dose calculation system used by radiation oncologists called GAMMA. See 21CO 8-K Re: GAMMA Settlement March 9, 2016 ; See also United States Settles False Claims Act Allegations Against 21st Century Oncology for $34.7 Million.

Based on OCR’s subsequent investigation into these breaches, OCR found:

21CO impermissibly disclosed certain PHI of 2,213,597 of its patients in violation of 45 C.F.R. § 164.502(a);
21CO failed to conduct an accurate and thorough assessment of the potential risks and vulnerabilities to the confidentiality, integrity, and availability of the electronic protected health information (ePHI) held by 21CO in violation of 45 C.F.R. § 164.308(a)(1)(ii)(A);
21CO failed to implement certain security measures sufficient to reduce risks and vulnerabilities to a reasonable and appropriate level to comply with 45 C.F.R. § 164.306(A) in violation of 45 C.F.R. § 164.308(a)(1)(ii)(B);
21CO failed to implement procedures to regularly review records of information system activity, such as audit logs, access reports, and security incident tracking reports as required by 45 C.F.R. §164.308(a)(1)(ii)(D);
21CO disclosed protected health information to a third party vendors, acting as its business associates, without obtaining satisfactory assurances in the form of a written business associate agreement in violation of HIPAA’s business associate rule requirements under 45 C.F.R. §§ 164.502(e) and 164.308(b)(3).

In return for OCR’s agreement not to further pursue charges or penalties relating to the breach investigation, the Resolution Agreement entered into with the approval of the Bankruptcy Court requires that 21CO pay OCR a $2.3 million Resolution Amount and implement to OCR’s satisfaction a corrective action plan that among other things requires that 21CO complete a detailed series of corrective actions to the satisfaction of OCR.

In addition to the OCR investigation that lead to the 21CO Resolution Agreement announced by OCR on December 28, 2017, 21CO experienced other fallout following its March 4, 2016 public disclosure of the breach. Not surprisingly, the breach notification led to a multitude of class-action civil lawsuits by breach victims and shareholders. See, e.g., 16 Data Breach Class Action Lawsuits Filed Against 21st Century Oncology Consolidated; 21st Century Oncology data breach prompts multiple lawsuits. Reports of spoofing and other misleading contacts made to 21CO patients following the breach prompted the Federal Trade Commission (FTC) to issue a specific notice alerting victims about potential false breach notifications and other misleading contacts. See April 4, 2016 FTC Announcement Re: 21st Century Oncology breach exposes patients’ info.

These and other developments also had significant consequences on 21CO’s financial status and leadership. By March 31, 2015, 21CO notified the SEC and investors that it needed added time to complete its financial statements. Subsequent SEC filings document its restatement of financial statements, the departure of board members and other leaders, default on credit terms, and ultimately its filing for Chapter 11 bankruptcy protection in the United States Bankruptcy Court for the Southern District of New York on May 25, 2017.

Because 21CO sought bankruptcy court protection from the fallout of its HIPAA breaches and other compliance and business issues, the 21CO Resolution Agreement required bankruptcy court approval. Funds for payment of the required $2.3 million resolution payment and other charges associated with the investigation apparently are being provided in part from breach liability insurance coverage provided under a policy issued by Beazley Insurance, as the Bankruptcy Court order directs Beazley Breach Response Policy No. W140E2150301 to make immediate payment to the OCR of the resolution amount and the payment of fees incurred by 21CO in connection with regulatory defense issues.

HIPAA & Data Breach Enforcement & Other Risks Growing

Covered Entities, their business associates, their leaders, investors and members of their workforce need to recognize that the FileFax, CCDC, 21CO and other resolution agreements are part of a growing trend, rather than isolated incidents of enforcement and that their exposure to investigation and enforcement is likely to continue to rise in the face of growing public and Congressional concern about privacy and data security.

While civil monetary penalty enforcement remains much more common than criminal prosecution, Covered Entities, their business associates and members of their workforce must understand that HIPAA enforcement and resulting liability is growing and that this trend is likely to continue if not increase.

While Department of Justice federal criminal prosecutions and convictions under HIPAA remain relatively rare, they occur and are growing. See e.g., Former Hospital Employee Sentenced for HIPAA Violations (Texas man sentenced to 18 months in federal prison for obtaining protected health information with the intent to use it for personal gain); Three Life Sentences Imposed On Man Following Convictions For Drug Trafficking, Kidnapping, Using Firearms and HIPAA Violations (drug king pin gets multiple 10 year consecutive prison terms for unauthorized access to private health information in violation of HIPAA; his health care worker friend sentenced for accessing electronic medical files and reporting information to him); Former Therapist Charged In HIPAA Case; Hefty Prison Sentence in ID Theft Case (former assisted living facility worker gets 37 months in prison after pleading guilty to wrongful disclosure of HIPAA protected information and other charges); Hefty Prison Sentence in ID Theft Case (former medical supply company owner sentenced to 12 years for HIPAA violations and fraud). While the harshest sentences tend to be associated with health care fraud or other criminal conduct, lighter criminal sentences are imposed against defendants in other cases as well. See e.g., Sentencing In S.C. Medicaid Breach Case (former South Carolina state employee sentenced to three years’ probation, plus community service, for sending personal information about more than 228,000 Medicaid recipients to his personal e-mail account.); HIPAA Violation Leads To Prison Term (former UCLA Healthcare System surgeon gets four months in prison after admitting he illegally read private electronic medical records of celebrities and others.)

While criminal enforcement of HIPAA remains relatively rare and OCR to date only actually has assessed HIPAA civil monetary penalties against certain Covered Entities for violating HIPAA in a couple isolated instances, the growing list of multi-million dollar resolution payments against Covered Entities and with the FileFax Resolution Agreement announcement, now also business associates for violating HIPAA make clear that HIPAA enforcement is both meaningful and growing. See e.g., Learn From Children’s New $3.2M+ HIPAA CMP For “Knowing” Violation of HIPAA Security Rules ($3.2 million Children’s Medical Center HIPAA Civil Monetary Penalty); 1st HIPAA Privacy Civil Penalty of $4.3 Million Signals CMS Serious About HIPAA Enforcement; $400K HIPAA Settlement Shows Need To Conduct Timely & Appropriate Risk Assessments; $5.5M Memorial HIPAA Resolution Agreement Shows Need To Audit. For more examples, also see here.

The experiences of FileFax, Inc., CCDC, 21CO and these other OCR HIPAA Resolution Agreements provide strong evidence that that health plans and other Covered Entities and their business associates can anticipate that OCR will continue to zealously investigate HIPAA breaches and other HIPAA violations. Aside from OCR’s recurrent affirmations of its commitment to HIPAA enforcement, Covered Entities, their business associates and their leaders must recognize that public and Congressional privacy and data security concerns fueled by the ever growing stream of massive data breaches at Alteryx, eBay, Paypal owner TIO Networks, Uber, Equifax and a long list of other previously trusted prominent businesses are creating additional pressure upon OCR and other agencies to pursue even stronger and more aggressive HIPAA oversight and enforcement. Amid this growing concern, OCR, the FTC and other federal and state agencies with regulatory or enforcement authority over HIPAA or other data security and privacy concerns face increasing scrutiny and pressure to take meaningful action to regulate and enforce HIPAA and other laws intended to protect sensitive data even as private litigants enjoy increasing success in obtaining civil judgments from damages resulting from breaches of their PHI or other sensitive personal information using an expanding arsenal of legal theories of recovery. In the face of these growing concerns about privacy and data security, OCR can be expected to continue, if not increase its HIPAA compliance enforcement and oversight by OCR.

Furthermore, the experiences of FileFax, Inc., 21CO, CCDC and other Covered Entities and business associates that already have become the subject of OCR investigation or enforcement also reflect that HIPAA resolution payments or penalties paid to OCR and other costs and expenses associated with the defense and resolution of OCR’s investigations and enforcement actions typically only a portion of the financial and other business consequences that Covered Entities or business associates might expect to incur as a consequence of a breach of PHI or other substantial HIPAA violation or charge.

Beyond their potential HIPAA enforcement exposures following a HIPAA covered data breach or other violation, health care or other Covered Entities and members of their workforce experiencing breaches of ePHI or other PHI often also face FTC or other government investigations and enforcement relating their data breaches under the Fair and Accurate Credit Transactions Act (FACTA) and other federal or state identity theft, data privacy and security, electronic crimes and other laws. They or members of their workforce may face licensing board, credentialing, accreditation, contractual or other investigations or sanctions. Victims, business partners, investors and others often bring civil litigation to address losses or other injures associated with the breach or other misconduct. In addition, losses and disruptions in patients, plan member, vendor, investor, employee, management and other business relationships, and other business disruptions also are common.

Where the breach of other HIPAA violation involves a health plan, health plans, their fiduciaries and sponsors also need to give due consideration to the implications and exposures that might arise under the fiduciary responsibility rules of the Employee Retirement Income Security Act (ERISA). Beyond the direct exposure of their health plan to HIPAA and other compliance liabilities, health plan fiduciaries generally will want to consider whether their fiduciary responsibility under ERISA requires that prudent or other steps be taken to safeguard health plan information and maintain and administer their health plan in accordance with HIPAA and other laws. As a consequence, fiduciaries generally will want to ensure that they take and document prudent steps to evaluate, monitor and address HIPAA and other privacy and data security safeguards to minimize not only the liability exposures of their health plans, but also to help mitigate their own potential personal liability exposures that could arise or be asserted in response to a HIPAA breach or other HIPAA violation involving their health plans.

In the face of these growing risks and liabilities, Covered Entities and their business leaders face a strong imperative to clean up and maintain their HIPAA compliance and other data security to minimize their exposure to similar consequences. In addition to reaffirming the need for Covered Entities and their business associates to take the necessary steps to maintain and effectively demonstrate the adequacy of their own HIPAA compliance, the CCDC and FileFax Resolution Agreements alert Covered Entities and business associates of the advisability of greater oversight and risk management of their dealings and relationships with the other Covered Entities and business associates with access to or involvement with their PHI or other critical functions.

In light of these rises, leaders, investors, insurers, lenders and others involved with Covered Entities and their business associates should take steps to verify that the Covered Entities and their business associates not only maintain compliance with HIPAA and its business associate and other privacy, data security and breach notification and response requirements, but also maintain appropriate practices, insurance and other safeguards to prevent, respond to and mitigate exposures in the event of a breach of protected health information or other sensitive data. The bankruptcies and other financial and business fallout of HIPAA or other data breaches experienced by FileFax, Inc. 21CO and other HIPAA-covered and non-HIPAA regulated entities also makes clear that Covered Entities and business associates should anticipate that their own fallout from a breach or other HIPAA event and resulting responsibilities and consequences could be impacted by their own or a business associate’s financial distress or bankruptcy. Beyond the risk that their own or another entity’s breach, compliance issues, or other financial or business issues could trigger breach investigation, notice or other responsibilities for their own organizations, Covered Entities, business associates and their leaders also should evaluate and revise their HIPAA risk assessments and security plans to address foreseeable threats to the availability, access, retention and security of PHI and associated records and systems.

The Bankruptcy Court’s order to 21CO’s cyber liability insurer to pay the resolution payment required under the 21CO Resolution Agreement and other costs of investigation and defense also strongly suggests that the purchase of insurance and other arrangements for funding costs of defense or settlement should be included in these evaluations.

As part of these efforts, Covered Entities and their business associates should ensure that they have conducted, and maintain and are ready to produce appropriate policies and procedures backed up by a well-documented, up-to-date industry wide risk assessment of their organization’s susceptibility to breaches or other misuse of electronic or other protected health information. The starting point of these efforts should be to adopt and enforce updated written policies, procedures, technical and physical safeguards, processes and training to prevent the improper use, access, destruction or disclosure of patient PHI. Processes also should create, retain and be designed to cost effectively track, capture, and retain both all protected health information, its use, access, protection, destruction and disclosure, and the requisite supportive documentation supporting the appropriateness of those action to position the organization cost-effectively and quickly to fulfill required accounting, reporting and other needs in the event of a data breach, audit, participant inquiry or other event.

As part of this process, Covered Entities and business associates should maintain strong and ongoing processes for assessing and monitoring the adequacy of their policies and practices. In addition to ensuring that their organization has a comprehensive risk management and compliance assessment, Covered Entities and business associates need to conduct documented periodic audits and spot HIPAA audits and assessments. In doing so, they must use care to look outside the four corners of their Privacy Policies and core operating systems to ensure that their policies, practices, oversight and training address all protected health information within their operations on an entity wide basis. This entity-wide assessment should include communications and requests for information normally addressed to the Privacy Officer as well as requests and communications that could arise in the course of media or other public relations, practice transition, workforce communication and other operations not typically under the direct oversight and management of the Privacy Officer.

In connection with these efforts, the enforcement actions make clear that Covered Entities and business associates should adopt, implement and monitor PHI privacy, and security on an entity wide basis. These efforts should include general policies, practices and procedures as well as specifically tailored policies, processes and training to protect PHI and preserve HIPAA compliance throughout their organization. Testing and analysis should be conducted on a regular basis. Documented reassessments and testing should be performed in response to software, hardware or other changes or events that could impact security or other operations. Beyond security, attention also should cover business or system interruption including losses that might occur from the bankruptcy, termination of business or other disruptions of business associates or other parties. Attention should be paid both to protecting access and use of PHI and ePHI in the course of business as well as the transmission, transport, storage and destruction of records or systems containing such information.

Careful attention should be devoted to ensuring that business associate agreements as well and other processes provide for HIPAA compliance with respect to all PHI created, used, accessed or disclosed to business associates or others not part of their direct workforce or operating outside the core boundaries of their facilities.

Covered entities and their business associates also must recognize and design their compliance efforts and documentation recognizing that HIPAA compliance is a living process, which require both constant diligence about changes in systems or other events that may require reevaluation or adjustments, whether from changes in software, systems or processes or external threats.

Because the cost of responding to and investigating breaches or other compliance concern can be quite burdensome, Covered Entities and their business associates also generally will want to pursue options to plan for and minimize potential expenses in the design and administration of their programs as well as to minimize and cover the potentially extraordinary costs of breach or other compliance investigation and results that commonly arise following a breach or other compliance event. As a part of this planning, Covered Entities and their business associates also generally will want to add consideration of changes to federal tax rules on the deductibility of compliance penalty and other related compliance expenditures.

While the Internal Revenue Code traditionally has prohibited businesses and individuals from deducting penalties, fines and other expenditures arising from violations of federal or state laws under Section 162(f) of the Internal Revenue Code, Section 13306 of the Tax Cuts and Jobs Creation Act creates a new exception for amounts (other than amounts paid or incurred any amount paid or incurred as reimbursement to the government or entity for the costs of any investigation or litigation) that a taxpayer establishes meet the following requirements:

Constitute restitution (including remediation of property) for damage or harm which was or may be caused by the violation of any law or the potential violation of any law, or
Are paid to come into compliance with any law which was violated or otherwise involved in the investigation or inquiry into a violation or potential violation of any law;
Are identified as restitution or as an amount paid to come into compliance with such law, as the case may be, in the court order or settlement agreement, and
In the case of any amount of restitution for failure to pay any tax imposed under this title in the same manner as if such amount were such tax, would have been allowed as a deduction under this chapter if it had been timely paid.

Because the true effect of these modifications will be impacted by implementing regulations and a number of other special conditions and rules may impact the deductibility of these payments and the reporting obligations attached to their payment, Covered Entities will want to consult with legal counsel about these rules and monitor their implementation to understand their potential implications on compliance expenditures and penalties.

About The Author

Ms. Stamer also has an extensive contributes her leadership and insights with other professionals, industry leaders and lawmakers. Her insights on HIPAA risk management and compliance often appear in medical privacy related publications of a broad range of health care, health plan and other industry publications Among others, she has conducted privacy training for the Association of State & Territorial Health Plans (ASTHO), the Los Angeles Health Department, SHRM, HIMMS, the American Bar Association, the Health Care Compliance Association, a multitude of health plan, insurance and financial services, education, employer employee benefit and other clients, trade and professional associations and others. You can get more information about her HIPAA and other experience here. For additional information about Ms. Stamer, see here, e-mail her here or telephone Ms. Stamer at (214) 452-8297.

About Solutions Law Press, Inc.™

NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author reserves the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The presenter and the program sponsor disclaim, and have no responsibility to provide any update or otherwise notify any participant of any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.

Leave a Comment » | Academic medicine, Ambulatory care, Anethesiology, Centers For Disease Control, Childrens Health Insurance Program, Civil Rights, Conditions of Participation, Corporate Compliance, Cyber crime, data breach, data security, Doctor, E-Prescribing, Electronic Health Records, Electronic Medical Records, Employee Benefits, Employer, ERISA, FACTA, Federal Health Center, Federal Sentencing Guidelines, Fiduciary Responsibility, Genetic Information, Health Care, Health care coding, Health Care Provider, health care reimbursement, Health Insurance Exchange, Health IT, Health Plan, Health Plans, Health Policy, healthcare, HHS, HIPAA, HIPAA Cyber Crime, home health, Hospital, Indian Health, Inpatient Rehabilitation, Inpatient Rehabilitation Facility, Joint Commission, Medical Privacy, Medical Records, Mental Health, Pharmaceudical, Pharmacy, Privacy, Public Policy, Technology, Uncategorized | Permalink
Posted by Cynthia Marcotte Stamer

Fresenius Medical Care Pays $3.5 Million HIPAA Settlement

February 2, 2018

Fresenius Medical Care North America (FMCNA) is paying $3.5 million to the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) and adopting a comprehensive corrective action plan, under a voluntary resolution agreement that settles FMCNA exposures to OCR for violations of the Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security Rules OCR asserts it found from an investigation it conducted into five separate HIPAA breach reports FMCNA filed in January 21, 2017.

Widespread publicity and fallout from data breaches involving Equifax, Blue Cross, the Internal Revenue Service and many other giant organizations have ramped up public awareness and government concern about health care and other data security. The resulting pressure is adding additional fuel to the already substantial concern of OCR and other agencies about compliance with HIPAA and other data security and breach laws. Like the $2.3 million HIPAA resolution agreement OCR announced with now bankrupt radiation oncology and cancer care provider 21st Century Oncology, Inc. (21CO) earlier this year, see, e.g., $23M Penalty Small Part of 21st Century’s Data Breach Fallout; Offers Data Breach Lessons For Other Businesses, the growing list of OCR resolution agreements and other enforcement actions against FMCNA, 21CO and other covered entities and other legal and market fallout that covered entities and other organizations experience following the announcement of breaches or other security deficiencies make the case for why HIPAA-covered health care providers, health plans, health care clearinghouses and their business associates (covered entities) must prioritize HIPAA compliance and other medical and other data security protection, privacy and risk management a top priority in 2018.

HIPAA Privacy, Security & Breach Notification Rule Responsibilities & Risks

The Privacy Rule requires that health plans, health care providers, health care clearinghouses (covered entities) and their vendors that qualify as “business associates” under HIPAA comply with detailed requirements concerning the protection, use, access, destruction and disclosure of protected health information. As part of these requirements, covered entities and their business associates must adopt, administer and enforce detailed policies and practices, assess, monitor and maintain the security of electronic protected health information (ePHI) and other protected health information, provide notices of privacy practices and breaches of “unsecured” ePHI, afford individuals that are the subject of protected health information certain rights and comply with other requirements as specified by the Privacy, Security and Breach Notification Rules. In addition, covered entities and business associates also must enter into a written and signed business associate agreement that contains the elements specified in Privacy Rule § 164.504(e) before the business associate creates, uses, accesses or discloses PHI of the covered entity. Furthermore, the Privacy Rule includes extensive documentation and keeping requirements require that covered entities and BAs maintain copies of these BAAs for a minimum of six years and to provide that documentation to OCR upon demand.

Violations of the Privacy Rule can carry stiff civil or even criminal penalties. Pursuant to amendments to HIPAA enacted as part of the HITECH Act, civil penalties typically do not apply to violations punished under the criminal penalty rules of HIPAA set forth in Social Security Act , 42 U.S.C § 1320d-6 (Section 1177).

Resolution Agreements like the $3.2 million FMCNA resolution agreement allow covered entities and business associates to resolve potentially substantially larger civil monetary penalty liabilities that OCR can impose under the civil enforcement provisions of HIPAA. As amended by the HITECH Act, the civil enforcement provisions of HIPAA empower OCR to impose Civil Monetary Penalties on both covered entities and BAs for violations of any of the requirements of the Privacy or Security Rules. The penalty ranges for civil violations depends upon the circumstances associated with the violations and are subject to upward adjustment for inflation. As most recently adjusted here effective September 6, 2016, the following currently are the progressively increasing Civil Monetary Penalty tiers:

A minimum penalty of $100 and a maximum penalty of $50,000 per violation, for violations which the CE or BA “did not know, and by exercising reasonable diligence would not have known” about using “the business care and prudence expected from a person seeking to satisfy a legal requirement under similar circumstances;”
A minimum penalty of $1,000 and a maximum penalty of $50,000 per violation, for violations for “reasonable cause” which do not rise to the level of “willful neglect” where “reasonable cause” means the “circumstances that would make it unreasonable for the covered entity, despite the exercise of ordinary business care and prudence, to comply with the violated Privacy Rule requirement;”
A minimum penalty of $10,000 and a maximum penalty of $50,000 per violation, for violations attributed to “willful neglect,” defined as “the conscious, intentional failure or reckless indifference to the obligation to comply” with the requirement or prohibition; and
A minimum penalty of $50,000 and a maximum penalty of $1.5 million per violation, for violations attributed to “willful neglect” not remedied within 30 days of the date that the covered entity or BA knew or should have known of the violation.

For continuing violations such as failing to implement a required BAA, OCR can treat each day of noncompliance as a separate violation. However, sanctions under each of these tiers generally are subject to a maximum penalty of $1,500,000 for violations of identical requirements or prohibitions during a calendar year. For violations such as the failure to implement and maintain a required BAA where more than one covered entity bears responsibility for the violation, OCR an impose Civil Monetary Penalties against each culpable party. OCR considers a variety of mitigating and aggravating facts and circumstances when arriving at the amount of the penalty within each of these applicable tiers to impose.

In addition to these potential civil liability exposures, however, covered entities, their business associates and other individuals or organizations that wrongfully use, access or disclose electronic or other protected health information also can face civil liability under various circumstances. The criminal enforcement provisions of HIPAA authorize the Justice Department to prosecute a person who knowingly in violation of the Privacy Rule (1) uses or causes to be used a unique health identifier; (2) obtains individually identifiable health information relating to an individual; or (3) discloses individually identifiable health information to another person, punishable by the following criminal sanctions and penalties:

A fine of up to $50,000, imprisoned not more than 1 year, or both;
If the offense is committed under false pretenses, a fine of up to $100,000, imprisonment of not more than 5 years, or both; and
If the offense is committed with intent to sell, transfer, or use individually identifiable health information for commercial advantage, personal gain, or malicious harm, a fine of up to $250,000, imprisoned not more than 10 years, or both.

Fresenius Breach, Charges & Settlement Agreement Illustrate Civil Exposures

The FMCNA resolution agreement is another example of a growing list of resolution agreements various HIPAA covered entities have entered into to resolve their exposure to potentially greater liability should OCR assess civil monetary penalties under HIPAA’s civil sanction scheme.

The breach reports filed on January 21, 2017 reported five separate breach incidents occurring between February 23, 2012 and July 18, 2012 implicating the electronic protected health information (ePHI) of five separate FMCNA owned covered entities (FMCNA covered entities): Bio-Medical Applications of Florida, Inc. d/b/a Fresenius Medical Care Duval Facility in Jacksonville, Florida (FMC Duval Facility); Bio-Medical Applications of Alabama, Inc. d/b/a Fresenius Medical Care Magnolia Grove in Semmes, Alabama (FMC Magnolia Grove Facility); Renal Dimensions, LLC d/b/a Fresenius Medical Care Ak-Chin in Maricopa, Arizona (FMC Ak-Chin Facility); Fresenius Vascular Care Augusta, LLC (FVC Augusta); and WSKC Dialysis Services, Inc. d/b/a Fresenius Medical Care Blue Island Dialysis (FMC Blue Island Facility).

OCR concluded its investigation showed the breaches resulted because FMCNA failed to conduct an accurate and thorough risk analysis of potential risks and vulnerabilities to the confidentiality, integrity, and availability of all of its ePHI. OCR also concluded:

The FMCNA covered entities impermissibly disclosed the ePHI of patients by providing unauthorized access for a purpose not permitted by the Privacy Rule.
FMC Ak-Chin failed to implement policies and procedures to address security incidents.
FMC Magnolia Grove failed to implement policies and procedures that govern the receipt and removal of hardware and electronic media that contain ePHI into and out of a facility; and the movement of these items within the facility.
FMC Duval and FMC Blue Island failed to implement policies and procedures to safeguard their facilities and equipment therein from unauthorized access, tampering, and theft, when it was reasonable and appropriate to do so under the circumstances.
FMC Magnolia Grove and FVC Augusta failed to implement a mechanism to encrypt and decrypt ePHI, when it was reasonable and appropriate to do so under the circumstances.

In addition to a $3.5 million monetary settlement, a corrective action plan requires the FMCNA covered entities to complete a risk analysis and risk management plan, revise policies and procedures on device and media controls as well as facility access controls, develop an encryption report, and educate its workforce on policies and procedures.

