Health law is the federal, state, and local law, rules, regulations and other jurisprudence among providers, payers and vendors to the healthcare industry and its patient and delivery of health care services; all with an emphasis on operations, regulatory and transactional legal issues.
As healthcare professionals, we take pride and care in the detail in maintaining our employee files. Certain items must be separated from the others, files securely locked and out of reach from co-workers hands. Personnel’s personal information must be protected. We all know these things and probably already have a procedure in place for compliance.
Whether your facility has been deemed accredited (Joint Commission, for example) or just starting up, employee files must be maintained, reviewed, audited, and kept according to retention requirements. Knowing which laws apply aids in keeping your business compliant. For example, pursuant to ERISA laws, there is no specific time period to maintain records that reflect age, marital status and/or service records. The Social Security Acts states that employees’ social security numbers must be kept four years from the tax due date or payment of tax, whichever is later. So, there’s a lot of tracking going on. read more
Medical web-based businesses have been on the rise, while the number of HIPAA enforcement actions by the US Department of Health and Human Services (HHS) has risen exponentially as well. Since the beginning of this year, HHS has announced several large settlements with companies that failed to comply with HIPAA Compliance requirements. For example, in January, HHS announced a $2.2 million settlement with a health insurance company when a breach resulted from a stolen portable USB device containing PHI. Also, In February, HHS announced a penalty of $3.2 million against a medical center for a breach that arose from a theft of an unencrypted laptop containing PHI. This enforcement activity is becoming the norm, so it is best to ensure that your medical website is legally compliant.
If you are handling any PHI on or through your website, you must ensure that your website is up to speed with HIPAA compliance. Here are some recommendations to address the security and privacy of PHI that your website may manage (please note that this is not a comprehensive list): read more
In 1986 President Ronald Reagan signed the Emergency Medical Treatment and Active Labor Act (EMTALA) into law. Since then, the application of the law has been expanded and refined. It was one of the first laws giving the government the authority to dictate certain operations of a hospital. While other laws and regulations such as the Anti-Kickback Statute and the Stark Law have become more of a focus for health care providers, EMTALA remains an area of active enforcement. All providers with hospital privileges should therefore be aware of its application.
The policy behind the law is fairly straightforward. Hospitals with emergency departments should not be able to turn away patients needing care because of their inability to pay (no more “wallet biopsies” as part of triage). Likewise, hospitals should not be able to “dump” patients on other facilities for reasons other than for advanced care.
The requirements of the law are also very basic. If a patient comes to an emergency department and requests an examination or treatment for a medical condition, the hospital must provide an appropriate medical screening exam, within its capability, to determine whether or not the patient has an emergency medical condition. The screening provided goes beyond simple triage, and must be performed by a clinical provider such as a physician, nurse practitioner, or physician’s assistant. read more
Does your healthcare entity have a governing Board? How involved is that Board in overseeing your business? Would your Board members be able to respond to questions about your business’ compliance-related activities? Recently, the Office of the Inspector General (“OIG”), in conjunction with a host of non-profit healthcare associations, released guidance on achieving compliance for healthcare governing boards. The guidance is not based on abstract principals of compliance, instead it points to applicable federal law, OIG guidance, case law, and sentencing guidelines.
Each and every healthcare organization, whether or not it accepts reimbursement from government payors, must have in place regulatory compliance measures designed to protect the population it serves, and the persons paying for and providing those services. All levels of a healthcare organization must be cognizant of their roles in the organization’s continuing commitment to compliance. Even Board members, who often do not experience the inner-workings of the entities they represent, have an obligation and duty to the organization to act in a manner that stressed compliance. Applicable federal and state laws, how they apply to an organization, and how the organization reacts to its obligations imposed by those laws, must be of paramount importance to a governing Board.
The OIG compliance guidance for healthcare Boards tracks 4 areas over which boards should have specific oversight: read more
When a healthcare provider cares for a patient, many times, the provider will set out directives for the patient to follow in order to live a healthier life. These changes may include changes in lifestyle, eating habits, and obedience in taking medications. A patient’s compliance with these directives instructs the provider on how to care for the patient in the future. A patient who does not follow these directives may suffer health consequences.
Similarly, the government sets out legal regulations for healthcare providers. The government expects healthcare providers to comply with its regulations, and providers who don’t can suffer consequences as a result. The regulations governing health care providers are vast and dynamic. In order to keep abreast of the changes in law, and to evidence an intent to comply with law, healthcare providers should strongly consider instituting compliance programs in their businesses.
Compliance with healthcare laws is important. Any number of consequences can result in the event that a healthcare provider is out of compliance—the most devastating being that the Department of Health and Human Services Office of the Inspector General (“OIG”) has the authority to exclude healthcare providers from participation in Medicare and other federal health care programs. Ignorance of the law does not absolve a healthcare provider of liability. read more
Though it can be tempting to offer help to patients in this era of sky high healthcare costs, out-of-network physicians must remember that they should not only be collecting copayments and deductibles from their patients at the time of service and before they leave the office, but also that collecting these payments is their obligation. For physicians and other providers who engage in the practice of failing to collect payments there is a significant legal exposure under federal and state laws including civil litigation brought by commercial health plans, managed care organizations and medical benefit managers regarding routine waiver of these payments. read more
Florida physicians are being approached to become owners of pharmacies to which they may refer, often compounding pharmacies, but may be unaware of the regulatory issues involved. Physicians need to be aware of the core laws that apply, which include the Florida Patient Self Referral Act (FPSRA), the Florida Anti Kickback Statute, the Patient Brokering Act and the Federal Investment Interest Safe Harbor. read more
In an effort to help individuals access their health information so that they can become more actively involved in managing their own health care, several agencies within the Department of Health and Human Services promulgated a rule that modifies the Clinical Laboratory Improvement Amendments (“CLIA”) and the Health Insurance Portability and Accountability Act (“HIPAA”) in a way that supersedes Florida State laws governing the disclosure of laboratory test results directly to patients.
The US Department of Health and Human Services, Office of Civil Rights is the chief enforcer of HIPAA. The Office’s recent enforcement of HIPAA with respect to a Massachusetts derm practice is illustrative of how the government views HIPAA and how vulnerable medical practices are. read more
A recent lawsuit by Horizon Blue Cross/Blue Shield of New Jersey has the potential to cripple point of care testing arrangements often employed by drug and alcohol treatment centers. At risk is not only the roughly $36 Million sought to be recouped by BC/BS, but also perhaps the many millions more which may be claimed by other payers as well.
BC/BS is making serious allegations against Avee Laboratories, Alere, Inc., and a number of recovery centers. The factual allegations include: read more