Improving Your Practice

HIPAA’s Teeth

July 1, 2014 | Little Health Law

Although most health care providers understand in the abstract that they must comply with The Health Insurance Portability and Accountability Act of 1996 (HIPAA), many may not fully appreciate the legal and financial significance of noncompliance. More and more, the federal government utilizes HIPAA enforcement options to protect the public interest in security, including the following strong incentives for HIPAA compliance.

HIPAA Civil Penalties

Caps on penalties for HIPAA violations by covered entities were increased in 2009 by the enactment of the HITECH Act. Covered entity civil penalties are “tiered” as follows:

No knowledge of HIPAA violation – $100-$50,000 for each violation, up to a maximum of $1.5 million during a calendar year.
A reasonable cause of the HIPAA violation exists – $1,000-$50,000 for each violation, up to a maximum of $1.5 million during a calendar year.
The HIPAA violation was caused by willful neglect but timely corrected – $10,000-$50,000 for each violation, up to a maximum of $1.5 million during a calendar year.
The HIPAA violation was caused by willful neglect but not timely corrected – $50,000 or more for each violation, up to a maximum of $1.5 million during a calendar year

The HITECH Act also offers benefits to encourage patients to report HIPAA violations similar to those offered in qui-tam cases. This allows patients who have been impacted by HIPAA violations to collect a portion of the civil monetary penalty that is imposed against a violator. However, there are three very important exceptions to collecting on this penalty:

The offense is punishable under HIPAA criminal provisions;
The violator did not know and, by exercising reasonable diligence, would not have known of the violation; or
The failure to comply is caused by “reasonable cause” rather than “willful neglect” and the alleged violator takes action to cure the failure during the first 30 days following actual knowledge of the noncompliance or when the person should have known of the noncompliance.

HIPAA Criminal Penalties

Although the DHHS Office for Civil Rights enforces the civil penalties for HIPAA violations, the Department of Justice is the agency in charge of enforcing HIPAA’s criminal penalties. As with the civil penalties, the nature of the HIPAA violation determines the severity of the penalty in regards to criminal sanctions:

If a person knowingly and, in violation of the Privacy Rule, discloses PHI to another individual, they face a base penalty of up to $50,000 in fines and up to a year in prison, or both;
if the offense is committed under false pretenses, they can be fined up to $100,000 and face up to five years in jail, or both;
if the offense is committed with an intent to sell or otherwise use PHI for commercial advantage, personal gain or malicious harm, they can be fined up to $250,000 and face up to 10 years in jail, or both.

Physician Servicing and Consulting Agreements and Transparency

June 21, 2014 | Little Health Law

Medical device companies, pharmaceutical companies or other health care related companies or vendors often seek consulting or personal services from doctors. Physicians should be cautious in such arrangements to avoid legal issues under federal law. Where fair market value compensation is paid for such services, there may be no issue under, for example, the federal Anti-Kickback Statute (AKS). However, arrangements that involve excessive compensation can lead to legal problems and reporting issues.

Physician personal service arrangements may fall within the AKS safe harbor found in 42 C.F.R. § 1001.952(d). Such services provided by the physician must be legitimate and necessary and must meet the following requirements:

1. A written agreement states the specific services and compensation for the services;
2. The term of the agreement must be at least one year; and 3. The compensation must be for fair market value and not fluctuate based on volume or value of the business generated
Transparency in many such arrangements is required by law. The Physician Payment Sunshine Act (PPSA) was enacted pursuant to the Patient Protection and Affordable Care Act of 2009 (ACA). The PPSA requires manufacturers of medical supplies, devices and drugs paid for by certain government programs (e.g. Medicare) to report to the federal government payments made to health care providers, including physicians, that exceed $10 or aggregate payments over $100 annually. Payments covered include consulting fees, royalties, stock options, gifts, entertainment, and other items of value or forms of consideration, subject to a fine of $10,000 per failure to report.
Continue reading ›