HIPAA Enforcement A Growing Risk

Covered entities, their business associates and members of their workforce need to recognize that the FMCNA and other resolution agreements are part of a growing trend, rather than isolated incidents of enforcement.

While civil monetary penalty enforcement remains much more common than criminal prosecution, covered entities, their business associates and members of their workforce must understand that HIPAA enforcement and resulting liability is growing.

While Department of Justice federal criminal prosecutions and convictions under HIPAA remain relatively rare, they occur and are growing. See e.g., Former Hospital Employee Sentenced for HIPAA Violations (Texas man sentenced to 18 months in federal prison for obtaining protected health information with the intent to use it for personal gain); Three Life Sentences Imposed On Man Following Convictions For Drug Trafficking, Kidnapping, Using Firearms and HIPAA Violations (drug king pin gets multiple 10 year consecutive prison terms for unauthorized access to private health information in violation of HIPAA; his health care worker friend sentenced for accessing electronic medical files and reporting information to him); Former Therapist Charged In HIPAA Case; Hefty Prison Sentence in ID Theft Case (former assisted living facility worker gets 37 months in prison after pleading guilty to wrongful disclosure of HIPAA protected information and other charges); Hefty Prison Sentence in ID Theft Case (former medical supply company owner sentenced to 12 years for HIPAA violations and fraud). While the harshest sentences tend to be associated with health care fraud or other criminal conduct, lighter criminal sentences are imposed against defendants in other cases as well. See e.g., Sentencing In S.C. Medicaid Breach Case (former South Carolina state employee sentenced to three years’ probation, plus community service, for sending personal information about more than 228,000 Medicaid recipients to his personal e-mail account.); HIPAA Violation Leads To Prison Term (former UCLA Healthcare System surgeon gets four months in prison after admitting he illegally read private electronic medical records of celebrities and others.)

While criminal enforcement of HIPAA remains relatively rare and OCR to date only actually has assessed HIPAA civil monetary penalties against certain Covered Entities for violating HIPAA in a couple isolated instances, the growing list of multi-million dollar resolution payments that FMCNA and other covered entities caught violating HIPAA make clear that HIPAA enforcement is both meaningful and growing. See e.g., Learn From Children’s New $3.2M+ HIPAA CMP For “Knowing” Violation of HIPAA Security Rules ($3.2 million Children’s Medical Center HIPAA Civil Monetary Penalty); 1st HIPAA Privacy Civil Penalty of $4.3 Million Signals CMS Serious About HIPAA Enforcement; $400K HIPAA Settlement Shows Need To Conduct Timely & Appropriate Risk Assessments; $5.5M Memorial HIPAA Resolution Agreement Shows Need To Audit. For more examples, also see here.

Coming on the heels of an already lengthy and growing list of OCR high dollar HIPAA enforcement actions, the FMCNA and other resolution agreements and civil monetary penalties these and other announced enforcement actions clearly reflect that OCR takes HIPAA compliance seriously and stands ready to impose substantial penalties when it finds violations in connection with breach notice investigations. Viewed in the context of these and other enforcement actions, the FMCNA Resolution Agreement and others clearly reflect the time for complacency in HIPAA compliance and leniency in HIPAA HIPAA enforcement are passed. Rather, these and other enforcement actions make clear why health care providers, health plans, healthcare clearinghouses and their business associates must make HIPAA compliance a priority now.

Covered entities and business associates also should recognize their potential responsibilities and risks for breaches or other improper conduct concerning patient or other sensitive personal financial information, trade secrets or other data under a wide range of laws beyond HIPAA and its state law equivalents. As documented by the media coverage of the legal and business woes of Alteryx, eBay, Paypal owner TIO Networks, Uber, Equifax and a long list of other previously trusted prominent businesses have and continue to incur from data breaches within their organizations, health care or other covered entities experiencing breaches often also face FTC or other government investigations and enforcement under the Fair and Accurate Credit Transactions Act (FACTA) and other federal or state identity theft, data privacy and security, electronic crimes and other rules as well as business losses and disruptions; civil litigation from breach victims, shareholders and investors, and business partners as well as OCR, FTC, and state data security regulation enforcement. Amid this growing concern, OCR has indicated that it intends to continue to diligently both seek to support and encourage voluntary compliance by covered entities and their business associates and investigate and enforce HIPAA against HIPAA covered entities and their business associates that fail to adequately safeguard PHI and ePHI in accordance with HIPAA. In the face of these growing risks and liabilities, covered entities and their business leaders face a strong imperative to clean up and maintain their HIPAA compliance and other data security to minimize their exposure to similar consequences.

In light of these rises, leaders, investors, insurers, lenders and others involved with covered entities and their business associates should take steps to verify that the covered entities and their business associates not only maintain compliance with HIPAA, but also comply with data security, privacy and other information protection requirements arising under other laws, regulations, and contracts, as well as the practical business risks that typically follow the announcement of a breach. Considering these risks, covered entities and their business associates must recognize and take meaningful, documented action to verify their existing compliance and ongoing oversight to ensure their organizations can demonstrate appropriate action to maintain appropriate practices, insurance and other safeguards to prevent, respond to and mitigate exposures in the event of a breach of protected health information or other sensitive data.

In response to these growing risks and concerns, covered entities and their business associates should ensure that they have conducted, and maintain and are ready to produce appropriate policies and procedures backed up by a well documented, up-to-date industry wide risk assessment of their organization’s susceptibility to breaches or other misuse of electronic or other protected health information. The starting point of these efforts should be to adopt and enforce updated written policies, procedures, technical and physical safeguards, processes and training to prevent the improper use, access, destruction or disclosure of patient PHI. Processes also should create, retain and be designed to cost effectively track, capture, and retain both all protected health information, its use, access, protection, destruction and disclosure, and the requisite supportive documentation supporting the appropriateness of those action to position the organization cost-effectively and quickly to fulfill required accounting, reporting and other needs in the event of a data breach, audit, participant inquiry or other event.

As part of this process, covered entities and business associates should start by reviewing and updating their policies, HIPAA audits and assessments and other documentation and processes. In doing so, they must use care to look outside the four corners of their Privacy Policies and core operating systems to ensure that their policies, practices, oversight and training address all protected health information within their operations on an entity wide basis. This entity-wide assessment should include both communications and requests for information normally addressed to the Privacy Officer as well as requests and communications that could arise in the course of media or other public relations, practice transition, workforce communication and other operations not typically under the direct oversight and management of the Privacy Officer.

Because the cost of responding to and investigating breaches or other compliance concern can be quite burdensome, covered entities and their business associates also generally will want to pursue options to plan for and minimize potential expenses in the design and administration of their programs as well as to minimize and cover the potentially extraordinary costs of breach or other compliance investigation and results that commonly arise following a breach or other compliance event. As a part of this planning, covered entities and their business associates also generally will want to add consideration of changes to federal tax rules on the deductibility of compliance penalty and other related compliance expenditures.

Constitute restitution (including remediation of property) for damage or harm which was or may be caused by the violation of any law or the potential violation of any law, or
Are paid to come into compliance with any law which was violated or otherwise involved in the investigation or inquiry into a violation or potential violation of any law;
Are identified as restitution or as an amount paid to come into compliance with such law, as the case may be, in the court order or settlement agreement, and
In the case of any amount of restitution for failure to pay any tax imposed under this title in the same manner as if such amount were such tax, would have been allowed as a deduction under this chapter if it had been timely paid.

Because the true effect of these modifications will be impacted by implementing regulations and a number of other special conditions and rules may impact the deductibility of these payments and the reporting obligations attached to their payment, covered entities will want to consult with legal counsel about these rules and monitor their implementation to understand their potential implications on compliance expenditures and penalties.

About The Author

Repeatedly recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, a Fellow in the American College of Employee Benefit Council, the American Bar Foundation and the Texas Bar Foundation and board certified in labor and employment law by the Texas Board of Legal Specialization, Cynthia Marcotte Stamer is a practicing attorney, management consultant, author, public policy advocate and lecturer widely known for health and managed care, employee benefits, insurance and financial services, data and technology and other management work, public policy leadership and advocacy, coaching, teachings, and publications. Nationally recognized for her work, experience, leadership and publications on HIPAA and other medical privacy and data use and security, FACTA, GLB, trade secrets and other privacy and data security concerns, Ms. Stamer has worked extensively with clients and the government on cybersecurity, technology and processes and other issues involved in the use and management of medical, insurance and other financial, workforce, trade secrets and other sensitive data and information throughout her career. Scribe or co-scribe of the ABA Joint Committee on Employee Benefits Agency meeting with OCR since 2011 and author of a multitude of highly regarded publications on HIPAA and other health care, insurance, financial and other privacy and data security, Ms. Stamer is widely known for her extensive and leading edge experience, advising, representing, training and coaching health care providers, health plans, healthcare clearinghouses, business associates, their information technology and other solutions providers and vendors, and others on HIPAA and other privacy, data security and cybersecurity design, documentation, administration, audit and oversight, business associate and other data and technology contracting, breach investigation and response, and other related concerns including extensive involvement representing clients in dealings with OCR and other Health & Human Services, Federal Trade Commission, Department of Labor, Department of Treasury, state health, insurance and attorneys’ general, Congress and state legislators and other federal officials.

About Solutions Law Press, Inc.™

Leave a Comment » | Academic medicine, ARRA, ASC, Childrens Health Insurance Program, Corporate Compliance, Cyber crime, data breach, data security, Doctor, Durable Medical Equipment, E-Prescribing, Electronic Health Records, Electronic Medical Records, Employer, FACTA, Federal Health Center, Fiduciary Responsibility, GINA, Health Care, Health Care Provider, Health Care Quality, Health IT, Health Plan, Health Plans, Health Policy, healthcare, HIPAA, HIPAA Cyber Crime, HITECH Act, Home Health, Hospital, Inpatient Rehabilitation, Inpatient Rehabilitation Facility, Joint Commission, Laws, Licensing, managed care, Meaningful Use, Medical Privacy, Medical Records, Mental Health, Mental Heatlh, Pharmaceudical, Pharmacy, Physician, Privacy, Psychiatric, public health, Rural Health Care, Skilled Nursing Facility, Technology, Telemedicine, Uncategorized, Veterans Health, Veterans Health Administration, Veterans Health Care, Wellness | Tagged: Compliance, Corporate Compliance, Crisis preparedness, Cybercrime, dta breach, Health Care, Health Care Fraud, HIPAA, Medical Privacy, OCR, Privacy, public health, SEC | Permalink
Posted by Cynthia Marcotte Stamer

CDC Director Fitzgerald Resigns

January 31, 2018

‭The U.S. Department of Health and Human Services announced the resignation of Dr. Brenda Fitzgerald as Director of the Centers for Disease Control and Prevention.

HHS’s announcement states Dr. Fitzgerald owns certain complex financial interests that have imposed a broad recusal limiting her ability to complete all of her duties as the CDC Director. Due to the nature of these financial interests, Dr. Fitzgerald could not divest from them in a definitive time period. After advising Secretary Azar of both the status of the financial interests and the scope of her recusal, Dr. Fitzgerald tendered, and the Secretary accepted, her resignation.

The resignation follows a resignation of the former secretary of HHS Tom Price, Who resigned after criticism about what was perceived to be high travel spending. The Trump Administration’s ability to appoint and keep key leadership in other departments also has been impacted by withdrawals of nominations or resignations by its nominees. The resulting interruptions or delays in leadership have undermined the ability of the Trump Administration to advance many key regulatory agenda as well as triggered credibility attacks against the Administration. This latest resignation likely will add additional fodder and distraction from the Trump Administration healthcare agenda only one day after the President’s State of the Union Address highlighted several key healthcare initiatives.

About the Author

Highly valued for her rare ability to find pragmatic client-centric solutions by combining her detailed legal and operational knowledge and experience with her talent for creative problem-solving, Ms. Stamer supports these organizations and their leaders on both a real-time, “on demand” basis as well as outsourced operations or special counsel on an interim, special project, or ongoing basis with strategic planning and product and services development and innovation; workforce and operations management, crisis preparedness and response as well as to prevent, stabilize and cleanup legal and operational crises large and small that arise in the course of operations.

As core components of this work, Ms. Stamer helps health industry, health plans and insurers, health IT, life sciences and other health industry clients manage regulatory, contractual and other compliance; vendors and suppliers; Medicare, Medicaid, CHIP, Medicare/Medicaid Advantage, ERISA and other private payer and other terms of participation, medical billing, reimbursement, claims administration and coordination, and other provider-payer relations, contracting, compliance and enforcement; Form 990 and other nonprofit and tax-exemption; fundraising, investors, joint venture, and other business partners; quality and other performance measurement, management, discipline and reporting; physician and other workforce recruiting, performance management, peer review and other investigations and discipline, wage and hour, payroll, gain-sharing and other pay-for performance and other compensation, training, outsourcing and other human resources and workforce matters; board, medical staff and other governance; strategic planning, process and quality improvement; meaningful use, EMR, HIPAA and other technology, data security and breach and other health IT and data; STARK, antikickback, insurance, and other fraud prevention, investigation, defense and enforcement; audits, investigations, and enforcement actions; trade secrets and other intellectual property; crisis preparedness and response; internal, government and third-party licensure, credentialing, accreditation, HCQIA and other peer review and quality reporting, audits, investigations, enforcement and defense; patient relations and care; internal controls and regulatory compliance; payer-provider, provider-provider, vendor, patient, governmental and community relations; facilities, practice, products and other sales, mergers, acquisitions and other business and commercial transactions; government procurement and contracting; grants; tax-exemption and not-for-profit; 1557 and other Civil Rights; privacy and data security; training; risk and change management; regulatory affairs and public policy; process, product and service improvement, development and innovation, and other legal and operational compliance and risk management, government and regulatory affairs and operations concerns.

Author of leading works on a multitude of health care, health plan and other health industry matters, the American Bar Association (ABA) International Section Life Sciences Committee Vice Chair, a Scribe for the ABA Joint Committee on Employee Benefits (JCEB) Annual OCR Agency Meeting, former Vice President of the North Texas Health Care Compliance Professionals Association, past Chair of the ABA Health Law Section Managed Care & Insurance Section, past ABA JCEB Council Representative and CLE and Marketing Committee Chair, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer’s health industry clients include public health organizations; public and private hospitals, healthcare systems, clinics and other health care facilities; physicians, physician practices, medical staff, and other provider organizations; skilled nursing, long term care, assisted living, home health, ambulatory surgery, dialysis, telemedicine, DME, Pharma, clinics, and other health care providers; billing, management and other administrative services organizations; insured, self-insured, association and other health plans; PPOs, HMOs and other managed care organizations, insurance, claims administration, utilization management, and other health care payers; public and private peer review, quality assurance, accreditation and licensing; technology and other outsourcing; healthcare clearinghouse and other data; research; public and private social and community organizations; real estate, technology, clinical pathways, and other developers; investors, banks and financial institutions; audit, accounting, law firm; consulting; document management and recordkeeping, business associates, vendors, and service providers and other professional and other health industry organizations; academic medicine; trade associations; legislative and other law making bodies and others.

Past Chair of the ABA Managed Care & Insurance Interest Group and, a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also has extensive health care reimbursement and insurance experience advising and defending health care providers, payers, and others about Medicare, Medicaid, Medicare and Medicaid Advantage, Tri-Care, self-insured group, association, individual and group and other health benefit programs and coverages including but not limited to advising public and private payers about coverage and program design and documentation, advising and defending providers, payers and systems and billing services entities about systems and process design, audits, and other processes; provider credentialing, and contracting; providers and payer billing, reimbursement, claims audits, denials and appeals, coverage coordination, reporting, direct contracting, False Claims Act, Medicare & Medicaid, ERISA, state Prompt Pay, out-of-network and other nonpar insured, and other health care claims, prepayment, post-payment and other coverage, claims denials, appeals, billing and fraud investigations and actions and other reimbursement and payment related investigation, enforcement, litigation and actions.

A Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her thought leadership, experience and advocacy on these and other related concerns by her service in the leadership of the Solutions Law Press, Inc. Coalition for Responsible Health Policy, its PROJECT COPE: Coalition on Patient Empowerment, and a broad range of other professional and civic organizations including North Texas Healthcare Compliance Association, a founding Board Member and past President of the Alliance for Healthcare Excellence, past Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; former Board President of the early childhood development intervention agency, The Richardson Development Center for Children (now Warren Center For Children); current Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee, current Vice Chair of Policy for the Life Sciences Committee of the ABA International Section, Past Chair of the ABA Health Law Section Managed Care & Insurance Section, a current Defined Contribution Plan Committee Co-Chair, former Group Chair and Co-Chair of the ABA RPTE Section Employee Benefits Group, past Representative and chair of various committees of ABA Joint Committee on Employee Benefits; a ABA Health Law Coordinating Council representative, former Coordinator and a Vice-Chair of the Gulf Coast TEGE Council TE Division, past Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee, a former member of the Board of Directors of the Southwest Benefits Association and others.

For more information about Ms. Stamer or her health industry and other experience and involvements, see here or contact Ms. Stamer via telephone at (469) 767-8872 or via e-mail here.

About Solutions Law Press, Inc.™

Leave a Comment » | Uncategorized | Permalink
Posted by Cynthia Marcotte Stamer

Development of Potentially Preventable Hospitalization Measures for Home Health Agencies Panelist Nominations Due 9/22

January 24, 2018

Nominations are due February 22, 2018 for a Technical Expert Panel (TEP) to develop potentially preventable hospitalization/readmission measures for Home Health Agencies (HHAs) including standardized items and specifications such as inclusion/exclusion criteria, and patient and facility characteristics–factors associated with outcome measures (risk adjusters).

Visit the Technical Expert Panels webpage for more information.

About the Author

Highly valued for her rare ability to find pragmatic client-centric solutions by combining her detailed legal and operational knowledge and experience with her talent for creative problem-solving, Ms. Stamer supports these organizations and their leaders on both a real-time, “on demand” basis as well as outsourced operations or special counsel on an interim, special project, or ongoing basis with strategic planning and product and services development and innovation; workforce and operations management, crisis preparedness and response as well as to prevent, stabilize and cleanup legal and operational crises large and small that arise in the course of operations.

As core components of this work, Ms. Stamer helps health industry, health plans and insurers, health IT, life sciences and other health industry clients manage regulatory, contractual and other compliance; vendors and suppliers; Medicare, Medicaid, CHIP, Medicare/Medicaid Advantage, ERISA and other private payer and other terms of participation, medical billing, reimbursement, claims administration and coordination, and other provider-payer relations, contracting, compliance and enforcement; Form 990 and other nonprofit and tax-exemption; fundraising, investors, joint venture, and other business partners; quality and other performance measurement, management, discipline and reporting; physician and other workforce recruiting, performance management, peer review and other investigations and discipline, wage and hour, payroll, gain-sharing and other pay-for performance and other compensation, training, outsourcing and other human resources and workforce matters; board, medical staff and other governance; strategic planning, process and quality improvement; meaningful use, EMR, HIPAA and other technology, data security and breach and other health IT and data; STARK, antikickback, insurance, and other fraud prevention, investigation, defense and enforcement; audits, investigations, and enforcement actions; trade secrets and other intellectual property; crisis preparedness and response; internal, government and third-party licensure, credentialing, accreditation, HCQIA and other peer review and quality reporting, audits, investigations, enforcement and defense; patient relations and care; internal controls and regulatory compliance; payer-provider, provider-provider, vendor, patient, governmental and community relations; facilities, practice, products and other sales, mergers, acquisitions and other business and commercial transactions; government procurement and contracting; grants; tax-exemption and not-for-profit; 1557 and other Civil Rights; privacy and data security; training; risk and change management; regulatory affairs and public policy; process, product and service improvement, development and innovation, and other legal and operational compliance and risk management, government and regulatory affairs and operations concerns.

Author of leading works on a multitude of health care, health plan and other health industry matters, the American Bar Association (ABA) International Section Life Sciences Committee Vice Chair, a Scribe for the ABA Joint Committee on Employee Benefits (JCEB) Annual OCR Agency Meeting, former Vice President of the North Texas Health Care Compliance Professionals Association, past Chair of the ABA Health Law Section Managed Care & Insurance Section, past ABA JCEB Council Representative and CLE and Marketing Committee Chair, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer’s health industry clients include public health organizations; public and private hospitals, healthcare systems, clinics and other health care facilities; physicians, physician practices, medical staff, and other provider organizations; skilled nursing, long term care, assisted living, home health, ambulatory surgery, dialysis, telemedicine, DME, Pharma, clinics, and other health care providers; billing, management and other administrative services organizations; insured, self-insured, association and other health plans; PPOs, HMOs and other managed care organizations, insurance, claims administration, utilization management, and other health care payers; public and private peer review, quality assurance, accreditation and licensing; technology and other outsourcing; healthcare clearinghouse and other data; research; public and private social and community organizations; real estate, technology, clinical pathways, and other developers; investors, banks and financial institutions; audit, accounting, law firm; consulting; document management and recordkeeping, business associates, vendors, and service providers and other professional and other health industry organizations; academic medicine; trade associations; legislative and other law making bodies and others.

Past Chair of the ABA Managed Care & Insurance Interest Group and, a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also has extensive health care reimbursement and insurance experience advising and defending health care providers, payers, and others about Medicare, Medicaid, Medicare and Medicaid Advantage, Tri-Care, self-insured group, association, individual and group and other health benefit programs and coverages including but not limited to advising public and private payers about coverage and program design and documentation, advising and defending providers, payers and systems and billing services entities about systems and process design, audits, and other processes; provider credentialing, and contracting; providers and payer billing, reimbursement, claims audits, denials and appeals, coverage coordination, reporting, direct contracting, False Claims Act, Medicare & Medicaid, ERISA, state Prompt Pay, out-of-network and other nonpar insured, and other health care claims, prepayment, post-payment and other coverage, claims denials, appeals, billing and fraud investigations and actions and other reimbursement and payment related investigation, enforcement, litigation and actions.

A Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her thought leadership, experience and advocacy on these and other related concerns by her service in the leadership of the Solutions Law Press, Inc. Coalition for Responsible Health Policy, its PROJECT COPE: Coalition on Patient Empowerment, and a broad range of other professional and civic organizations including North Texas Healthcare Compliance Association, a founding Board Member and past President of the Alliance for Healthcare Excellence, past Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; former Board President of the early childhood development intervention agency, The Richardson Development Center for Children (now Warren Center For Children); current Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee, current Vice Chair of Policy for the Life Sciences Committee of the ABA International Section, Past Chair of the ABA Health Law Section Managed Care & Insurance Section, a current Defined Contribution Plan Committee Co-Chair, former Group Chair and Co-Chair of the ABA RPTE Section Employee Benefits Group, past Representative and chair of various committees of ABA Joint Committee on Employee Benefits; a ABA Health Law Coordinating Council representative, former Coordinator and a Vice-Chair of the Gulf Coast TEGE Council TE Division, past Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee, a former member of the Board of Directors of the Southwest Benefits Association and others.

For more information about Ms. Stamer or her health industry and other experience and involvements, see here or contact Ms. Stamer via telephone at (469) 767-8872 or via e-mail here.

About Solutions Law Press, Inc.™

Leave a Comment » | home health, quality repoting, Uncategorized | Permalink
Posted by Cynthia Marcotte Stamer

MAC Operations Continue During Shutdown

January 22, 2018

The Centers for Medicare & Medicaid Services confirmed today that Medicare Administrative Contractors will continue to perform all functions related to Medicare fee-for-service claims processing and payment while the partial government shutdown is in effect. See CMS MLN Special Edition, MAC Operations Continue During Shutdown (January 22, 2018).

About the Author

Highly valued for her rare ability to find pragmatic client-centric solutions by combining her detailed legal and operational knowledge and experience with her talent for creative problem-solving, Ms. Stamer supports these organizations and their leaders on both a real-time, “on demand” basis as well as outsourced operations or special counsel on an interim, special project, or ongoing basis with strategic planning and product and services development and innovation; workforce and operations management, crisis preparedness and response as well as to prevent, stabilize and cleanup legal and operational crises large and small that arise in the course of operations.

As core components of this work, Ms. Stamer helps health industry, health plans and insurers, health IT, life sciences and other health industry clients manage regulatory, contractual and other compliance; vendors and suppliers; Medicare, Medicaid, CHIP, Medicare/Medicaid Advantage, ERISA and other private payer and other terms of participation, medical billing, reimbursement, claims administration and coordination, and other provider-payer relations, contracting, compliance and enforcement; Form 990 and other nonprofit and tax-exemption; fundraising, investors, joint venture, and other business partners; quality and other performance measurement, management, discipline and reporting; physician and other workforce recruiting, performance management, peer review and other investigations and discipline, wage and hour, payroll, gain-sharing and other pay-for performance and other compensation, training, outsourcing and other human resources and workforce matters; board, medical staff and other governance; strategic planning, process and quality improvement; meaningful use, EMR, HIPAA and other technology, data security and breach and other health IT and data; STARK, antikickback, insurance, and other fraud prevention, investigation, defense and enforcement; audits, investigations, and enforcement actions; trade secrets and other intellectual property; crisis preparedness and response; internal, government and third-party licensure, credentialing, accreditation, HCQIA and other peer review and quality reporting, audits, investigations, enforcement and defense; patient relations and care; internal controls and regulatory compliance; payer-provider, provider-provider, vendor, patient, governmental and community relations; facilities, practice, products and other sales, mergers, acquisitions and other business and commercial transactions; government procurement and contracting; grants; tax-exemption and not-for-profit; 1557 and other Civil Rights; privacy and data security; training; risk and change management; regulatory affairs and public policy; process, product and service improvement, development and innovation, and other legal and operational compliance and risk management, government and regulatory affairs and operations concerns.

