Health law is the federal, state, and local law, rules, regulations and other jurisprudence among providers, payers and vendors to the healthcare industry and its patient and delivery of health care services; all with an emphasis on operations, regulatory and transactional legal issues.
On January 1, 2021, every hospital in the United States (with very few exceptions) will be required to post clear, accessible pricing information online about the items and services they provide. These “standard charges” must be provided in two ways: first, as a comprehensive list of all items and services offered by the hospital in a machine readable format; and second, as a display of “shoppable services” in a consumer friendly format. According to CMS, the stated goal of the new rule is to empower patients “with the necessary information to make informed health care decisions.”
With the first requirement, the list must include gross charges, discounted cash prices, payor-specific negotiated charges, and de-identified minimum and maximum negotiated charges. The items and services covered are basically anything for which the hospital has established a standard charge, regardless of location or whether the item or service is provided on an inpatient or outpatient basis. These include, but are not limited to, supplies, surgical implants, procedures, room and board, and professional charges.
The COVID-19 pandemic has presented hospitals and health care facilities with challenges that go beyond providing comprehensive care to patients suffering from the virus. One of the most common challenges is how to handle patient visitors. Denying or limiting visitors could be seen as a violation of patient rights, and denying access to a visit by clergy could rise to the level of religious discrimination. After receiving a number of complaints in this regard, the HHS Office of Civil Rights (OCR) recently provided some technical assistance to two hospitals that faced this issue.
In the first case, a COVID-positive patient in a Maryland hospital was separated from her newborn son. Shaken by the separation, the patient requested that a priest be permitted to visit the baby, so he could baptize the child. But the hospital had instituted a ban on all hospital visitation in response to the pandemic, so the request was denied. read more
As of July 1, 2020, all Florida health care providers, and providers in training, are now required to obtain written consent from their patients (or their legal representatives) before performing a pelvic exam. The only exceptions to this requirement are when the exam is done pursuant to a court order, or in cases of emergency. Given the broad application of the new law, it is imperative for any provider who may need to perform a pelvic exam on a patient, even if it’s a fairly rare occurrence, to be ready to obtain the consent.
The law grew out of concerns for improper actions taken against sedated patients. And as initially proposed, it only covered pelvic exams performed in training settings. However, the legislature expanded the scope to include all settings and all providers. read more
The debate over the pro’s and con’s of physician-owned hospitals has been raging for decades. Physician-owners say their hospitals are more patient-focused, provide higher quality care, obtain better outcomes and therefore receive higher patient satisfaction scores. They also point out their convenience and efficiency.
Opponents argue that physician-ownership leads to overutilization and cherry-picking of only the best patients. The less-desirable patients (both clinically and financially) are then left to be taken care of by the community hospitals. For those reasons, both the American Hospital Association and the Federation of American Hospitals remain strongly opposed to physician-owned hospitals.
Federally, the Stark Law includes an exception which allows a physician to refer patients to a hospital in which the physician has an ownership interest, so long as the ownership interest is in the entire hospital, and not just a subdivision of the hospital. However, in 2010, the federal government weighed in again on the issue, and passed the Affordable Care Act (ACA), which includes provisions which (i) restrict physician referrals to hospitals in which they hold an ownership interest; (ii) restrict any increases in physician-ownership of a hospital; and (iii) restrict expansion of physician-owned hospital facilities. CMS has granted exceptions to these restrictions, but those have been limited to rural hospitals and high Medicaid hospitals, and attempts to amend the law have failed. read more
On February 4, 2020, the Department of Justice announced a $1.5 million settlement with Southeastern Retina Associates, a 17 physician practice, with offices in Tennessee, Georgia and Virginia. The sole basis of the claim was the alleged misuse of the Modifier 25 billing code and charging for exams at higher levels than warranted. The claim was initiated by a whistleblower, who will receive $270,000 from the settlement.