Possible Delay of the Affordable Care Act’s Individual Mandate

March 12, 2014 | Little Health Law

House Republicans gained the support of 27 Democrats and passed The Suspending the Individual Mandate Penalty Law Equals Simple (SIMPLE) Fairness Act (H.R. 4118), a bill that would delay for one year the Affordable Care Act (ACA) individual mandate penalty tax for those failing to buy health insurance before the deadline this month. As reported recently in the Washington Post, while destined to fail in the Democratic-controlled Senate, this Bill nonetheless underscores mounting pressure upon the Administration and Democrats in an election year, as the troubled healthcare law struggles to get traction in its implementation and with voters. Republicans want mileage in November from increasing public confusion and disenchantment about the ACA. They seize upon much publicized trouble spots of ACA implementation, such as the disastrous rollout of the website, cancelled policies, patients unable to stay with the doctor they prefer, and higher insurance premiums.

Insurers and proponents of the ACA view the individual mandate as critical to the financial mechanics of the health insurance reform intended by the ACA, namely expansion of insurance coverage to most Americans irrespective of health conditions and without lifetime or annual caps on benefits. With the new law’s imposition upon insurers of a requirement that they insure all Americans — even the most high-cost patients — it is important that the young and healthy, whether they need insurance or not, pay insurance premiums to help fund the insurers’ cost of paying for the health care of unhealthy Americans. Hence the law’s controversial individual mandate that everyone obtain coverage and pay insurance premiums or, alternatively, pay a penalty tax based on household income. The penalty is to begin this year, phased in at 1 percent of taxable income, then 2 percent in 2015, and 2.5 percent in 2016.
Continue reading ›

Medical Practice Compliance 101

February 18, 2014 | Little Health Law

Patients tend to see physicians only as providers of care — meeting their medical needs. The reality is that a physician’s efforts to stay compliant with regulations and laws may consume as much or more time than actually rendering care. With consequences for regulatory violations ranging from financial to criminal, compliance is a subject of the utmost importance for any physician practice.

The best way to avoid penalties is to have a serious compliance program in place to prevent, detect, and respond to any possible violation. With regulations always changing on both a federal and state level, especially now with the implementation of the Affordable Care Act (ACA), having a compliance program in place is critical. The benefits of creating an effective compliance program range from better sleep, higher ethical standards, satisfying government auditors and regulators’ requirements, and ensuring that business operations align with proper legal protocol. Given all the possible problems that may derive from doing otherwise, the absence of a strong compliance program invites problems.

To create an effective compliance program, physicians must first understand that there is no one-size-fits-all model. Compliance programs must be adaptable to each practice’s unique structure, services, and personnel. An experienced consultant and/or healthcare attorney should be considered to help set up or review the program and minimize particular risks applicable to your specific type of practice. You must also keep in mind that an effective compliance program will require time and resources to set it up properly and to modify it as needed to adapt to changes in our regulatory environment.
Continue reading ›

An Ounce of Prevention: Identify and Mitigate HIPAA Compliance Issues to Avoid Costly HIPAA Penalties

December 31, 2013 | Little Health Law

An unencrypted thumb drive cost a dermatology practice $150,000. On December 26, 2013, the U.S. Department of Health & Human Services (HHS) announced a settlement with Adult & Pediatric Dermatology, P.C. of Concord, Massachusetts (APD) of alleged violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA). APD, a “covered entity” for HIPAA purposes, has offices in Concord, Westford, Marlborough, and Ayer, Massachusetts, and Wolfeboro, New Hampshire.

The thumb drive contained unsecured electronic protected health information (ePHI) relating to the performance of Mohs surgery for about 2,200 patients. The thumb drive was stolen from the vehicle of one of APD’s employees. APD informed its patients of the theft of the thumb drive and provided a media notice.

