The U. S. Department of Health and Human Services (HHS), Office of Inspector General (OIG) recently published an Early Alert report regarding the preliminary results of an ongoing study of potential abuse or neglect in Medicare-certified Skilled Nursing Facilities (SNFs). In the report dated August 24, 2017, the OIG determined that the Centers for Medicare & Medicaid Services (CMS) has inadequate procedures to ensure that incidents of potential abuse or neglect of Medicare beneficiaries residing in SNFs are properly identified and reported. The OIG audit is continuing, but the preliminary results were issued because of the importance of detecting and combating elder abuse. Continue reading
According to a report released by the U.S. Department of Health and Human Services’ Office of Inspector General (OIG) on June 12, 2017, the Centers for Medicare and Medicaid Services (CMS) overpaid an estimated $729 million in Medicare electronic health record (EHR) incentive payments to participating providers. (The full report is available at https://oig.hhs.gov/oas/reports/region5/51400047.asp). The OIG reviewed whether CMS’ oversight of the Medicare EHR incentive program was sufficient and whether eligible professionals (EPs) nationwide met Medicare incentive payment program requirements and received appropriate incentive payments. Alarmingly, the OIG urged CMS to recoup and audit these incentive payments based on its findings. Participating EPs and hospitals should be cognizant of the ramifications of CMS’ recommendations, including the potential for an audit and recoupment. Continue reading
The U.S. Department of Health and Human Services, Office for Civil Rights (OCR), recently entered a $400,000 Health Insurance Portability and Accountability Act of 1996 (HIPAA) settlement with Metro Community Provider Network (MCPN), a federally-qualified health center (FQHC). The settlement serves as a stark reminder that all covered entities, including FQHCs, must meet the HIPAA Security Rule requirements and that OCR is continuing to step up enforcement efforts in this area. Continue reading
A delay in timely breach notification may now cost you. The U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) recently entered a settlement with Presence Health for untimely reporting a breach of unsecured protected health information (PHI). Presence discovered that its operating room schedules containing PHI for 836 individuals were missing on October 22, 2013. Under the HIPAA Breach Notification Rule, breaches like this which involve >500 individuals are required to be reported to the individuals, prominent media outlets and OCR without unreasonable delay and in no case later than 60 days. Presence did not report the breach to OCR until January 31, 2014, approximately 100 days after discovering the breach. OCR’s investigation concluded that Presence failed to notify, without unreasonable delay and within 60 days of discovering the breach, each of the 836 individuals, the media and OCR. Presence agreed to pay $475,000 to settle the potential violations.
The Press Release and Resolution Agreement are available on the OCR website.
Written by: Jacob Simpson
The U.S. Department of Health and Human Services Office of Inspector General (OIG) released today, August 24, 2016, an updated guidance on the OIG’s views on the applicable independence and objectivity standards for Independent Review Organizations (IROs) that perform reviews required under Corporate Integrity Agreements (CIAs), such as claims reviews and cost report reviews. The OIG has previously issued guidance in 2004 and 2010 to reflect updated standards and the additional types of IRO reviews included in CIAs. This OIG guidance released today is to reflect the 2011 revisions to the GAO accounting standards. Continue reading
On July 28, 2016, the U.S. Department of Justice announced, “The Lexington County Health Services District Inc. d/b/a Lexington Medical Center located in West Columbia, South Carolina, has agreed to pay $17 million to resolve allegations that it violated the Physician Self-Referral Law (the Stark Law) and the False Claims Act by maintaining improper financial arrangements with 28 physicians.”
According to the government press release, “The United States alleged that Lexington Medical Center entered into asset purchase agreements for the acquisition of physician practices or employment agreements with 28 physicians that violated the Stark Law because they took into account the volume or value of physician referrals, were not commercially reasonable or provided compensation in excess of fair market value.
Also as part of the settlement, Lexington Medical Center will enter into a Corporate Integrity Agreement (CIA) with the Department of Health and Human Services-Office of the Inspector General (HHS-OIG) that requires Lexington Medical Center to implement measures designed to avoid or promptly detect future conduct similar to that which gave rise to this settlement.
Written by: Clay J. Countryman
Beginning June 1, 2016, Louisiana residents with a household income below 138 percent of the federal poverty level will be eligible to obtain healthcare coverage through the state’s Medicaid program. On January 12, 2016, Gov. John Bel Edwards signed an executive order to expand the Medicaid program, making Louisiana the 31st state to extend Medicaid.
The U.S. Department of Health & Human Services also approved a new approach to Medicaid enrollment that will allow Louisiana to use information from the Supplemental Nutrition Assistance Program (SNAP) to determine eligibility and enroll individuals in Medicaid. Louisiana is the first state to be approved to use this enrollment strategy through the use of a state plan amendment.
- Enrollment began on June 1
- Coverage will be effective July 1
- The State of Louisiana estimates that 375,000 new adults will enroll in coverage, with about 105,000 people already enrolled in SNAP identified as likely eligible for coverage.
- Through 2016, the coverage for newly enrolled adults of up to 138% of the federal poverty line is completely funded with federal money. However, federal funding rates will decline beginning in 2017 (Federal funding rates will not fall below 90% of costs). 
 U.S. Department of Health & Human Services, HHS Secretary Sylvia M. Burwell Applauds Louisiana Medicaid Expansion Under the Affordable Care Act, (May 31, 2016).
Written by: Catherine Moore
On Friday, February 5, the US Department of Health and Human Services announced its intention to revise the forty year old federal confidentiality standards that apply to substance use (f/k/a “substance abuse”) medical information. Originally published in 1975, these rules are found in, and often referred to simply as “42 CFR Part 2.” In announcing the revisions, HHS Secretary Sylvia M. Burwell said that the “proposal will help patients with substance use disorders fully participate and benefit from a health care delivery system that’s better, smarter and healthier, while protecting their privacy.”
The revisions will be published later this week, and we’ll be summarizing them for our clients and friends.
Written by: Greg Frost
The Office of Inspector General of the United States Department of Health and Human Services is reviewing questionable billing practices related to Medicaid billing for pediatric dental services throughout Louisiana. A description of this state and national initiative can be found here. Continue reading
The U.S. Department of Health and Human Services, Office for Civil Rights (OCR) recently released a bulletin, HIPAA Privacy in Emergency Situations, reminding covered entities and their business associates that the protections of the HIPAA Privacy Rule are not set aside during an emergency. OCR explains that Privacy Rule is balanced to ensure that appropriate use and disclosures of protected health information (PHI) may still be made when necessary to treat a patient, protect the nation’s public health, and for other critical purposes. The bulletin further details the HIPAA Privacy Rule provisions which may allow covered entities and business associates to use or disclose PHI during an emergency.