Use and potential abuse of Modifier 25 is obviously not unique to retina surgeons. In fact, the modifier can be very beneficial to providers, since it allows for payment for those patient visits when the care provided exceeds the scope of the scheduled appointment. However, given the potential for abuse and the many watchful eyes of the government (the Southeastern Retina case was investigated by the U.S. Attorney’s Office, the HHS Office of Inspector General, the U.S. Office of Personnel Management, the FBI, and the Tennessee Attorney General’s Office) and wannabe whistleblowers, a periodic review of a provider’s billing practices is always a good idea. read more
The Office of Civil Rights within the U.S. Department of Health and Human Services recently imposed $2,154,000 in civil money penalties against Jackson Health System in Miami, Florida for multiple violations of HIPAA. The majority of the penalties were due to violations of the HIPAA Security and Breach Notification Rules, rather than for the actual breaches of confidentiality. This action by the government underscores the importance of complying with all of HIPAA, and not just the requirements to safeguard Protected Health Information. read more
It has been a busy autumn for the enforcement of health care privacy rights. Recent activities range from settling the claim for the largest HIPAA violation in US history, to penalties imposed for filming TV shows, to actions initiated by state governments. All of these actions confirm the serious position taken by regulators nationwide to protect the privacy of protected health information (PHI).
The Big One
On October 15, 2018, Anthem, Inc., an independent licensee of Blue Cross, paid $16 million to settle its claim with the HHS Office of Civil Rights (OCR), for a breach that compromised the PHI of 79 million people. This was the largest reported breach in history. The PHI breach occurred in 2015, when hackers initiated a “spearfishing” attack via fraudulent emails. The government found that Anthem lacked appropriate information system procedures to identify and respond to security breaches, and minimum access controls to stop these kinds of attacks.
In addition to the financial penalty, Anthem agreed to a corrective action plan, in which it agreed to perform a risk analysis, and incorporate the results of the analysis into its existing processes, in order to achieve a “reasonable and appropriate level” of HIPAA compliance.
This settlement is in addition to the $115 million settlement Anthem reached last year with the victims of the breach. read more
The concept of gainsharing in the health care industry has been around for decades. Under a typical gainsharing program, a hospital and participating physicians will develop a cost-savings plan in relation to a specific procedure or service line. As the savings are realized, the hospital will then share a portion of the measurable savings with those physicians. The goal of gainsharing has always been to align physician and hospital interests, in order to improve the quality and efficiency of clinical care.
Gainsharing has not always been viewed favorably by the government. In fact, in a 1999 Special Advisory Bulletin, the Office of Inspector General (OIG) took the position that gainsharing arrangements violated the law, and that the payments could even constitute kickbacks to the participating physicians. Since then, the government has not backed off its position that gainsharing programs might violate the law. However, the OIG has also determined that it would not seek sanctions in a growing number of gainsharing arrangements. read more
In December 2016, the US Congress passed the 21st Century Cures Act, which, among other things, provided for increased funding for treatment and research of mental health and substance abuse disorders. That law also required the HHS Office of Civil Rights (OCR) to provide guidance in regards to HIPAA compliance in regards to those types of treatment. In October 2017, President Donald Trump declared the opioid addiction epidemic to be a public health emergency, which will also result in additional resources being allocated to addressing the crisis.
In connection with both the new law and the President’s declaration, OCR published its HIPAA guidance in December 2017. The guidance is intended to clarify how and when protected health information (PHI) can be shared in regards to patients in substance abuse and mental health treatment. According to OCR Director Roger Severino, “HHS is using every tool at its disposal to help communities devastated by opioids, including educating families and doctors on how they can share information to help save the lives of loved ones.” read more
On June 8, 2017 the Florida Supreme Court, in a 4-3 opinion, ruled that the legislatively-established caps on non-economic damages (such as awards for pain and suffering) in medical malpractice cases are unconstitutional. In 2014 the Florida Supreme Court determined the cap established for wrongful death claims was unconstitutional. The 2017 decision now does away with the remaining caps. read more