Baton Rouge Area Women Heading To Prison For DME Health Care Fraud Participation

June 30, 2012

A Baton Rouge, Louisiana judge is sending two area women to jail for their participation in a durable medical equipment (DME) health care fraud scheme.

 Chief U.S. District Court Judge Brian A. Jackson sentenced Eunice Sparrow on June 20th to 14 months and Uniecesco Smith on June 25th to 12 months and 1 day in prison for their roles in a two-year DME health care fraud scheme. Each was ordered to serve a term of supervised release following her release from imprisonment, and to make restitution to the United States Department of Health & Human Services. Smith was also ordered to pay a $7,500 fine.

The sentences were imposed based on the guilty pleas that Smith and Sparrow previously entered on February 22, 2012, to several counts of health care fraud. In their plea agreements, the defendants admitted that they knowingly aided and abetted a health care fraud scheme perpetrated by their co-defendant, Linda M. Jackson.

From April of 2007 through April of 2009, Jackson used Plaquemine, Louisiana DME company, A&A Durable Medical Supply, to defraud Medicare by submitting false reimbursement claims to Medicare for items that the company had never provided. In their plea agreements, Sparrow and Smith admitted that they helped Jackson by completing and signing false delivery tickets and other fraudulent documents at Jackson’s direction. A&A kept the fraudulent documents in its patient files in an attempt to substantiate the fraudulent claims Jackson submitted to Medicare.  Jackson later provided the false documents to an auditor who requested the patient files in the course of an investigation into A&A’s claims. Jackson is awaiting sentencing.   

Health Care Providers Must Act To Manage Risks

The Smith and Sparrow convictions and sentencing reflect the tightening enforcement federal health care fraud laws.  In response to the growing emphasis and effectiveness of Federal officials in investigating and taking action against health care providers and organizations, health care providers covered by federal false claims, referral, kickback and other health care fraud laws should consider auditing the adequacy of existing practices, tightening training, oversight and controls on billing and other regulated conduct, reaffirming their commitment to compliance to workforce members and constituents and taking other proper steps to help prevent, detect and timely redress health care fraud exposures within their organization and to position their organization to respond and defend against potential investigations or charges.  In light of the growing qui tam risks, health care providers also should tighten internal investigation, exit interview and other human resources and business partner oversight, reporting and investigation policies and practices to help identify and redress potential fraud or other qui tam, retaliation and similar  exposures early and more effectively.  

For More Information Or Assistance

If you need assistance reviewing or responding to these or other health care related risk management, compliance, enforcement or management concerns, the author of this update, attorney Cynthia Marcotte Stamer, may be able to help. Vice President of the North Texas Health Care Compliance Professionals Association, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has more than 24 years experience advising health industry clients about these and other matters. Her experience includes advising hospitals, nursing home, home health, rehabilitation and other health care providers and health industry clients to establish and administer compliance and risk management policies; prevent, conduct and investigate, and respond to peer review and other quality concerns; and to respond to Board of Medicine, Department of Aging & Disability, Drug Enforcement Agency, OCR Privacy and Civil Rights, HHS, DOD and other health care industry investigation, enforcement and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns.

A popular lecturer and widely published author on health industry concerns, Ms. Stamer continuously advises health industry clients about compliance and internal controls, workforce and medical staff performance, quality, governance, reimbursement, and other risk management and operational matters. Ms. Stamer also publishes and speaks extensively on health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns. Her insights on these and other related matters appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications.  You can get more information about her health industry experience here. If you need assistance responding to concerns about the matters discussed in this publication or other health care concerns, wish to obtain information about arranging for training or presentations by Ms. Stamer, wish to suggest a topic for a future program or update, or wish to request other information or materials, please contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

If you or someone else you know would like to receive future updates about developments on these and other concerns from Ms. Stamer, see here.

About Solutions Law Press

Solutions Law Press™ provides business risk management, legal compliance, management effectiveness and other resources, training and education on human resources, employee benefits, compensation, data security and privacy, health care, insurance, and other key compliance, risk management, internal controls and other key operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press resources including:

If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information – including your preferred e-mail – by creating or updating your profile here. For important information concerning this communication click here. 

THE FOLLOWING DISCLAIMER IS INCLUDED TO COMPLY WITH AND IN RESPONSE TO U.S. TREASURY DEPARTMENT CIRCULAR 230 REGULATIONS.  ANY STATEMENTS CONTAINED HEREIN ARE NOT INTENDED OR WRITTEN BY THE WRITER TO BE USED, AND NOTHING CONTAINED HEREIN CAN BE USED BY YOU OR ANY OTHER PERSON, FOR THE PURPOSE OF (1) AVOIDING PENALTIES THAT MAY BE IMPOSED UNDER FEDERAL TAX LAW, OR (2) PROMOTING, MARKETING OR RECOMMENDING TO ANOTHER PARTY ANY TAX-RELATED TRANSACTION OR MATTER ADDRESSED HEREIN.

©2012 Cynthia Marcotte Stamer, P.C. Non-exclusive license to republish granted to Solutions Law Press.  All other rights reserved.


Houston Man Gets 24 Month Prison Sentence For Anti-Kickback & Other Health Care Fraud Convictions

June 30, 2012

A Federal judge in Houston on June 25, 2012 gave Kelvin Washington a 24-month federal prison sentence for each of his six convictions of health care fraud, conspiracy conviction and three counts of violating the anti-kickback statute, all to be served concurrently. The court additionally ordered three years supervised release, of which the first 12 months of to be served as home confinement. The Court also ordered Washington to pay approximately $480,000 in restitution to Medicare and Medicaid.

During the December, 2011 trial, Washington was convicted Washington of his six convictions of health care fraud, conspiracy conviction and three counts of violating the anti-kickback statute.  The Department of Justice charged that from 2003 to 2007, Washington received illegal payments for the referral of dialysis patients to a Houston ambulance transport service and conspired with others to have unsuspecting doctors sign transport prescriptions for dialysis patients never admitted to a Sugar Land nursing home where he worked.   During the trial, witnesses testified Washington was paid for the referral of dialysis patients to an ambulance service that was under contract with the nursing home where he worked. Trial evidence also showed he would present prescriptions to doctors who worked at the nursing home. The doctors testified at trial that they would not have signed the prescriptions if they had known the various patients were never admitted to the nursing home.

The jury also heard evidence that the ambulance service paid the Washington in checks totaling $22,200 with many tied to specific patients. Washington did not report all the income he made to the Internal Revenue Service (IRS) from the ambulance service. At trial, an undercover video and audio tape showed one of the managers of the ambulance company bribing a patient to ride with the ambulance company. The ambulance company would later bill Medicare for this patient, a paid informant whose own doctors would not sign a prescription for him. The bill to Medicare was based upon a false script from Washington. In a search warrant executed on a co-conspirator’s home, “The List” was discovered which detailed payments made not only to Washington but also to patients who rode with the ambulance service. A computer file from that home also showed detailed records tracking payments for patients, the check numbers for those payments and the fact that payments were made to the defendant.

According to the Justice Department, the false scripts alone resulted in $1.2 million billed to Medicare and Medicaid and approximately $480,000 paid.  For more details, see here.

Health Care Providers Must Act To Manage Risks

In response to the growing emphasis and effectiveness of Federal officials in investigating and taking action against health care providers and organizations, health care providers covered by federal false claims, referral, kickback and other health care fraud laws should consider auditing the adequacy of existing practices, tightening training, oversight and controls on billing and other regulated conduct, reaffirming their commitment to compliance to workforce members and constituents and taking other appropriate steps to help prevent, detect and timely redress health care fraud exposures within their organization and to position their organization to respond and defend against potential investigations or charges.  In light of the growing qui tam risks, health care providers also should tighten internal investigation, exit interview and other human resources and business partner oversight, reporting and investigation policies and practices to help identify and redress potential fraud or other qui tam, retaliation and similar  exposures early and more effectively.  

For More Information Or Assistance

If you need assistance reviewing or responding to these or other health care related risk management, compliance, enforcement or management concerns, the author of this update, attorney Cynthia Marcotte Stamer, may be able to help. Vice President of the North Texas Health Care Compliance Professionals Association, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has more than 24 years experience advising health industry clients about these and other matters. Her experience includes advising hospitals, nursing home, home health, rehabilitation and other health care providers and health industry clients to establish and administer compliance and risk management policies; prevent, conduct and investigate, and respond to peer review and other quality concerns; and to respond to Board of Medicine, Department of Aging & Disability, Drug Enforcement Agency, OCR Privacy and Civil Rights, HHS, DOD and other health care industry investigation, enforcement and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns.

