CMS Urged to Recoup and Audit EHR Incentive Payments

According to a report released by the U.S. Department of Health and Human Services’ Office of Inspector General (OIG) on June 12, 2017, the Centers for Medicare and Medicaid Services (CMS) overpaid an estimated $729 million in Medicare electronic health record (EHR) incentive payments to participating providers. (The full report is available at https://oig.hhs.gov/oas/reports/region5/51400047.asp). The OIG reviewed whether CMS’ oversight of the Medicare EHR incentive program was sufficient and whether eligible professionals (EPs) nationwide met Medicare incentive payment program requirements and received appropriate incentive payments. Alarmingly, the OIG urged CMS to recoup and audit these incentive payments based on its findings. Participating EPs and hospitals should be cognizant of the ramifications of CMS’ recommendations, including the potential for an audit and recoupment. Continue reading

Florida Supreme Court Decision Raises Concerns About the Constitutionality of Statutory Caps on Damages in Medical Malpractice Cases

The Supreme Court of Florida recently found Florida’s statutory caps on medical malpractice damages for pain and suffering (noneconomic damages) to be unconstitutional as violating the equal protection clause of the state’s constitution. This ruling is concerning for healthcare providers because, not only could it result in additional liability in malpractice cases, but it could also cause an increase in malpractice insurance premiums. Continue reading

eClinicalWorks Case Raises New Questions

On May 31, 2017, the U. S. Department of Justice (DOJ) announced that eClinicalWorks (ECW) agreed to pay a $155 million settlement and enter a corporate integrity agreement with the OIG to resolve allegations that ECW caused its health care provider customers to submit false Medicare and Medicaid claims for meaningful use payments in violation of the False Claims Act (FCA). Under the corporate integrity agreement, ECW agreed to strict compliance and reporting obligations and to provide the latest version of ECW’s EHR software to each of ECW’s current customers free of charge. Continue reading

Recent $400K HIPAA Settlement with FQHC Highlights Importance of HIPAA Security Management Process

The U.S. Department of Health and Human Services, Office for Civil Rights (OCR), recently entered a $400,000 Health Insurance Portability and Accountability Act of 1996 (HIPAA) settlement with Metro Community Provider Network (MCPN), a federally-qualified health center (FQHC). The settlement serves as a stark reminder that all covered entities, including FQHCs, must meet the HIPAA Security Rule requirements and that OCR is continuing to step up enforcement efforts in this area. Continue reading

First Ever HIPAA Enforcement Action for Delay in Breach Reporting

A delay in timely breach notification may now cost you. The U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) recently entered a settlement with Presence Health for untimely reporting a breach of unsecured protected health information (PHI). Presence discovered that its operating room schedules containing PHI for 836 individuals were missing on October 22, 2013. Under the HIPAA Breach Notification Rule, breaches like this which involve >500 individuals are required to be reported to the individuals, prominent media outlets and OCR without unreasonable delay and in no case later than 60 days. Presence did not report the breach to OCR until January 31, 2014, approximately 100 days after discovering the breach. OCR’s investigation concluded that Presence failed to notify, without unreasonable delay and within 60 days of discovering the breach, each of the 836 individuals, the media and OCR. Presence agreed to pay $475,000 to settle the potential violations.

The Press Release and Resolution Agreement are available on the OCR website.

Written by: Jacob Simpson

Jacob Simpson_headshot

Final Rule Released to the OIGs Exclusion Authorities

On January 11, 2017, the Office of Inspector General (OIG) of the Department of Health and Human Services released a final rule that incorporates statutory changes, early reinstatement provisions, and policy changes, and clarifies existing regulatory provisions to the OIG’s authorities to exclude persons and entities from participating in Federal health care programs. The Affordable Care Act of 2010 expanded the OIG’s authority to exclude various individuals and entities from participation in Federal health care programs under section 1128 of the Social Security Act (Act). The changes in the final rule to the OIG’s authority were also based on the Medicare Prescription Drug, Improvement, and Modernization Act of 2003 (MMA), which amended the OIG’s authority to waive certain exclusions under section 1128 of the Act.

A copy of the final rule is available at: http://go.usa.gov/x9Ugu

Written by: Clay J. Countryman

Countryman, Clay headshot

CMS Releases Final Medicare Outpatient Observation Notice

The Centers for Medicare & Medicaid Services (“CMS”) posted the final approved version of the Medicare Outpatient Observation Notice (“MOON”) on the CMS Beneficiary Notices Initiative website on December 8, 2016.[1]  According to CMS, all hospitals and critical access hospitals (“CAHs”) are required to provide the MOON beginning no later than March 8, 2017. Continue reading

Clay Countryman and Alec Alexander to speak at MGMA-New Orleans Chapter Workshop

Clay J. Countryman and Alec Alexander will be speaking at a workshop hosted by the Medical Group Management Association’s New Orleans chapter on September 28, 2016. Mr. Countryman will present “HIPAA Phase 2 Audits: Are you ready?” and Mr. Alexander will present “Fraud and Abuse: Compliance for Physician Practices and Recent Hot Topics. The workshop will be located at the East Jefferson General Hospital Conference Center – Esplanade I in Metairie, Louisiana. For more information or to register, click here.

Countryman, Clay headshot        Alexander, Alec headshot
Clay Countryman                     Alec Alexander

OCR Phase 2 HIPAA Audits Have Begun: Are you Ready?

The U.S. Department of Health and Human Services Office for Civil Rights (OCR) has started a second phase of audits for compliance with HIPAA Privacy, Security and Breach Notification Standards. The OCR has previously conducted an audit pilot phase and Phase 1 audits of HIPAA covered entities (i.e., healthcare providers, clearinghouses, and health plans). In this Phase 2 of the HIPAA audits, OCR will audit both covered entities and their business associates. Continue reading