HHS investigated and determined that APD did not timely conduct an accurate and thorough analysis of the risks associated with potential exposure of the ePHI. HHS also determined that APD did not fully comply with the administrative requirements of HIPAA’s breach notification requirements to have written policies and procedures and train employees regarding breach notification requirements. HHS also determined that APD disclosed ePHI in violation of HIPAA by the access gained to it when APD did not reasonable safeguard an unencrypted thumb drive.

HHS fined APD $150,000 and required APD’s execution of a Corrective Action Plan. The Corrective Action Plan requires APD to develop a comprehensive risk analysis and risk management plan to ensure future compliance with HIPAA and to periodically report to HHS the status of APD’s implementation of the plan. HHS released its right to take further action against APD, conditioned upon full compliance by APD with the Corrective Action Plan. See HHS Resolution Agreement.
Continue reading ›

The Affordable Care Act Will Enhance Direct Practice Medicine Opportunities

December 28, 2013 | Little Health Law

The Affordable Care Act (ACA), widely known as “Obamacare,” will create new opportunities for primary care doctors (and some specialists) who weigh starting or converting to a direct primary care model. At first blush direct care medicine practices, also known as “concierge,” “boutique” and “retainer-based” practices, which charge patients a monthly or annual membership fee and tend to exclude (or limit) third party payer involvement (one of the strong points for pursuing the model), would seem limited as an opportunity by the ACA’s objective of getting everyone “insured.” But the opposite may prove to be the case. Actually, the ACA may drive a strong need for new concierge medicine doctors.

A New Era of High Deductibles

While a stated goal of the ACA is to decrease the number of uninsured Americans, a consequence of the ACA will likely be that many newly insured patients under plans obtained via the new insurance exchanges will soon realize that due to very high deductibles, much or all of the costs of treatment (i.e., all non-preventive care) incurred over the course of a year must be paid out of pocket by the insured. For a typical household in Richmond County, Georgia, for example, as of this writing there are 18 plans available via the exchanges: 7 “Bronze Plans,” 6 “Silver Plans,” 4 “Gold Plans,” and 1 “Platinum Plan.” For the Bronze Plans, the annual deductibles range from $4,000 to $6,300. It is widely expected that most people will seek to minimize their premiums and opt for one of the Bronze Plans, only two of which have annual deductibles of less than $5,000.

What will that mean? That will mean most doctor visits (excluding preventive care) will be paid out of pocket by the “insured” patients who presently may not realize what is in store for them by way of doctor bills. As the public becomes aware of how the ACA will actually work for them (i.e., even though they are “insured” they are writing checks for doctor bills), the appeal to consumers of concierge options will increase. As recently reported in the Wall Street Journal, “People with deductibles of $5,000 or more should think about how many times a year they typically see the doctor and for what, keeping in mind that annual checkups are free under the ACA. If doctor visits typically cost $150 and the patient has six appointments a year, a concierge practice offering the same services for $40 or $50 a month might be cheaper.” Pros and Cons of Concierge Medicine (November 1, 2013).
Continue reading ›

Don’t Work for Free: Obtaining Timely Physician Reimbursement

November 28, 2013 | Little Health Law

Nobody likes to work for free. Physicians and other healthcare providers are frequently at risk of non-payment for valuable services to patients due to third-party payer mistakes and/or attempts to arbitrarily delay, reduce or avoid reimbursement. A common practice of payers is, for example, to deny reimbursement based on an allegation that the provider did not submit correct paperwork or alleged improper coding. Another tactic of third third-party payers is to simply adjust a payment downward because the payer concludes the physician is entitled to less reimbursement based on what was paid on a prior, “similar” claim. Reimbursement issues have led 49 states to enact laws to address such problems. Unfortunately, State laws only mildly abate the problem for healthcare providers.