A popular lecturer and widely published author on health industry concerns, Ms. Stamer continuously advises health industry clients about compliance and internal controls, workforce and medical staff performance, quality, governance, reimbursement, and other risk management and operational matters. Ms. Stamer also publishes and speaks extensively on health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns. Her insights on these and other related matters appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications.  You can get more information about her health industry experience here. If you need assistance responding to concerns about the matters discussed in this publication or other health care concerns, wish to obtain information about arranging for training or presentations by Ms. Stamer, wish to suggest a topic for a future program or update, or wish to request other information or materials, please contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

If you or someone else you know would like to receive future updates about developments on these and other concerns from Ms. Stamer, see here.

About Solutions Law Press

Solutions Law Press™ provides business risk management, legal compliance, management effectiveness and other resources, training and education on human resources, employee benefits, compensation, data security and privacy, health care, insurance, and other key compliance, risk management, internal controls and other key operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press resources including:

If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information – including your preferred e-mail – by creating or updating your profile here. For important information concerning this communication click here. 

THE FOLLOWING DISCLAIMER IS INCLUDED TO COMPLY WITH AND IN RESPONSE TO U.S. TREASURY DEPARTMENT CIRCULAR 230 REGULATIONS.  ANY STATEMENTS CONTAINED HEREIN ARE NOT INTENDED OR WRITTEN BY THE WRITER TO BE USED, AND NOTHING CONTAINED HEREIN CAN BE USED BY YOU OR ANY OTHER PERSON, FOR THE PURPOSE OF (1) AVOIDING PENALTIES THAT MAY BE IMPOSED UNDER FEDERAL TAX LAW, OR (2) PROMOTING, MARKETING OR RECOMMENDING TO ANOTHER PARTY ANY TAX-RELATED TRANSACTION OR MATTER ADDRESSED HEREIN.

©2012 Cynthia Marcotte Stamer, P.C. Non-exclusive license to republish granted to Solutions Law Press.  All other rights reserved.


Oklahoma’s Harmon Memorial Hospital, Physician Pay $1.5M Qui Tam Health Care Fraud Settlement

June 27, 2012

Harmon County Healthcare Authority (Harmon Memorial Hospital) and Dr. Akram R. Abraham, of Hollis, Oklahoma have agreed to pay $1,550,000 to settle claims of health care fraud of the Medicare and Medicaid programs.  Like a $5 million settlement announced with Christus Spohn Health System Corporation earlier in June, the settlement highlights the growing exposures that hospitals and other health care providers face to qui tam actions initiated in response to reports of misconduct made by employers or other business partners.  These and a slew of other prosecutions and settlements send a clear signal that health care providers face significant exposure from current or past aggressive practices raising risks of prosecution under Federal or state health care fraud and false claims laws.

Harmon Memorial Hospital Settlement

The settlement jointly announced June 20, 2012 by Sanford C. Coats, United States Attorney for the Western District of Oklahoma, and Scott E. Pruitt, Oklahoma Attorney General, resolves a lawsuit styled United States of America and State of Oklahoma ex rel. Randy L. Curry v. Harmon County Healthcare Authority, Akram R. Abraham, M.D., P.C., and Akram R. Abraham, M.D., Case No CIV-09-1321-D, filed in Oklahoma City federal court under the qui tam or whistleblower provisions of the federal False Claims Act (FCA) and the Oklahoma Medicaid False Claims Act (OMFCA).

Randy L. Curry is from Harmon County and served as the hospital Administrator of Harmon County Healthcare Authority (HCHA) from 2008 to 2009. HCHA operates the Harmon Memorial Hospital in Hollis, Oklahoma. Dr. Akram R. Abraham, M.D., is a medical doctor licensed to practice in the Oklahoma who has a medical practice and resides in Hollis, Oklahoma.

The United States and State of Oklahoma alleged that from July 1, 2001, through May 30, 2008, both HCHA and Dr. Abraham violated the FCA and the OMFCA by submitting claims, or causing claims to be submitted, to the Medicare and Medicaid programs that violated the federal “Stark” regulations and Anti-Kickback Statute.

Specifically, the government alleged that there was a prohibited contractual relationship between HCHA and Dr. Abraham resulting in excessive remuneration which was not commercially reasonable in the absence of health care referrals and that HCHA and Dr. Abraham made false certifications that the Medicare and Medicaid claims they submitted were in compliance with federal and state regulations.

The alleged improper remuneration included, but was not limited to, free rent of office space, free billing and staff personnel, reimbursement of uncollected accounts receivable, duplicative per encounter payments for emergency room services, and improper payment of locum tenens physician services. HCHA and Dr. Abraham have each denied liability.

In the settlement, HCHA agreed to pay $550,000 and Dr. Abraham agreed to pay $1,000,000 to resolve the claims. In addition, both HCHA and Dr. Abraham have entered into five year corporate integrity agreements with the United States Department of Health and Human Services Office of the Inspector General which requires additional regulatory compliance reporting and monitoring. Under the qui tam provisions of the FCA and OMFCA, Randy Curry will receive a share of the settlement proceeds.

Christus & Other Qui Tam Settlements Rising Risk

The HCHA settlement follows the announcement earlier this month that Christus Spohn Health System Corporation has paid the United States more than $5 million to settle Justice Department and a former executive’s qui tam claims that it profited from violations of the False Claims Act by inappropriately admitted patients to inpatient status for outpatient procedures.   HCHA and Christus are just two of a lengthy and growing list of qui tam cases and settlements that reflect the tide of liability arising from qui tam and other whistleblower activities.

Since January 2009, the Department of Justice has recovered over $11.1 billion under the False Claims Act. Of this amount, more than $7.4 billion was recovered in health care fraud matters. Last year, more than 630 qui tam matters were filed with the Department of Justice – more than in any other year in the history of the FCA and an increase of more than 47% since 2009. More than two-thirds of these qui tam cases alleged false claims to government health care programs.

Meanwhile, the OMFCA went into effect on November 1, 2007, and its focus is solely on fraud perpetrated against the Oklahoma Medicaid Program. Since its passage, over 351 qui tam cases have been filed on behalf of the State of Oklahoma. The State has received over $63.8 million in civil recoveries resulting from cases alleging fraud on the Oklahoma Medicaid system. The Oklahoma Attorney General’s MFCU is the only Oklahoma law enforcement agency dedicated to the investigation and prosecution of Medicaid fraud.

 These and other statistics document the HCHA and Christus settlements and their underlying actions are reflective of a concerning rise in qui tam related exposures by health care providers.  These and other qui tam actions as well as non-qui tam prosecutions of health care fraud and other compliance related cases, make clear that disgruntled current or former employees, contractors and business partners frequently are key players in qui tam or other prosecutions against health care providers.  These “insiders” often know about the skeletons are in health care and other organization’s compliance closets.    With many whistleblowers concerned about their own potential liability or axes to grind, the tight economy and job markets and reforms making it easier and more attractive for whistleblowers to bring and recover, qui tam and whistleblower claims are on the rise.  Health care providers need to recognize and take steps to respond to these trends and incentives as part of their risk management and compliance efforts.

Health Care Providers Must Act To Manage Risks

In response to the growing emphasis and effectiveness of Federal officials in investigating and taking action against health care providers and organizations, health care providers covered by federal false claims, referral, kickback and other health care fraud laws should consider auditing the adequacy of existing practices, tightening training, oversight and controls on billing and other regulated conduct, reaffirming their commitment to compliance to workforce members and constituents and taking other appropriate steps to help prevent, detect and timely redress health care fraud exposures within their organization and to better place their organization in a position successfully to respond and defend against potential investigations or charges.  In light of the growing qui tam risks, health care providers also should tighten internal investigation, exit interview and other human resources and business partner oversight, reporting and investigation policies and practices to help identify and redress potential fraud or other qui tam, retaliation and similar  exposures early and more effectively.  