Author of leading works on a multitude of health care, health plan and other health industry matters, the American Bar Association (ABA) International Section Life Sciences Committee Vice Chair, a Scribe for the ABA Joint Committee on Employee Benefits (JCEB) Annual OCR Agency Meeting, former Vice President of the North Texas Health Care Compliance Professionals Association, past Chair of the ABA Health Law Section Managed Care & Insurance Section, past ABA JCEB Council Representative and CLE and Marketing Committee Chair, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer’s health industry clients include public health organizations; public and private hospitals, healthcare systems, clinics and other health care facilities; physicians, physician practices, medical staff, and other provider organizations; skilled nursing, long term care, assisted living, home health, ambulatory surgery, dialysis, telemedicine, DME, Pharma, clinics, and other health care providers; billing, management and other administrative services organizations; insured, self-insured, association and other health plans; PPOs, HMOs and other managed care organizations, insurance, claims administration, utilization management, and other health care payers; public and private peer review, quality assurance, accreditation and licensing; technology and other outsourcing; healthcare clearinghouse and other data; research; public and private social and community organizations; real estate, technology, clinical pathways, and other developers; investors, banks and financial institutions; audit, accounting, law firm; consulting; document management and recordkeeping, business associates, vendors, and service providers and other professional and other health industry organizations; academic medicine; trade associations; legislative and other law making bodies and others.

Past Chair of the ABA Managed Care & Insurance Interest Group and, a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also has extensive health care reimbursement and insurance experience advising and defending health care providers, payers, and others about Medicare, Medicaid, Medicare and Medicaid Advantage, Tri-Care, self-insured group, association, individual and group and other health benefit programs and coverages including but not limited to advising public and private payers about coverage and program design and documentation, advising and defending providers, payers and systems and billing services entities about systems and process design, audits, and other processes; provider credentialing, and contracting; providers and payer billing, reimbursement, claims audits, denials and appeals, coverage coordination, reporting, direct contracting, False Claims Act, Medicare & Medicaid, ERISA, state Prompt Pay, out-of-network and other nonpar insured, and other health care claims, prepayment, post-payment and other coverage, claims denials, appeals, billing and fraud investigations and actions and other reimbursement and payment related investigation, enforcement, litigation and actions.

A Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her thought leadership, experience and advocacy on these and other related concerns by her service in the leadership of the Solutions Law Press, Inc. Coalition for Responsible Health Policy, its PROJECT COPE: Coalition on Patient Empowerment, and a broad range of other professional and civic organizations including North Texas Healthcare Compliance Association, a founding Board Member and past President of the Alliance for Healthcare Excellence, past Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; former Board President of the early childhood development intervention agency, The Richardson Development Center for Children (now Warren Center For Children); current Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee, current Vice Chair of Policy for the Life Sciences Committee of the ABA International Section, Past Chair of the ABA Health Law Section Managed Care & Insurance Section, a current Defined Contribution Plan Committee Co-Chair, former Group Chair and Co-Chair of the ABA RPTE Section Employee Benefits Group, past Representative and chair of various committees of ABA Joint Committee on Employee Benefits; a ABA Health Law Coordinating Council representative, former Coordinator and a Vice-Chair of the Gulf Coast TEGE Council TE Division, past Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee, a former member of the Board of Directors of the Southwest Benefits Association and others.

For more information about Ms. Stamer or her health industry and other experience and involvements, see here or contact Ms. Stamer via telephone at (469) 767-8872 or via e-mail here.

About Solutions Law Press, Inc.™

Leave a Comment » | Uncategorized | Permalink
Posted by Cynthia Marcotte Stamer

HHS Proposes “Conscience Rule” Expanding Abortion And Other Religious Choice

January 19, 2018

The Department of Health and Human Services (HHS) today (January 19, 2018) announced two additional actions to protect life and the conscience rights of Americans.

First, HHS’ Centers for Medicare & Medicaid Services (CMS) issued new guidance to state Medicaid directors restoring state flexibility to decide program standards. The letter to State Medicaid Directors issued today rescinds 2016 guidance that specifically restricted states’ ability to take certain actions against family-planning providers that offer abortion services.

Additionally, HHS’ Office for Civil Rights (OCR) also announced it is issuing a new proposed s rule (“Conscience Rule”) to enforce 25 existing statutory conscience protections for Americans involved in HHS-funded programs, which protect people from being coerced into participating in activities that violate their consciences, such as abortion, sterilization, or assisted suicide.

Modeled on existing regulations for other civil rights laws, the proposed rule provides protections for Americans’ conscience rights. Interested persons will have 60 days to comment on the proposed rule. However since President Trump took office OCR already has stepped up enforcement of these conscience statutes, many of which saw little to no enforcement activity under the previous administration.

The proposed rule when finalized will apply to entities that receive funds through programs funded or administered in whole or in part through HHS. It requires, for instance, that entities applying for federal grants certify that they are complying with the above-mentioned conscience-protection statutes.

The release of the proposed rule was accompanied by the rescission by the Centers for Medicare and Medicaid Services of a letter to State Medicaid Directors rescinding restrictions on state flexibility to decide when and how their state Medicaid programs cover abortion and certain other reproductive care. It also follows the Trump Administration’s announcement of plans to found a new division within the Office of Civil Rights that will focus on enforcement of conscience and religious rights.

About the Author

Highly valued for her rare ability to find pragmatic client-centric solutions by combining her detailed legal and operational knowledge and experience with her talent for creative problem-solving, Ms. Stamer supports these organizations and their leaders on both a real-time, “on demand” basis as well as outsourced operations or special counsel on an interim, special project, or ongoing basis with strategic planning and product and services development and innovation; workforce and operations management, crisis preparedness and response as well as to prevent, stabilize and cleanup legal and operational crises large and small that arise in the course of operations.

As core components of this work, Ms. Stamer helps health industry, health plans and insurers, health IT, life sciences and other health industry clients manage regulatory, contractual and other compliance; vendors and suppliers; Medicare, Medicaid, CHIP, Medicare/Medicaid Advantage, ERISA and other private payer and other terms of participation, medical billing, reimbursement, claims administration and coordination, and other provider-payer relations, contracting, compliance and enforcement; Form 990 and other nonprofit and tax-exemption; fundraising, investors, joint venture, and other business partners; quality and other performance measurement, management, discipline and reporting; physician and other workforce recruiting, performance management, peer review and other investigations and discipline, wage and hour, payroll, gain-sharing and other pay-for performance and other compensation, training, outsourcing and other human resources and workforce matters; board, medical staff and other governance; strategic planning, process and quality improvement; meaningful use, EMR, HIPAA and other technology, data security and breach and other health IT and data; STARK, antikickback, insurance, and other fraud prevention, investigation, defense and enforcement; audits, investigations, and enforcement actions; trade secrets and other intellectual property; crisis preparedness and response; internal, government and third-party licensure, credentialing, accreditation, HCQIA and other peer review and quality reporting, audits, investigations, enforcement and defense; patient relations and care; internal controls and regulatory compliance; payer-provider, provider-provider, vendor, patient, governmental and community relations; facilities, practice, products and other sales, mergers, acquisitions and other business and commercial transactions; government procurement and contracting; grants; tax-exemption and not-for-profit; 1557 and other Civil Rights; privacy and data security; training; risk and change management; regulatory affairs and public policy; process, product and service improvement, development and innovation, and other legal and operational compliance and risk management, government and regulatory affairs and operations concerns.

Author of leading works on a multitude of health care, health plan and other health industry matters, the American Bar Association (ABA) International Section Life Sciences Committee Vice Chair, a Scribe for the ABA Joint Committee on Employee Benefits (JCEB) Annual OCR Agency Meeting, former Vice President of the North Texas Health Care Compliance Professionals Association, past Chair of the ABA Health Law Section Managed Care & Insurance Section, past ABA JCEB Council Representative and CLE and Marketing Committee Chair, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer’s health industry clients include public health organizations; public and private hospitals, healthcare systems, clinics and other health care facilities; physicians, physician practices, medical staff, and other provider organizations; skilled nursing, long term care, assisted living, home health, ambulatory surgery, dialysis, telemedicine, DME, Pharma, clinics, and other health care providers; billing, management and other administrative services organizations; insured, self-insured, association and other health plans; PPOs, HMOs and other managed care organizations, insurance, claims administration, utilization management, and other health care payers; public and private peer review, quality assurance, accreditation and licensing; technology and other outsourcing; healthcare clearinghouse and other data; research; public and private social and community organizations; real estate, technology, clinical pathways, and other developers; investors, banks and financial institutions; audit, accounting, law firm; consulting; document management and recordkeeping, business associates, vendors, and service providers and other professional and other health industry organizations; academic medicine; trade associations; legislative and other law making bodies and others.

Past Chair of the ABA Managed Care & Insurance Interest Group and, a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also has extensive health care reimbursement and insurance experience advising and defending health care providers, payers, and others about Medicare, Medicaid, Medicare and Medicaid Advantage, Tri-Care, self-insured group, association, individual and group and other health benefit programs and coverages including but not limited to advising public and private payers about coverage and program design and documentation, advising and defending providers, payers and systems and billing services entities about systems and process design, audits, and other processes; provider credentialing, and contracting; providers and payer billing, reimbursement, claims audits, denials and appeals, coverage coordination, reporting, direct contracting, False Claims Act, Medicare & Medicaid, ERISA, state Prompt Pay, out-of-network and other nonpar insured, and other health care claims, prepayment, post-payment and other coverage, claims denials, appeals, billing and fraud investigations and actions and other reimbursement and payment related investigation, enforcement, litigation and actions.

A Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her thought leadership, experience and advocacy on these and other related concerns by her service in the leadership of the Solutions Law Press, Inc. Coalition for Responsible Health Policy, its PROJECT COPE: Coalition on Patient Empowerment, and a broad range of other professional and civic organizations including North Texas Healthcare Compliance Association, a founding Board Member and past President of the Alliance for Healthcare Excellence, past Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; former Board President of the early childhood development intervention agency, The Richardson Development Center for Children (now Warren Center For Children); current Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee, current Vice Chair of Policy for the Life Sciences Committee of the ABA International Section, Past Chair of the ABA Health Law Section Managed Care & Insurance Section, a current Defined Contribution Plan Committee Co-Chair, former Group Chair and Co-Chair of the ABA RPTE Section Employee Benefits Group, past Representative and chair of various committees of ABA Joint Committee on Employee Benefits; a ABA Health Law Coordinating Council representative, former Coordinator and a Vice-Chair of the Gulf Coast TEGE Council TE Division, past Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee, a former member of the Board of Directors of the Southwest Benefits Association and others.

For more information about Ms. Stamer or her health industry and other experience and involvements, see here or contact Ms. Stamer via telephone at (469) 767-8872 or via e-mail here.

About Solutions Law Press, Inc.™

Leave a Comment » | Abortion, Birth Control, Civil Rights, Cultural diversity, Health Care, Health Care Finance, Health Care Provider, Health Care Quality, Health Care Reform, health care reimbursement, Health Plan, Health Plans, healthcare, HHS, home health, Hospital, hospitals, Medicaid, Medicare, Mental Heatlh, OCR, Physician, Reimbursement, Rural Health Care, Uncategorized | Permalink
Posted by Cynthia Marcotte Stamer

New Medicaid Guidance Gives States More Flexibility On Abortion

January 19, 2018

On Friday, January 19, 2018, The Centers for Medicare and Medicaid Services (CMS) issued a State Medicaid Director Letter restoring state flexibility to establish reasonable standards for their Medicaid programs regarding abortion.

The letter rescinds State Medicaid Directors Letter #16-005 that limited states’ long-standing authority to regulate providers operating within their states issued in April 2016.

The 2016 letter had said that states that attempted to protect the integrity of their program standards by disqualifying abortion providers from their Medicaid programs would come under CMS scrutiny, and would be required to present to CMS evidence of criminal action or unfitness to perform healthcare services.

The letter to State Medicaid directors published Friday states CMS is concerned that the 2016 letter may have gone beyond merely interpreting what the statute and current regulations require.

The new letter returns CMS policy to what it was prior to the issuance of the 2016 letter while requiring States to comply with all applicable statutory and regulatory requirements, including the requirement that provider qualification standards be reasonable.

Concurrent with the issuance of the letter, CMS also is issuing new regulations requiring certain conscience protections in programs and facilities funded in whole or part by the Department of Health and Human Services and follows the Trump Administration’s announcement Thursday of a new Conscience and Religious Freedom Division within the HHS Office of Civil Rights.

In addition to these regulatory actions, legislation regarding Medicaid abortion coverage also has been introduced. See, e.g., H.R. 4848 (requiring States Report Medicaid payments for abortion); H.R. 4844 (to ensure that women seeking an abortion receive an ultrasound and the opportunity to review the ultrasound before giving informed consent to receive an abortion).

About the Author

Highly valued for her rare ability to find pragmatic client-centric solutions by combining her detailed legal and operational knowledge and experience with her talent for creative problem-solving, Ms. Stamer supports these organizations and their leaders on both a real-time, “on demand” basis as well as outsourced operations or special counsel on an interim, special project, or ongoing basis with strategic planning and product and services development and innovation; workforce and operations management, crisis preparedness and response as well as to prevent, stabilize and cleanup legal and operational crises large and small that arise in the course of operations.

As core components of this work, Ms. Stamer helps U.S. and international private sector and government health industry, health and managed care plans and insurers, health IT, life sciences and other clients manage regulatory, contractual and other compliance; vendors and suppliers; Medicare, Medicaid, CHIP, Medicare/Medicaid Advantage, ERISA and other private payer and other terms of participation, medical billing, reimbursement, claims administration and coordination, and other provider-payer relations, contracting, compliance and enforcement; Form 990 and other nonprofit and tax-exemption; fundraising, investors, joint venture, and other business partners; quality and other performance measurement, management, discipline and reporting; physician and other workforce recruiting, performance management, peer review and other investigations and discipline, wage and hour, payroll, gain-sharing and other pay-for performance and other compensation, training, outsourcing and other human resources and workforce matters; board, medical staff and other governance; strategic planning, process and quality improvement; meaningful use, EMR, HIPAA and other technology, data security and breach and other health IT and data; STARK, antikickback, insurance, and other fraud prevention, investigation, defense and enforcement; audits, investigations, and enforcement actions; trade secrets and other intellectual property; crisis preparedness and response; internal, government and third-party licensure, credentialing, accreditation, HCQIA and other peer review and quality reporting, audits, investigations, enforcement and defense; patient relations and care; internal controls and regulatory compliance; payer-provider, provider-provider, vendor, patient, governmental and community relations; facilities, practice, products and other sales, mergers, acquisitions and other business and commercial transactions; government procurement and contracting; grants; tax-exemption and not-for-profit; 1557 and other Civil Rights; privacy and data security; training; risk and change management; regulatory affairs and public policy; process, product and service improvement, development and innovation, and other legal and operational compliance and risk management, government and regulatory affairs and operations concerns.

Author of leading works on a multitude of health care, health plan and other health industry matters, the American Bar Association (ABA) International Section Life Sciences Committee Vice Chair, a Scribe for the ABA Joint Committee on Employee Benefits (JCEB) Annual OCR Agency Meeting, former Vice President of the North Texas Health Care Compliance Professionals Association, past Chair of the ABA Health Law Section Managed Care & Insurance Section, past ABA JCEB Council Representative and CLE and Marketing Committee Chair, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer’s health industry clients include public health organizations; public and private hospitals, healthcare systems, clinics and other health care facilities; physicians, physician practices, medical staff, and other provider organizations; skilled nursing, long term care, assisted living, home health, ambulatory surgery, dialysis, telemedicine, DME, Pharma, clinics, and other health care providers; billing, management and other administrative services organizations; insured, self-insured, association and other health plans; PPOs, HMOs and other managed care organizations, insurance, claims administration, utilization management, and other health care payers; public and private peer review, quality assurance, accreditation and licensing; technology and other outsourcing; healthcare clearinghouse and other data; research; public and private social and community organizations; real estate, technology, clinical pathways, and other developers; investors, banks and financial institutions; audit, accounting, law firm; consulting; document management and recordkeeping, business associates, vendors, and service providers and other professional and other health industry organizations; academic medicine; trade associations; legislative and other law making bodies and others.

Past Chair of the ABA Managed Care & Insurance Interest Group and, a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also has extensive health care reimbursement and insurance experience advising and defending health care providers, payers, and others about Medicare, Medicaid, Medicare and Medicaid Advantage, Tri-Care, self-insured group, association, individual and group and other health benefit programs and coverages including but not limited to advising public and private payers about coverage and program design and documentation, advising and defending providers, payers and systems and billing services entities about systems and process design, audits, and other processes; provider credentialing, and contracting; providers and payer billing, reimbursement, claims audits, denials and appeals, coverage coordination, reporting, direct contracting, False Claims Act, Medicare & Medicaid, ERISA, state Prompt Pay, out-of-network and other nonpar insured, and other health care claims, prepayment, post-payment and other coverage, claims denials, appeals, billing and fraud investigations and actions and other reimbursement and payment related investigation, enforcement, litigation and actions.

A Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her thought leadership, experience and advocacy on these and other related concerns by her service in the leadership of the Solutions Law Press, Inc. Coalition for Responsible Health Policy, its PROJECT COPE: Coalition on Patient Empowerment, and a broad range of other professional and civic organizations including North Texas Healthcare Compliance Association, a founding Board Member and past President of the Alliance for Healthcare Excellence, past Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; former Board President of the early childhood development intervention agency, The Richardson Development Center for Children (now Warren Center For Children); current Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee, current Vice Chair of Policy for the Life Sciences Committee of the ABA International Section, Past Chair of the ABA Health Law Section Managed Care & Insurance Section, a current Defined Contribution Plan Committee Co-Chair, former Group Chair and Co-Chair of the ABA RPTE Section Employee Benefits Group, past Representative and chair of various committees of ABA Joint Committee on Employee Benefits; a ABA Health Law Coordinating Council representative, former Coordinator and a Vice-Chair of the Gulf Coast TEGE Council TE Division, past Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee, a former member of the Board of Directors of the Southwest Benefits Association and others.

For more information about Ms. Stamer or her health industry and other experience and involvements, see here or contact Ms. Stamer via telephone at (469) 767-8872 or via e-mail here.

About Solutions Law Press, Inc.™

Leave a Comment » | Abortion, Ambulatory care, Birth Control, Childrens Health Insurance Program, Civil Rights, Conditions of Participation, Corporate Compliance, Cultural diversity, Doctor, Federal Health Center, Health Care, Health Care Finance, Health Care Fraud, Health Care Provider, Health Care Quality, Health Care Reform, health care reimbursement, Health Plan, Health Plans, healthcare, HHS, Home Health, home health, Hospital, Medicare, Medicare Advantage, Medicare Fee Schedule, Physician, Prescription Drugs, Reimbursement, Uncategorized | Permalink
Posted by Cynthia Marcotte Stamer

Bankrupt Oncology Provider’s $2.3M Settlement Payment & Other HIPAA Breach Consequences Shows Why To Prioritize HIPAA Compliance In 2018

December 29, 2017

The just-announced agreement $2.3 million (Resolution Amount) settlement by now bankrupt radiation oncology and cancer care provider 21st Century Oncology, Inc. (21CO) is paying to settle Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security Rules violation charges and other continuing post-breach fallout that helped push 21CO to file for Chapter 11 bankruptcy protection demonstrates again why HIPAA-covered health care providers, health plans, health care clearinghouses and their business associates (covered entities) must make HIPAA compliance and risk management a high priority in 2018.

Distinctive as the first HIPAA resolution agreement requiring bankruptcy court approval and for the bankruptcy court’s order including a direction to the covered entity’s cyber liability insurer to pay the Resolution Payment and other investigation defense expenses, the 21CO resolution agreement resolves potential civil monetary penalty exposures the Fort Myers, Florida based provider of cancer care services and radiation oncology could have faced from the Department of Health & Human Services Office of Civil Rights (OCR) charges it violated HIPAA’s Privacy and Security Rules arising from the hacking and misappropriation of records containing sensitive electronic protected health information (ePHI) of up to 2,213597 individuals.

When their own 2018 HIPAA or other compliance investigation activities or planning HIPAA compliance and risk management activities, covered entities and their business associates and their leaders should use 21CO’s painful post-breach lessons experience to minimize their own HIPAA breach exposures, as well as consider how amendments to Internal Revenue Code Section 162(f) might impact the tax deductibility of certain compliance expenditures.

21CO HIPAA Breaches & Fallout

The OCR charges against 21CO arose from an OCR investigation commenced after the Federal Bureau of Investigation (FBI) notified 21CO on November 13, 2015 and a second time on December 13, 2015 than unauthorized third-party illegally obtained 21CO sensitive patient information and produced 21CO patient files purchased by a FBI informant. As part of its internal investigation, 21CO hired a third party forensic auditing firm in November 2015. 21CO determined that the attacker may have accessed 21CO’s network SQL database as early as October 3, 2015, through Remote Desktop Protocol from an Exchange Server within 21CO’s network. 21CO determined that it is possible that 2,213,597 individuals may have been affected by the impermissible access to their names, social security numbers, physicians’ names, diagnoses, treatment and insurance information.

Although it knew of the breaches in November and December, 2015, 21CO delayed notifying patients of the data breach for more than three months after the FBI notified it of the breaches before it sent HIPAA or other breach notifications about the data breach to patients or notified investors in March, 2016. Its March 4, 2016 Securities and Exchange Commission 8-K on Data Security Incident (Breach 8-K) states 21CO delayed notification at the request of the FBI to avoid interfering in the criminal investigation of the breach.

When announcing the breach, 21CO provided all individuals affected by the breach with a free one-year subscription to the Experian ProtectMyID fraud protection service. At that time, 21CO said it had no evidence that any patient information actually had been misused. However victims of the breach subsequently are claiming being victimized by a variety of scams since the breach in news reports and lawsuits about the breach.

As the breeches impacted more than 500 individuals, 21CO’s HIPAA breaches were considered large breaches for purposes of the Breach Notification Rules. It is the policy of OCR to investigate all large breach notifications filed under the HIPAA Breach Notification Rules.

Based on OCR’s subsequent investigation into these breaches, OCR found:

21CO impermissibly disclosed certain PHI of 2,213,597 of its patients in violation of 45 C.F.R. § 164.502(a);
21CO failed to conduct an accurate and thorough assessment of the potential risks and vulnerabilities to the confidentiality, integrity, and availability of the electronic protected health information (ePHI) held by 21CO in violation of 45 C.F.R. § 164.308(a)(1)(ii)(A);
21CO failed to implement certain security measures sufficient to reduce risks and vulnerabilities to a reasonable and appropriate level to comply with 45 C.F.R. § 164.306(A) in violation of 45 C.F.R. § 164.308(a)(1)(ii)(B);
21CO failed to implement procedures to regularly review records of information system activity, such as audit logs, access reports, and security incident tracking reports as required by 45 C.F.R. §164.308(a)(1)(ii)(D);
21CO disclosed protected health information to a third-party vendors, acting as its business associates, without obtaining satisfactory assurances in the form of a written business associate agreement in violation of HIPAA’s business associate rule requirements under 45 C.F.R. §§ 164.502(e) and 164.308(b)(3).

The Resolution Agreement settles potential charges and exposures to potentially much higher civil monetary penalties that 21CO could have faced had OCR successfully prosecuted charges against 21CO for the breaches. In return for OCR’s agreement not to further pursue charges or penalties relating to the breach investigation, the Resolution Agreement requires that 21CO pay OCR a $2.3 million Resolution Amount and implement to OCR’s satisfaction a corrective action plan that among other things requires that 21CO complete the following corrective actions to the satisfaction of OCR:

To complete a risk analysis and risk management plan;
To revise its HIPAA policies and procedures regarding information system activity review to require the regular review of audit logs, access reports, and security incident tracking reports pursuant to 45 C.F.R. § 164.308(a)(1)(ii)(D);
To revise its policies and procedures regarding access establishment and modification and termination pursuant to 45 C.F.R. § 164.308(a)(4)(ii)(C) and 45 C.F.R. § 164.308(a)(3)(ii)(C) to include protocols for access to 21CO’s e-PHI by affiliated physicians, their practices, and their employees.
To distribute its policies to and educate its workforce on the updated and other HIPAA policies and procedures;
To provide OCR with an accounting of 21CO’s business associates that includes names of business associates, a description of services provided, a description of the business associate’s handling of 21CO’s PHI, the date services began and copies of the actual business associate agreement with each business associate; and
Submit an internal monitoring plan to OCR.

In addition to the OCR investigation that lead to the new HIPAA resolution agreement announced by OCR on December 28, 2017, 21CO experienced other fallout following its March 4, 2016 public disclosure of the breach. Not surprisingly, the breach notification led to a multitude of class-action civil lawsuits by breach victims and shareholders. See, e.g., 16 Data Breach Class Action Lawsuits Filed Against 21st Century Oncology Consolidated; 21st Century Oncology data breach prompts multiple lawsuits. Reports of spoofing and other misleading contacts made to 21CO patients following the breach prompted the Federal Trade Commission (FTC) to issue a specific notice alerting victims about potential false breach notifications and other misleading contacts. See April 4, 2016 FTC Announcement Re: 21st Century Oncology breach exposes patients’ info.