Action that a healthcare provider can take to address payer abuse often depends largely on the State in which the provider is located. Some states allow physicians to take direct court action against a third-party payer with regard to reimbursement issues. Other States require providers to appeal to their insurance regulatory agencies to take action against a payer for any prompt pay issues, or similar exhaustion of administrative remedies. A regulatory agency may investigate and take action against a third-party payer. Provider options may also be affected by whether a State’s prompt pay laws are preempted by the Employee Retirement Income Security Act (ERISA), which provides its own remedies in some circumstances.

Steps physicians can take to protect reimbursement revenue and reduce the chance of disputes with payers include:

Read every word in your payer-physician contract: Pay close attention to the language used in the contract and the terms and conditions. Are the policies and procedures affecting payment clearly laid out? Does the language include a requirement for the payer to submit advance notice of any modifications to payment? Does the contract clearly define what is considered a “clean claim”?

Don’t procrastinate: In submitting claims, believe Murphy. Allow your practice more than enough time to submit a claim to a payer. You never know what delays, issues, or human errors could give a payer the opportunity to contend your claim was late or submitted incorrectly.

A Viable Solution For Doctors and Patients to the Third-Party Payer Mess: Concierge Medicine

June 2, 2013 | Little Health Law

The concierge practice of medicine is the wave of the future. This is very good news for the American consumer and tax payer.

As the price tag for Medicare has increased, so has the pressure on federal lawmakers to do something to avoid the looming fiscal disaster that attends rising health care costs. Since the U.S. Taxpayer demands that Medicare costs somehow be contained while, ironically, the U.S. Voter (same person, different hat) views Medicare as a sacrosanct entitlement to consume health care, the lawmaker “solution” has thus far focused the cost-cutting pressure on the supply side of health care, including cutting physician reimbursement. See, e.g. The Plea for Repeal of the Medicare Sustainable Growth Rate, May 4, 2013 post, this Blog. The trend of private insurers and other non-government payers is to follow what Medicare does (at least with respect to setting physician reimbursement rates and billing rules). An unintended consequence of the downward pressure on physician reimbursement together with modern health care’s increasing red tape/regulation and associated costs and headaches has been to drive primary care physicians out of private practice altogether. They are fed up. Many doctors have found (or are looking for) hospital employment. Others have retired. This trend has been referred to as the “silent exodus” of physicians and threatens to profoundly impact patient access care in a negative way. See National Survey Points to a “Silent Exodus” of Physicians, Merritt Hawkins, September 24, 2012.

Thankfully, some physicians are discovering that the concierge practice of medicine can be a smart, rewarding way to own and operate a private medical practice as a business that, rather than suffering the severe strains of the third-party-payer model, is free to actually focus on practicing medicine. For many doctors, the concierge medical practice model is returning private practice to its correct state — a real practice of medicine, medical judgment and care that is patient focused and free from the intrusion into the business of rendering care that a commercial or governmental third-party payer necessarily creates.
Continue reading ›

Money-Making Tip for Physicians: Develop/Utilize Good Contracting Protocol With Health Plans

June 1, 2013 | Little Health Law

Some health plans would have doctors believe that all terms and conditions in health plan contracts are immutable. That is not true. Health plan contract language can and should be negotiated under some circumstances. All physicians are strongly cautioned against blindly signing health plan contracts or any “paper work” that comes across your desk concerning rates, charges, reimbursement or network participation on the assumption that you have no choice. All physicians should be vigilant about establishing an organized contracting methodology that will identify contract issues that may warrant concern and discussion with a health plan representative about possible language changes. There is strength in numbers: the more physicians proactive about negotiating health plan contract provisions, the more effective all physicians will be in contracting with payers.

The contracting guidelines below are recommended to physicians and their office administrators as a starting point for establishing effective contracting protocol for medical practices. Where there are particular concerns about the potential effect of contract language, there is no substitute for obtaining legal advice.

1. Reject the premise that health plan contracts are non-negotiable.

You can negotiate health plan contract language. If you assume all health plan contract language is a take-it-or-leave-it proposition, you will necessarily be unable to determine what particular provisions a health plan might be willing to negotiate with you.