For More Information Or Assistance

If you need help reviewing or responding to these or other health care related risk management, compliance, enforcement or management concerns, the author of this update, attorney Cynthia Marcotte Stamer, may be able to help. Vice President of the North Texas Health Care Compliance Professionals Association, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has more than 24 years experience advising health industry clients about these and other matters. Her experience includes advising hospitals, nursing home, home health, rehabilitation and other health care providers and health industry clients to set up and administer compliance and risk management policies; prevent, conduct and investigate, and respond to peer review and other quality concerns; and to respond to Board of Medicine, Department of Aging & Disability, Drug Enforcement Agency, OCR Privacy and Civil Rights, HHS, DOD and other health care industry investigation, enforcement and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns.

A popular lecturer and widely published author on health industry concerns, Ms. Stamer continuously advises health industry clients about compliance and internal controls, workforce and medical staff performance, quality, governance, reimbursement, and other risk management and operational matters. Ms. Stamer also publishes and speaks extensively on health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns. Her insights on these and other related matters appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications.  You can get more information about her health industry experience here. If you need help responding to concerns about the matters discussed in this publication or other health care concerns, wish to get information about arranging for training or presentations by Ms. Stamer, wish to suggest a topic for a future program or update, or wish to request other information or materials, please contact Ms. Stamer via telephone at (469) 767-8872 or via e-mail here.

If you or someone else you know would like to receive future updates about developments on these and other concerns from Ms. Stamer, see here.

About Solutions Law Press

Solutions Law Press™ provides business risk management, legal compliance, management effectiveness and other resources, training and education on human resources, employee benefits, compensation, data security and privacy, health care, insurance, and other key compliance, risk management, internal controls and other key operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press resources including:

If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information – including your preferred e-mail – by creating or updating your profile here. For important information concerning this communication click here. 

THE FOLLOWING DISCLAIMER IS INCLUDED TO COMPLY WITH AND IN RESPONSE TO U.S. TREASURY DEPARTMENT CIRCULAR 230 REGULATIONS.  ANY STATEMENTS CONTAINED HEREIN ARE NOT INTENDED OR WRITTEN BY THE WRITER TO BE USED, AND NOTHING CONTAINED HEREIN CAN BE USED BY YOU OR ANY OTHER PERSON, FOR THE PURPOSE OF (1) AVOIDING PENALTIES THAT MAY BE IMPOSED UNDER FEDERAL TAX LAW, OR (2) PROMOTING, MARKETING OR RECOMMENDING TO ANOTHER PARTY ANY TAX-RELATED TRANSACTION OR MATTER ADDRESSED HEREIN.

©2012 Cynthia Marcotte Stamer, P.C. Non-exclusive license to republish granted to Solutions Law Press.  All other rights reserved.


OCR’s Shares HIPAA Audit Program Protocols As Announces $1.7M Resolution Agreement Against Alaska Medicaid

June 27, 2012

Health care providers, health plans, health care clearinghouses and their business associates should review the Department of Heath & Human Services (HHS) Office of Civil Rights (OCR) HIPAA audit protocol used by OCR to conduct the audits required by the HITECH Act to identify potential areas where they may need to tighten existing practices to withstand a possible audit and reduce exposures under the Privacy, Security and Breach Notification rules of the Health Insurance Portability & Accountability Act.  OCR posted the audit protocols on its on its website on June 26, 2012, the same day it announced that the Alaska Medicaid program would pay more than $1.7 million to settle potential HIPAA liabilities arising from OCR’s investigation of circumstances resulting a large data breach reported under the HITECH Act breach notification rules. Covered entities should use these resources both to prepare for potential audits and to review and adjust their practices to help prevent violations and defend against potential HIPAA enforcement actionsl.

HIPAA Audit Protoco

The OCR HIPAA Audit program analyzes key processes, controls, and policies of selected covered entities pursuant to the HITECH Act audit requirement.  OCR established a comprehensive audit protocol that contains the requirements to be assessed through these performance audits. The entire audit protocol is organized around modules, representing separate elements of privacy, security, and breach notification.  The combination of these multiple requirements may vary based on the type of covered entity selected for review. These include:

  • Privacy Rule requirements for (1) notice of privacy practices for PHI, (2) rights to request privacy protection for PHI, (3) access of individuals to PHI, (4) administrative requirements, (5) uses and disclosures of PHI, (6) amendment of PHI, and (7) accounting of disclosures
  •  Security Rule requirements for administrative, physical, and technical safeguards;
  • Requirements for the Breach Notification Rule.

Presently OCR says that HIPAA audits primarily seek to tighten compliance and aid OCR to identify areas where guidance should be revised or supplemented to enhance compliance.  Where an audit identifies a significant compliance concern, however, OCR officials say OCR officials may open an enforcement investigation in response to evidence uncovered in connection with an audit.  Beyond this risk, however, the audit protocols also provide additional guidance for covered entities about expected practices and procedures that could help mitigate risks to enforcement under the OCR’s ongoing investigation and enforcement activities of HIPAA.  As reflected by a growing series of resolution agreements, these enforcement risks and their associated liability exposures are significant and growing.  OCR’s announcement of its latest Resolution Agreement with Alaska Medicaid concurrent the posting of the audit protocol.

Alaska 1.7 Million Resolution Agreement

OCR also announced June 26 that the Alaska State Medicaid Agency, the Alaska Department of Health and Social Services (DHSS) will pay the  $1,700,000 to settle possible violations of the HIPAA  Security Rule.  Alaska DHSS also has agreed to take corrective action to properly safeguard the electronic protected health information (ePHI) of their Medicaid beneficiaries. 

The first HIPAA Resolution Agreement that the HHS Office for Civil Rights (OCR) has reached a state agency, the Alaska Medicaid Resolution Agreement  second announced Resolution Agreement stemming from a unsecured protected health information breach report filed in response to the breach notification rules of the Health Information Technology for Economic and Clinical Health (HITECH) Act.  Earlier this year, OCR announced its first Resolution Agreement involving a health plan resulted from a breach notification report it had filed under the HITECH Act.  See $1.5 Million HIPAA Settlement Reached To Resolve 1st OCR Enforcement Action Prompted By HITECH Act Breach Report.

OCR opened the investigation leading to the Resolution Agreement after Alaska DHSS filed a breach report that indicated that a portable electronic storage device (USB hard drive) possibly containing ePHI was stolen from the vehicle of a DHSS employee.  Over the course of the investigation, OCR found evidence that DHSS did not have adequate policies and procedures in place to safeguard ePHI.  Further, the evidence indicated that DHSS had not completed a risk analysis, implemented sufficient risk management measures, completed security training for its workforce members, implemented device and media controls, or addressed device and media encryption as required by the HIPAA Security Rule.  Inadequacies by covered entities in safeguarding protected health information and laptops and other devices containing ePHI is a common compliance concern according to OCR statistics.

In addition to the $1,700,000 settlement, the agreement includes a corrective action plan that requires Alaska DHSS to review, revise, and maintain policies and procedures to ensure compliance with the HIPAA Security Rule.  A monitor will report back to OCR regularly on the state’s ongoing compliance efforts. 

OCR’s announcement highlights the need for covered entities not only to take proper steps to establish and administer appropriate policies and safeguards to protect protected health information and EHI, but also to prepare, update as needed and be prepared to produce documentation showing their oganizations actions to evaluate, monitor and maintain appropriate safeguards of ePHI and the operating systems and devices that contain this information. 

“Covered entities must perform a full and comprehensive risk assessment and have in place meaningful access controls to safeguard hardware and portable devices,” said OCR Director Leon Rodriguez.  “This is OCR’s first HIPAA enforcement action against a state agency and we expect organizations to comply with their obligations under these rules regardless of whether they are private or public entities.”

The HHS Resolution Agreement can be viewed here.

Enforcement Actions Highlight Growing HIPAA Exposures For Covered Entities

The Alaska Medicaid Resolution Agreement is the latest in a growing list of Resolutions Agreements highlighting the mounting exposures that health care providers, health plans, health care clearinghousesand their business associates face if required to file a large breach notification or otherwise charged with failing to appropriately manage their HIPAA responsibilities. See Arizona Physician Group Pays $100K To Settle HIPAA Charges; $1.5 Million HIPAA Settlement Reached To Resolve 1st OCR Enforcement Action Prompted By HITECH Act Breach Report; HIPAA Heats Up: HITECH Act Changes Take Effect & OCR Begins Posting Names, Other Details Of Unsecured PHI Breach Reports On Website.   As OCR leaders have indicated that OCR investigates all large breach notification filings made under the HITECH Act Breach Notification Rules and with more than 450 large breach notifications reported on its website, additional Resolution Agreements are expected in coming months even as covered entities and their business associates are awaiting the impending  issuance of updated HIPAA regulations.