Insurer Funding $2.3 Million Settlement Payment For Bankrupt 21CO

The 21CO resolution agreement required bankruptcy court approval, Funds for payment of the required $2.3 million resolution payment and other charges associated with the investigation apparently are being provided in part from breach liability insurance coverage provided under a policy issued by Beazley Insurance, as the Bankruptcy Court order directs Beazley Breach Response Policy No. W140E2150301 to make immediate payment to the OCR of the resolution amount and the payment of fees incurred by 21CO in connection with regulatory defense issues.

Settlements Highlight Growing Risks Of Noncompliance, Lack Data Security

One of a growing multitude of multimillion dollar HIPAA resolution agreements to avoid HIPAA civil monetary sanctions that OCR already has announced, the 21CO resolution agreement announcement also comes when a steady stream of reports of massive data breaches at Alteryx, eBay, Paypal owner TIO Networks, Uber, Equifax and a long list of other previously trusted prominent businesses are stoking government and public awareness and concern over health care and other data privacy and cybersecurity. Beyond their potential HIPAA enforcement exposures, health care or other covered entities experiencing breaches often also face FTC or other government investigations and enforcement under the Fair and Accurate Credit Transactions Act (FACTA) and other federal or state identity theft, data privacy and security, electronic crimes and other rules as well as business losses and disruptions; civil litigation from breach victims, shareholders and investors, and business partners as well as OCR, FTC, and state data security regulation enforcement. Amid this growing concern, OCR has indicated that it intends to continue to diligently both seek to support and encourage voluntary compliance by covered entities and their business associates and investigate and enforce HIPAA against HIPAA covered entities and their business associates that fail to adequately safeguard PHI and ePHI in accordance with HIPAA. In the face of these growing risks and liabilities, covered entities and their business leaders face a strong imperative to clean up and maintain their HIPAA compliance and other data security to minimize their exposure to similar consequences.

As a part of this planning, covered entities and their business associates also generally will want to add consideration of changes to federal tax rules on the deductibility of compliance penalty and other related compliance expenditures. While the Internal Revenue Code traditionally has prohibited businesses and individuals from deducting penalties, fines and other expenditures arising from violations of federal or state laws under Section 162(f) of the Internal Revenue Code, Section 13306 of the Tax Cuts and Jobs Creation Act creates a new exception for amounts (other than amounts paid or incurred any amount paid or incurred as reimbursement to the government or entity for the costs of any investigation or litigation) that a taxpayer establishes meet the following requirements:

Constitute restitution (including remediation of property) for damage or harm which was or may be caused by the violation of any law or the potential violation of any law, or
Are paid to come into compliance with any law which was violated or otherwise involved in the investigation or inquiry into a violation or potential violation of any law;
Are identified as restitution or as an amount paid to come into compliance with such law, as the case may be, in the court order or settlement agreement, and
In the case of any amount of restitution for failure to pay any tax imposed under this title in the same manner as if such amount were such tax, would have been allowed as a deduction under this chapter if it had been timely paid.

Because the true effect of these modifications will be impacted by implementing regulations and a number of other special conditions and rules may impact the deductibility of these payments and the reporting obligations attached to their payment, covered entities will want to consult with legal counsel about these rules and monitor their implementation to understand their potential implications on compliance expenditures and penalties.

About The Author

Repeatedly recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, a Fellow in the American College of Employee Benefit Council, the American Bar Foundation and the Texas Bar Foundation and board certified in labor and employment law by the Texas Board of Legal Specialization, Cynthia Marcotte Stamer is a practicing attorney, management consultant, author, public policy advocate and lecturer widely known for health and managed care, employee benefits, insurance and financial services, data and technology and other management work, public policy leadership and advocacy, coaching, teachings, and publications. Nationally recognized for her work, experience, leadership and publications on HIPAA and other medical privacy and data use and security, FACTA, GLB, trade secrets and other privacy and data security concerns, Ms. Stamer has worked extensively with clients and the government on cybersecurity, technology and processes and other issues involved in the use and management of medical, insurance and other financial, workforce, trade secrets and other sensitive data and information throughout her career. Scribe or co-scribe of the ABA Joint Committee on Employee Benefits Agency meeting with OCR since 2011 and author of a multitude of highly regarded publications on HIPAA and other health care, insurance, financial and other privacy and data security, Ms. Stamer is widely known for her extensive and leading edge experience, advising, representing, training and coaching health care providers, health plans, healthcare clearinghouses, business associates, their information technology and other solutions providers and vendors, and others on HIPAA and other privacy, data security and cybersecurity design, documentation, administration, audit and oversight, business associate and other data and technology contracting, breach investigation and response, and other related concerns including extensive involvement representing clients in dealings with OCR and other Health & Human Services, Federal Trade Commission, Department of Labor, Department of Treasury, state health, insurance and attorneys’ general, Congress and state legislators and other federal officials.

About Solutions Law Press, Inc.™

©2017 Cynthia Marcotte Stamer. Non-exclusive right to republish granted to Solutions Law Press, Inc.™ For information about republication, please contact the author directly. All other rights reserved.

Review Your Provider Performance Data

December 13, 2017

January 3 is Deadline for Inpatient Rehabilitation Facility (IRF) and Long-term Care Hospital (LTCH) providers to review their Medicare performance data on each quality measure based on Quarter 2 -2016 to Quarter 1 – 2017 data, before the March 2018 IRF and LTCH Compare refresh, during which this data will be publicly displayed.

Providers have until January 3, 2018 to review their performance data.

Corrections to the underlying data will not be permitted during this time. However, providers can request a CMS review during the preview period if they believe their data is inaccurate.

For more information, see:

IRF Quality Public Reporting webpage, IRF Compare, and Preview Report Access Instructions
LTCH Quality Public Reporting webpage, LTCH Compare and Preview Report Access Instructions

About the Author

Highly valued for her rare ability to find pragmatic client-centric solutions by combining her detailed legal and operational knowledge and experience with her talent for creative problem-solving, Ms. Stamer supports these organizations and their leaders on both a real-time, “on demand” basis as well as outsourced operations or special counsel on an interim, special project, or ongoing basis with strategic planning and product and services development and innovation; workforce and operations management, crisis preparedness and response as well as to prevent, stabilize and cleanup legal and operational crises large and small that arise in the course of operations.

As core components of this work, Ms. Stamer helps health industry, health plans and insurers, health IT, life sciences and other health industry clients manage regulatory, contractual and other compliance; vendors and suppliers; Medicare, Medicaid, CHIP, Medicare/Medicaid Advantage, ERISA and other private payer and other terms of participation, medical billing, reimbursement, claims administration and coordination, and other provider-payer relations, contracting, compliance and enforcement; Form 990 and other nonprofit and tax-exemption; fundraising, investors, joint venture, and other business partners; quality and other performance measurement, management, discipline and reporting; physician and other workforce recruiting, performance management, peer review and other investigations and discipline, wage and hour, payroll, gain-sharing and other pay-for performance and other compensation, training, outsourcing and other human resources and workforce matters; board, medical staff and other governance; strategic planning, process and quality improvement; meaningful use, EMR, HIPAA and other technology, data security and breach and other health IT and data; STARK, antikickback, insurance, and other fraud prevention, investigation, defense and enforcement; audits, investigations, and enforcement actions; trade secrets and other intellectual property; crisis preparedness and response; internal, government and third-party licensure, credentialing, accreditation, HCQIA and other peer review and quality reporting, audits, investigations, enforcement and defense; patient relations and care; internal controls and regulatory compliance; payer-provider, provider-provider, vendor, patient, governmental and community relations; facilities, practice, products and other sales, mergers, acquisitions and other business and commercial transactions; government procurement and contracting; grants; tax-exemption and not-for-profit; 1557 and other Civil Rights; privacy and data security; training; risk and change management; regulatory affairs and public policy; process, product and service improvement, development and innovation, and other legal and operational compliance and risk management, government and regulatory affairs and operations concerns.

Author of leading works on a multitude of health care, health plan and other health industry matters, the American Bar Association (ABA) International Section Life Sciences Committee Vice Chair, a Scribe for the ABA Joint Committee on Employee Benefits (JCEB) Annual OCR Agency Meeting, former Vice President of the North Texas Health Care Compliance Professionals Association, past Chair of the ABA Health Law Section Managed Care & Insurance Section, past ABA JCEB Council Representative and CLE and Marketing Committee Chair, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer’s health industry clients include public health organizations; public and private hospitals, healthcare systems, clinics and other health care facilities; physicians, physician practices, medical staff, and other provider organizations; skilled nursing, long term care, assisted living, home health, ambulatory surgery, dialysis, telemedicine, DME, Pharma, clinics, and other health care providers; billing, management and other administrative services organizations; insured, self-insured, association and other health plans; PPOs, HMOs and other managed care organizations, insurance, claims administration, utilization management, and other health care payers; public and private peer review, quality assurance, accreditation and licensing; technology and other outsourcing; healthcare clearinghouse and other data; research; public and private social and community organizations; real estate, technology, clinical pathways, and other developers; investors, banks and financial institutions; audit, accounting, law firm; consulting; document management and recordkeeping, business associates, vendors, and service providers and other professional and other health industry organizations; academic medicine; trade associations; legislative and other law making bodies and others.

Past Chair of the ABA Managed Care & Insurance Interest Group and, a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also has extensive health care reimbursement and insurance experience advising and defending health care providers, payers, and others about Medicare, Medicaid, Medicare and Medicaid Advantage, Tri-Care, self-insured group, association, individual and group and other health benefit programs and coverages including but not limited to advising public and private payers about coverage and program design and documentation, advising and defending providers, payers and systems and billing services entities about systems and process design, audits, and other processes; provider credentialing, and contracting; providers and payer billing, reimbursement, claims audits, denials and appeals, coverage coordination, reporting, direct contracting, False Claims Act, Medicare & Medicaid, ERISA, state Prompt Pay, out-of-network and other nonpar insured, and other health care claims, prepayment, post-payment and other coverage, claims denials, appeals, billing and fraud investigations and actions and other reimbursement and payment related investigation, enforcement, litigation and actions.

A Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her thought leadership, experience and advocacy on these and other related concerns by her service in the leadership of the Solutions Law Press, Inc. Coalition for Responsible Health Policy, its PROJECT COPE: Coalition on Patient Empowerment, and a broad range of other professional and civic organizations including North Texas Healthcare Compliance Association, a founding Board Member and past President of the Alliance for Healthcare Excellence, past Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; former Board President of the early childhood development intervention agency, The Richardson Development Center for Children (now Warren Center For Children); current Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee, current Vice Chair of Policy for the Life Sciences Committee of the ABA International Section, Past Chair of the ABA Health Law Section Managed Care & Insurance Section, a current Defined Contribution Plan Committee Co-Chair, former Group Chair and Co-Chair of the ABA RPTE Section Employee Benefits Group, past Representative and chair of various committees of ABA Joint Committee on Employee Benefits; a ABA Health Law Coordinating Council representative, former Coordinator and a Vice-Chair of the Gulf Coast TEGE Council TE Division, past Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee, a former member of the Board of Directors of the Southwest Benefits Association and others.

For more information about Ms. Stamer or her health industry and other experience and involvements, see here or contact Ms. Stamer via telephone at (469) 767-8872 or via e-mail here.

Solutions Law Press, Inc.™

Leave a Comment » | Clinical pathway, Electronic Medical Records, Health care coding, health care reimbursement, HHS, Hospital, hospitals, Inpatient Rehabilitation, Inpatient Rehabilitation Facility, Medicare Fee Schedule, quality reporting, Reimbursement, Uncategorized | Tagged: CMS, Health Care Compliance, Health Care Policy, health care quality, Health Care Reimbursement, Hospitals, Reimbursement | Permalink
Posted by Cynthia Marcotte Stamer

1/18 Comment Deadline on Office Of Child Care Guidance That Allows Background Check Requirement Delays

December 13, 2017

January 8, 2018 is the deadline to comment on the Office of Child Care (OCC) FY 2019–2021 Child Care and Development Fund (CCDF) Plan Preprint including plans to grant waivers for childcare background checks.

The Preprint introduces the process and criteria for requesting additional time to complete background check requirements for interstate check components and for addressing the backlog of completing background checks for existing providers.

According to the Request for Comments, OCC is committed to granting additional waivers of up to 2 years, in 1-year increments (i.e., potentially through September 30, 2020), for background check requirements only in recognition of the significant challenges to implementing the CCDF background check requirements, . To receive these time-limited waivers, states and territories will have to meet milestones to ensure that they have requirements in place for a particular portion of the components and that they are conducting checks for new staff on those components (i.e., FBI fingerprint checks and the three in-state checks). The details on the milestone prerequisite and how to apply for the waiver are included in section 5.4 of the FY 2019–2021 CCDF Plan.

OCC has requested that the Office of Management and Budget (OMB) grant approval under procedures for emergency processing of the FY 2019–2021 CCDF State/Territory Plan Preprint to ensure that states and territories have sufficient time to complete the OMB-approved Plan Preprint by July 1, 2018. The emergency clearance provides for a single 30-day comment period. Both the Federal Register announcement and a copy of the draft FY 2019–2021 CCDF Plan Preprint are posted on the OCC website. Accordingly, Comments are due no later than January 8, 2018,

About The Author

Ms. Stamer works with businesses and their management, employee benefit plans, governments and other organizations deal with all aspects of human resources and workforce, internal controls and regulatory compliance, change management and other performance and operations management and compliance. Her day-to-day work encompasses both labor and employment issues, as well as independent contractor, outsourcing, employee leasing, management services and other nontraditional service relationships. She supports her clients both on a real-time, “on demand” basis and with longer term basis to deal with all aspects for workforce and human resources management, including, recruitment, hiring, firing, compensation and benefits, promotion, discipline, compliance, trade secret and confidentiality, noncompetition, privacy and data security, safety, daily performance and operations management, emerging crises, strategic planning, process improvement and change management, investigations, defending litigation, audits, investigations or other enforcement challenges, government affairs and public policy.

Well-known for her extensive work with health, insurance, financial services, technology, energy, manufacturing, retail, hospitality, governmental and other highly regulated employers, her nearly 30 years’ of experience encompasses domestic and international businesses of all types and sizes.

A Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her thought leadership, experience and advocacy on these and other concerns by her service as a management consultant, business coach and consultant and policy strategist as well through her leadership participation in professional and civic organizations such her involvement as the Vice Chair of the North Texas Healthcare Compliance Association; Executive Director of the Coalition on Responsible Health Policy and its PROJECT COPE: Coalition on Patient Empowerment; former Board President of the early childhood development intervention agency, The Richardson Development Center for Children; former Gulf Coast TEGE Council Exempt Organization Coordinator; a founding Board Member and past President of the Alliance for Healthcare Excellence; former board member and Vice President of the Managed Care Association; past Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; a member and policy adviser to the National Physicians’ Council for Healthcare Policy; current Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee; current Vice Chair of Policy for the Life Sciences Committee of the ABA International Section; Past Chair of the ABA Health Law Section Managed Care & Insurance Section; ABA Real Property Probate and Trust (RPTE) Section former Employee Benefits Group Chair, immediate past RPTE Representative to ABA Joint Committee on Employee Benefits Council Representative, and Defined Contribution Committee Co-Chair, past Welfare Benefit Committee Chair and current Employee Benefits Group Fiduciary Responsibility Committee Co-Chair, Substantive and Group Committee member, Membership Committee member and RPTE Representative to the ABA Health Law Coordinating Council; past Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee; a former member of the Board of Directors, Treasurer, Member and Continuing Education Chair of the Southwest Benefits Association and others.

Ms. Stamer also is a widely published author, highly popular lecturer, and serial symposia chair, who publishes and speaks extensively on human resources, labor and employment, employee benefits, compensation, occupational safety and health, and other leadership, performance, regulatory and operational risk management, public policy and community service concerns for the American Bar Association, ALI-ABA, American Health Lawyers, Society of Human Resources Professionals, the Southwest Benefits Association, the Society of Employee Benefits Administrators, the American Law Institute, Lexis-Nexis, Atlantic Information Services, The Bureau of National Affairs (BNA), InsuranceThoughtLeaders.com, Benefits Magazine, Employee Benefit News, Texas CEO Magazine, HealthLeaders, the HCCA, ISSA, HIMSS, Modern Healthcare, Managed Healthcare, Institute of Internal Auditors, Society of CPAs, Business Insurance, Employee Benefits News, World At Work, Benefits Magazine, the Wall Street Journal, the Dallas Morning News, the Dallas Business Journal, the Houston Business Journal, and many other symposia and publications. She also has served as an Editorial Advisory Board Member for human resources, employee benefit and other management focused publications of BNA, HR.com, Employee Benefit News, InsuranceThoughtLeadership.com and many other prominent publications and speaks and conducts training for a broad range of professional organizations and for clients on the Advisory Boards of InsuranceThoughtLeadership.com, HR.com, Employee Benefit News, and many other publications.

Want to know more? See here for details about the author of this update, attorney Cynthia Marcotte Stamer, e-mail her here or telephone Ms. Stamer at (469) 767-8872.

About Solutions Law Press, Inc.™

▪DOL Proposes Changing FLSA Tipped Employee Pay Rules

▪Consider Internal Investigation & Defense Costs When Administering Compliance Programs

▪Recruiting Qualified Workers Biggest Challenge US Manufacturers See In Otherwise Optimistic 3rd Quarter 2017

▪Government Retirees Get New Thrift Plan Distributing Choices

▪Jennifer A. Abruzzo Named NLRB Acting General Counsel

▪Bill Mandating E-Verify, Raising Employer I-9 Penalties Approved By House Judiciary Committee

▪Address Workplace Harassment During October Stop Bullying Month

▪NIOSH Proposed Updated Occupational Safety Chemical Monitoring Rules

▪2018 Social Security COLAs Set

▪IRS Updates Defined Benefit Plan Guidance

▪Read Trump Health Care Executive Order

▪Dealing With HR, Benefits & Other Headaches From Equifax and Other Data Breach

▪Employers Should Manage Potential Unfair Labor Practice Risks From Recording, Acceptable Use, Fighting, Integrity & Other Employment Policies

If you or someone else you know would like to receive future updates about developments on these and other concerns, please provide your current contact information and preferences including your preferred e-mail by creating or updating your profile here.

NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as an admission. The author reserves the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The presenter and the program sponsor disclaim, and have no responsibility to provide any update or otherwise notify any participant of any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.

Leave a Comment » | Uncategorized | Permalink
Posted by Cynthia Marcotte Stamer

Bill Allowing FDA Emergency Use Authorizations To Protect Military From Biological Warfare Threats Sent to President

December 5, 2017

Legislation amending the Federal Food, Drug, and Cosmetic Act, 21 U.S.C. 360bbb–3 (FDCA), to allow the Food and Drug Administration (FDA) to expedite the availability and emergency use of FDA regulated drugs and devices in response to military threats from germ and other biological warfare threats is awaiting President Trump’s signature. The legislation is intended to help better protect U.S. military personnel from exposures to germ and other biological warfare risks.

Passed by Congress on November 16 and presented for signature to President Trump on November 30, 2017, H.R.4374 will amend Section 564 of the FDCA to authorize the Secretary of Defense to request, and the FDA to authorize emergency use of a controlled substance or other regulated drug when the Secretary of Defense determines there exists a military emergency, or a significant potential for a military emergency, involving a heightened risk to United States military forces from:

A biological, chemical, radiological, or nuclear agent or agents; or
An agent or agents that may cause, or are otherwise associated with, an imminently life-threatening and specific risk to United States military forces;”; and

The Act contemplates that FDA consideration of approval of expedited emergency use under these circumstances will be initiated in response to a request from the Secretary of Defense. The Act authorizes the Secretary of Defense to ask the FDA to expedite the development of a medical product, review of investigational new drug applications under section 505(i) of the FDCA, review of investigational device exemptions under section 520(g) of the FDCA and review of applications for approval and clearance of medical products under sections 505, 510(k), and 515 of the FDCA and section 351 of the Public Health Service Act including applications for licensing of vaccines or blood as biological products, for review of regenerative medicine advanced therapy products when there is a military emergency, or significant potential for a military emergency, involving a specific and imminently life-threatening risk to United States military forces of attack with an agent or agents, and the medical product that is the subject of such application, submission, or notification would be reasonably likely to diagnose, prevent, treat, or mitigate such life-threatening risk.

If the Secretary of Defense makes such a request, the Act requires the FDA to expedite the development and review of an applicable application or notification with respect to the medical product including, as appropriate by:

Holding meetings with the sponsor and the review team throughout the development of the medical product;
Providing timely advice to, and interactive communication with, the sponsor regarding the development of the medical product to ensure that the development program to gather the nonclinical and clinical data necessary for approval or clearance is as efficient as practicable;
Involving senior managers and experienced review staff, as appropriate, in a collaborative, cross-disciplinary review;
Assigning a cross-disciplinary project lead for the review team to facilitate an efficient review of the development program and to serve as a scientific liaison between the review team and the sponsor;
Taking steps to ensure that the design of the clinical trials is as efficient as practicable, when scientifically appropriate, such as by minimizing the number of patients exposed to a potentially less efficacious treatment;
Applying any applicable Food and Drug Administration program intended to expedite the development and review of a medical product; and
In appropriate circumstances, permitting expanded access to the medical product during the investigational phase, in accordance with applicable requirements of the Food and Drug Administration.

To facilitate enhanced collaboration and communication with respect to the most current priorities of the Department of Defense, unless the Secretary of Defense determines unnecessary, the Act also requires:

The FDA to meet with the Department of Defense and any other appropriate development partners, such as the Biomedical Advanced Research and Development Authority, on a semi-annual basis for the purposes of conducting a full review of the relevant products in the Department of Defense portfolio; and
The Director of the Center for Biologics Evaluation and Research shall meet quarterly with the Department of Defense to discuss the development status of regenerative medicine advanced therapy, blood, and vaccine medical products and projects that are the highest priorities to the Department of Defense (which may include freeze dried plasma products and platelet alternatives).

In light of the enactment of these provisions, the Act also retroactively repeals to subsection (d) of section 1107a of title 10, United States Code, as added by section 716 of the National Defense Authorization Act for Fiscal Year 2018.

About the Author

Highly valued for her rare ability to find pragmatic client-centric solutions by combining her detailed legal and operational knowledge and experience with her talent for creative problem-solving, Ms. Stamer supports these organizations and their leaders on both a real-time, “on demand” basis as well as outsourced operations or special counsel on an interim, special project, or ongoing basis with strategic planning and product and services development and innovation; workforce and operations management, crisis preparedness and response as well as to prevent, stabilize and cleanup legal and operational crises large and small that arise in the course of operations.

As core components of this work, Ms. Stamer helps health industry, health plans and insurers, health IT, life sciences and other health industry clients manage regulatory, contractual and other compliance; vendors and suppliers; Medicare, Medicaid, CHIP, Medicare/Medicaid Advantage, ERISA and other private payer and other terms of participation, medical billing, reimbursement, claims administration and coordination, and other provider-payer relations, contracting, compliance and enforcement; Form 990 and other nonprofit and tax-exemption; fundraising, investors, joint venture, and other business partners; quality and other performance measurement, management, discipline and reporting; physician and other workforce recruiting, performance management, peer review and other investigations and discipline, wage and hour, payroll, gain-sharing and other pay-for performance and other compensation, training, outsourcing and other human resources and workforce matters; board, medical staff and other governance; strategic planning, process and quality improvement; meaningful use, EMR, HIPAA and other technology, data security and breach and other health IT and data; STARK, antikickback, insurance, and other fraud prevention, investigation, defense and enforcement; audits, investigations, and enforcement actions; trade secrets and other intellectual property; crisis preparedness and response; internal, government and third-party licensure, credentialing, accreditation, HCQIA and other peer review and quality reporting, audits, investigations, enforcement and defense; patient relations and care; internal controls and regulatory compliance; payer-provider, provider-provider, vendor, patient, governmental and community relations; facilities, practice, products and other sales, mergers, acquisitions and other business and commercial transactions; government procurement and contracting; grants; tax-exemption and not-for-profit; 1557 and other Civil Rights; privacy and data security; training; risk and change management; regulatory affairs and public policy; process, product and service improvement, development and innovation, and other legal and operational compliance and risk management, government and regulatory affairs and operations concerns.

Author of leading works on a multitude of health care, health plan and other health industry matters, the American Bar Association (ABA) International Section Life Sciences Committee Vice Chair, a Scribe for the ABA Joint Committee on Employee Benefits (JCEB) Annual OCR Agency Meeting, former Vice President of the North Texas Health Care Compliance Professionals Association, past Chair of the ABA Health Law Section Managed Care & Insurance Section, past ABA JCEB Council Representative and CLE and Marketing Committee Chair, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer’s health industry clients include public health organizations; public and private hospitals, healthcare systems, clinics and other health care facilities; physicians, physician practices, medical staff, and other provider organizations; skilled nursing, long term care, assisted living, home health, ambulatory surgery, dialysis, telemedicine, DME, Pharma, clinics, and other health care providers; billing, management and other administrative services organizations; insured, self-insured, association and other health plans; PPOs, HMOs and other managed care organizations, insurance, claims administration, utilization management, and other health care payers; public and private peer review, quality assurance, accreditation and licensing; technology and other outsourcing; healthcare clearinghouse and other data; research; public and private social and community organizations; real estate, technology, clinical pathways, and other developers; investors, banks and financial institutions; audit, accounting, law firm; consulting; document management and recordkeeping, business associates, vendors, and service providers and other professional and other health industry organizations; academic medicine; trade associations; legislative and other law making bodies and others.