2. Develop and follow a specific office contracting protocol.

Readiness is the first step to good contracting practices. Set up, then faithfully use, a plan for your office, to include the following elements:

• appoint a trusted, long-term employee to be responsible for contracting • systematically collect, organize and store all health plan contracts and all correspondence and notices from the health plans
• carefully read every contract (or, at a minimum, have your appointed employee do so) against a Contract Review Checklist (see below), and list any questions or issues of concern • monitor all contracts — most are evergreen and will automatically renew unless one party terminates or proposes modification • know when contracts expire, calendar expiration dates and deadlines for giving any required notice of cancellation
3. Establish strong rapport with a health plan representative.

You will accomplish much more if you are dealing with an individual you know and with whom you have good rapport. Good practices to develop rapport with health plan representatives include the following:

• have face to face meetings with the representative when possible • be prepared for all meetings with the representative • remember that you are negotiating a relationship not a transaction • as much as possible, channel contact with a health care plan through one person in your office and one with the health plan • train the health plan representative to believe that you are reasonable (by, for example, periodically making small language proposals)
• differentiate your practice – the health plan needs to want your participation • demonstrate that you do things professionally
4. Realistically assess your ability to negotiate a provision.

Various factors influence whether and to what extent a health plan will negotiate particular contract provisions. Before you raise an issue with a health plan, assess your negotiating position.

• What is the value of the contract to your practice?
• What percentage of your business does the health plan represent?
• Do the fees cover your true cost of doing business?
• Are the health plan’s administrative requirements realistic?
• Does the health plan steer patients to you?
• What is the impact of dropping a plan on referrals – do you need to stay in plan because referring doctors will also refer patients from good plans?
• What are the strengths of your practice that might make you more attractive to the health plan?
• Do you add value to the health plan’s network (e.g., you are the only specialist within so many miles).
Continue reading ›

Tips For Improving Your Medical/Dental Practice

December 27, 2012 | Little Health Law

Despite all of your training in medical or dental school, many patients may feel that you have a long way to go with administrative efficiency or bedside manner.

As medical professionals, your job is more than examining, diagnosing and treating patients. It is imperative that your patients feel truly cared for by you and your staff. Since there are many doctors and dentists to choose from, losing your patients to another professional is just a phone call away. The internet is filled with sites such as Angie’s List, HealthGrades, RateMDs and Vitals; all of which provide information related to patient satisfaction.

Patients require more than simply taking care of their illness, injury or toothache. These patients, like it or not, are “customers.” They deserve to be treated with kindness, dignity, respect and courtesy. If a patient is having a particularly hard time with a physical condition, a mental problem or a painful dental ailment, taking the time to call and ask how they are doing can be particularly comforting. By going the extra mile, you are setting yourself apart from other professionals in your field.

One of the items on patients’ complaint list is having to sit and wait for one or two hours to see their doctor or dentist, when they have had an appointment for weeks. If for some reason you are running behind, make sure your staff calls them or sends a text message advising them of the delay. This will send a message to your patients that you respect their schedules and they will in turn respect yours.

Always have your staff call your patients if you are going to be out of town or have some other conflict for the date of their appointment. Never allow a patient to show up for an appointment only to be told that you are on vacation or attending a conference.

Having a competent and friendly staff is a tremendous asset to your practice. They are an extension of you and their demeanor and attentiveness can go a long way to the success of your practice. They are the first and last people a patient sees when coming into your office. How they are perceived can result in positive or negative feelings. Occasionally, it is a good idea to visit with patients about how they feel about the staff members. Ask if they are they attentive, do they promptly return phone calls, and have they been treated well or has someone been rude or impatient with them.

Since your staff can either make or break your practice, it is important to take care of them and show your appreciation for their team effort. Make them want to come to work every day, thrilled, excited and with a smile on their face. Take time to inquire about their likes and dislikes. Perhaps there are some changes in the office that would make them happy and improve their effectiveness.
Continue reading ›