In light of these and other developments and risks, covered entities and their business associates should move to audit and strengthen their HIPAA compliance and documentaiton and adopt  other suitable safeguards to minimize HIPAA exposures. 

In the face of rising enforcement and fines, OCR’s initiation of HIPAA audits and other recent developments, covered entities and their business associates should tighten privacy policies, breach and other monitoring, training and other practices to reduce potential HIPAA exposures in light of recently tightened requirements and new enforcement risks. 

In response to these expanding exposures, all covered entities and their business associates should review critically and carefully the adequacy of their current HIPAA Privacy and Security compliance policies, monitoring, training, breach notification and other practices taking into consideration OCR’s investigation and enforcement actions, emerging litigation and other enforcement data; their own and reports of other security and privacy breaches and near misses, and other developments to determine if additional steps are necessary or advisable. 

For more information about the PCS Resolution Agreement and HIPAA compliance and risk management tips, see here.

For Representation, Training & Other Resources

If you need assistance monitoring HIPAA and other health and health plan related regulatory policy or enforcement developments, or to review or respond to these or other health care or health IT related risk management, compliance, enforcement or management concerns, the author of this update, attorney Cynthia Marcotte Stamer may be able to help.

Vice President of the North Texas Health Care Compliance Professionals Association, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has more than 24 years experience advising health industry clients about these and other matters. Ms. Stamer has extensive experience advising and assisting health care providers, health plans, their business associates and other health industry clients to establish and administer medical privacy and other compliance and risk management policies, to health care industry investigation, enforcement and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns. She regularly designs and presents HIPAA and other risk management, compliance and other training for health plans, employers, health care providers, professional associations and others.

Scheduled to serve as the scribe for the ABA Joint Committee on Employee Benefits agency meeting with OCR, Ms. Stamer also regularly works with OCR and other agencies, publishes and speaks extensively on medical and other privacy and data security, health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns.  Her publications and insights appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, World At Work, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications.   For instance, Ms. Stamer for the second year will serve as the appointed scribe for the ABA Joint Committee on Employee Benefits Agency meeting with OCR.  Her insights on HIPAA risk management and compliance frequently appear in medical privacy related publications of a broad range of health care, health plan and other industry publications Among others, she has conducted privacy training for the Association of State & Territorial Health Plans (ASTHO), the Los Angeles Health Department, the American Bar Association, the Health Care Compliance Association, a multitude of health industry, health plan, insurance and financial services, education, employer employee benefit and other clients, trade and professional associations and others.

You can get more information about her HIPAA and other experience here.

If you need assistance with these or other compliance concerns, wish to inquire about arranging for compliance audit or training, or need legal representation on other matters please contact Ms. Stamer at (469) 767-8872 or via e-mail here.

You can review other recent publications and resources and additional information about the other experience of Ms. Stamer hereExamples of some recent publications that may be of interest include:

If you need help investigating or responding to a known or suspected compliance, litigation or enforcement or other risk management concern, assistance with reviewing, updating, administering or defending a current or proposed employment, employee benefit, compensation or other management practice, wish to inquire about federal or state regulatory compliance audits, risk management or training, or need legal representation on other matters please contact Ms Stamer here or at (469) 767-8872.

If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information – including your preferred e-mail – by creating or updating your profile here. For important information concerning this communication click here.    If you do not wish to receive these updates in the future, send an e-mail with the word “Remove” in the Subject to here.

©2012 Cynthia Marcotte Stamer, P.C. All rights reserved.


OCR Nails Alaska Medicaid For $1,700,000 To Settle HIPAA Security Charges

June 26, 2012

The Alaska State Medicaid Agency, the Alaska Department of Health and Social Services (DHSS) will pay the U.S. Department of Health and Human Services’ (HHS) $1,700,000 to settle possible violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security Rule.  Alaska DHSS also has agreed to take corrective action to properly safeguard the electronic protected health information (ePHI) of their Medicaid beneficiaries. 

The first HIPAA Resolution Agreement that the HHS Office for Civil Rights (OCR) has reached a state agency, the Resolution Agreement  second announced Resolution Agreement stemming from a unsecured protected health information breach report filed in response to the breach notification rules of the Health Information Technology for Economic and Clinical Health (HITECH) Act.  Earlier this year, OCR announced its first Resolution Agreement involving a health plan resulted from a breach notification report it had filed under the HITECH Act.  See $1.5 Million HIPAA Settlement Reached To Resolve 1st OCR Enforcement Action Prompted By HITECH Act Breach Report.

OCR opened the investigation leading to the Resolution Agreement after Alaska DHSS filed a breach report that indicated that a portable electronic storage device (USB hard drive) possibly containing ePHI was stolen from the vehicle of a DHSS employee.  Over the course of the investigation, OCR found evidence that DHSS did not have adequate policies and procedures in place to safeguard ePHI.  Further, the evidence indicated that DHSS had not completed a risk analysis, implemented sufficient risk management measures, completed security training for its workforce members, implemented device and media controls, or addressed device and media encryption as required by the HIPAA Security Rule.  Inadequacies by covered entities in safeguarding protected health information and laptops and other devices containing ePHI is a common compliance concern according to OCR statistics.

In addition to the $1,700,000 settlement, the agreement includes a corrective action plan that requires Alaska DHSS to review, revise, and maintain policies and procedures to ensure compliance with the HIPAA Security Rule.  A monitor will report back to OCR regularly on the state’s ongoing compliance efforts. 

OCR’s announcement highlights the need for covered entities not only to take proper steps to establish and administer appropriate policies and safeguards to protect protected health information and EHI, but also to prepare, update as needed and be prepared to produce documentation showing their oganizations actions to evaluate, monitor and maintain appropriate safeguards of ePHI and the operating systems and devices that contain this information. 

“Covered entities must perform a full and comprehensive risk assessment and have in place meaningful access controls to safeguard hardware and portable devices,” said OCR Director Leon Rodriguez.  “This is OCR’s first HIPAA enforcement action against a state agency and we expect organizations to comply with their obligations under these rules regardless of whether they are private or public entities.”

The HHS Resolution Agreement can be viewed here.

Enforcement Actions Highlight Growing HIPAA Exposures For Covered Entities

The Alaska Medicaid Resolution Agreement is the latest in a growing list of Resolutions Agreements highlighting the mounting exposures that health care providers, health plans, health care clearinghousesand their business associates face if required to file a large breach notification or otherwise charged with failing to appropriately manage their HIPAA responsibilities. See Arizona Physician Group Pays $100K To Settle HIPAA Charges; $1.5 Million HIPAA Settlement Reached To Resolve 1st OCR Enforcement Action Prompted By HITECH Act Breach Report; HIPAA Heats Up: HITECH Act Changes Take Effect & OCR Begins Posting Names, Other Details Of Unsecured PHI Breach Reports On Website.   As OCR leaders have indicated that OCR investigates all large breach notification filings made under the HITECH Act Breach Notification Rules and with more than 450 large breach notifications reported on its website, additional Resolution Agreements are expected in coming months even as covered entities and their business associates are awaiting the impending  issuance of updated HIPAA regulations.

In light of these and other developments and risks, covered entities and their business associates should move to audit and strengthen their HIPAA compliance and documentaiton and adopt  other suitable safeguards to minimize HIPAA exposures. 

In the face of rising enforcement and fines, OCR’s initiation of HIPAA audits and other recent developments, covered entities and their business associates should tighten privacy policies, breach and other monitoring, training and other practices to reduce potential HIPAA exposures in light of recently tightened requirements and new enforcement risks. 

In response to these expanding exposures, all covered entities and their business associates should review critically and carefully the adequacy of their current HIPAA Privacy and Security compliance policies, monitoring, training, breach notification and other practices taking into consideration OCR’s investigation and enforcement actions, emerging litigation and other enforcement data; their own and reports of other security and privacy breaches and near misses, and other developments to determine if additional steps are necessary or advisable. 

For more information about the PCS Resolution Agreement and HIPAA compliance and risk management tips, see here.