Past Chair of the ABA Managed Care & Insurance Interest Group and, a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also has extensive health care reimbursement and insurance experience advising and defending health care providers, payers, and others about Medicare, Medicaid, Medicare and Medicaid Advantage, Tri-Care, self-insured group, association, individual and group and other health benefit programs and coverages including but not limited to advising public and private payers about coverage and program design and documentation, advising and defending providers, payers and systems and billing services entities about systems and process design, audits, and other processes; provider credentialing, and contracting; providers and payer billing, reimbursement, claims audits, denials and appeals, coverage coordination, reporting, direct contracting, False Claims Act, Medicare & Medicaid, ERISA, state Prompt Pay, out-of-network and other nonpar insured, and other health care claims, prepayment, post-payment and other coverage, claims denials, appeals, billing and fraud investigations and actions and other reimbursement and payment related investigation, enforcement, litigation and actions.

A Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her thought leadership, experience and advocacy on these and other related concerns by her service in the leadership of the Solutions Law Press, Inc. Coalition for Responsible Health Policy, its PROJECT COPE: Coalition on Patient Empowerment, and a broad range of other professional and civic organizations including North Texas Healthcare Compliance Association, a founding Board Member and past President of the Alliance for Healthcare Excellence, past Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; former Board President of the early childhood development intervention agency, The Richardson Development Center for Children (now Warren Center For Children); current Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee, current Vice Chair of Policy for the Life Sciences Committee of the ABA International Section, Past Chair of the ABA Health Law Section Managed Care & Insurance Section, a current Defined Contribution Plan Committee Co-Chair, former Group Chair and Co-Chair of the ABA RPTE Section Employee Benefits Group, past Representative and chair of various committees of ABA Joint Committee on Employee Benefits; a ABA Health Law Coordinating Council representative, former Coordinator and a Vice-Chair of the Gulf Coast TEGE Council TE Division, past Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee, a former member of the Board of Directors of the Southwest Benefits Association and others.

For more information about Ms. Stamer or her health industry and other experience and involvements, see here or contact Ms. Stamer via telephone at (469) 767-8872 or via e-mail here.

About Solutions Law Press, Inc.™

Leave a Comment » | Uncategorized | Permalink
Posted by Cynthia Marcotte Stamer

OIG Tells Texas Stop Paying Medicaid MCOs For Dead Patients

December 1, 2017

Texas has agreed to take steps to redress and prevent future Medicare capitation payments to Medicare managed care organization organization in response to an audit by the Department of Health & Human Services Office Of Inspector General (OIG).

A recently released OIG report says OIG found Texas Medicaid did not always stop making capitation payments after a beneficiary’s death, despite its efforts to identify and recover any unallowable payments. Specifically, Texas Medicaid paid $6.4 million for 8,496 capitation payments made between January 1, 2013, and December 31, 2015, for beneficiaries with death dates reported as prior to this period. While Texas recovered some of these payments, OIG determined that $1.8 million remains unrecovered and that Texas paid $840,587 for beneficiaries who OIG could not determine to be deceased.

Based on these findings, OIG recommended that Texas Medicaid:

Identify and recover unallowable payments totaling $1.8 million from MCOs and refund $1 million (Federal share) to the Federal Government,
Review capitation payments before and after the OIG audit period for additional unallowable payments for the deceased beneficiaries,
Work with the Social Security Administration to determine whether the 77 beneficiaries whose status could not be verified are deceased and recover any unallowable payments, and
Strengthen its policies and procedures for identifying deceased beneficiaries and denying Medicaid benefits and ending eligibility to prevent future unallowable payments. Texas Medicaid agreed with our findings and provided information on actions that it had taken or planned to take to address OIG’s recommendations.

The report and Texas’ response sends a strong signal to Texas and other Medicaid managed care organizations to clean up their eligibility tracking and billing to avoid billing for or accepting capitation payments after beneficiaries die as well as prepare to make repayments if they receive those payments.

Leave a Comment » | Uncategorized | Permalink
Posted by Cynthia Marcotte Stamer

1/19 Deadline To Comment On Proposed FDA Premarket Notice Exemption For Over-The-Counter Dental Repair Kits

November 18, 2017

January 19 is the deadline to comment on a petition asking the Food and Drug Administration (FDA) to exempt over-the-counter (OTC) denture repair kits from the premarket notification requirements.

OTC denture repair kits consist of material, such as a resin monomer system of powder and liquid glues, which is intended to be applied permanently to a denture to mend cracks or breaks.

The FDA published a notice to obtain comments in accordance with procedures established by the Food and Drug Administration Modernization Act of 1997 (FDAMA). Interested persons must comment by January 19, 2018.

About the Author

Highly valued for her rare ability to find pragmatic client-centric solutions by combining her detailed legal and operational knowledge and experience with her talent for creative problem-solving, Ms. Stamer supports these organizations and their leaders on both a real-time, “on demand” basis as well as outsourced operations or special counsel on an interim, special project, or ongoing basis with strategic planning and product and services development and innovation; workforce and operations management, crisis preparedness and response as well as to prevent, stabilize and cleanup legal and operational crises large and small that arise in the course of operations.

As core components of this work, Ms. Stamer helps health industry, health plans and insurers, health IT, life sciences and other health industry clients manage regulatory, contractual and other compliance; vendors and suppliers; Medicare, Medicaid, CHIP, Medicare/Medicaid Advantage, ERISA and other private payer and other terms of participation, medical billing, reimbursement, claims administration and coordination, and other provider-payer relations, contracting, compliance and enforcement; Form 990 and other nonprofit and tax-exemption; fundraising, investors, joint venture, and other business partners; quality and other performance measurement, management, discipline and reporting; physician and other workforce recruiting, performance management, peer review and other investigations and discipline, wage and hour, payroll, gain-sharing and other pay-for performance and other compensation, training, outsourcing and other human resources and workforce matters; board, medical staff and other governance; strategic planning, process and quality improvement; meaningful use, EMR, HIPAA and other technology, data security and breach and other health IT and data; STARK, antikickback, insurance, and other fraud prevention, investigation, defense and enforcement; audits, investigations, and enforcement actions; trade secrets and other intellectual property; crisis preparedness and response; internal, government and third-party licensure, credentialing, accreditation, HCQIA and other peer review and quality reporting, audits, investigations, enforcement and defense; patient relations and care; internal controls and regulatory compliance; payer-provider, provider-provider, vendor, patient, governmental and community relations; facilities, practice, products and other sales, mergers, acquisitions and other business and commercial transactions; government procurement and contracting; grants; tax-exemption and not-for-profit; 1557 and other Civil Rights; privacy and data security; training; risk and change management; regulatory affairs and public policy; process, product and service improvement, development and innovation, and other legal and operational compliance and risk management, government and regulatory affairs and operations concerns.

Author of leading works on a multitude of health care, health plan and other health industry matters, the American Bar Association (ABA) International Section Life Sciences Committee Vice Chair, a Scribe for the ABA Joint Committee on Employee Benefits (JCEB) Annual OCR Agency Meeting, former Vice President of the North Texas Health Care Compliance Professionals Association, past Chair of the ABA Health Law Section Managed Care & Insurance Section, past ABA JCEB Council Representative and CLE and Marketing Committee Chair, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer’s health industry clients include public health organizations; public and private hospitals, healthcare systems, clinics and other health care facilities; physicians, physician practices, medical staff, and other provider organizations; skilled nursing, long term care, assisted living, home health, ambulatory surgery, dialysis, telemedicine, DME, Pharma, clinics, and other health care providers; billing, management and other administrative services organizations; insured, self-insured, association and other health plans; PPOs, HMOs and other managed care organizations, insurance, claims administration, utilization management, and other health care payers; public and private peer review, quality assurance, accreditation and licensing; technology and other outsourcing; healthcare clearinghouse and other data; research; public and private social and community organizations; real estate, technology, clinical pathways, and other developers; investors, banks and financial institutions; audit, accounting, law firm; consulting; document management and recordkeeping, business associates, vendors, and service providers and other professional and other health industry organizations; academic medicine; trade associations; legislative and other law making bodies and others.

Past Chair of the ABA Managed Care & Insurance Interest Group and, a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also has extensive health care reimbursement and insurance experience advising and defending health care providers, payers, and others about Medicare, Medicaid, Medicare and Medicaid Advantage, Tri-Care, self-insured group, association, individual and group and other health benefit programs and coverages including but not limited to advising public and private payers about coverage and program design and documentation, advising and defending providers, payers and systems and billing services entities about systems and process design, audits, and other processes; provider credentialing, and contracting; providers and payer billing, reimbursement, claims audits, denials and appeals, coverage coordination, reporting, direct contracting, False Claims Act, Medicare & Medicaid, ERISA, state Prompt Pay, out-of-network and other nonpar insured, and other health care claims, prepayment, post-payment and other coverage, claims denials, appeals, billing and fraud investigations and actions and other reimbursement and payment related investigation, enforcement, litigation and actions.

A Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her thought leadership, experience and advocacy on these and other related concerns by her service in the leadership of the Solutions Law Press, Inc. Coalition for Responsible Health Policy, its PROJECT COPE: Coalition on Patient Empowerment, and a broad range of other professional and civic organizations including North Texas Healthcare Compliance Association, a founding Board Member and past President of the Alliance for Healthcare Excellence, past Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; former Board President of the early childhood development intervention agency, The Richardson Development Center for Children (now Warren Center For Children); current Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee, current Vice Chair of Policy for the Life Sciences Committee of the ABA International Section, Past Chair of the ABA Health Law Section Managed Care & Insurance Section, a current Defined Contribution Plan Committee Co-Chair, former Group Chair and Co-Chair of the ABA RPTE Section Employee Benefits Group, past Representative and chair of various committees of ABA Joint Committee on Employee Benefits; a ABA Health Law Coordinating Council representative, former Coordinator and a Vice-Chair of the Gulf Coast TEGE Council TE Division, past Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee, a former member of the Board of Directors of the Southwest Benefits Association and others.

For more information about Ms. Stamer or her health industry and other experience and involvements, see here or contact Ms. Stamer via telephone at (469) 767-8872 or via e-mail here.

Solutions Law Press, Inc.™

Leave a Comment » | Uncategorized | Permalink
Posted by Cynthia Marcotte Stamer

Michigan Doctor Pleads Guilty To Billing Medicare For Illegally Prescribed Drugs

November 14, 2017

Physician Abdul Haq faces sentencing on May 29, 2018 after pleading guilty to one count of conspiracy to commit health care fraud on October 3 for his role in an approximately $19 million Medicare fraud scheme involving billing Medicare for providing medically unnecessary controlled substances, including Oxycodone, Hydrocodone and Opana, to narcotic addicted Medicare beneficiaries. See Doctor Pleads Guilty to Health Care Fraud Conspiracy for Role in $19 Million Detroit Area Medicare Fraud Scheme. Haq’s prosecution and guilty plea is one of a growing federal prosecutions of health care providers involving billing of Medicare or other health payers for prescribing medically unnecessary controlled substances to Medicare or other health plan beneficiaries.

According to court documents, Haq admitted he participated in a schedule where he and his co-conspirators prescribed and billed Medicare for medically unnecessary controlled substances, including Oxycodone, Hydrocodone and Opana, to Medicare beneficiaries, many of whom were addicted to narcotics. Haq also admitted in court that he and his co-conspirators required some Medicare beneficiaries to undergo and billed Medicare for medically unnecessary facet joint injections if the beneficiary wished to obtain prescriptions for controlled substances.

According to the Justice Department, in furtherance of the conspiracy, Haq and others referred Medicare beneficiaries to specific third party home health agencies, laboratories and diagnostic providers even though those referrals were medically unnecessary. Haq also admitted to serving as the straw owner of various pain clinics owned and/or controlled by Rashid, and submitted false and fraudulent enrollment materials to Medicare that failed to disclose the ownership interest of Rashid, as it was illegal for Rashid – a non-physician – to own medical clinics under Michigan law. In total, Haq admitted that he submitted or caused the submission of approximately $19,322,846.60 in false and fraudulent claims to Medicare.

Haq was charged along with Michigan residents Mashiyat Rashid, Joseph Betro, Tariq Omar and Mohammed Zahoor and Ohio resident Yasser Mozeb, Ohio under inditements unsealed on July 6. Haq is scheduled to be sentenced for his guilty plea on May 29, 2018. Rashid, Mozeb, Pappas, Betro, Omar and Zahoor are awaiting trial.

About the Author

Highly valued for her rare ability to find pragmatic client-centric solutions by combining her detailed legal and operational knowledge and experience with her talent for creative problem-solving, Ms. Stamer supports these organizations and their leaders on both a real-time, “on demand” basis as well as outsourced operations or special counsel on an interim, special project, or ongoing basis with strategic planning and product and services development and innovation; workforce and operations management, crisis preparedness and response as well as to prevent, stabilize and cleanup legal and operational crises large and small that arise in the course of operations.

As core components of this work, Ms. Stamer helps health industry, health plans and insurers, health IT, life sciences and other health industry clients manage regulatory, contractual and other compliance; vendors and suppliers; Medicare, Medicaid, CHIP, Medicare/Medicaid Advantage, ERISA and other private payer and other terms of participation, medical billing, reimbursement, claims administration and coordination, and other provider-payer relations, contracting, compliance and enforcement; Form 990 and other nonprofit and tax-exemption; fundraising, investors, joint venture, and other business partners; quality and other performance measurement, management, discipline and reporting; physician and other workforce recruiting, performance management, peer review and other investigations and discipline, wage and hour, payroll, gain-sharing and other pay-for performance and other compensation, training, outsourcing and other human resources and workforce matters; board, medical staff and other governance; strategic planning, process and quality improvement; meaningful use, EMR, HIPAA and other technology, data security and breach and other health IT and data; STARK, antikickback, insurance, and other fraud prevention, investigation, defense and enforcement; audits, investigations, and enforcement actions; trade secrets and other intellectual property; crisis preparedness and response; internal, government and third-party licensure, credentialing, accreditation, HCQIA and other peer review and quality reporting, audits, investigations, enforcement and defense; patient relations and care; internal controls and regulatory compliance; payer-provider, provider-provider, vendor, patient, governmental and community relations; facilities, practice, products and other sales, mergers, acquisitions and other business and commercial transactions; government procurement and contracting; grants; tax-exemption and not-for-profit; 1557 and other Civil Rights; privacy and data security; training; risk and change management; regulatory affairs and public policy; process, product and service improvement, development and innovation, and other legal and operational compliance and risk management, government and regulatory affairs and operations concerns.

Author of leading works on a multitude of health care, health plan and other health industry matters, the American Bar Association (ABA) International Section Life Sciences Committee Vice Chair, a Scribe for the ABA Joint Committee on Employee Benefits (JCEB) Annual OCR Agency Meeting, former Vice President of the North Texas Health Care Compliance Professionals Association, past Chair of the ABA Health Law Section Managed Care & Insurance Section, past ABA JCEB Council Representative and CLE and Marketing Committee Chair, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer’s health industry clients include public health organizations; public and private hospitals, healthcare systems, clinics and other health care facilities; physicians, physician practices, medical staff, and other provider organizations; skilled nursing, long term care, assisted living, home health, ambulatory surgery, dialysis, telemedicine, DME, Pharma, clinics, and other health care providers; billing, management and other administrative services organizations; insured, self-insured, association and other health plans; PPOs, HMOs and other managed care organizations, insurance, claims administration, utilization management, and other health care payers; public and private peer review, quality assurance, accreditation and licensing; technology and other outsourcing; healthcare clearinghouse and other data; research; public and private social and community organizations; real estate, technology, clinical pathways, and other developers; investors, banks and financial institutions; audit, accounting, law firm; consulting; document management and recordkeeping, business associates, vendors, and service providers and other professional and other health industry organizations; academic medicine; trade associations; legislative and other law making bodies and others.

Past Chair of the ABA Managed Care & Insurance Interest Group and, a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also has extensive health care reimbursement and insurance experience advising and defending health care providers, payers, and others about Medicare, Medicaid, Medicare and Medicaid Advantage, Tri-Care, self-insured group, association, individual and group and other health benefit programs and coverages including but not limited to advising public and private payers about coverage and program design and documentation, advising and defending providers, payers and systems and billing services entities about systems and process design, audits, and other processes; provider credentialing, and contracting; providers and payer billing, reimbursement, claims audits, denials and appeals, coverage coordination, reporting, direct contracting, False Claims Act, Medicare & Medicaid, ERISA, state Prompt Pay, out-of-network and other nonpar insured, and other health care claims, prepayment, post-payment and other coverage, claims denials, appeals, billing and fraud investigations and actions and other reimbursement and payment related investigation, enforcement, litigation and actions.

A Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her thought leadership, experience and advocacy on these and other related concerns by her service in the leadership of the Solutions Law Press, Inc. Coalition for Responsible Health Policy, its PROJECT COPE: Coalition on Patient Empowerment, and a broad range of other professional and civic organizations including North Texas Healthcare Compliance Association, a founding Board Member and past President of the Alliance for Healthcare Excellence, past Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; former Board President of the early childhood development intervention agency, The Richardson Development Center for Children (now Warren Center For Children); current Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee, current Vice Chair of Policy for the Life Sciences Committee of the ABA International Section, Past Chair of the ABA Health Law Section Managed Care & Insurance Section, a current Defined Contribution Plan Committee Co-Chair, former Group Chair and Co-Chair of the ABA RPTE Section Employee Benefits Group, past Representative and chair of various committees of ABA Joint Committee on Employee Benefits; a ABA Health Law Coordinating Council representative, former Coordinator and a Vice-Chair of the Gulf Coast TEGE Council TE Division, past Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee, a former member of the Board of Directors of the Southwest Benefits Association and others.

For more information about Ms. Stamer or her health industry and other experience and involvements, see here or contact Ms. Stamer via telephone at (469) 767-8872 or via e-mail here.

Solutions Law Press, Inc.™

Leave a Comment » | Anethesiology, Controlled Substances, drug treatment, Health Care, Health Care Finance, Health Care Fraud, Health Care Provider, home health, Money Laundering, pain management, Sober Homes, Uncategorized | Tagged: Chatman, drug treatment, Health Care Fraud, Reflections Treatment Centers, Sober Homes | Permalink
Posted by Cynthia Marcotte Stamer

Anesthesiology Practice Nailed For Improperly Billing For Moderate Sedation

November 14, 2017

A recently announced health care fraud settlement involving New York Anesthesiology Medical Specialties, P.C. reminds anesthesiology practices and their billing and management companies to double check the defensibly their practices for billing for moderate sedation procedures.

On October 3, 2017; for instance, Acting United States Attorney for the Northern District of New York Grant C. Jaquith and New York State Attorney General Eric T. Schneiderman announced that New York Anesthesiology Medical Specialties, P.C. d/b/a New York Spine and Wellness Center (New York Spine & Wellness) would pay $1,941,850.29 to resolve claims that it improperly billed for moderate sedation services by routinely billing for moderate sedation services when its physicians spent less than the required 16 minutes with the patient.

The fraud charges stemmed from an investigation started after a private insurance company rejected two of New York Spine & Wellness’s claims for moderate sedation services in January, 2015 because, as described by New York Spine & Wellness’s billing company, the “Medicare 16 minute span rule to bill [the] code” was not satisfied. In mid-June 2015, the same private insurance company performed an audit and rejected New York Spine & Wellness’s claims for moderate sedation services where the documentation did not support that the procedure lasted more than 16 minutes.

Under 2011 American Medical Association guidance on the billing requirements for moderate sedation services adopted and enforced by Medicare billing intermediaries and many private payers, moderate sedation services are billable only when the physician spends at least 16 minutes face-to-face with the patient. The billing company advised New York Spine & Wellness to review the audit findings concerning moderate sedation services. New York Spine & Wellness continued to bill for moderate sedation services after mid-June 2015 without the required 16 minutes of face-to-face time. The improper billing stopped after New York Spine & Wellness was contacted by the United States Attorney’s Office for the Northern District of New York in connection with this investigation. See Syracuse Area Medical Practice to Pay Nearly $2 Million to Resolve False Claims Act Exposure.

About the Author

Highly valued for her rare ability to find pragmatic client-centric solutions by combining her detailed legal and operational knowledge and experience with her talent for creative problem-solving, Ms. Stamer supports these organizations and their leaders on both a real-time, “on demand” basis as well as outsourced operations or special counsel on an interim, special project, or ongoing basis with strategic planning and product and services development and innovation; workforce and operations management, crisis preparedness and response as well as to prevent, stabilize and cleanup legal and operational crises large and small that arise in the course of operations.

As core components of this work, Ms. Stamer helps health industry, health plans and insurers, health IT, life sciences and other health industry clients manage regulatory, contractual and other compliance; vendors and suppliers; Medicare, Medicaid, CHIP, Medicare/Medicaid Advantage, ERISA and other private payer and other terms of participation, medical billing, reimbursement, claims administration and coordination, and other provider-payer relations, contracting, compliance and enforcement; Form 990 and other nonprofit and tax-exemption; fundraising, investors, joint venture, and other business partners; quality and other performance measurement, management, discipline and reporting; physician and other workforce recruiting, performance management, peer review and other investigations and discipline, wage and hour, payroll, gain-sharing and other pay-for performance and other compensation, training, outsourcing and other human resources and workforce matters; board, medical staff and other governance; strategic planning, process and quality improvement; meaningful use, EMR, HIPAA and other technology, data security and breach and other health IT and data; STARK, antikickback, insurance, and other fraud prevention, investigation, defense and enforcement; audits, investigations, and enforcement actions; trade secrets and other intellectual property; crisis preparedness and response; internal, government and third-party licensure, credentialing, accreditation, HCQIA and other peer review and quality reporting, audits, investigations, enforcement and defense; patient relations and care; internal controls and regulatory compliance; payer-provider, provider-provider, vendor, patient, governmental and community relations; facilities, practice, products and other sales, mergers, acquisitions and other business and commercial transactions; government procurement and contracting; grants; tax-exemption and not-for-profit; 1557 and other Civil Rights; privacy and data security; training; risk and change management; regulatory affairs and public policy; process, product and service improvement, development and innovation, and other legal and operational compliance and risk management, government and regulatory affairs and operations concerns.

Author of leading works on a multitude of health care, health plan and other health industry matters, the American Bar Association (ABA) International Section Life Sciences Committee Vice Chair, a Scribe for the ABA Joint Committee on Employee Benefits (JCEB) Annual OCR Agency Meeting, former Vice President of the North Texas Health Care Compliance Professionals Association, past Chair of the ABA Health Law Section Managed Care & Insurance Section, past ABA JCEB Council Representative and CLE and Marketing Committee Chair, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer’s health industry clients include public health organizations; public and private hospitals, healthcare systems, clinics and other health care facilities; physicians, physician practices, medical staff, and other provider organizations; skilled nursing, long term care, assisted living, home health, ambulatory surgery, dialysis, telemedicine, DME, Pharma, clinics, and other health care providers; billing, management and other administrative services organizations; insured, self-insured, association and other health plans; PPOs, HMOs and other managed care organizations, insurance, claims administration, utilization management, and other health care payers; public and private peer review, quality assurance, accreditation and licensing; technology and other outsourcing; healthcare clearinghouse and other data; research; public and private social and community organizations; real estate, technology, clinical pathways, and other developers; investors, banks and financial institutions; audit, accounting, law firm; consulting; document management and recordkeeping, business associates, vendors, and service providers and other professional and other health industry organizations; academic medicine; trade associations; legislative and other law making bodies and others.

Past Chair of the ABA Managed Care & Insurance Interest Group and, a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also has extensive health care reimbursement and insurance experience advising and defending health care providers, payers, and others about Medicare, Medicaid, Medicare and Medicaid Advantage, Tri-Care, self-insured group, association, individual and group and other health benefit programs and coverages including but not limited to advising public and private payers about coverage and program design and documentation, advising and defending providers, payers and systems and billing services entities about systems and process design, audits, and other processes; provider credentialing, and contracting; providers and payer billing, reimbursement, claims audits, denials and appeals, coverage coordination, reporting, direct contracting, False Claims Act, Medicare & Medicaid, ERISA, state Prompt Pay, out-of-network and other nonpar insured, and other health care claims, prepayment, post-payment and other coverage, claims denials, appeals, billing and fraud investigations and actions and other reimbursement and payment related investigation, enforcement, litigation and actions.

A Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her thought leadership, experience and advocacy on these and other related concerns by her service in the leadership of the Solutions Law Press, Inc. Coalition for Responsible Health Policy, its PROJECT COPE: Coalition on Patient Empowerment, and a broad range of other professional and civic organizations including North Texas Healthcare Compliance Association, a founding Board Member and past President of the Alliance for Healthcare Excellence, past Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; former Board President of the early childhood development intervention agency, The Richardson Development Center for Children (now Warren Center For Children); current Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee, current Vice Chair of Policy for the Life Sciences Committee of the ABA International Section, Past Chair of the ABA Health Law Section Managed Care & Insurance Section, a current Defined Contribution Plan Committee Co-Chair, former Group Chair and Co-Chair of the ABA RPTE Section Employee Benefits Group, past Representative and chair of various committees of ABA Joint Committee on Employee Benefits; a ABA Health Law Coordinating Council representative, former Coordinator and a Vice-Chair of the Gulf Coast TEGE Council TE Division, past Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee, a former member of the Board of Directors of the Southwest Benefits Association and others.

