Health law is the federal, state, and local law, rules, regulations and other jurisprudence among providers, payers and vendors to the healthcare industry and its patient and delivery of health care services; all with an emphasis on operations, regulatory and transactional legal issues.
In the beginning of June, 2020, the Department of Justice (“DOJ”) revised its Evaluation of Corporate Compliance Programs Guidance Document. The Document is designed to assist prosecutors in making informed decisions as to whether, and to what extent, the company’s compliance program is effectivefor purposes of determining, when a compliance violation has occurred, the appropriate form of any resolution or prosecution and monetary penalty. It also guides a prosecutor as to the company’s compliance obligations contained in any criminal resolution. The Document has been revised on three occasions since 2017, telegraphing the DOJ’s intent to prosecute those businesses without compliance plans, or without effective compliance plans, more harshly than those taking steps to identify and remedy risks.
A healthcare business’ failure to have in place a compliance program designed to detect and respond to potential fraud and security risks places it at a serious risk of civil and criminal liability. When a compliance issue is investigated, charged and resolved, DOJ prosecutors are instructed to consider whether the business has invested in and improved its corporate compliance program and internal controls systems. They must also determine whether those improvements have been tested to demonstrate that they would prevent or detect similar misconduct in the future. According to the DOJ, there are three fundamental questions that a prosecutor should ask when determining whether a business’ compliance plan is sound:read more
Out of network physician owned specialty hospitals are unique in that there are less stringent legal requirements on the facility, but patient care obligations remain the same. This means that patient care must be prioritized over profits and all actions taken by the hospital and any physician investor must showcase that order of priority.
Given the amount of scrutiny placed in physician owned specialty hospitals in the past two decades, these facilities are well served to identify and implement a process to remedy compliance concerns. Even when a facility does not submit claims to any Federal health insurance provider and is out of network with all commercial insurance companies, it is still required to follow the laws of the state where it is located.
The best plan for surviving scrutiny in such situations is to have a plan. Proactively seek out applicable laws and regulations, and determine how your hospital will abide by them. Compliance can be tailored to fit your facility.
Overutilization and Self-Referrals
A physician who shares ownership in a hospital may have a financial incentive to refer patients for services if he or she receives a percentage of the revenue generated. Laws including the Federal Stark Law and Anti-Kickback Statute were promulgated to combat unnecessary referrals. A 2003 study by the Department of Health and Human Services concluded that physician-investor referrals to hospitals in which they have an investment interest are similar to those physicians without investment interests. Nevertheless, the fear of overutilization and unnecessary self referral remains at the forefront of the regulators’ minds at both the State and Federal level. read more
The Office of Civil Rights within the U.S. Department of Health and Human Services recently imposed $2,154,000 in civil money penalties against Jackson Health System in Miami, Florida for multiple violations of HIPAA. The majority of the penalties were due to violations of the HIPAA Security and Breach Notification Rules, rather than for the actual breaches of confidentiality. This action by the government underscores the importance of complying with all of HIPAA, and not just the requirements to safeguard Protected Health Information. read more
Deciding you want to open your own medspa or start a medical practice is the first and most important step in creating something unique and building a brand. Understanding how to properly “start” that business from a legal perspective, and doing so correctly can be the difference between success and failure.
As a physician in a private, solo-practice, or the business owner of a medspa startup, proper strategy is key. Understanding your corporate structure, developing a business plan, and compliance with the laws will help eliminate pesky obstacles that will slow your growth.
When working with start-ups the following steps should be given plenty of time and attention. read more
There are perfectly compliant ways to engage with healthcare marketers, and then there’s this; here are some of the latest real-life examples:
“DME BRACE CAMPAIGN – $40 to $150 PER LEAD PER BRACE”
“DME DIABETIC LEADS $40 PER LEAD, INSURANCE AND DOC INFO INCLUDED”
“PAIN CREAM/LIDOCANE LEADS FOR SALE, RX INCLUDED”
These marketers are seemingly holding auctions for the sale of federally protected patient health information out to the highest bidder! Couldn’t make this stuff up – if you’re in this industry, a quick gander at your (business) social media platforms will quickly confirm it. read more
The Office of Inspector General (OIG) announced the launch of a new tool on its website titled the “Fraud Risk Indicator”. The OIG has stated that the purpose for the tool is to provide guidance on how it has evaluated risk in settling False Claims Act (FCA) cases and to publicize information about where FCA defendants fall on the OIG’s risk spectrum. This tool can benefit patients, healthcare industry professionals and other individuals who may find this information relevant. This tool will also benefit the public with information about providers charged under the FCA that are at high risk for committing healthcare fraud. The Indicator shows the Risk Spectrum from Highest Risk to Lower Risk. read more
The transition from paper medical records to electronic medical records has brought with it many conveniences and some unintended consequences. One example of an unintended consequence is cloning in the medical record. Cloning is copying and pasting previously recorded information from a prior patient note into a new patient note.
Providing quality medical care is only one part of the job. Appropriately documenting that care in order to be paid for your efforts is another. And while medical professionals are trained at length to provide care, hardly any are aware of the potential pitfalls associated with improper documentation.
On May 19, 2018, Delray Beach medical spa owner Jennifer Aspen was booked into the Palm Beach County Jail and charged with practicing medicine without a license. Ms. Aspen is the manager of Mermaid’s Skin & Wellness, a medical spa located in Delray Beach, Florida. The charges against Ms. Aspen stem from the fact that a Delray Beach police officer presented to Mermaid’s Skin & Wellness for a testosterone shot. Ms. Aspen stated to the officer that she would perform the injection. Ms. Aspen is a certified nursing assistant in the State of Florida. Her license is currently listed as “delinquent” on the Department of Health’s website, meaning that (as of today) she failed to renew her license after its May 30, 2018 expiration date. Certified nursing assistants are not generally allowed to administer testosterone in the State of Florida.
One of the legal issues that presents frequently in our office is med spa compliance; who can open and operate a medical spa if it is just a cash business, meaning that it does not submit claims for reimbursement to any government or commercial payor. Misunderstandings run rampant in the medical spa industry and many times patients are administered treatment from persons who are not supposed to be providing it. read more