For Representation, Training & Other Resources

If you need assistance monitoring HIPAA and other health and health plan related regulatory policy or enforcement developments, or to review or respond to these or other health care or health IT related risk management, compliance, enforcement or management concerns, the author of this update, attorney Cynthia Marcotte Stamer may be able to help.

Vice President of the North Texas Health Care Compliance Professionals Association, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has more than 24 years experience advising health industry clients about these and other matters. Ms. Stamer has extensive experience advising and assisting health care providers, health plans, their business associates and other health industry clients to establish and administer medical privacy and other compliance and risk management policies, to health care industry investigation, enforcement and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns. She regularly designs and presents HIPAA and other risk management, compliance and other training for health plans, employers, health care providers, professional associations and others.

Scheduled to serve as the scribe for the ABA Joint Committee on Employee Benefits agency meeting with OCR, Ms. Stamer also regularly works with OCR and other agencies, publishes and speaks extensively on medical and other privacy and data security, health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns.  Her publications and insights appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, World At Work, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications.   For instance, Ms. Stamer for the second year will serve as the appointed scribe for the ABA Joint Committee on Employee Benefits Agency meeting with OCR.  Her insights on HIPAA risk management and compliance frequently appear in medical privacy related publications of a broad range of health care, health plan and other industry publications Among others, she has conducted privacy training for the Association of State & Territorial Health Plans (ASTHO), the Los Angeles Health Department, the American Bar Association, the Health Care Compliance Association, a multitude of health industry, health plan, insurance and financial services, education, employer employee benefit and other clients, trade and professional associations and others.

You can get more information about her HIPAA and other experience here.

If you need assistance with these or other compliance concerns, wish to inquire about arranging for compliance audit or training, or need legal representation on other matters please contact Ms. Stamer at (469) 767-8872 or via e-mail here.

You can review other recent publications and resources and additional information about the other experience of Ms. Stamer hereExamples of some recent publications that may be of interest include:

If you need help investigating or responding to a known or suspected compliance, litigation or enforcement or other risk management concern, assistance with reviewing, updating, administering or defending a current or proposed employment, employee benefit, compensation or other management practice, wish to inquire about federal or state regulatory compliance audits, risk management or training, or need legal representation on other matters please contact Ms Stamer here or at (469) 767-8872.

If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information – including your preferred e-mail – by creating or updating your profile here. For important information concerning this communication click here.    If you do not wish to receive these updates in the future, send an e-mail with the word “Remove” in the Subject to here.

©2012 Cynthia Marcotte Stamer, P.C. All rights reserved.


Supreme Court Now Expected To Release Ruling On Health Care Reform Law Thursday

June 25, 2012

The Supreme Court did not release its ruling on challenges to the constitutionality to the Patient Protection And Affordable Care Act (“ACA”) health care reform today.   The Supreme Court now is expected to release its much-anticipated decision on a series of consolidated challenges to the ACA on Thursday.  Thursday is the last day that the Court can issue rulings before the Justices end their term.  They are not scheduled to return until the new 2012 Session begins in October.

Regardless of how the Supreme Court rules, it is clear that health care reform will remain a key point of debate for the upcoming election and in Congress.  With opinions sharply divided about health care reform among members of the public and budget challenges looming, members of Congress from both parties have made clear that they expect to continue to wrangle over the reforms.  Whether or not the Supreme Court rules any part of the law unconstitutional, Republicans and Democrats in Congress largely share support of the mandates and other reforms scheduled for implementation before 2014.  To the extent that ACA survives its pending constitutional challenges, implementation of the law will progress.   To the extent that the Supreme Court ruling would adversely impact these provisions, Republican and Democrat leaders alike have indicated an intention to act quickly to reenact many of these provisions.  In the meanwhile, regardless of the status of the law, market and state law reforms implemented in anticipation of the law inevitably will prevent a reversion to pre-ACA status regardless of the Supreme Court’s rulings.

Project COPE: Coalition On Patient Empowerment & Coalition For Responsible Health Care Quality

Amid the continuing debate and uncertainty, Americans more then ever need to stay involved in the discussion.  Project COPE: Coalition on Patient Empowerment & the Coalition for Responsible Health Care Quality  are coalitions of individuals and organizations that share the belief that every American and American organization has a stake, and something to contribute to our ability to find and implement the best options for ensuring that the U.S. health care system provides quality, affordable health care.

Health care impacts every individual and every organization in America.  Consequently, every American citizen and organization including but not limited to health care providers, employers, insurer, and community organizations should take part.    The government, health care providers, insurers and community organizations can help by providing education and resources to make understanding and dealing with the realities of illness, disability or aging easier for a patient and their family, the affected employers and others. At the end of the day, however, caring for people requires the human touch.  Americans can best improve health care by not waiting for someone else to step up or speak up. 

Project COPE urges and invites each individual and organization speak up to help communicate and act to make health care work for themselves, their families and others when you can and share your input to help preserve and continue to develop real meaningful improvements to our health care system by joining Project COPE: Coalition for Patient Empowerment here by sharing ideas, tools and other solutions and other resources. 

For More Information Or Assistance

If you need assistance reviewing or responding to these or other health care related risk management, compliance, enforcement or management concerns, the author of this update, attorney Cynthia Marcotte Stamer, may be able to help. Vice President of the North Texas Health Care Compliance Professionals Association, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has more than 24 years experience advising health industry clients about these and other matters. Her experience includes advising hospitals, nursing home, home health, rehabilitation and other health care providers and health industry clients to establish and administer compliance and risk management policies; prevent, conduct and investigate, and respond to peer review and other quality concerns; and to respond to Board of Medicine, Department of Aging & Disability, Drug Enforcement Agency, OCR Privacy and Civil Rights, HHS, DOD and other health care industry investigation, enforcement and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns.

A popular lecturer and widely published author on health industry concerns, Ms. Stamer continuously advises health industry clients about compliance and internal controls, workforce and medical staff performance, quality, governance, reimbursement, and other risk management and operational matters. Ms. Stamer also publishes and speaks extensively on health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns. Her insights on these and other related matters appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications.  You can get more information about her health industry experience here. If you need assistance responding to concerns about the matters discussed in this publication or other health care concerns, wish to obtain information about arranging for training or presentations by Ms. Stamer, wish to suggest a topic for a future program or update, or wish to request other information or materials, please contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

If you or someone else you know would like to receive future updates about developments on these and other concerns from Ms. Stamer, see here.

About Solutions Law Press

Solutions Law Press™ provides business risk management, legal compliance, management effectiveness and other resources, training and education on human resources, employee benefits, compensation, data security and privacy, health care, insurance, and other key compliance, risk management, internal controls and other key operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press resources including:

If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information – including your preferred e-mail – by creating or updating your profile here. For important information concerning this communication click here. 

THE FOLLOWING DISCLAIMER IS INCLUDED TO COMPLY WITH AND IN RESPONSE TO U.S. TREASURY DEPARTMENT CIRCULAR 230 REGULATIONS.  ANY STATEMENTS CONTAINED HEREIN ARE NOT INTENDED OR WRITTEN BY THE WRITER TO BE USED, AND NOTHING CONTAINED HEREIN CAN BE USED BY YOU OR ANY OTHER PERSON, FOR THE PURPOSE OF (1) AVOIDING PENALTIES THAT MAY BE IMPOSED UNDER FEDERAL TAX LAW, OR (2) PROMOTING, MARKETING OR RECOMMENDING TO ANOTHER PARTY ANY TAX-RELATED TRANSACTION OR MATTER ADDRESSED HEREIN.

©2012 Cynthia Marcotte Stamer, P.C. Non-exclusive license to republish granted to Solutions Law Press.  All other rights reserved.


Health Care Reform Ruling Release Put Off Until Thursday

June 25, 2012

The Supreme Court did not release its ruling on challenges to the constitutionality to the Patient Protection And Affordable Care Act (“ACA”) health care reform today.   The Supreme Court now is expected to release its much anticipated decision on a series of consolidated challenges to the ACA on Thursday.  Thursday is the last day that the Court can issue rulings before the Justices end their term.  They are not scheduled to return until the new 2012 Session begins in October.