For more information about Ms. Stamer or her health industry and other experience and involvements, see here or contact Ms. Stamer via telephone at (469) 767-8872 or via e-mail here.

Solutions Law Press, Inc.™

Leave a Comment » | Anethesiology, drug treatment, Health Care, Health Care Finance, Health Care Fraud, Health Care Provider, home health, Money Laundering, pain management, Sober Homes, Uncategorized | Tagged: Chatman, drug treatment, Health Care Fraud, Reflections Treatment Centers, Sober Homes | Permalink
Posted by Cynthia Marcotte Stamer

Florida Doctor Sentenced For Multi-Million Dollar Drug & Alcohol Addiction Treatment Health Care Fraud, Money Laundering & Forced Prostitution Scheme

November 14, 2017

Florida physician Joaquin Mendez was sentenced to serve 48 months in prison, followed by one year of supervised release and pay $2,198,520.37 in restitution for participating in a now notorious multi-million dollar health care fraud and money laundering scheme under which Mendez, along with co-defendants Kenneth Chatman, Fransesia Davis, and Michael Bonds defrauded public and private payers by giving free or reduced rent and other benefits as kickbacks and bribes to individuals with insurance who agreed to reside at Reflections Treatment Center sober homes, attend drug treatment, and submit to regular drug testing that members of the conspiracy could bill to the residents’ insurance plans. A Southern District of Florida Judge on Thursday, November 9, 2017 imposed the sentence as punishment for Mendez’s previously entered guilty plea to one count of conspiracy to commit health care fraud, in violation of Title 18, United States Code, Section 1347; all in violation of Title 18, United States Code, Section 1349.

The case is notable not only for its colorful facts, but also broad reaching participation and collaboration of federal and state law enforcement and other agencies that collaborated in the investigations and prosecutions that lead to the prosecution and conviction of Mendez and his co-defendants.

Mendez’s sentencing wraps up the last prosecutions arising from a now notorious federal health care fraud scheme under which federal prosecutors charged Mendez and the other co-defendants referred the sober homes’ residents who had insurance to Reflections Treatment Centers that purportedly offered clinical treatment services for persons suffering from alcohol and drug addiction while continuing to allow residents to use drugs and in some cases forcing female patients into prostitution.

According to prosecutors, Reflections Treatment Centers owner defendant Chatman hired defendant Mendez and other doctors to serve as medical directors of his treatment centers. As medical director, Mendez was purportedly responsible for evaluating patients and prescribing medically necessary treatment and testing. Instead of Mendez using his medical expertise and his individual assessments of patients to decide what type of laboratory testing was needed by each patient, co-defendant Chatman dictated the type and frequency of different types of lab testing that would be performed based upon the kickbacks and bribes that he was receiving from different clinical laboratories. Mendez facilitated this testing by signing doctor’s orders for urine drug tests and certificates of medical necessity for saliva drug tests, although Mendez had never seen some of the patients. Prosecutors also charged Mendez signed off on hundreds of “certificates of medical necessity” for urine and saliva tests after the testing had already been done including some tests ordered after the patients already had been discharged from Reflections Treatment Centers. When he examined treatment center patients, Mendez billed those patients’ insurance plans using procedure codes that reflected more complex and lengthier examinations than Mendez actually performed. Prosecutors charge that Mendez knew that insurance claims for the medically unnecessary tests that he prescribed would be submitted to the patients’ insurance companies.

Beyond fraudulently billing public and private health plans for health care services, federal prosecutors also charged that Mendez’s failure to properly evaluate and supervise patients facilitated Chatman’s commission of other crimes besides health care fraud through his operation of the Reflections Treatment Centers. According to federal prosecutors, had Mendez properly supervised the drug test results for the tests that he ordered, he would have noticed that drug use was rampant among patients in residence at the facilities. Federal prosecutors charge that 90 percent of the people in residence at Reflections Treatment Centers continued to actively use drugs during their stay. According to federal prosecutors, at least four people died of overdoses while Reflections Treatment Centers residents.

Aside from his fraudulent billing scheme, Federal prosecutors also charged that Chatman restrained some female patients and forced them into prostitution.

Mendenz’s sentencing wraps up the final prosecution of defendants arising from the Reflections Treatment Centers sting. Chatman previously was sentenced to 27½ years in prison in May. All of the other defendants also took plea deals, including another doctor and Chatman’s wife.

The prosecution of Mendez and his co-defendants resulted from an investigation conducted by the Greater Palm Beach Health Care Fraud Task Force. Agencies of the task force include the FBI, IRS-CI, the Palm Beach County State Attorney’s Office Sober Homes Task Force, Florida Division of Investigative and Forensic Services, Martin County Sheriff’s Office, Amtrak-Office of Inspector General, the Department of Labor Inspector General and Employee Benefit Security Administration, the National Insurance Crime Bureau, the Palm Beach County Sheriff’s Office, the West Palm Beach Police Department, the Delray Beach Police Department, the Florida Attorney General Office of Statewide Prosecution, and the Office of Personnel Management Office of Inspector General.

The cases against Mendez and his co-defendants were prosecuted by Assistant United States Attorney A. Marie Villafaña; Benjamin G. Greenberg, Acting United States Attorney for the Southern District of Florida; Robert F. Lasky, Special Agent in Charge, Federal Bureau of Investigation (FBI), Miami Field Office; Kelly R. Jackson, Special Agent in Charge, Internal Revenue Service, Criminal Investigation (IRS-CI); Dave Aronberg, State Attorney, Palm Beach County State Attorney’s Office; Jimmy Patronis, Florida Chief Financial Officer; William D. Snyder, Sheriff, Martin County Sheriff’s Office; George L. Dorsett, Assistant Inspector General for Investigations, Amtrak Office of Inspector General; Rafiq Ahmad, Special Agent in Charge, United States Department of Labor, Office of Inspector General ; Isabel Colon, Regional Director, United States Department of Labor, Employee Benefits Security Administration; Dennis Russo, Director of Operations, National Insurance Crime Bureau; Ric Bradshaw, Sheriff, Palm Beach County Sheriff’s Office; Sarah J. Mooney, Chief, West Palm Beach Police Department; Jeffrey S. Goldman, Chief, Delray Beach Police Department; Pam Bondi, Florida Attorney General; and Scott Rezendes, Special Agent in Charge, Office of Personnel Management, Office of Inspector General.

About the Author

Highly valued for her rare ability to find pragmatic client-centric solutions by combining her detailed legal and operational knowledge and experience with her talent for creative problem-solving, Ms. Stamer supports these organizations and their leaders on both a real-time, “on demand” basis as well as outsourced operations or special counsel on an interim, special project, or ongoing basis with strategic planning and product and services development and innovation; workforce and operations management, crisis preparedness and response as well as to prevent, stabilize and cleanup legal and operational crises large and small that arise in the course of operations.

As core components of this work, Ms. Stamer helps health industry, health plans and insurers, health IT, life sciences and other health industry clients manage regulatory, contractual and other compliance; vendors and suppliers; Medicare, Medicaid, CHIP, Medicare/Medicaid Advantage, ERISA and other private payer and other terms of participation, medical billing, reimbursement, claims administration and coordination, and other provider-payer relations, contracting, compliance and enforcement; Form 990 and other nonprofit and tax-exemption; fundraising, investors, joint venture, and other business partners; quality and other performance measurement, management, discipline and reporting; physician and other workforce recruiting, performance management, peer review and other investigations and discipline, wage and hour, payroll, gain-sharing and other pay-for performance and other compensation, training, outsourcing and other human resources and workforce matters; board, medical staff and other governance; strategic planning, process and quality improvement; meaningful use, EMR, HIPAA and other technology, data security and breach and other health IT and data; STARK, antikickback, insurance, and other fraud prevention, investigation, defense and enforcement; audits, investigations, and enforcement actions; trade secrets and other intellectual property; crisis preparedness and response; internal, government and third-party licensure, credentialing, accreditation, HCQIA and other peer review and quality reporting, audits, investigations, enforcement and defense; patient relations and care; internal controls and regulatory compliance; payer-provider, provider-provider, vendor, patient, governmental and community relations; facilities, practice, products and other sales, mergers, acquisitions and other business and commercial transactions; government procurement and contracting; grants; tax-exemption and not-for-profit; 1557 and other Civil Rights; privacy and data security; training; risk and change management; regulatory affairs and public policy; process, product and service improvement, development and innovation, and other legal and operational compliance and risk management, government and regulatory affairs and operations concerns.

Author of leading works on a multitude of health care, health plan and other health industry matters, the American Bar Association (ABA) International Section Life Sciences Committee Vice Chair, a Scribe for the ABA Joint Committee on Employee Benefits (JCEB) Annual OCR Agency Meeting, former Vice President of the North Texas Health Care Compliance Professionals Association, past Chair of the ABA Health Law Section Managed Care & Insurance Section, past ABA JCEB Council Representative and CLE and Marketing Committee Chair, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer’s health industry clients include public health organizations; public and private hospitals, healthcare systems, clinics and other health care facilities; physicians, physician practices, medical staff, and other provider organizations; skilled nursing, long term care, assisted living, home health, ambulatory surgery, dialysis, telemedicine, DME, Pharma, clinics, and other health care providers; billing, management and other administrative services organizations; insured, self-insured, association and other health plans; PPOs, HMOs and other managed care organizations, insurance, claims administration, utilization management, and other health care payers; public and private peer review, quality assurance, accreditation and licensing; technology and other outsourcing; healthcare clearinghouse and other data; research; public and private social and community organizations; real estate, technology, clinical pathways, and other developers; investors, banks and financial institutions; audit, accounting, law firm; consulting; document management and recordkeeping, business associates, vendors, and service providers and other professional and other health industry organizations; academic medicine; trade associations; legislative and other law making bodies and others.

Past Chair of the ABA Managed Care & Insurance Interest Group and, a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also has extensive health care reimbursement and insurance experience advising and defending health care providers, payers, and others about Medicare, Medicaid, Medicare and Medicaid Advantage, Tri-Care, self-insured group, association, individual and group and other health benefit programs and coverages including but not limited to advising public and private payers about coverage and program design and documentation, advising and defending providers, payers and systems and billing services entities about systems and process design, audits, and other processes; provider credentialing, and contracting; providers and payer billing, reimbursement, claims audits, denials and appeals, coverage coordination, reporting, direct contracting, False Claims Act, Medicare & Medicaid, ERISA, state Prompt Pay, out-of-network and other nonpar insured, and other health care claims, prepayment, post-payment and other coverage, claims denials, appeals, billing and fraud investigations and actions and other reimbursement and payment related investigation, enforcement, litigation and actions.

A Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her thought leadership, experience and advocacy on these and other related concerns by her service in the leadership of the Solutions Law Press, Inc. Coalition for Responsible Health Policy, its PROJECT COPE: Coalition on Patient Empowerment, and a broad range of other professional and civic organizations including North Texas Healthcare Compliance Association, a founding Board Member and past President of the Alliance for Healthcare Excellence, past Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; former Board President of the early childhood development intervention agency, The Richardson Development Center for Children (now Warren Center For Children); current Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee, current Vice Chair of Policy for the Life Sciences Committee of the ABA International Section, Past Chair of the ABA Health Law Section Managed Care & Insurance Section, a current Defined Contribution Plan Committee Co-Chair, former Group Chair and Co-Chair of the ABA RPTE Section Employee Benefits Group, past Representative and chair of various committees of ABA Joint Committee on Employee Benefits; a ABA Health Law Coordinating Council representative, former Coordinator and a Vice-Chair of the Gulf Coast TEGE Council TE Division, past Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee, a former member of the Board of Directors of the Southwest Benefits Association and others.

For more information about Ms. Stamer or her health industry and other experience and involvements, see here or contact Ms. Stamer via telephone at (469) 767-8872 or via e-mail here.

Solutions Law Press, Inc.™

Leave a Comment » | drug treatment, Health Care, Health Care Finance, Health Care Fraud, Health Care Provider, home health, Money Laundering, Sober Homes, Uncategorized | Tagged: Chatman, drug treatment, Health Care Fraud, Reflections Treatment Centers, Sober Homes | Permalink
Posted by Cynthia Marcotte Stamer

CMS Announces New Medicare Provider Ombudsman

November 13, 2017

Dr. Eugene Freund will serve as the Center for Medicare and Medicaid Services (CMS) Provider Ombudsman, CMS announced today.

As the Provider Ombudsman, Dr. Freund is charged with serving as the CMS resource responsible for listening to physician concerns about implementation problems experienced by clinicians, hospitals, suppliers, and other providers. Dr. Freund also will communicate about the New Medicare Card to providers and collaborate with CMS components to develop solutions to any implementation problems that arise.

Providers wishing to reach the Ombudsman may go here.

Providers considering contacting the Provider Ombudsman should ensure they understand the potential benefits and risks. Before contacting the Provider Ombudsman, providers need to understand the Provider Ombudsman does not have power directly to change requirements or compel performance. Rather, the Provider Ombudsman’s role primarily is to listen. The Provider Ombudsman primarily helps by promoting understanding and getting the right people involved to listen and resolve problems based on misunderstandings.

Even more importantly, providers should carefully evaluate their concern and weigh whether the discussion with the provider on buds men might create enhanced risks of investigation or prosecution under Medicare fraud and abuse, false claims, or other Medicare rules often used by federal prosecutors or CMS to pursue civil or criminal penalties against providers. All communications with the provider as well as other CMS representatives should be carefully managed to mitigate these risks.

About the Author

Highly valued for her rare ability to find pragmatic client-centric solutions by combining her detailed legal and operational knowledge and experience with her talent for creative problem-solving, Ms. Stamer supports these organizations and their leaders on both a real-time, “on demand” basis as well as outsourced operations or special counsel on an interim, special project, or ongoing basis with strategic planning and product and services development and innovation; workforce and operations management, crisis preparedness and response as well as to prevent, stabilize and cleanup legal and operational crises large and small that arise in the course of operations.

As core components of this work, Ms. Stamer helps health industry, health plans and insurers, health IT, life sciences and other health industry clients manage regulatory, contractual and other compliance; vendors and suppliers; Medicare, Medicaid, CHIP, Medicare/Medicaid Advantage, ERISA and other private payer and other terms of participation, medical billing, reimbursement, claims administration and coordination, and other provider-payer relations, contracting, compliance and enforcement; Form 990 and other nonprofit and tax-exemption; fundraising, investors, joint venture, and other business partners; quality and other performance measurement, management, discipline and reporting; physician and other workforce recruiting, performance management, peer review and other investigations and discipline, wage and hour, payroll, gain-sharing and other pay-for performance and other compensation, training, outsourcing and other human resources and workforce matters; board, medical staff and other governance; strategic planning, process and quality improvement; meaningful use, EMR, HIPAA and other technology, data security and breach and other health IT and data; STARK, antikickback, insurance, and other fraud prevention, investigation, defense and enforcement; audits, investigations, and enforcement actions; trade secrets and other intellectual property; crisis preparedness and response; internal, government and third-party licensure, credentialing, accreditation, HCQIA and other peer review and quality reporting, audits, investigations, enforcement and defense; patient relations and care; internal controls and regulatory compliance; payer-provider, provider-provider, vendor, patient, governmental and community relations; facilities, practice, products and other sales, mergers, acquisitions and other business and commercial transactions; government procurement and contracting; grants; tax-exemption and not-for-profit; 1557 and other Civil Rights; privacy and data security; training; risk and change management; regulatory affairs and public policy; process, product and service improvement, development and innovation, and other legal and operational compliance and risk management, government and regulatory affairs and operations concerns.

Author of leading works on a multitude of health care, health plan and other health industry matters, the American Bar Association (ABA) International Section Life Sciences Committee Vice Chair, a Scribe for the ABA Joint Committee on Employee Benefits (JCEB) Annual OCR Agency Meeting, former Vice President of the North Texas Health Care Compliance Professionals Association, past Chair of the ABA Health Law Section Managed Care & Insurance Section, past ABA JCEB Council Representative and CLE and Marketing Committee Chair, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer’s health industry clients include public health organizations; public and private hospitals, healthcare systems, clinics and other health care facilities; physicians, physician practices, medical staff, and other provider organizations; skilled nursing, long term care, assisted living, home health, ambulatory surgery, dialysis, telemedicine, DME, Pharma, clinics, and other health care providers; billing, management and other administrative services organizations; insured, self-insured, association and other health plans; PPOs, HMOs and other managed care organizations, insurance, claims administration, utilization management, and other health care payers; public and private peer review, quality assurance, accreditation and licensing; technology and other outsourcing; healthcare clearinghouse and other data; research; public and private social and community organizations; real estate, technology, clinical pathways, and other developers; investors, banks and financial institutions; audit, accounting, law firm; consulting; document management and recordkeeping, business associates, vendors, and service providers and other professional and other health industry organizations; academic medicine; trade associations; legislative and other law making bodies and others.

Past Chair of the ABA Managed Care & Insurance Interest Group and, a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also has extensive health care reimbursement and insurance experience advising and defending health care providers, payers, and others about Medicare, Medicaid, Medicare and Medicaid Advantage, Tri-Care, self-insured group, association, individual and group and other health benefit programs and coverages including but not limited to advising public and private payers about coverage and program design and documentation, advising and defending providers, payers and systems and billing services entities about systems and process design, audits, and other processes; provider credentialing, and contracting; providers and payer billing, reimbursement, claims audits, denials and appeals, coverage coordination, reporting, direct contracting, False Claims Act, Medicare & Medicaid, ERISA, state Prompt Pay, out-of-network and other nonpar insured, and other health care claims, prepayment, post-payment and other coverage, claims denials, appeals, billing and fraud investigations and actions and other reimbursement and payment related investigation, enforcement, litigation and actions.

A Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her thought leadership, experience and advocacy on these and other related concerns by her service in the leadership of the Solutions Law Press, Inc. Coalition for Responsible Health Policy, its PROJECT COPE: Coalition on Patient Empowerment, and a broad range of other professional and civic organizations including North Texas Healthcare Compliance Association, a founding Board Member and past President of the Alliance for Healthcare Excellence, past Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; former Board President of the early childhood development intervention agency, The Richardson Development Center for Children (now Warren Center For Children); current Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee, current Vice Chair of Policy for the Life Sciences Committee of the ABA International Section, Past Chair of the ABA Health Law Section Managed Care & Insurance Section, a current Defined Contribution Plan Committee Co-Chair, former Group Chair and Co-Chair of the ABA RPTE Section Employee Benefits Group, past Representative and chair of various committees of ABA Joint Committee on Employee Benefits; a ABA Health Law Coordinating Council representative, former Coordinator and a Vice-Chair of the Gulf Coast TEGE Council TE Division, past Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee, a former member of the Board of Directors of the Southwest Benefits Association and others.

For more information about Ms. Stamer or her health industry and other experience and involvements, see here or contact Ms. Stamer via telephone at (469) 767-8872 or via e-mail here.

AboutSoluttions Law Press, Inc.™

Soluttions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources here.

Leave a Comment » | Uncategorized | Permalink
Posted by Cynthia Marcotte Stamer

11/30 Deadline For Critical Access Hospital Hardship Exception Applications

November 13, 2017

November 30 is the deadline for Critical Access Hospitals (CAHs) to submit a hardship exception application to avoid the 2016 payment adjustment based on the 2016 reporting year for failing to meet the meaningful use requirements of the American Recovery and Reinvestment Act of 2009 (ARRA),

Under AARA, Congress mandated CAHs that are not meaningful users of Certified Electronic Health Record (EHR) Technology under the Medicare EHR Incentive Program receive negative payment adjustments beginning in 2015. Specifically, section 4102(b)(2) of the HITECH Act amended section 1814(l) of the Act to include an adjustment to a CAH’s Medicare reimbursement for inpatient services if the CAH is not a meaningful EHR user for an EHR reporting period unless the CAH qualifies for a hardship exception. CAHs must demonstrate meaningful use every year according to the timelines specified to avoid Medicare payment adjustments. For example, CAHs that demonstrate meaningful use in 2017 will avoid the payment adjustment in 2017, but they also must demonstrate meaningful use in 2018 to avoid the payment Medicaid CAHs that do not bill Medicare are not subject to these payment adjustments in 2018. Medicaid CAHs that do not bill Medicare are not subject to these payment adjustments.

A CAH demonstrates meaningful use by successfully attesting through either the CMS Attestation System or through its state’s attestation system annually by the applicable deadline:

If a CAH does not meet the meaningful us requirement, it may be possible to avoid the payment adjustment by qualifying for a hardship exception. AARA allows CMS on a case-by-case basis, to grant CHAs an exception from this adjustment if CMS or its Medicare contractor determines, on an annual basis, that a significant hardship exists.

If the facility is a CAH, as defined in the Stage 2 Final Rule 42 CFR Part 413 § 413.70(C), that is new in the payment adjustment year (2016) and has not previously operated, CMS will grant a hardship exception automatically and is automatically exempt from the payment adjustment. Note that CAHs are NOT considered NEW if any of the following circumstances apply:

The CAH builds a new or replacement facility/facilities at the same or another location even if this is coincidental with a change of ownership, a change in management or a lease arrangement;
A CAH closes and subsequently reopens; or o A CAH that has been converted from an eligible hospital.

If any of the outlined circumstances listed apply, the CAH should consider applying for a hardship if it has not successfully demonstrated meaningful use for an EHR reporting period and if at least one of the hardship reasons indicated on the application was met.

There are several categories of hardship exceptions for CAHs:

CAHs can also apply for a hardship exception for the following circumstances:

Insufficient Internet Connectivity – The CAH was located in an area without sufficient Internet access to comply with meaningful use objectives requiring Internet connectivity, and faced insurmountable barriers to obtaining such Internet connectivity.
Extreme and Uncontrollable Circumstances – If they encounter an unforeseeable barrier, such as a natural disaster (includes vendor issues).

CAHs can submit hardship exception applications in two ways:

Electronic submission via e-mail to Sent to ehrhardship@provider-resources.com; or
Paper submission via fax to 814-456-7132.

All hardship exception determinations will be returned via email from ehrhardship@provider-resources.com to the email address provided on the application.

If approved, the hardship exception is valid for the 2016 payment year only. If the CAH claims a hardship exception for a following payment year, the CAH must submit a new application.

For more information, reviewthe Critical Access Hospital Payment Adjustment and Hardship Exception Tipsheet and visit the Payment Adjustments and Hardship Information webpage on the EHR Incentive Programs website.

About the Author

Highly valued for her rare ability to find pragmatic client-centric solutions by combining her detailed legal and operational knowledge and experience with her talent for creative problem-solving, Ms. Stamer supports these organizations and their leaders on both a real-time, “on demand” basis as well as outsourced operations or special counsel on an interim, special project, or ongoing basis with strategic planning and product and services development and innovation; workforce and operations management, crisis preparedness and response as well as to prevent, stabilize and cleanup legal and operational crises large and small that arise in the course of operations.

As core components of this work, Ms. Stamer helps health industry, health plans and insurers, health IT, life sciences and other health industry clients manage regulatory, contractual and other compliance; vendors and suppliers; Medicare, Medicaid, CHIP, Medicare/Medicaid Advantage, ERISA and other private payer and other terms of participation, medical billing, reimbursement, claims administration and coordination, and other provider-payer relations, contracting, compliance and enforcement; Form 990 and other nonprofit and tax-exemption; fundraising, investors, joint venture, and other business partners; quality and other performance measurement, management, discipline and reporting; physician and other workforce recruiting, performance management, peer review and other investigations and discipline, wage and hour, payroll, gain-sharing and other pay-for performance and other compensation, training, outsourcing and other human resources and workforce matters; board, medical staff and other governance; strategic planning, process and quality improvement; meaningful use, EMR, HIPAA and other technology, data security and breach and other health IT and data; STARK, antikickback, insurance, and other fraud prevention, investigation, defense and enforcement; audits, investigations, and enforcement actions; trade secrets and other intellectual property; crisis preparedness and response; internal, government and third-party licensure, credentialing, accreditation, HCQIA and other peer review and quality reporting, audits, investigations, enforcement and defense; patient relations and care; internal controls and regulatory compliance; payer-provider, provider-provider, vendor, patient, governmental and community relations; facilities, practice, products and other sales, mergers, acquisitions and other business and commercial transactions; government procurement and contracting; grants; tax-exemption and not-for-profit; 1557 and other Civil Rights; privacy and data security; training; risk and change management; regulatory affairs and public policy; process, product and service improvement, development and innovation, and other legal and operational compliance and risk management, government and regulatory affairs and operations concerns.

