The issue of scope of practice is front and center in Florida right now with the expansion of what nurse practitioners (and nurse midwives) are legally permitted to do. The newly enacted 464.0123 allows for qualified APRNs (there is specific criteria) to practice independent of a supervising physician in the following areas of medicine–primary care, family medicine, general pediatrics, and general internal medicine.
Even more, assuming they meet the membership criteria for admission to a healthcare facility medical staff, they may admit patients, manage patient care, and discharge patients. One of the only preserved connections with a physician established by the law is if the APRN practices at a healthcare facility, a transfer agreement including a physician is required. Additionally, the new law establishes a Council On Advanced Practice Registered Nurse Autonomous Practice, two members of which are appointed by the Board of Medicine and an additional two appointed by the Board of Osteopathic Medicine.
The Florida Healthcare Law Firm is hosting a free webinar for physicians on appropriate third party relationships. With shrinking reimbursement rates, physicians are increasingly turning to alternative methods and innovative physician relationships to increase revenue. However, not every opportunity is compliant with Federal and State kickback laws, which are designed to prevent overutilization of services.
This course aims to help attendees recognize and advise physicians about relationships designed to compensate for more than just patient care, including, but not limited to:
It will use recent trends in the market to reinforce its objectives. This free webinar is for physicians and healthcare providers full of valuable information.All you have to do is register here, put it on your calendar and then click on the link emailed to you on March 25th!
Physician relationships of any kind should be approached carefully by a highly qualified healthcare attorney. Nearly every aspect of healthcare is governed by a complex array of regulations and remaining compliant when drafting a contractual relationship of any kind is no easy task.
On October 23, 2019, the U.S. Department of Health and Human Services has imposed a civil money penalty of over $2 million against Jackson Health System in Florida for repeated HIPAA violations.
The HIPAA violations mentioned in the HHS Press Release include: 1-Loss of paper patient records in December 2012; 2-Loss of additional paper patient records in January 2013; 3-A media report containing patient information (a photo shared on social media); 4-Employees accessing the information of one patient without a job related purpose; 5- An employee’s improper access and sale of patient records in 2011.
“OCR’s investigation revealed a HIPAA compliance program that had been in disarray for a number of years,” said OCR Director Roger Severino. The state of the compliance program allowed for the failure of several HIPAA requirements, including provision of timely and accurate HIPAA breach notifications, performance of regular risk assessments, investigation of identified risks, audits of system activity records, and imposing appropriate restrictions on workforce members’ access to patient information. The government’s final determination is available here.
When a HIPAA breach is discovered and reported, the government will often take the time to review a covered entity’s history of compliance or non-compliance. This may include an investigation into prior issues, effectiveness of policies and procedures, and employee issues. Overlooking one suspected breach may result in the imposition of sanctions on any later breach. This is why it’s so important for a healthcare business to understand its HIPAA obligations and take them seriously.
When was the last time your business conducted a security risk assessment to understand its potential risk areas for security breaches? If you’ve never had one, or haven’t had one recently, the time is now to conduct one. “When was your last security risk assessment?” is often the first thing that the government will ask in response to a breach.
Federal fines for noncompliance with HIPAA are based on the level of negligence perceived by the Federal government at the time of the breach. Fines and penalties range from $100 to $50,000 per violation (or per record), with a maximum penalty of $1.5 million. Simply put, your healthcare business can’t afford to bury its head and hope that it won’t be hit.
This section is a contract between you and the users of your website regarding what they can expect from the website and how they will act while on the website. You can use this section to protect you and your business from a variety of potential disasters including (but not limited to): limitless liability and intellectual property infringement.
You can use this section to limit any liability that you might create by having a website. For instance, if you give some medical advice (i.e., “Lowering your cholesterol reduces your risk for a heart attack.”), you can use your Terms and Conditions to limit a user’s reliance on that advice without additional medical intervention (“We are not your treating physician—if you have questions about your cholesterol levels, contact your physician.”).
You can also use this section to inform your users about any intellectual property protections that you might have. If your technology or services have pending or protected status, you’ll need to make your users aware of this information.
Finally, this section should establish the laws under which your website agrees to be governed. Even if the internet knows no boundaries, your website should establish its own. If your business is located in Florida, you can choose to be bound by Florida and Federal laws. It could limit any potential exposure in other states or nations.
The Children’s Online Privacy Protection Act (COPPA) protects minors under the age of 13 from having personal information collected without parental consent. How can a website operator be expected to know whether a user is 13 or under? If you plan on collecting any information from your uses, your Terms and Conditions should have a section prohibiting anyone under age 13 from accessing and using your site. It’s a simple fix that can potentially save you huge penalties.
Has your attorney ever told you to do your best to comply with certain safe harbors to the Federal Anti-Kickback Statute, and you’ll be likely to survive scrutiny under the Florida Patient Brokering Act (the PBA)? If you’ve heard that, it’s time to re-examine that relationship. In the last month, the Patient Brokering Act has been amended, and then interpreted by a court of law in a way that affects all healthcare providers.
The Patient Brokering Act has been used in recent years to prosecute abuses in the addiction treatment industry. Other healthcare providers subject to the act have largely been uninvolved in these prosecutions. However, the PBA has been remolded 4 times in the past 5 years as a means to tailor it to allow for prosecutions of bad actors in healthcare, including addiction treatment. One item should be made clear: the PBA applies to any facility at all that is licensed by the Agency for Healthcare Administration (AHCA) or practitioner licensed by the Department of Health (DOH), including physicians, surgery centers, home health agencies, skilled nursing facilities, hospitals, DME providers, diagnostic imaging facilities, clinical laboratories, pharmacies and many other. During the legislative process, barely any healthcare industry representatives (from any provider group) showed up to any legislative workshops or produced counterbalancing input or language proposals that reflected a broader perspective.
There are two criminal cases pending in Palm Beach County that threaten to put a bullet in the heart of healthcare professionals and businesses and also the law practices that advise them. Both State v. Simeone and State v. Kigar have a motion from the State pending before them to block any testimony that the defendants received legal advice concerning a contract entered into by an addiction treatment facility and a sober home. The State alleges that the contract violates the state Patient Brokering Act (PBA) because it was essentially a ruse whereby the addiction treatment facility was just paying for the sober home to refer patients. Now the State wants to make sure that the entire issue of the defendants being advised by counsel never sees the light of day.
How is this possible? How can it be that a client can seek legal counsel, get advise (and presumably follow it), and then be blocked from presenting that evidence? The State argues that the PBA has no wording that requires them to prove intent. And if intent isn’t an element to be proven, the argument goes, then evidence of the client intending not to violate the law by getting advice beforehand is inadmissible!
A recent ruling by a state trial court handling the Palm Beach County Sober Home Task Force prosecutions against providers of addiction treatment and sober home services is creating lots of confusion and alarm around the state and could have very far reaching consequences for the entire healthcare industry well beyond addiction treatment.
The issue presented by the prosecution focuses on whether a person charged with violating the state’s Patient Brokering Act (PBA) can be found guilty even if he/she didn’t know what he was doing was unlawful. The PBA broadly prohibits paying someone for patient referrals, very much like the federal Anti-Kickback statute. If allowed, the client would have gotten legal advice, paid for it, followed it, and still not be able to show a judge or jury that, despite all their best efforts, they simply followed the law as instructed.
Can a healthcare facility or provider be guilty of violating a criminal law [the PBA] if they’d gotten legal advice and followed it? Traditionally, the answer would be a clear “no.” The argument against the State’s position would be something like “How can someone intend to violate a criminal law if they got legal advice regarding how to comply with it and then followed that advice?” The argument of the state might look something like “We don’t even think the judge or jury ought to be able to hear that the person got legal advice and followed it.” The court punted the issue to the appellate court.
Effective July 1, 2018, Florida’s recent legislation SB 622 repeals the entirety of Chapter 483, Part I of the Florida statutes, and removes the state licensure requirement for clinical laboratories operating in-state and out-of-state. Section 97 of SB 622, approved by the Governor on March 19, 2018, repeals the entirety of Chapter 483, Part I of the Florida statutes, and so eliminates section 59A-7.024(1).
Change is a predominant force in healthcare and healthcare organizations must plan for shifts within an ever changing regulatory environment. Given this current climate, it is important to understand that enforcement will continue to be a priority. This webinar presented by Attorney Matthew Fischer will cover the latest trends in criminal enforcement, administrative enforcement, and litigation under the False Claims Act. It is imperative to understand these changes to ensure compliance, mitigate risks, and protect your bottom lines.
Major areas to be discussed –
DOJ Criminal Enforcement Actions: In July 2017, the DOJ announced the largest ever healthcare fraud enforcement action in its history. The DOJ brought charges against 412 individuals. This action was focused heavily on the distribution of medically unnecessary prescription drugs along with other theories of embezzlement, theft, and fraudulent billing.
Enforcing Quality of Care Standards Using the False Claims Act (FCA): Included in its arsenal, DOJ is increasing scrutiny on nursing homes utilizing new theories under the FCA. These types of cases take two forms, worthless services and false certification cases. Both involve circumstances where some care was provided to a patient but the care was so poor that the services were essentially valueless.
HHS Enforcement Activity: The amount of actions taken by HHS are up compared to 2016 (i.e., exclusions, civil monetary penalties, and corporate integrity agreements). HHS OIG focused exclusions on business owners and executives of pharmacies. Moratoria on certain providers continued in 2017 such as home health agencies and non-emergency ambulance providers.
HHS Office of Civil Rights (OCR) / HIPAA Enforcement: The fines imposed by OCR in 2017 exceeded 2016. OCR has ramped up scrutiny of cybersecurity and providers’ responses to data breaches. As part of its efforts, OCR issued its first cyber-attack “quick-response” guidance in June 2017.
How serious is the federal government that corporate compliance is necessary for healthcare providers?
In late 2015, the Department of Justice (DOJ) hired the agency’s first Compliance Counsel. Then, in early 2017, the DOJ published “common questions” that US Attorneys should ask as part of a criminal investigation when the DOJ evaluates a company’s compliance program. The “common questions” published by the DOJ describe specific factors that prosecutors should consider in conducting an investigation of a corporate entity, determining whether to bring charges, and negotiating plea or other agreements. These factors include “the existence and effectiveness of the corporation’s pre-existing compliance program” and the corporation’s remedial efforts “to implement an effective corporate compliance program or to improve an existing one.”
Health law is the federal, state, and local law, rules, regulations and other jurisprudence among providers, payers and vendors to the healthcare industry and its patient and delivery of health care services; all with an emphasis on operations, regulatory and transactional legal issues.