OIG Invitation To Comment On Possible Changes To Provider Self-Disclosure Protocol Invaluable Opportunity To Provide Feedback

June 20, 2012

Health care providers and other interested persons have until to submit recommendations and other input in response to the Solicitation of Information and Recommendations for Revising OIG’s Provider Self-Disclosure Protocol (“RFR”) published by the Department of Health & Human Services (HHS) Office of Inspector General (OIG) on June 20, 2012 here.  Prompt response to this invitation by the August 17, 2012 deadline established by OIG provides a valuable opportunity for health care providers and others who have concerns or other perspectives about the current Protocol as used by the OIG in connection with its enforcement of federal health care fraud laws. 

Protocol Intended To Be Tool To Resolve Civil Monetary Penalty & Other Health Care Fraud Exposures

While OIG touts the Protocol as a valuable tool to providers for resolving certain health care fraud exposures through self-disclosure, physicians, hospitals and other health care providers often are critical of the Protocol and its application by the OIG for deterring self-disclosure by providers by being unduly punitive to providers using the protocol to self-report and self-correct potential violations.

Originally published by OIG in 1998, the Protocol as later supplemented by a series of letters to providers currently defines the opportunity that OIG offers to health care providers to disclose potential fraud to resolve Civil Monetary Penalty and federal health care fraud exposures under Federal law through self-disclosure.  

The potential liability exposures for health care providers accused of running afoul of these federal health care fraud laws are substantial and growing.   Under the Civil Monetary Penalties Law (“CMPL”), 42 U.S.C. § 1320a-7a, and other provisions of the Social Security Act, health care providers face significant criminal and civil risk for violation of federal health care fraud laws.  Among other things, risk the assessment of CMPs, exclusion from participation in all Federal health care programs or both if they knowingly and willfully:  

  • Offer or pay remuneration to induce the referral of or solicit or receive remuneration in return for the referral of Federal health care program business in violation of the Anti-Kickback Statute (42 U.S.C. § 1320a-7b(b));
  • Present or cause to be presented a claim that the person knows or should know is for a service for which payment may not be made under 42 U.S.C. § 1395nn, the physician self-referral or “Stark” law. 42 U.S.C. § 1395nn(g)(3); or
  • Engage in certain other prohibited activities under federal healthcare fraud laws.

For an Anti-Kickback violation, the OIG may seek a penalty of up to $50,000 for each improper act and damages of up to three times the amount of remuneration at issue (regardless of whether some of the remuneration was for a lawful purpose). 42 U.S.C. § 1320a-7a(a).   With the federal government expanding fraud enforcement and tightening federal anti-fraud laws as part of its broader effort to control federal health care spending, OIG and other federal regulators are stepping up enforcement of these and other federal health care laws.  OIG touts the Protocol as offering a valuable opportunity for health care providers to resolve potential health care fraud liabilities by self-disclosing under the Protocol.

The Protocol provides guidance on how to investigate this conduct, quantify damages, and report the conduct to OIG to resolve the provider’s liability exposure under OIG’s civil money penalty (CMP) authorities.  Since its original publication in 2009, OIG has supplemented its guidance by issuing three Open Letters to Health Care Providers to supplement and clarify the Protocol and its application, including:

  • In 2006 announcing an initiative to encourage disclosure of conduct creating liability under OIG’s ant kickback and physician self-referral law CMP authorities.
  • In 2008, issuing additional guidance and requirements for Protocol submissions to increase the efficiency of the Protocol, including new requirements for the initial submission and specific time commitments from the provider, as well as announcing he presumption of not requiring a compliance agreement as part of settling a cooperative and complete disclosure.
  • In 2009, announcing it would no longer accept disclosure of a matter into the Protocol that involved only liability under the physician self-referral law in the absence of a colorable anti-kickback violation and announcing a minimum $50,000 settlement amount for kickback-related submissions.

You can review this guidance governing the Protocol here and see examples of past settlements under the Protocol here.

Many Providers, Industry Leaders Express Concerns About Protocol

OIG characterizes the Protocol as offering health care providers “specific steps, including a detailed audit methodology, that may be undertaken if they wish to work openly and cooperatively with the OIG to efficiently quantify a particular problem and, ultimately promomote a higher level of ethical and lawful conduct throughout the health care industry.  In the RFR, OIG credited the Protocol with allowing OIG to resolve over 800 disclosures resulting in recovering over $280 million to the Federal health care programs over the past 14 years.  In the RFR, OIG reports that it believes this experience reflects the Protocol to be a highly valuable tool, which added and refined guidance would strengthen to the benefit of the provider community and the efficient resolution of Protocol matters. OIG now is announcing plans to further revise the Protocol to provide additional guidance.  Accordingly, OIG is soliciting comments, recommendations, and other suggestions from concerned parties and organizations on how best to revise the Protocol to address relevant issues and to provide useful guidance to the health care industry. 

For providers with concerns about the Protocol and its value to providers as a tool for resolving health care fraud, the invitation should provide a welcome opportunity for feedback.  While OIG perceives the Protocol with these later refinements as a valuable tool to OIG and providers in identifying and resolving known or suspected health care fraud, stiff penalties and restrictions on the Protocol have engendered widespread criticism of the Protocol by many providers and health industry advisors.   See, e.g. Voluntary Disclosure-Look before You Leap; HHS Office of Inspector General Sweetens Its Self-Disclosure Protocol.  For these and other reasons, many health care providers and health industry advisors view the Protocol as now configured and applied as counterproductive to its stated goals.  Critics often argue that the punishment of self-reporting providers discourages self-reporting and self-correction by providing too little reward and almost certain punishment to providers who chose the self-correction path.

Although OIG’s expectations about the Protocol and opportunities for improvement and those of many providers may be widely disparate, all parties with concerns or other opinions are urged to share their input in response to the RFR.  The RFR invitation provides an invaluable opportunity both to share feedback with OIG, as well as to create a record of concerns that would be available to share with members of Congress and other leaders to the extent the OIG fails to adequately address these concerns.

For More Information Or Assistance

For help in responding to the RFR; reviewing and updating your Stark Law, Anti-Kickback Statute, or other health care compliance and risk management policies, practices or programs; assessing the strength of your organizations existing risk management and compliance controls under these laws or other healthcare laws and regulations; or in addressing other compliance or health care concerns, please contact Cynthia Marcotte Stamer via e-mail here or via telephone at 469.767.8872.   To review  and register to receive other helpful updates or for more information about Ms. Stamer and her experience, see here.

Vice President of the North Texas Health Care Compliance Professionals Association, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has more than 24 years experience advising health industry clients about these and other matters. Her experience includes advising hospitals, nursing home, home health, rehabilitation and other health care providers and health industry clients to establish and administer compliance and risk management policies; prevent, conduct and investigate, and respond to peer review and other quality concerns; and to respond to Board of Medicine, Department of Aging & Disability, Drug Enforcement Agency, OCR Privacy and Civil Rights, HHS, DOD and other health care industry investigation, enforcement and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns.

A popular lecturer and widely published author on health industry concerns, Ms. Stamer continuously advises health industry clients about compliance and internal controls, workforce and medical staff performance, quality, governance, reimbursement, and other risk management and operational matters. Ms. Stamer also publishes and speaks extensively on health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns. Her insights on these and other related matters appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications.  You can get more information about her health industry experience here. If you need help responding to concerns about the matters discussed in this publication or other health care concerns, wish to get information about arranging for training or presentations by Ms. Stamer, wish to suggest a topic for a future program or update, or wish to request other information or materials, please contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

If you or someone else you know would like to receive future updates about developments on these and other concerns from Ms. Stamer, see here.

About Solutions Law Press

Solutions Law Press™ provides business risk management, legal compliance, management effectiveness and other resources, training and education on human resources, employee benefits, compensation, data security and privacy, health care, insurance, and other key compliance, risk management, internal controls and other key operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press resources including:

If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information – including your preferred e-mail – by creating or updating your profile here. For important information concerning this communication click here. 

THE FOLLOWING DISCLAIMER IS INCLUDED TO COMPLY WITH AND IN RESPONSE TO U.S. TREASURY DEPARTMENT CIRCULAR 230 REGULATIONS.  ANY STATEMENTS CONTAINED HEREIN ARE NOT INTENDED OR WRITTEN BY THE WRITER TO BE USED, AND NOTHING CONTAINED HEREIN CAN BE USED BY YOU OR ANY OTHER PERSON, FOR THE PURPOSE OF (1) AVOIDING PENALTIES THAT MAY BE IMPOSED UNDER FEDERAL TAX LAW, OR (2) PROMOTING, MARKETING OR RECOMMENDING TO ANOTHER PARTY ANY TAX-RELATED TRANSACTION OR MATTER ADDRESSED HEREIN.