Author of leading works on a multitude of health care, health plan and other health industry matters, the American Bar Association (ABA) International Section Life Sciences Committee Vice Chair, a Scribe for the ABA Joint Committee on Employee Benefits (JCEB) Annual OCR Agency Meeting, former Vice President of the North Texas Health Care Compliance Professionals Association, past Chair of the ABA Health Law Section Managed Care & Insurance Section, past ABA JCEB Council Representative and CLE and Marketing Committee Chair, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer’s health industry clients include public health organizations; public and private hospitals, healthcare systems, clinics and other health care facilities; physicians, physician practices, medical staff, and other provider organizations; skilled nursing, long term care, assisted living, home health, ambulatory surgery, dialysis, telemedicine, DME, Pharma, clinics, and other health care providers; billing, management and other administrative services organizations; insured, self-insured, association and other health plans; PPOs, HMOs and other managed care organizations, insurance, claims administration, utilization management, and other health care payers; public and private peer review, quality assurance, accreditation and licensing; technology and other outsourcing; healthcare clearinghouse and other data; research; public and private social and community organizations; real estate, technology, clinical pathways, and other developers; investors, banks and financial institutions; audit, accounting, law firm; consulting; document management and recordkeeping, business associates, vendors, and service providers and other professional and other health industry organizations; academic medicine; trade associations; legislative and other law making bodies and others.

Past Chair of the ABA Managed Care & Insurance Interest Group and, a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also has extensive health care reimbursement and insurance experience advising and defending health care providers, payers, and others about Medicare, Medicaid, Medicare and Medicaid Advantage, Tri-Care, self-insured group, association, individual and group and other health benefit programs and coverages including but not limited to advising public and private payers about coverage and program design and documentation, advising and defending providers, payers and systems and billing services entities about systems and process design, audits, and other processes; provider credentialing, and contracting; providers and payer billing, reimbursement, claims audits, denials and appeals, coverage coordination, reporting, direct contracting, False Claims Act, Medicare & Medicaid, ERISA, state Prompt Pay, out-of-network and other nonpar insured, and other health care claims, prepayment, post-payment and other coverage, claims denials, appeals, billing and fraud investigations and actions and other reimbursement and payment related investigation, enforcement, litigation and actions.

A Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her thought leadership, experience and advocacy on these and other related concerns by her service in the leadership of the Solutions Law Press, Inc. Coalition for Responsible Health Policy, its PROJECT COPE: Coalition on Patient Empowerment, and a broad range of other professional and civic organizations including North Texas Healthcare Compliance Association, a founding Board Member and past President of the Alliance for Healthcare Excellence, past Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; former Board President of the early childhood development intervention agency, The Richardson Development Center for Children (now Warren Center For Children); current Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee, current Vice Chair of Policy for the Life Sciences Committee of the ABA International Section, Past Chair of the ABA Health Law Section Managed Care & Insurance Section, a current Defined Contribution Plan Committee Co-Chair, former Group Chair and Co-Chair of the ABA RPTE Section Employee Benefits Group, past Representative and chair of various committees of ABA Joint Committee on Employee Benefits; a ABA Health Law Coordinating Council representative, former Coordinator and a Vice-Chair of the Gulf Coast TEGE Council TE Division, past Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee, a former member of the Board of Directors of the Southwest Benefits Association and others.

For more information about Ms. Stamer or her health industry and other experience and involvements, see here or contact Ms. Stamer via telephone at (469) 767-8872 or via e-mail here.

Solutions Law Press, Inc.™

Leave a Comment » | Accreditation, Ambulatory care, Electronic Health Records, Electronic Medical Records, Health Care, Health Care Provider, Health Care Quality, health care reimbursement, Health IT, Hospital, hospitals, Medicare Fee Schedule, Reimbursement, Uncategorized | Permalink
Posted by Cynthia Marcotte Stamer

Comment By 1/8 on Guidance for Industry on Expedited Programs for Serious Conditions– Drugs and Biologics

November 8, 2017

January 8, 2018 is the deadline to submit comments to the Food and Drug Administration (FDA or Agency) on the proposed collection of information by the Agency.on the information collection in the guidance for industry “Expedited Programs for Serious Conditions–Drugs and Biologics.”

The guidance provides a single resource for information on FDA’s policies and procedures related to the following expedited programs for serious conditions: (1) Fast track designation, (2) breakthrough therapy designation, (3) accelerated approval, and (4) priority review designation. The guidance describes threshold criteria generally applicable to expedited programs, including what is meant by serious condition, unmet medical need, and available therapy. The guidance addresses the applicability of expedited programs to rare diseases, clarification on available therapy, and additional detail on possible flexibility in manufacturing and product quality. The guidance also clarifies the qualifying criteria for breakthrough therapy designation and provides examples of surrogate endpoints and intermediate clinical endpoints used to support accelerated approval.

The information collection resulting from requests for priority review designation and breakthrough therapy designation is set forth in rows 1 and 2 of table 1 and is approved by the Office of Management and Budget (OMB) under control number 0910-0765. The information collection resulting from requests for accelerated approval is approved by OMB under control numbers 0910-0001 and 0910-0338.

The provisions of the guidance relating to fast track development and other issues such as serious condition and unmet medical need replace the guidance entitled “Fast Track Drug Development Programs–Designation, Development, and Application Review.” Consequently, the information collection resulting from the “Fast Track Drug Development Programs–Designation, Development, and Application Review” (OMB control number 0910-0389) is now being incorporated into OMB control number 0910-0765 (guidance for industry “Expedited Programs for Serious Conditions–Drugs and Biologics”).

A sponsor or applicant who seeks fast track designation is required to submit a request to the Agency showing that the drug product: (1) Is intended for a serious or life-threatening condition and (2) has the potential to address an unmet medical need. The Agency expects that most information to support a designation request will have been gathered under existing requirements for preparing an investigational new drug (IND), new drug application (NDA), or biologic license application (BLA). If such information has already been submitted to the Agency, the information may be summarized in the fast track designation request. A designation request should include, where applicable, additional information not specified elsewhere by statute or regulation. For example, additional information may be needed to show that a product has the potential to address an unmet medical need where an approved therapy exists for the serious or life-threatening condition to be treated. Such information may include clinical data, published reports, summaries of data and reports, and a list of references. The amount of information and discussion in a designation request need not be voluminous, but it should be sufficient to permit a reviewer to assess whether the criteria for fast track designation have been met.

After the Agency makes a fast track designation, a sponsor or applicant may submit a premeeting package that may include additional information supporting a request to participate in certain fast track programs. The premeeting package serves as background information for the meeting and should support the intended objectives of the meeting.

As with the request for fast track designation, the Agency expects that most sponsors or applicants will have gathered such information to meet existing requirements for preparing an IND, NDA, or BLA. These may include descriptions of clinical safety and efficacy trials not conducted under an IND (e.g., foreign studies) and information to support a request for accelerated approval. If such information has already been submitted to FDA, the information may be summarized in the premeeting package.

For more information and detailed instructions on the request for comments, see https://www.gpo.gov/fdsys/pkg/FR-2017-11-08/html/2017-24296.htm.

Health care providers and others commenting in response to this invitation are cautioned that the FDA will post your comment, as well as any attachments, except for information submitted, marked and identified, as “confidential” is submitted as detailed in the instruction. To submit a comment with confidential information that you do not wish to be made publicly available, the FDA directs to submit your comments only as a written/paper submission by submitting two copies total:

One copy will include the information you claim to be confidential with a heading or cover note that “THIS DOCUMENT CONTAINS CONFIDENTIAL INFORMATION.” The Agency will review this copy, including the claimed confidential information, in its consideration of comments.
The second copy, which will have the claimed confidential information redacted/blacked out, will be available for public viewing and posted on https://www.regulations.gov.
If you do not wish your name and contact information to be made publicly available, you can provide this information on the cover sheet and not in the body of your comments and you must identify this information as “confidential.”

Interested persons may access the docket to read background documents or the electronic and written/paper comments received, go to https://www.regulations.gov and insert the docket number, found in brackets in the heading of this document, into the “Search” box and follow the prompts and/or go to the Dockets Management Staff, 5630 Fishers Lane, Rm. 1061, Rockville, MD 20852.

About the Author

Highly valued for her rare ability to find pragmatic client-centric solutions by combining her detailed legal and operational knowledge and experience with her talent for creative problem-solving, Ms. Stamer supports these organizations and their leaders on both a real-time, “on demand” basis as well as outsourced operations or special counsel on an interim, special project, or ongoing basis with strategic planning and product and services development and innovation; workforce and operations management, crisis preparedness and response as well as to prevent, stabilize and cleanup legal and operational crises large and small that arise in the course of operations.

As core components of this work, Ms. Stamer helps health industry, health plans and insurers, health IT, life sciences and other health industry clients manage regulatory, contractual and other compliance; vendors and suppliers; Medicare, Medicaid, CHIP, Medicare/Medicaid Advantage, ERISA and other private payer and other terms of participation, medical billing, reimbursement, claims administration and coordination, and other provider-payer relations, contracting, compliance and enforcement; Form 990 and other nonprofit and tax-exemption; fundraising, investors, joint venture, and other business partners; quality and other performance measurement, management, discipline and reporting; physician and other workforce recruiting, performance management, peer review and other investigations and discipline, wage and hour, payroll, gain-sharing and other pay-for performance and other compensation, training, outsourcing and other human resources and workforce matters; board, medical staff and other governance; strategic planning, process and quality improvement; meaningful use, EMR, HIPAA and other technology, data security and breach and other health IT and data; STARK, antikickback, insurance, and other fraud prevention, investigation, defense and enforcement; audits, investigations, and enforcement actions; trade secrets and other intellectual property; crisis preparedness and response; internal, government and third-party licensure, credentialing, accreditation, HCQIA and other peer review and quality reporting, audits, investigations, enforcement and defense; patient relations and care; internal controls and regulatory compliance; payer-provider, provider-provider, vendor, patient, governmental and community relations; facilities, practice, products and other sales, mergers, acquisitions and other business and commercial transactions; government procurement and contracting; grants; tax-exemption and not-for-profit; 1557 and other Civil Rights; privacy and data security; training; risk and change management; regulatory affairs and public policy; process, product and service improvement, development and innovation, and other legal and operational compliance and risk management, government and regulatory affairs and operations concerns.

Author of leading works on a multitude of health care, health plan and other health industry matters, the American Bar Association (ABA) International Section Life Sciences Committee Vice Chair, a Scribe for the ABA Joint Committee on Employee Benefits (JCEB) Annual OCR Agency Meeting, former Vice President of the North Texas Health Care Compliance Professionals Association, past Chair of the ABA Health Law Section Managed Care & Insurance Section, past ABA JCEB Council Representative and CLE and Marketing Committee Chair, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer’s health industry clients include public health organizations; public and private hospitals, healthcare systems, clinics and other health care facilities; physicians, physician practices, medical staff, and other provider organizations; skilled nursing, long term care, assisted living, home health, ambulatory surgery, dialysis, telemedicine, DME, Pharma, clinics, and other health care providers; billing, management and other administrative services organizations; insured, self-insured, association and other health plans; PPOs, HMOs and other managed care organizations, insurance, claims administration, utilization management, and other health care payers; public and private peer review, quality assurance, accreditation and licensing; technology and other outsourcing; healthcare clearinghouse and other data; research; public and private social and community organizations; real estate, technology, clinical pathways, and other developers; investors, banks and financial institutions; audit, accounting, law firm; consulting; document management and recordkeeping, business associates, vendors, and service providers and other professional and other health industry organizations; academic medicine; trade associations; legislative and other law making bodies and others.

Past Chair of the ABA Managed Care & Insurance Interest Group and, a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also has extensive health care reimbursement and insurance experience advising and defending health care providers, payers, and others about Medicare, Medicaid, Medicare and Medicaid Advantage, Tri-Care, self-insured group, association, individual and group and other health benefit programs and coverages including but not limited to advising public and private payers about coverage and program design and documentation, advising and defending providers, payers and systems and billing services entities about systems and process design, audits, and other processes; provider credentialing, and contracting; providers and payer billing, reimbursement, claims audits, denials and appeals, coverage coordination, reporting, direct contracting, False Claims Act, Medicare & Medicaid, ERISA, state Prompt Pay, out-of-network and other nonpar insured, and other health care claims, prepayment, post-payment and other coverage, claims denials, appeals, billing and fraud investigations and actions and other reimbursement and payment related investigation, enforcement, litigation and actions.

A Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her thought leadership, experience and advocacy on these and other related concerns by her service in the leadership of the Solutions Law Press, Inc. Coalition for Responsible Health Policy, its PROJECT COPE: Coalition on Patient Empowerment, and a broad range of other professional and civic organizations including North Texas Healthcare Compliance Association, a founding Board Member and past President of the Alliance for Healthcare Excellence, past Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; former Board President of the early childhood development intervention agency, The Richardson Development Center for Children (now Warren Center For Children); current Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee, current Vice Chair of Policy for the Life Sciences Committee of the ABA International Section, Past Chair of the ABA Health Law Section Managed Care & Insurance Section, a current Defined Contribution Plan Committee Co-Chair, former Group Chair and Co-Chair of the ABA RPTE Section Employee Benefits Group, past Representative and chair of various committees of ABA Joint Committee on Employee Benefits; a ABA Health Law Coordinating Council representative, former Coordinator and a Vice-Chair of the Gulf Coast TEGE Council TE Division, past Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee, a former member of the Board of Directors of the Southwest Benefits Association and others.

For more information about Ms. Stamer or her health industry and other experience and involvements, see here or contact Ms. Stamer via telephone at (469) 767-8872 or via e-mail here.

Solutions Law Press, Inc.™

Leave a Comment » | Consumer Driven Health Care, Controlled Substances, DEA, drug treatment, Fast Track Approval, FDA, Health Care Provider, Pharmaceudical, Pharmacy, Prescription Drugs, research, Uncategorized | Permalink
Posted by Cynthia Marcotte Stamer

CMS Publishes 2018 Physician Fee Schedule Rule

November 2, 2017

On November 2, the Centers for Medicare and Medicaid Services (CMS) issued a final rule that includes updates to payment policies, payment rates, and quality provisions for services furnished under the Medicare Physician Fee Schedule (PFS) on or after January 1, 2018.

The overall update to payments under the PFS based on the finalized CY 2018 rates will be +0.41 percent. This update reflects the +0.50 percent update established under the Medicare Access and CHIP Reauthorization Act of 2015, reduced by 0.09 percent, due to the misvalued code target recapture amount, required under the Achieving a Better Life Experience Act of 2014. After applying these adjustments, and the budget neutrality adjustment to account for changes in Relative Value Units, all required by law, the final 2018 PFS conversion factor is $35.99, an increase to the 2017 PFS conversion factor of $35.89.

The Final Rule Includes:

Patients over Paperwork Initiative
Changes in valuation for specific services
Payment rates for nonexcepted off-campus provider-based hospital departments
Medicare telehealth services
Malpractice relative value units
Care management services
Improvement of payment rates for office-based behavioral health services
Evaluation and management comment solicitation
Emergency department visits comment solicitation
Solicitation of public comments on initial data collection and reporting periods for Clinical Laboratory Fee Schedule
Part B drugs: Payment for biosimilar biological products
Part B drug payment: Infusion drugs furnished through an item of durable medical equipment
New care coordination services and payment for rural health clinics and federally-qualified health centers
Appropriate use criteria for advanced diagnostic imaging
Medicare Diabetes Prevention Program expanded model
Physician Quality Reporting System
Patient relationship codes
Medicare Shared Savings Program
2018 Value Modifier.

Physicians and other healthcare organizations should review this new guidance as soon as possible and begin preparing for these changes which take affect at the first of the year.

About The Author

Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: Erisa & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years of health industry and other management work, public policy leadership and advocacy, coaching, teachings, and publications. Ms. Stamer works with health industry and related businesses and their management, employee benefit plans, governments and other organizations deal with all aspects of human resources and workforce, internal controls and regulatory compliance, change management, disaster and other crisis preparedness and response, and other performance and operations management and compliance. Her experienced includes career long involvement in advising and defending health industry and other organizations about disaster and other crisis preparation, response and mitigation arising from natural and man-made disasters, government enforcement, financial distress, workplace emergencies and accidents, data breach and other cybersecurity and other events. For additional information about Ms. Stamer, see here, e-mail her here or telephone Ms. Stamer at (214) 452-8297.

About Solutions Law Press, Inc.™

Leave a Comment » | Conditions of Participation, Corporate Compliance, Doctor, Electronic Health Records, Health Care, Health care coding, Health Care Finance, Health Care Fraud, Health Care Provider, Health Care Quality, Health Care Reform, health care reimbursement, Health IT, Hospital, Medicaid, Medicare, Medicare Advantage, Medicare Fee Schedule, Medicare Prescription Drug Program, Money Laundering, OIG, Outpatient, Physician, Prospective Payment, quality reporting, Reimbursement, Rural Health Care, Stark, Uncategorized | Permalink
Posted by Cynthia Marcotte Stamer

Check Your Medicare/Medicaid Compliance Against Against Quarterly Guidance Changes List

October 27, 2017

Healthcare providers, Medicare/Medicaid Advantage Plans, beneficiaries, and suppliers should use the Medicare and Medicaid Programs; Quarterly Listing of Program Issuances—July Through September 2017 published today to help confirm compliance and other practices take into account potentially relevant new key Medicare and Medicaid guidance issued during the period from July 1 to September 30, 2017.

Staying up-to-date with the latest Program is critical maintain qualification for benefits and rights and avoid getting nailed for harsh civil or even criminal penalties that violations can trigger. However keeping up with the constantly evolving guidance can be daunting.

The quarterly notice lists updates that happened in the 3-month period along with a hyperlink to the full listing that is available on the CMS Web site or the appropriate data registries that are used as Center for Medicare and Medicaid Services resources. for beneficiaries, providers, and suppliers.

The resource provides a convenient tool for the public to find the full list of qualified providers for these specific services and offers more flexibility and ‘‘real time’’ accessibility. In addition, many of the Web sites have listservs; that the public can subscribe and receive immediate notification of any updates to the Web site. These listservs avoid the need to check the Web site, as notification of updates is automatic and sent to the subscriber as they occur.

This notice is organized into 15 addenda so that a reader may access the subjects published during the quarter covered by the notice to determine whether any are of particular interest. Interested persons should use the Quarterly Notice in concert with previously published notices.

About The Author

About Solutions Law Press, Inc.™

Leave a Comment » | Academic medicine, Affordable Care Act, ASC, Border Health, Centers For Disease Control, Childrens Health Insurance Program, Conditions of Participation, Consumer Driven Health Care, Controlled Substances, Corporate Compliance, Cultural diversity, data breach, data security, Disability Discrimination, Disease Management, DME, Doctor, drug treatment, Durable Medical Equipment, E-Prescribing, Electronic Health Records, Electronic Medical Records, EMTALA, Evidence Based Medicine, false claims act, FDA, Federal Health Center, Federal Sentencing Guidelines, Health Care, Health Care Finance, Health Care Fraud, Health Care Provider, Health Care Quality, Health Care Reform, health care reimbursement, Health Insurance Exchange, Health IT, healthcare, HIPAA, Home Health, Hospice, Hospital, Indian Health, Inpatient Rehabilitation, Inpatient Rehabilitation Facility, Meaningful Use, Medicaid, Medical Licensure, Medicare, Medicare Advantage, Medicare Fee Schedule, Medicare Prescription Drug Program, Mental Health, Mental Heatlh, Money Laundering, NIOSH, OCR, OIG, Outcomes Data, Pharmaceudical, Pharmacy, Physician, Physician Licensing, Prescription Drugs, Psychiatric, quality reporting, Reimbursement, Rural Health Care, Stark, Substance Abuse, Telemarketing, Uncategorized, Veterans Health, Veterans Health Care | Permalink
Posted by Cynthia Marcotte Stamer

CDC Proposed Changes To NIOSH Occupational Health Biological Monitoring Methods for Chemical Exposures

October 15, 2017

The National Institute for Occupational Safety and Health of the Centers for Disease Control and Prevention is inviting comment on a draft chapter it proposes be published in the NIOSH Manual of Analytical Methods (NMAM) used by the occupational safety and health professionals to measure worker exposures.

NIOSH has updated the chapter used by the occupational safety and health professionals to measure worker exposures covering the application and validation of biological monitoring methods for chemical exposures to entitled ‘‘Application of Biological Monitoring Methods for Chemical Exposures in Occupational Health.”

Comments on the proposed chapter must be received by December 15, 2017.

Get details on how to review and comment on the proposed chapter at https://www.gpo.gov/fdsys/pkg/FR-2017-10-16/pdf/2017-22317.pdf.

Leave a Comment » | NIOSH, occupational health, OSHA, Uncategorized | Tagged: CDC, NIOSH, occupational health, OSHA | Permalink
Posted by Cynthia Marcotte Stamer

HHS Picks Hargan As Acting HHS Secretary

October 11, 2017

President Trump has appointed Eric D. Hargan Acting Secretary of the U.S. Department of Health and Human Services (HHS).

Hargan, who was just sworn into office as Deputy Secretary of HHS on Oct. 6, 2017, takes over the duties of former Secretary Dr. Tom Price, who recently resigned in response to criticism about his expenditures for charter flights.

Before joining HHS, Mr. Hargan was an attorney, most recently a shareholder in Greenberg Traurig’s Chicago office in the Health and FDA Business department, where he focused his practice on transactions, healthcare regulations and government relations. He represented investors, companies, and individuals in healthcare investments and issues across the entire sector.

From 2003 to 2007, Mr. Hargan served at HHS in a variety of capacities, ultimately holding the position of Acting Deputy Secretary. During his tenure at HHS, Mr. Hargan also served as the Department’s Regulatory Policy Officer, overseeing the development and approval of all HHS, CMS, and FDA regulations and significant guidances.

Prior to this role, he served HHS as Deputy General Counsel. More recently, he was tapped by Governor Bruce Rauner to serve during transition as lead co-chair for Gov. Rauner’s Healthcare and Human Services committee.

During his time in Illinois, Mr. Hargan taught at Loyola Law School in Chicago, focusing on administrative law and healthcare regulations. He was a member of the U.S. government team at the inaugural U.S.-China Strategic Economic Dialogue in Beijing in 2006-2007, worked with the State Department’s Bureau of Arms Control to advance biosecurity in developing nations, and initiated and led the HHS team that developed the first responses to international food safety and importation issues in 2007.

He received his B.A. cum laude from Harvard University, and his J.D. from Columbia University Law School, where he was Senior Editor of the Columbia Law Review. Mr. Hargan also received a Certificate in International Law from the Parker School of Foreign and Comparative Law at Columbia University.

Before returning to Washington, D.C., Mr. Hargan lived in the suburbs of Chicago with his wife, Emily, and their two sons.

About The Author

Ms. Stamer works with health industry and related businesses and their management, employee benefit plans, governments and other organizations deal with all aspects of human resources and workforce, internal controls and regulatory compliance, change management, disaster and other crisis preparedness and response, and other performance and operations management and compliance. Her experienced includes career long involvement in advising and defending health industry and other organizations about disaster and other crisis preparation, response and mitigation arising from natural and man-made disasters, government enforcement, financial distress, workplace emergencies and accidents, data breach and other cybersecurity and other events. For additional information about Ms. Stamer, see here, e-mail her here or telephone Ms. Stamer at (214) 452-8297.

About Solutions Law Press, Inc.™

NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advise or an admission. The author reserves the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The author and publisher disclaim, and have no responsibility to provide any update or otherwise notify any participant of any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.

Leave a Comment » | Academic medicine, Affordable Care Act, Anti-KickBack, ASC, Centers For Disease Control, Childrens Health Insurance Program, Conditions of Participation, data breach, data security, DEA, Doctor, Electronic Medical Records, EMTALA, FDA, Federal Health Center, Federal Sentencing Guidelines, Health Care, Health care coding, Health Care Finance, Health Care Fraud, Health Care Provider, Health Care Quality, Health Care Reform, health care reimbursement, Health Insurance Exchange, Health IT, Health Plan, Health Plans, healthcare, HHS, HIPAA, HIPAA Cyber Crime, HITECH Act, Home Health, Hospice, Hospital, hospitals, Indian Health, Inpatient Rehabilitation, Inpatient Rehabilitation Facility, managed care, Meaningful Use, Medicaid, Medical Privacy, Medical Records, Medicare, Medicare Advantage, Medicare Fee Schedule, Medicare Prescription Drug Program, Mental Health, Mental Heatlh, OCR, OIG, Outcomes Data, Outpatient, Peer Review, Pharmaceudical, Pharmacy, Physician, Preexisting Condition Insurance Plan, Prescription Drugs, Privacy, Prospective Payment, Psychiatric, public health, Public Policy, quality reporting, Reimbursement, Reproductive Rights, Rural Health Care, Skilled Nursing Facility, Stark, Substance Abuse, substance abuse treatment, Telemarketing, Telemedicine, Uncategorized, Wellness | Tagged: Affordable Care Act, controlled substance, drugs, false claims act, Health Care, Health Care Compliance, Health Care Fraud, Health Care Provider, Health Care Reimbursement, Health Plans, HEAT, HHS, HIPAA, Hospital, Medicaid, Medicare, OCR, pain management, pharmacist, pharmacy, Physician, Physicians, Privacy, Reimbursement | Permalink
Posted by Cynthia Marcotte Stamer

OCR Gives Health Care Providers, Other Covered Entities Post-Las Vegas Shooting HIPAA Medical Privacy Guidance On Disclosures To Family, Media & Others For Notification & Other Purposes

October 9, 2017

Widespread media coverage of this week’s Las Vegas, Nevada mass shooting (Las Vegas Shooting), and recent Hurricanes in Texas, Florida and Puerto Rico shows the barrage of requests for patient information from emergency and disaster response personnel, concerned family and friends, the media or others about the identity, status and other circumstances of patients and other individuals that health care providers caring for patients following a mass disaster or other emergency.

The tight restrictions and potentially stiff penalties authorized under the Health Insurance Portability And Accountability Act (HIPAA) Privacy and Security Rule (Privacy Rule) on health care providers, health plans, and health care clearinghouses (Covered Entities) for improperly disclosing information about identifiable patients under the Privacy Rule necessitate that health care providers and other Covered Persons exercise great care to ensure that statements and other disclosures of identifiable patient information either are authorized in writing in accordance with HIPAA or otherwise specifically allowed under the Privacy Rule. See, e.g., $2.4M HIPAA Settlement Warns Providers About Media Disclosures Of PHI; $2.4M HIPAA Settlement Message Warns Health Plans & Providers Against Sharing Medical Info With Media, Others; $2 Million+ HIPAA Settlement, FAQ Warn Providers Protect PHI From Media, Other Recording Or Use.

Following the Las Vegas Shooting, the Department of Health & Human Services (HHS) Office for Civil Rights (OCR) on October 3, 2017 issued an announcement on “Disclosures to Family, Friends, and Others Involved in an Individual’s Care and for Notification” (Announcement) intended to clarify certain limited situations when OCR interprets the Privacy Rule as allowing Covered Entities to disclose PHI to individuals involved in the patient’s care, the media or other parties not involved in the patient’s care for notification purposes without prior patient authorization. Health care providers and other Covered Entities should review and update their existing Privacy Rule policies, practices and training in response to this and other evolving guidance to help prepare their teams appropriately to respond to family, media and other inquiries about patients in emergency and other circumstances.

Privacy Rule Generally

While mass shooting events like the Las Vegas Shooting, recent hurricanes, Ebola or other contagious disease outbreak and other mass injury or illness events garner widespread media and public attention, health care providers and other Covered Entities also regularly field requests for PHI about current or former patients from family and others involved in patients’ care or treatment, law enforcement, law enforcement, and the media or other members of the general public not involved in patient care.

The Privacy Rule generally requires Covered Entities to keep confidential, and prohibits Covered Entities from disclosing individually identifiable health care information about a patient that qualifies as “protected health information” or “PHI” without first obtaining a HIPAA-compliant authorization unless the disclosure meets all the requirements to fall under an exception defined in the Privacy Rule.

Since HIPAA’s broad definition of PHI encompasses even the name, identity and even existence of a patient, as well as more specific information about the current or past health condition and treatment of a patient, health care providers and other Covered Entities must prepare and train their staff to be prepared appropriately to comply with the Privacy Rules even when considering disclosing PHI to identify an incapacitated patient, notify or respond to inquiries of family or others involved in caring for patient during an emergency or disaster.

As OCR guidance consistently reaffirms, the Privacy Rule’s general prohibition against PHI without prior patient authorization and other requirements generally still apply during public health or other emergencies.[1] While Social Security Act § 1135(b)(7) allows HHS temporarily to waive sanctions and penalties for violations of some, but not all Privacy Rule requirements by a covered hospitals operating under disaster protocols during periods the President declares an emergency or disaster and the HHS Secretary declares a public health emergency as in response to Hurricanes Katrina,[2]Harvey,[3] Irma,[4] and Maria,[5] this relief is rarely applicable, and limited in scope, applicability and duration.[6] Consequently, Covered Entities still need to ensure that any contemplated disclosure is either authorized or meets all requirements the Privacy Rule requires to fall under an exemption to its general prohibition against unauthorized disclosure to avoid becoming subject to civil or even criminal sanctions under the Privacy Rule even when responding to inquiries during mass disaster, public health emergency or other exigent circumstances.

As discussed in November 2016 OCR Bulletin On HIPAA Privacy in Emergency Situations, the Privacy Rule includes various exceptions that may allow a health care provider or other Covered Entity to disclose the PHI of a patient involved in a public health or other emergency without patient authorization including:

PHI about the patient necessary to treat the patient or to treat a different patient including the coordination or management of health care and related services by one or more health care providers and others, consultation between providers, and the referral of patients for treatment. See 45 CFR §§ 164.502(a)(1)(ii), 164.506(c), and the definition of “treatment” at 164.501;
To a public health authority, such as the Centers for Disease Control and Prevention (CDC) or a state or local health department, authorized by law to collect or receive such information for the purpose of preventing or controlling disease, injury or disability. See 45 CFR §§ 164.501 and 164.512(b)(1)(i);
As necessary to prevent or lessen a serious and imminent threat to the health and safety of a person or the public when consistent with applicable law (such as state statutes, regulations, or case law) and the provider’s standards of ethical conduct. See 45 CFR 164.512(j);
To a patient’s family members, relatives, friends, or other persons identified by the patient as involved in the patient’s care or as necessary to identify, locate, and notify family members, guardians, or anyone else responsible for the patient’s care, of the patient’s location, general condition, or death provided that the Covered Entity gets at least verbal permission from individuals or otherwise be able to reasonably infer that the patient does not object, when possible; or if the individual is incapacitated or not available, in the Covered Entity’s professional judgment, doing so is in the patient’s best interest. See 45 CFR 164.510(b);
With disaster relief organizations that, like the American Red Cross, are authorized by law or by their charters to assist in disaster relief efforts, for the purpose of coordinating the notification of family members or other persons involved in the patient’s care, of the patient’s location, general condition, or death without authorization if doing so would interfere with the organization’s ability to respond to the emergency; or
Limited facility directory information to acknowledge an individual is a patient at the facility and provide basic information about the patient’s condition in general terms (e.g., critical or stable, deceased, or treated and released) to the media or others not involved in the care of the patient upon request for information about a particular patient by name, if the patient has not objected to or restricted the release of such information or, if the patient is incapacitated, if the disclosure is believed to be in the best interest of the patient and is consistent with any prior expressed preferences of the patient. See 45 CFR 164.510(a).

Announcement Clarifies Privacy Rules For Disclosures To Individuals Involved In Patient’s Care; For Notification; And To Media Or Others Not Involved In Patient Care

The new OCR Announcement provides clarification of the applicability of the Privacy Rule exemptions regarding disclosures of PHI by health care providers or other Covered Entities:

To individuals involved in the patient’s care or for notification purposes; or
To media or other individuals not involved in the patient’s care.

In addition, the Announcement also reminds Covered Entities:

Of their responsibility to limit disclosures made without HIPAA-compliant patient authorization other than for treatment purposes to the minimum necessary,
That the Privacy Rule allows Covered Entities to rely upon certifications that information requested by public health authorities or officials that the information requested is the minimum necessary; and
To continue to enforce role-based restrictions on PHI.
Disclosures to Family, Friends, Disaster Relief Responders and Others Involved in an Individual’s Care and for Notification

Privacy Rule §164.510(b) permits a Covered Entity to share PHI:

With a patient’s family members, relatives, friends, or other persons identified by the patient as involved in the patient’s care.
About a patient as necessary to identify, locate, and notify family members, guardians, or anyone else responsible for the patient’s care, of the patient’s location, general condition, or death. This may include, where necessary to notify family members and others, the police, the press, or the public at large. See Privacy Rule § 164.510(b).

When making such disclosures, the Announcement states a Covered Entity should get verbal permission from individuals or otherwise be able to reasonably infer that the patient does not object, when possible.

Concerning patients who are unconscious or incapacitated, the OCR guidance also states that a health care provider may share relevant information about the patient with family, friends, or others involved in the patient’s care or payment for care, if the health care provider in its professional judgement determines that doing so is in the best interests of the patient.

In addition, OCR says Covered Entities also may share PHI with disaster relief organizations that, like the American Red Cross, are authorized by law or by their charters to assist in disaster relief efforts, for the purpose of coordinating the notification of family members or other persons involved in the patient’s care, of the patient’s location, general condition, or death. When disclosing PHI to disaster relief organizations, the Announcement states it is unnecessary to obtain a patient’s permission to share the information in this situation if doing so would interfere with the organization’s ability to respond to the emergency.

Disclosures to the Media or Others Not Involved in the Care of the Patient/Notification

As the Las Vegas Shooting illustrates, health care providers and other Covered Entities caring for patients during public health or other emergency situations often must deal with news or other media crews on or around treatment or other health care facilities and media and inquiries from the media or others about the identity, status or other PHI of patients. OCR’s past imposition of stiff penalties against other Covered Entities for improperly disclosing patient PHI to the media or the public without authorization alert Covered Entities of HIPAA risks of failing to properly control access and disclosures of PHI to the media or other general public without obtaining prior written authorization from patients or their personal representatives. See e.g., $2.4M HIPAA Settlement Warns Providers About Media Disclosures Of PHI. See also HIPAA Sanctions Triggered From Covered Entity Statements To Media, Workforce.

Previously issued OCR guidance makes clear that health care providers and other Covered Entities risk sanction both from allowing media or other members of the public inappropriate access to patient treatment or other areas with unsecured PHI as well as media statements and other disclosures of PHI to the media or public without first obtaining a HIPAA-compliant authorization except under narrow circumstances specified in the Privacy Rule.. See 45 CFR 164.510(a). OCR FAQ on Disclosures to the Media, for instance, states:

“the HIPAA Privacy Rule does not permit health care providers to disclose PHI to media personnel, including film crews, without having previously obtained a HIPAA-compliant authorization signed by the patient or his or her personal representative. In other words, health care providers may not allow members of the media, including film crews, into treatment areas of their facilities or other areas where PHI will be accessible in written, electronic, oral or other visual or audio form, without prior authorization from the patients who are or will be in the area or whose PHI will be accessible to the media. It is not sufficient for a health care provider to request or require media personnel to mask the identities of patients (using techniques such as blurring, pixilation, or voice alteration software) for whom an authorization was not obtained, because the HIPAA Privacy Rule does not allow media access to the patients’ PHI, absent an authorization, in the first place.

In addition, the health care provider must ensure that reasonable safeguards are in place to protect against impermissible disclosures or to limit incidental disclosures of other PHI that may be in the area but for which an authorization has not been obtained.

While emphasizing the Privacy Rule’s general requirement to secure advance authorization, OCR FAQ on Disclosures to the Media also recognizes the following “very limited situations” that the Privacy Rule permits a Covered Entity to disclose limited PHI to the media without obtaining a HIPAA authorization:

A Covered Entity may disclose limited PHI about an unidentified incapacitated patient to the media seek to have the media help identify or locate the family of an unidentified and incapacitated patient in its care if, in the hospital’s professional judgment, doing so is in the patient’s best interest. See 45 C.F.R. 164.510(b)(1)(ii);
A Covered Entity may disclose a patient’s location in the facility and condition in general terms that do not communicate specific medical information about the individual to any person, including the media, without obtaining a HIPAA authorization where the individual has not objected to his information being included in the facility directory, and the media representative or other person asks for the individual by name. See 45 C.F.R. 164.510(a);
The HIPAA Privacy Rule does not require health care providers to prevent members of the media from entering areas of their facilities that are otherwise generally accessible to the public, which may include public waiting areas or areas where the public enters or exits the facility;
A health care provider may utilize the services of a contract film crew to produce training videos or public relations materials on the provider’s behalf if certain protections are in place. If patients are to be identified by the provider and interviewed by a film crew, or if PHI might be accessible during filming or otherwise disclosed, the provider must enter into a HIPAA business associate agreement with the film crew acting as a business associate. Among other requirements, the business associate agreement must ensure that the film crew will safeguard the PHI it obtains, only use or disclose the PHI for the purposes provided in the agreement, and return or destroy any PHI after the work for the health care provider has been completed. See 45 C.F.R. 164.504(e)(2). As a business associate, the film crew must comply with the HIPAA Security Rule and a number of provisions in the Privacy Rule, including the Rule’s restrictions on the use and disclosure of PHI. In addition, authorizations from patients whose PHI is included in any materials would be required before such materials are posted online, printed in brochures for the public, or otherwise publicly disseminated; and
Covered Entities can continue to inform the media of their treatment services and programs so that the media can better inform the public, provided that, in doing so, the Covered Entity does not share PHI with the media without the prior authorization of the individuals who are the subject of the PHI.

The Announcement reaffirms the general principles stated in this and other prior guidance concerning Covered Entities dealings with the media and public and clarifies its interpretation about what PHI, if any, the Privacy Rule allows hospitals and other health care providers about PHI may share in response to requests from the media or other individuals not involved in the care of a patient without first obtaining an authorization.

The Announcement reaffirms that affirmative reporting to the media or the public at large about an identifiable patient, or the disclosure to the public or media of specific information about treatment of an identifiable patient, such as specific tests, test results or details of a patient’s illness, may not be done without the patient’s written authorization (or the written authorization of a personal representative who is a person legally authorized to make health care decisions for the patient) that complies with HIPAA’s authorization requirements. See 45 CFR 164.508.

The Announcement also clarifies, however, that Covered Entities that are hospitals or health care facilities that receive a request for information about a particular patient by name may release limited facility directory information to acknowledge an individual is a patient at the facility and provide basic information about the patient’s condition in general terms (e.g., critical or stable, deceased, or treated and released) if the patient has not objected to or restricted the release of such information or, if the patient is incapacitated, if the disclosure is believed to be in the best interest of the patient and is consistent with any prior expressed preferences of the patient.

Minimum Necessary Requirements & Other Privacy Rule Responsibility Reminders

The Announcement also cautions Covered Entities of the need to ensure beyond ensuring that a disclosure falls under a Privacy Rule exception, Covered Entities also need to ensure that other requirements of the Privacy Rule applicable to the disclosure also are met. In this respect, the Announcement cautions Covered Entities that the Privacy Rule requires they limit any otherwise permitted disclosure of PHI other than for treatment purposes made without obtaining a HIPAA-compliant patient authorization to the minimum necessary to achieve the allowed purpose, while also reminding Covered Entities that when making disclosures otherwise permitted to public health authorities or public officials, the Privacy Rule allows the Covered Entity to rely on representations from a public health authority or other public official that the requested information is the minimum necessary for the purpose.

Furthermore, the Announcement also warns Covered Entity that they should continue to apply their role-based access policies to limit access to PHI to only those workforce members who need it to carry out their duties. See Privacy Rules §§ 164.502(b), 164.514(d).

In addition to keeping in mind these Privacy Rule conditions, Covered Entities also need to take steps to ensure that their organizations and workforce also continue to follow all necessary procedures to ensure that their organizations can demonstrate continued compliance with other Privacy Rule requirements on verification, documentation and recordkeeping, accounting for disclosure, business associates and the like. In this regard, it is important that Covered Entities and their business associates take appropriate steps to ensure that their workforce carefully creates and retains the documentation and records needed to defend their actions as well as to respond to HHS requests and/or requests for accounting or disclosure that might arise in the future.

Required Action: Review & Update Emergency & Other Practices, Training In Response To Evolving Guidance

The Privacy Rules and other OCR guidance make clear that health care providers and other Covered Entities and their business associates are expected both to implement and maintain their practices, policies, workforce training and safeguards appropriately to control use, access and disclosure in emergency and other situations as well as to implement the necessary systems and safeguards to protect sensitive PHI, electronic PHI and associated records and system from improper access from the media or others and damage or destruction from disaster or other events.

In recognition that maintaining Privacy and Security Rule Compliance can prove challenging for Covered Entities and their business associates during emergency or other exigent events, OCR has published various other guidance it hopes will help Covered Entities and business associates prepare for and respond to these challenges including its Disclosure For Emergency Preparedness Decision Tool; and Public Health Authority Disclosure Request Checklist.

Covered Entities and their business associates should act promptly to review and update their policies, practices, safeguards and workforce training as needed in response to the new Announcement and other OCR guidance promptly.

About The Author

Repeatedly recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, a Fellow in the American College of Employee Benefit Council, the American Bar Foundation and the Texas Bar Foundation and board certified in labor and employment law by the Texas Board of Legal Specialization, Cynthia Marcotte Stamer is a practicing attorney, management consultant, author, public policy advocate and lecturer widely known for health and managed care, employee benefits, insurance and financial services, data and technology and other management work, public policy leadership and advocacy, coaching, teachings, and publications. Nationally recognized for her work, experience, leadership and publications on HIPAA and other medical privacy and data use and security, FACTA, GLB, trade secrets and other privacy and data security concerns, Ms. Stamer has worked extensively with clients and the government on cybersecurity, technology and processes and other issues involved in the use and management of medical, insurance and other financial, workforce, trade secrets and other sensitive data and information throughout her career. Scribe or co-scribe of the ABA Joint Committee on Employee Benefits Agency meeting with OCR since 2011, Ms. Stamer extensive experience, advising, representing, training and coaching health care providers, health plans, healthcare clearinghouses, business associates, their information technology and other solutions providers and vendors, and others on HIPAA and other privacy, data security and cybersecurity design, documentation, administration, audit and oversight, business associate and other data and technology contracting, breach investigation and response, and other related concerns including extensive involvement representing clients in dealings with OCR and other Health & Human Services, Federal Trade Commission, Department of Labor, Department of Treasury, state health, insurance and attorneys’ general, Congress and state legislators and other federal officials.

About Solutions Law Press, Inc.™

[1] See e.g. OCR Bulletin: HIPAA Privacy in Emergency Situations (November 2014).

[2] Disclosing PHI in Emergency Situations; Compliance Guidance and Enforcement Statement.

[3] August 2017 Hurricane Harvey Bulletin.

[4] September 2017 Hurricane Irma Bulletin.

[5] September 2017 Hurricane Maria Bulletin

[6] The HIPAA Privacy Rule is not suspended during a public health or other emergency; however, Section 1135(b)(7) of the Social Security Act allows HHS to waive sanctions and penalties against a covered hospital that does not comply with the following provisions of the Privacy Rule events if the President declares an emergency or disaster and the Secretary declares a public health emergency:

the requirements to obtain a patient’s agreement to speak with family members or friends involved in the patient’s care. See 45 CFR 164.510(b).
the requirement to honor a request to opt out of the facility directory. See 45 CFR 164.510(a).
the requirement to distribute a notice of privacy practices. See 45 CFR 164.520.
the patient’s right to request privacy restrictions. See 45 CFR 164.522(a).
the patient’s right to request confidential communications. See 45 CFR 164.522(b).

If the Secretary issues such a waiver, it only applies: (1) in the emergency area and for the emergency

period identified in the public health emergency declaration; (2) to hospitals that have instituted a disaster protocol; and (3) for up to 72 hours from the time the hospital implements its disaster protocol.

When the Presidential or Secretarial declaration terminates, a hospital must then comply with all the requirements of the Privacy Rule for any patient still under its care, even if 72 hours has not elapsed since implementation of its disaster protocol. See also Social Security Act 1135(b)(7); Frequently Asked Question: HIPAA waiver during a national or public health emergency; OCR Bulletin: HIPAA Privacy in Emergency Situations (November 2014).

Leave a Comment » | 1335 Waiver, Academic medicine, ARRA, ASC, Childrens Health Insurance Program, Corporate Compliance, Cyber crime, data breach, data security, Disaster Relief, Doctor, Durable Medical Equipment, E-Prescribing, Electronic Health Records, Electronic Medical Records, Employer, ERISA, FACTA, Federal Health Center, Fiduciary Responsibility, GINA, Health Care, Health Care Provider, Health Care Quality, Health IT, Health Plan, Health Plans, Health Policy, healthcare, HIPAA, HIPAA Cyber Crime, HITECH Act, Home Health, Hospital, Hospital, Inpatient Rehabilitation, Inpatient Rehabilitation Facility, Joint Commission, Laws, managed care, Meaningful Use, Medical Privacy, Medical Records, Mental Health, Pharmaceudical, Pharmacy, Privacy, Psychiatric, Skilled Nursing Facility, Technology, Telemedicine, Uncategorized, Veterans Health Administration | Tagged: Crisis preparedness, Cybercrime, Disaster, dta breach, Emergency, Health Care, HIPAA, Hurricane, Hurricane Harvey, Hurricane Irma, Hurricane Maria, Las Vegas Shooting, Mass Shooting, Medical Privacy, OCR, Privacy, public health, Terrorism | Permalink
Posted by Cynthia Marcotte Stamer

Novo Nordisk Pays $58M+ For Not Giving FDA-Required Warnings ABout Victoza Cancer Risks

September 11, 2017

Pharmaceutical Manufacturer Novo Nordisk Inc.’s $58.65 million settlement resolving charges it failed to comply with the Federal Drug Administration (FDA)-mandated Risk Evaluation and Mitigation Strategy (REMS) for its Type II diabetes medication Victoza illustrates the potential consequences that pharmaceutical companies risk by failing to provide FDA-required warnings about potential side effects of their drugs.

The settlement announced by the Department of Justice (DOJ) on September 5, 2017 resolves a DOJ civil complaint filed September 5, 2017 charging that Novo Nordisk violated a FDA requirement in effect at the time of Victoza’s approval in 2010 that Novo Nordisk provide information regarding Victoza’s potential risk of MTC to physicians. The FDA required the notice to mitigate the potential risk in humans of a rare form of cancer called Medullary Thyroid Carcinoma (MTC) associated with the drug. DOJ charged that some Novo Nordisk sales representatives gave information to physicians that created the false or misleading impression that the Victoza REMS-required message was erroneous, irrelevant, or unimportant. The complaint also alleges that Novo Nordisk failed to comply with the REMS by creating the false or misleading impression about the Victoza REMS-required risk message that violated provisions of the FDCA and led some physicians to be unaware of the potential risks when prescribing Victoza.

According to the government’s complaint, after a survey in 2011 showed that half of primary care doctors polled were unaware of the potential risk of MTC associated with the drug, the FDA required a modification to the REMS to increase awareness of the potential risk. Rather than appropriately implementing the modification, the complaint claims that Novo Nordisk instructed its sales force to provide statements to doctors that obscured the risk information and failed to comply with the REMS modification. Novo Nordisk has agreed to disgorge $12.15 million in profits derived from its unlawful conduct in violation of the FDCA.

A manufacturer that fails to comply with the requirements of the REMS, including requirements to communicate accurate risk information, renders the drug misbranded under the FDCA.

Under the agreed settlement, Novo Nordisk will pay an additional $46.5 million to the federal government and the states to resolve claims under the FCA and state false claims acts. This portion of the settlement resolves allegations that Novo Nordisk caused the submission of false claims from 2010 to 2014 to federal health care programs for Victoza by arming its sales force with messages that could create a false or misleading impression with physicians that the Victoza REMS-required message about the potential risk of MTC associated with Victoza was erroneous, irrelevant, or unimportant and by encouraging the sale to and use of Victoza by adult patients who did not have Type II diabetes. The Food and Drug Administration (FDA) has not approved Victoza as safe and effective for use by adult patients who do not have Type II diabetes. As a result of the FCA settlement, the federal government will receive $43,129,026 and state Medicaid programs will receive $3,320,963.

The FCA settlement also resolves seven lawsuits filed under the whistleblower provision of the federal FCA, which permits private parties to file suit on behalf of the United States for false claims and share in a portion of the government’s recovery. The civil lawsuits are captioned as follows: United States, et al. ex rel. Kennedy, v. Novo A/S, et al., No. 13-cv-01529 (D.D.C.), United States, et al. ex rel. Dastous, et al. v. Novo Nordisk, No. 11-cv-01662 (D.D.C), United States, et al., ex rel. Ferrara and Kelling v Novo Nordisk, Inc., et al., No. 1:11-cv-00074 (D.D.C.), United States, et al., ex rel. Myers v. Novo Nordisk, Inc., No. 11-cv-1596 (D.D.C.), United States, et al. ex rel Stepe v. Novo Nordisk, Inc., No. 13-cv-221 (D.D.C.), United States et al. ex rel Doe, et al. v. Novo Nordisk, Inc., et al., No. 1:17-00791 (D.D.C.), and United States ex rel. Smith, et al. v. Novo Nordisk, Inc., Civ. Action No. 16-1605 (D.D.C.). The amount to be recovered by the private parties has not been determined.

About the Author

Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: Erisa & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for health industry and other management work, public policy leadership and advocacy, coaching, teachings, and publications. Ms. Stamer works with health industry and related businesses and their management, employee benefit plans, governments and other organizations deal with all aspects of human resources and workforce, internal controls and regulatory compliance, change management and other performance and operations management and compliance. For additional information about Ms. Stamer, see here, e-mail her here or telephone Ms. Stamer at (214) 452-8297.

About Solutions Law Press, Inc.™

NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advise or an admission. The author reserves the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The presenter and the program sponsor disclaim, and have no responsibility to provide any update or otherwise notify any participant of any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.

Leave a Comment » | false claims act, FDA, Pharmaceudical, Uncategorized | Tagged: Cancer, Diabetes, FDA, Novo Nordisk, Pharma, Pharmaceudical, REMS, Victoza | Permalink
Posted by Cynthia Marcotte Stamer

About Solutions Law Press, Inc.™

Recent Posts

Share this:

About Solutions Law Press, Inc.™

Share this:

About Solutions Law Press, Inc.™

Share this:

Share this:

About Solutions Law Press, Inc.™

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

With New Settlements, OCR Collections From HIPAA Covered Entities For Improperly Allowing Filming Or Other PHI Disclosures To Media Now Exceed $3 Million

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Recent Posts

Archives

About Cynthia Marcotte Stamer

Share this blog

Archives

Solutions Law Press Health Care Update