©2012 Cynthia Marcotte Stamer, P.C. Non-exclusive license to republish granted to Solutions Law Press.  All other rights reserved.


Christus Pays $5 Million + To Settle False Claims Act Charges It Coded Outpatient Care As Inpatient

June 18, 2012

Christus Spohn Health System Corporation has paid the United States more than $5 million to settle Justice Department and a former executive’s qui tam claims that it profited from violations of the False Claims Act by inappropriately admitted patients to inpatient status for outpatient procedures.  United States Attorney Kenneth Magidson announced the settlement on June 14, 2012.

The settlement resolves allegations that six Christus Spohn hospitals in and around Corpus Christi, Texas, submitted false claims to the Medicare program by using inpatient codes for procedures that should have been billed under an outpatient code. Department of Justice officials charged this practice enabled these hospitals to collect more money from the Medicare program than they were entitled to collect. Those six hospitals included Christus Spohn Hospitals in Corpus Christi – Shoreline, Corpus Christi – Memorial, Corpus Christi – South, Alice, Beeville and Kleberg.

The charges and their development highlight the risks that health care providers increasingly face from disgruntled employees or other business insiders, as well as federal prosecuters.  The investigation leading to the settlement began in March 2008 after Christus – Shoreline’s former director of case management filed a lawsuit under seal under the qui tam provisions of the False Claims Act alleging the six hospitals were submitting false claims to the Medicare program by billing for services that should have been performed on an outpatient basis as if they were more expensive inpatient services. The allegations stated that these hospitals were routinely billing outpatient surgical procedures as if they required an inpatient level of care even though the patients often were discharged from the hospital in less than 24 hours. 

The federal False Claims Act empowers private citizens with knowledge of fraud against the United States to present those allegations to the United States by bringing a lawsuit on behalf of the United States under seal. If the government’s investigation substantiates those allegations, then the private citizen is entitled to share in any recovery. In this case, that person will receive 20% of the $5,100,481.74 recovery.

The investigation was conducted by the Department of Health and Human Services Office of Inspector General and was prosecuted by the Department of Justice.   

Health Care Providers Must Act To Manage Risks

In response to the growing emphasis and effectiveness of Federal officials in investigating and taking action against health care providers and organizations, health care providers covered by federal false claims, referral, kickback and other health care fraud laws should consider auditing the adequacy of existing practices, tightening training, oversight and controls on billing and other regulated conduct, reaffirming their commitment to compliance to workforce members and constituents and taking other appropriate steps to help prevent, detect and timely redress health care fraud exposures within their organization and to position their organization to respond and defend against potential investigations or charges.  In light of the growing qui tam risks, health care providers also should tighten internal investigation, exit interview and other human resources and business partner oversight, reporting and investigation policies and practices to help identify and redress potential fraud or other qui tam, retaliation and similar  exposures early and more effectively.  

For More Information Or Assistance

If you need assistance reviewing or responding to these or other health care related risk management, compliance, enforcement or management concerns, the author of this update, attorney Cynthia Marcotte Stamer, may be able to help. Vice President of the North Texas Health Care Compliance Professionals Association, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has more than 24 years experience advising health industry clients about these and other matters. Her experience includes advising hospitals, nursing home, home health, rehabilitation and other health care providers and health industry clients to establish and administer compliance and risk management policies; prevent, conduct and investigate, and respond to peer review and other quality concerns; and to respond to Board of Medicine, Department of Aging & Disability, Drug Enforcement Agency, OCR Privacy and Civil Rights, HHS, DOD and other health care industry investigation, enforcement and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns.

A popular lecturer and widely published author on health industry concerns, Ms. Stamer continuously advises health industry clients about compliance and internal controls, workforce and medical staff performance, quality, governance, reimbursement, and other risk management and operational matters. Ms. Stamer also publishes and speaks extensively on health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns. Her insights on these and other related matters appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications.  You can get more information about her health industry experience here. If you need assistance responding to concerns about the matters discussed in this publication or other health care concerns, wish to obtain information about arranging for training or presentations by Ms. Stamer, wish to suggest a topic for a future program or update, or wish to request other information or materials, please contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

If you or someone else you know would like to receive future updates about developments on these and other concerns from Ms. Stamer, see here.

About Solutions Law Press

Solutions Law Press™ provides business risk management, legal compliance, management effectiveness and other resources, training and education on human resources, employee benefits, compensation, data security and privacy, health care, insurance, and other key compliance, risk management, internal controls and other key operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press resources including:

If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information – including your preferred e-mail – by creating or updating your profile here. For important information concerning this communication click here. 

THE FOLLOWING DISCLAIMER IS INCLUDED TO COMPLY WITH AND IN RESPONSE TO U.S. TREASURY DEPARTMENT CIRCULAR 230 REGULATIONS.  ANY STATEMENTS CONTAINED HEREIN ARE NOT INTENDED OR WRITTEN BY THE WRITER TO BE USED, AND NOTHING CONTAINED HEREIN CAN BE USED BY YOU OR ANY OTHER PERSON, FOR THE PURPOSE OF (1) AVOIDING PENALTIES THAT MAY BE IMPOSED UNDER FEDERAL TAX LAW, OR (2) PROMOTING, MARKETING OR RECOMMENDING TO ANOTHER PARTY ANY TAX-RELATED TRANSACTION OR MATTER ADDRESSED HEREIN.

©2012 Cynthia Marcotte Stamer, P.C. Non-exclusive license to republish granted to Solutions Law Press.  All other rights reserved.


Nonprofit CEO Convicted Of Embezzling Medicaid Funds Intended For Mentally Disabled Care

June 18, 2012

Former Chief Executive Officer of Evelyn Douglin Center for Serving People in Need (EDC) Seibert Phillips faces sentencing to up to 15 years in prison after pleading guilty to  stealing over $600,000 from the charity.  The prosecution and conviction of Phillips by the New York Attorney General demonstrates that Medicaid and other health care fraud investigation and oversight by states is thriving along side the much more widely reported federal health care fraud inititives.

Evelyn Douglin Center is a Medicaid-funded corporation which provides care and services to mentally disabled New York City residents. Among other things, it operates supportive and supervised alternative housing and provides residential habilitation and day habilitation programs for those in need. EDC is reimbursed in part by the New York State Medicaid program. Over a five year period, while Chief Executive of EDC, which he founded in 1999, Phillips secretly diverted over $600,000 in Medicaid checks made payable to EDC into a fraudulent account he opened in the corporation’s name. Phillips thereafter used this account for himself, funding frequent personal travel, cars and even his dog trainers. EDC’s Board of Directors was unaware of the secret account and cooperated in the investigation leading to Phillips’s arrest and conviction.

Phillips’s arrest and conviction arises out of the Attorney General’s prior investigation of EDC which concluded last year with a $5 million settlement. Medicaid rules required EDC to draft and maintain daily reports detailing the specific services it provided to Medicaid recipients. The investigation uncovered that, for a five year period ending in 2009, EDC altogether failed to create many of the records. As part of its settlement agreement, EDC also agreed to reconstitute its Board of Directors and to retain a monitor for five years to ensure its compliance with all applicable Medicaid rules and regulations.

Phillips’s secret account came to light during an Attorney General investigation of EDC. Phillips pled guilty today to Grand Larceny in the Second Degree, a class C Felony which carries a maximum penalty of five to fifteen years in state prison. Under the terms of his plea agreement, Phillips will be sentenced to five years of probation, pay back restitution totaling $445,000 to EDC, and perform 500 hours of community service. He will be sentenced on August 7, 2012.  Get more details here

The Phillips conviction is one of a growing list state and federal prosecutions of health care and other organizations and individuals for violations of federal or state health care fraud or other laws.  Driven both by federal program mandates and daunting state health care entitlement program budget expenditures, state regulators and law enforcement teams across the United States increasingly are active and vital participants in the expanding federal and state war against health care fraud and other health care provider misconduct.  See e.g., Health Care Providers Also Should Guard Against Rising Exposures To State Health Care Fraud & Other Enforcement Risks.  

 Health Care Providers Must Act To Manage Risks

In response to the growing emphasis and effectiveness of Federal officials in investigating and taking action against health care providers and organizations, health care providers covered by federal false claims, referral, kickback and other health care fraud laws should consider auditing the adequacy of existing practices, tightening training, oversight and controls on billing and other regulated conduct, reaffirming their commitment to compliance to workforce members and constituents and taking other appropriate steps to help prevent, detect and timely redress health care fraud exposures within their organization and to position their organization to respond and defend against potential investigations or charges.

For More Information Or Assistance

If you need assistance reviewing or responding to these or other health care related risk management, compliance, enforcement or management concerns, the author of this update, attorney Cynthia Marcotte Stamer, may be able to help. Vice President of the North Texas Health Care Compliance Professionals Association, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has more than 24 years experience advising health industry clients about these and other matters. Her experience includes advising hospitals, nursing home, home health, rehabilitation and other health care providers and health industry clients to establish and administer compliance and risk management policies; prevent, conduct and investigate, and respond to peer review and other quality concerns; and to respond to Board of Medicine, Department of Aging & Disability, Drug Enforcement Agency, OCR Privacy and Civil Rights, HHS, DOD and other health care industry investigation, enforcement and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns.

A popular lecturer and widely published author on health industry concerns, Ms. Stamer continuously advises health industry clients about compliance and internal controls, workforce and medical staff performance, quality, governance, reimbursement, and other risk management and operational matters. Ms. Stamer also publishes and speaks extensively on health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns. Her insights on these and other related matters appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications.  You can get more information about her health industry experience here. If you need assistance responding to concerns about the matters discussed in this publication or other health care concerns, wish to obtain information about arranging for training or presentations by Ms. Stamer, wish to suggest a topic for a future program or update, or wish to request other information or materials, please contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

If you or someone else you know would like to receive future updates about developments on these and other concerns from Ms. Stamer, see here.

About Solutions Law Press

Solutions Law Press™ provides business risk management, legal compliance, management effectiveness and other resources, training and education on human resources, employee benefits, compensation, data security and privacy, health care, insurance, and other key compliance, risk management, internal controls and other key operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press resources including:

If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information – including your preferred e-mail – by creating or updating your profile here. For important information concerning this communication click here. 

THE FOLLOWING DISCLAIMER IS INCLUDED TO COMPLY WITH AND IN RESPONSE TO U.S. TREASURY DEPARTMENT CIRCULAR 230 REGULATIONS.  ANY STATEMENTS CONTAINED HEREIN ARE NOT INTENDED OR WRITTEN BY THE WRITER TO BE USED, AND NOTHING CONTAINED HEREIN CAN BE USED BY YOU OR ANY OTHER PERSON, FOR THE PURPOSE OF (1) AVOIDING PENALTIES THAT MAY BE IMPOSED UNDER FEDERAL TAX LAW, OR (2) PROMOTING, MARKETING OR RECOMMENDING TO ANOTHER PARTY ANY TAX-RELATED TRANSACTION OR MATTER ADDRESSED HEREIN.

©2012 Cynthia Marcotte Stamer, P.C. Non-exclusive license to republish granted to Solutions Law Press, Inc.  All other rights reserved.

 


Health Companies Looking To Raise Funds Beware: Old Practices & Forms May Need Update For Securities Law Changes

June 7, 2012

Health care entrepreneurs and other businesses looking to raise investment from private investors without registration in accordance with applicable federal and state securities laws requirements for publicly traded investments need to exercise care that their practices meet all requirements, particularly in light of recent changes to the regulations.

For example, health care, health care IT and other businesses looking to raise capital in a private versus publicly registered context often plan to rely upon the restriction of offers and sales to individuals who qualify as “accredited investors” and other compliance with the accredited investor exemptions to registration requirements under federal and state securities laws. 

When planning to raise capital, however, reliance on past experience and recycling old documents can be risky.  Due to recent changes in the accredited investor regulations, however, businesses intending to rely upon the accredited investor exception may need to update their accredited investor questionnaires and other practices to avoid unintentionally running afoul of modified rules.

On December 21, 2011, the U.S. Securities and Exchange Commission adopted final rules that amended the “accredited investor” definition in the rules under the U.S. Securities Act of 1933, as amended.

The recent regulatory amendments respond to securities laws changes enacted by Section 413(a) of the U.S. Dodd-Frank Wall Street Reform and Consumer Protection Act (“Dodd-Frank”).

Among many other changes it enacted, Dodd-Frank requires the definition of “accredited investor” in the Securities Act rules to exclude the value of a person’s primary residence for purposes of determining whether the person qualifies as an “accredited investor” on the basis of having a net worth in excess of US $1,000,000.

Securities Act Rules 215 and 501, as amended, in response to Dodd-Frank now define “accredited investor” to include, among other things, any natural person whose individual net worth, or joint net worth with that person’s spouse, exceeds US$1,000,000, excluding the value of the investor’s primary residence.  SEC regulations provide guidance about the application of this revised requirement. 

Because of the change to the accredited investor requirements of federal securities laws, investor questionnaires may need to be updated to reflect the new definition. Investors relying on the net worth category of the accredited investor definition may also need to get valuations of their residences to determine their fair market value and may also need to disclose the value of any mortgages thereon and the timing of when such mortgages were incurred to confirm accredited investor status.

The changes to the accredited investor exemption rules is just one of many changes in securities registration exemption, reporting, and other requirements.  Protect yourself and your business.  Review your practices and documentation to confirm they are up to date and compliant before you get started and keep a careful eye on compliance and out for more changes coming down the pike on an ongoing basis.

Interested persons can see a copy of the SEC’s final rule  here

 

For More Information Or Assistance

If you need assistance reviewing or responding to these or other health care related risk management, compliance, enforcement or management concerns, the author of this update, attorney Cynthia Marcotte Stamer, may be able to help. Vice President of the North Texas Health Care Compliance Professionals Association, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has more than 24 years experience advising health industry clients about these and other matters. Her experience includes advising hospitals, nursing home, home health, rehabilitation and other health care providers and health industry clients to establish and administer compliance and risk management policies; prevent, conduct and investigate, and respond to peer review and other quality concerns; and to respond to Board of Medicine, Department of Aging & Disability, Drug Enforcement Agency, OCR Privacy and Civil Rights, HHS, DOD and other health care industry investigation, enforcement and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns.

A popular lecturer and widely published author on health industry concerns, Ms. Stamer continuously advises health industry clients about compliance and internal controls, workforce and medical staff performance, quality, governance, reimbursement, and other risk management and operational matters. Ms. Stamer also publishes and speaks extensively on health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns. Her insights on these and other related matters appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications.  You can get more information about her health industry experience here. If you need assistance responding to concerns about the matters discussed in this publication or other health care concerns, wish to obtain information about arranging for training or presentations by Ms. Stamer, wish to suggest a topic for a future program or update, or wish to request other information or materials, please contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

If you or someone else you know would like to receive future updates about developments on these and other concerns from Ms. Stamer, see here.

About Solutions Law Press

Solutions Law Press™ provides business risk management, legal compliance, management effectiveness and other resources, training and education on human resources, employee benefits, compensation, data security and privacy, health care, insurance, and other key compliance, risk management, internal controls and other key operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press resources including:

If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information – including your preferred e-mail – by creating or updating your profile here. For important information concerning this communication click here. 

THE FOLLOWING DISCLAIMER IS INCLUDED TO COMPLY WITH AND IN RESPONSE TO U.S. TREASURY DEPARTMENT CIRCULAR 230 REGULATIONS.  ANY STATEMENTS CONTAINED HEREIN ARE NOT INTENDED OR WRITTEN BY THE WRITER TO BE USED, AND NOTHING CONTAINED HEREIN CAN BE USED BY YOU OR ANY OTHER PERSON, FOR THE PURPOSE OF (1) AVOIDING PENALTIES THAT MAY BE IMPOSED UNDER FEDERAL TAX LAW, OR (2) PROMOTING, MARKETING OR RECOMMENDING TO ANOTHER PARTY ANY TAX-RELATED TRANSACTION OR MATTER ADDRESSED HEREIN.

©2012 Cynthia Marcotte Stamer, P.C. Non-exclusive license to republish granted to Solutions Law Press.  All other rights reserved.


Follow

Get every new post delivered to your Inbox.

Join 571 other followers

%d bloggers like this: