Hospitals Urged To Tighten Inpatient & Outpatient Admission Records As OIG Audits Hospitals for New vs. Established Patients,

November 29, 2012

Hospitals should act quickly to adopt appropriate compliance policies and tighten outpatient and inpatient admissions recordkeeping and associated billing activities to minimize exposures signaled by audits announced by the Department of Health & Human Services (HHS) Office of Inspector General (OIG).

OIG reportedly is auditing inpatient and outpatient hospital claims for new and established patients to identify potential overcharges by some hospital-based outpatient clinics that may have resulted from treating established patients as if they were new patients. OIG’s Office of Audit Services reportedly sent letters to some hospitals in October, asking about a handful of claims for new patient visits that OIG suspects the hospital should have billed as established patient visits. In addition to requesting specific information about line items on the claims and their internal controls for billing new versus established patients and provide descriptions of written policies and procedures governing the facilities classification of new versus established patients and internal controls for detecting errors.

Medicare typically pays more for new versus established patients since CMS  implemented the outpatient prospective payment system in 2000. Since 2008, CMS rules have specified that patients who visit the hospital outpatient clinic within three years are established patients, and after that they are new, with Medicare paying more for the latter. See(73 Fed. Reg. 68502, 68679 (November 18, 2009).  Data mining technology increasingly used by CMS and other federal fraud investigators facilities the ability of Medicare and others to identify errors in coding and billing resulting from misclassication of existing patients as new.  

Many hospitals may be exposed under this requirement for a variety of reasons including failure to appropriately track and coordinate inpatient and outpatient admission data, defaults built into recordkeeping systems and omissions to timely update practices or training.  In contrast to the risk of overbilling from incorrectly treating patients as new, hospitals that bill all patients as established to overcome inadequacies in their ability to track new versus established patients often leave money on the table unnecessarily by foregoing added reimbursement that the facility otherwise would qualify for it could reliably identify new patients.

While strengthening coding and billing to ward of risks, may debate the appropriateness of CMS’ new versus existing patient distinction outside the physician office context.  Critics contend that unlike in the physician office context, the level of care or resources delivered for a new patient compared to a patient who previously visited the hospital doesn’t generally differ. Parties with these concerns should continue to ensure appropriate compliance with existing rules while providing input and feedback to CMS and other regulators about their concerns with the policy’s suitability.

For Help With Monitoring Developments, Compliance, Investigations Or Other Needs

If you need help reviewing or commenting on the Tests Procedures or monitoring or responding to these or other health care or health IT related risk management, compliance, enforcement or management concerns, the author of this update, attorney Cynthia Marcotte Stamer, can help.  Vice President of the North Texas Health Care Compliance Professionals Association, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, and A Fellow in the American Bar Association, State Bar of Texas and other prominent organizations, Ms. Stamer has more than 24 years experience advising health industry clients about these and other matters. Ms. Stamer has extensive experience advising and assisting health care providers, health plans, their business associates and other health industry clients to set up and administer medical privacy, EHR and other technology and other compliance and risk management policies, to health care industry investigation, enforcement and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns. She regularly designs and presents HIPAA and other risk management, compliance and other training for health plans, employers, health care providers, professional associations and others.   

Ms. Stamer also regularly works with OCR and other agencies, publishes and speaks extensively on medical and other privacy and data security, health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns.  Her publications and insights appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, World At Work, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications.   For instance, Ms. Stamer for the second year will serve as the appointed scribe for the ABA Joint Committee on Employee Benefits Agency meeting with OCR.  Her insights on HIPAA risk management and compliance often appear in medical privacy and other technology, risk management and compliance-related publications of a broad range of health care, health plan and other industry publications Among others, she has conducted privacy training for the Association of State & Territorial Health Plans (ASTHO), the Los Angeles Health Department, the American Bar Association, the Health Care Compliance Association, a multitude of health industry, health plan, insurance and financial services, education, employer employee benefit and other clients, trade and professional associations and others.

You can get more information about her experience here.

Other Recent Updates & Resources

If you found this information of interest, you also may be interested in the following recent updates on health care, health plan and employee benefits, human resources and other risk management and compliance matters.  Recent examples on health care compliance and risk management matters include:

OIG Recommends CMS, ONC Tighten EMR Incentive Program Rules To Improve Oversight

Congress Sends Bill Amending Lab Testing Rule Violation Sanctions

Learn Latest On OCR New HIPAA De-Identification Guidance & Other HIPAA Developments In 12/12 HIPAA Update Workshop!

$12M+ Settlement Recoveries In 2 Health Care Fraud Whistleblower Claims Shows Providers, Owners, Management & Staff Must Manage Compliance & Risks

Feds Health Fraud Suit Against Psychiatrists Shows Risks Providers Run From Aggressive Referral or Billing Activities

ONC Releases Next Wave of 2014 Draft Test Methods For Public Review and Comment; Plans 11/13 Virtual Workshop

Recent OIG Audit Reports Provide Insights Where Fraud Audits Likely To Look Next

Hospital Chain HCA Inc. Pays $16.5 Million to Settle False Claims Act Allegations That Hospital

Detroit-Area Doctor Charged for Role in Alleged $40 Million Medicare Fraud Scheme

Five More Individuals Charged in Detroit for Alleged Roles in $24.7 Million Medicare Fraud Scheme

Massachusetts Ear Group To Pay $1.5 Million To Resolve HIPAA Charges

Personal Consumer Information Protection In Health Care Operations Topic of Stamer’s 11/1 Speech

ONC Releases First Wave of EHR Test Procedures; More To Come

OCR Releases HIPAA Compliance Training Tool As Enforcement Risks Rise

Health Care Orgs Disability Exposure High As $475K Paid To Settle Justice Department Charges Medical Fitness Screenings of EMTs, Others Violated ADA

HHS/DOJ Partner With Private Health Plans To Further Ramp Up Health Care Fraud Heat!

AHRQ Issues New Guide for Use of Interactive Preventive Care Record

Nextcare Inc. $10 Million False Claims Act Settlement Shows Qui Tam Role In False Claims Act Prosecutions

For more resources and publications training materials by Ms. Stamer, see here.  

If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information – including your preferred e-mail – by creating or updating your profile here. For important information concerning this communication click here.  If you do not wish to receive these updates in the future, send an e-mail with the word “Remove” in the Subject to here.

©2012 Cynthia Marcotte Stamer, P.C. nonexclusive license to republish granted to Solutions Law Press, Inc.  All other rights reserved.

 

OIG Recommends CMS, ONC Tighten EMR Incentive Program Rules To Improve Oversight

November 29, 2012

The Department of Health & Human Services Office of Inspector General is recommending the Centers for Medicare & Medicaid Services (CMS) and the Office of the National Coordinator for Health IT (ONC) act to improve the effectiveness of its oversight and management of the Medicare electronic health record (EHR) incentive program.  The recommendations are likely to impact on the requirements that hospitals and other professionals will be required to meet to get and keep EHR program incentive payments.  Consequently, hospitals, physicians and other providers and their technology and other systems advisors and vendors should carefully watch and respond to changes that these two agencies implement in response to the OIG feedback.

According to an OIG study reported here, the CMS estimates that it will pay $6.6 billion in EHR incentive payments to providers under the program between 2011 and 2016.  Many hospitals, physician organizations and other providers are making substantial investments in EHR and related technologies in reliance of expectation of receiving program incentive payments.  Accordingly, parties hoping to qualify for incentive programs need to watch closely the actions that the agencies take in response to this OIG input or otherwise that impacts on qualification and audits.

OIG Study & Findings

OIG’s early assessment of CMS’s oversight of the Program found that because professionals and hospitals self-report data to prove fulfillment of program requirements, CMS’s efforts to verify these data will help make sure the integrity of Medicare EHR incentive payments.

The recommendation comes from an OIG study reviewing CMS’s oversight of professionals’ and hospitals’ self-reported meaningful use of certified EHR technology in 2011, the first year of the program.  OIG evaluated self-reported information against program requirements.  It also looked at CMS’s audit planning documents, regulations and guidance for the program and conducted structured interviews with CMS staff on CMS’s oversight.

Based on this evaluation, OIG foundCMS faces obstacles to overseeing the Medicare EHR incentive program that leave the program vulnerable to paying incentives to professionals and hospitals that do not fully meet the meaningful use requirements.  OIG says CMS has not yet implemented strong prepayment safeguards, and has limited ability to safeguard incentive payments postpayment. OIG also reports that the ONC requirements for EHR reports may contribute to CMS’s oversight obstacles.

OIG Recommended Corrective Action

Based on its study, OIG is recommending that CMS take the following actions.

  • Obtain and review supporting documentation from selected professionals and hospitals prior to payment to verify the accuracy of their self‑reported information and
  • Issue guidance with specific examples of documentation that professionals and hospitals should maintain to support their compliance. 

CMS did not agree with our first recommendation, stating that prepayment reviews would increase the burden on practitioners and hospitals and could delay incentive payments.  Despite this CMS feedback, OIG nevertheless is continuing to recommend that CMS conduct prepayment reviews to improve program oversight. CMS concurred with our second recommendation.

OIG also recommended that ONC take the following actions: 

  • Require that certified EHR technology be capable of producing reports for yes/no meaningful use measures where possible and
  • Improve the certification process for EHR technology to make sure applicants provide accurate EHR reports. 

ONC concurred with both recommendations.

Recommended Provider Action

Hospitals and providers looking to take advantage of the HER incentive payments should carefully monitor the developments resulting from these recommendations and take proper actions to stay compliant with evolving requirements as they move forward.

Along with monitoring these responses, providers participating in the incentive program also need to stay abreast of other developments.  For instance, last month, ONC announced the release of the Wave 7 2014 Edition Draft Test Methods (test procedures, tools, and applicable test data and files).  See 2014 Edition Draft Test Procedures webpage. Additional waves of test methods are impending.  ONC says it expects the final set of Test Methods to be available for use in early 2013. 

For Help With Monitoring Developments, Compliance, Investigations Or Other Needs

If you need help reviewing or commenting on the Tests Procedures or monitoring or responding to these or other health care or health IT related risk management, compliance, enforcement or management concerns, the author of this update, attorney Cynthia Marcotte Stamer, can help.  Vice President of the North Texas Health Care Compliance Professionals Association, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, and A Fellow in the American Bar Association, State Bar of Texas and other prominent organizations, Ms. Stamer has more than 24 years experience advising health industry clients about these and other matters. Ms. Stamer has extensive experience advising and assisting health care providers, health plans, their business associates and other health industry clients to set up and administer medical privacy, EHR and other technology and other compliance and risk management policies, to health care industry investigation, enforcement and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns. She regularly designs and presents HIPAA and other risk management, compliance and other training for health plans, employers, health care providers, professional associations and others.   

Ms. Stamer also regularly works with OCR and other agencies, publishes and speaks extensively on medical and other privacy and data security, health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns.  Her publications and insights appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, World At Work, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications.   For instance, Ms. Stamer for the second year will serve as the appointed scribe for the ABA Joint Committee on Employee Benefits Agency meeting with OCR.  Her insights on HIPAA risk management and compliance often appear in medical privacy related publications of a broad range of health care, health plan and other industry publications Among others, she has conducted privacy training for the Association of State & Territorial Health Plans (ASTHO), the Los Angeles Health Department, the American Bar Association, the Health Care Compliance Association, a multitude of health industry, health plan, insurance and financial services, education, employer employee benefit and other clients, trade and professional associations and others.

You can get more information about her experience here.

Other Recent Updates & Resources

If you found this information of interest, you also may be interested in the following recent updates on health care, health plan and employee benefits, human resources and other risk management and compliance matters.  Recent examples on health care compliance and risk management matters include:

Congress Sends Bill Amending Lab Testing Rule Violation Sanctions

Learn Latest On OCR New HIPAA De-Identification Guidance & Other HIPAA Developments In 12/12 HIPAA Update Workshop!

$12M+ Settlement Recoveries In 2 Health Care Fraud Whistleblower Claims Shows Providers, Owners, Management & Staff Must Manage Compliance & Risks

Feds Health Fraud Suit Against Psychiatrists Shows Risks Providers Run From Aggressive Referral or Billing Activities

ONC Releases Next Wave of 2014 Draft Test Methods For Public Review and Comment; Plans 11/13 Virtual Workshop

Recent OIG Audit Reports Provide Insights Where Fraud Audits Likely To Look Next

Hospital Chain HCA Inc. Pays $16.5 Million to Settle False Claims Act Allegations That Hospital

Detroit-Area Doctor Charged for Role in Alleged $40 Million Medicare Fraud Scheme

Five More Individuals Charged in Detroit for Alleged Roles in $24.7 Million Medicare Fraud Scheme

Massachusetts Ear Group To Pay $1.5 Million To Resolve HIPAA Charges

Personal Consumer Information Protection In Health Care Operations Topic of Stamer’s 11/1 Speech

ONC Releases First Wave of EHR Test Procedures; More To Come

OCR Releases HIPAA Compliance Training Tool As Enforcement Risks Rise

Health Care Orgs Disability Exposure High As $475K Paid To Settle Justice Department Charges Medical Fitness Screenings of EMTs, Others Violated ADA

HHS/DOJ Partner With Private Health Plans To Further Ramp Up Health Care Fraud Heat!

AHRQ Issues New Guide for Use of Interactive Preventive Care Record

Nextcare Inc. $10 Million False Claims Act Settlement Shows Qui Tam Role In False Claims Act Prosecutions

For more resources and publications training materials by Ms. Stamer, see here.  

If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information – including your preferred e-mail – by creating or updating your profile here. For important information concerning this communication click here.  If you do not wish to receive these updates in the future, send an e-mail with the word “Remove” in the Subject to here.

©2012 Cynthia Marcotte Stamer, P.C. nonexclusive license to republish granted to Solutions Law Press, Inc.  All other rights reserved.

 

Congress Sends Bill Amending Lab Testing Rule Violation Sanctions

November 29, 2012

 

Congress sent the “Taking Essential Steps for Testing Act of 2012″ to President Obama for signature.  The Act amends the Public Health Service Act to revise sanctions for laboratories that intentionally refer proficiency testing samples required for certification to another laboratory for analysis by: (1) giving the Secretary of Health and Human Services (HHS) discretion to substitute intermediate sanctions for such violations instead of the two-year prohibition against ownership or operation which would otherwise apply, and (2) making the one-year certificate revocation for such a laboratory optional rather than mandatory.  For details, see the Text of Legislation.

About The Author

A Fellow in the American Bar Association, State Bar of Texas, and American College of Employee Benefits Counsel, recognized in International Who’s WhoNorth Texas Health Care Compliance Professionals Association Vice-President and Board Certified in Labor & Employment Law, attorney  Cynthia Marcotte Stamer has 25 years experience advising and representing private and public health care providers, employers, employer and union plan sponsors, employee benefit plans, associations, their fiduciaries, administrators, and vendors, group health, Medicare and Medicaid Advantage, and other insurers, governmental leaders and others on privacy and data security, health care, health and other employee benefit. employment, insurance and related matters. A well-known and prolific author and popular speaker, Ms. Stamer has worked extensively with heath care providers, health plans and other payers, health and insurance IT and data systems, and others on HIPAA and other privacy and data security concerns.  She served as the scrivener for the ABA JCEB Agency Meetings with the Office of Civil Rights on HIPAA Privacy for the past two years.  She presently serves as Co-Chair of the ABA RPTE Section Welfare Plan Committee, Vice Chair of the ABA TIPS Employee Benefit Committee, an ABA Joint Committee on Employee Benefits Representative, an Editorial Advisory Board Member of the Institute of Human Resources (IHR/HR.com) and Employee Benefit News, and various other publications.  A primary drafter of the Bolivian Social Security privatization law with extensive domestic and international regulatory and public policy experience, Ms. Stamer also has worked extensively domestically and internationally on public policy and regulatory advocacy on HIPAA and other privacy and data security risks and requirements as well as a broad range of other health,  employee benefits, human resources, insurance, tax, compliance and other matters and representing clients in dealings with OCR and other HHS agencies, as well as the Departments of Labor, Treasury, Federal Trade Commission, HUD and Justice, Congress and state legislatures, and various state attorneys general, insurance, labor, worker’s compensation, medical licensure and disciplinary and other agencies and regulators. A prolific author and popular speaker, Ms. Stamer regularly authors materials and conducts workshops and professional, management and other training on HIPAA and other privacy, health care, employee benefits, human resources, insurance and related topics for the ABA, Aspen Publishers, the Bureau of National Affairs (BNA), SHRM, World At Work, Government Institutes, Inc., the Society of Professional Benefits Administrators and many other organizations. Her insights on privacy and other matters are quoted in Modern Healthcare, HealthLeaders, Benefits, Caring for the Elderly, The Wall Street Journal and many other publications.  She also regularly serves on the faculty and planning committees of a multitude of symposium and other educational programs.  For more details about Ms. Stamer’s services, experience, presentations, publications, and other credentials or to ask about arranging counseling, training or presentations or other services by Ms. Stamer, see www.CynthiaStamer.com.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides business and management information, tools and solutions, training and education, services and support to help organizations and their leaders promote effective management of legal and operational performance, regulatory compliance and risk management, data and information protection and risk management and other key management objectives.  Solutions Law Press, Inc.™ also conducts and assist businesses and associations to design, present and conduct customized programs and training targeted to their specific audiences and needs.  For additional information about upcoming programs, to explore becoming a presenting sponsor for an upcoming event, e-mail your request to info@Solutionslawpress.com   These programs, publications and other resources are provided only for general informational and educational purposes. Neither the distribution or presentation of these programs and materials to any party nor any statement or information provided in or in connection with this communication, the program or associated materials are intended to or shall be construed as establishing an attorney-client relationship,  to constitute legal advice or provide any assurance or expectation from Solutions Law Press, Inc., the presenter or any related parties. If you or someone else you know would like to receive future Alerts or other information about developments, publications or programs or other updates, send your request to info@solutionslawpress.com.  If you would prefer not to receive communications from Solutions Law Press, Inc. send an e-mail with “Solutions Law Press Unsubscribe” in the Subject to support@solutionslawyer.net.  CIRCULAR 230 NOTICE: The following disclaimer is included to comply with and in response to U.S. Treasury Department Circular 230 Regulations.  ANY STATEMENTS CONTAINED HEREIN ARE NOT INTENDED OR WRITTEN BY THE WRITER TO BE USED, AND NOTHING CONTAINED HEREIN CAN BE USED BY YOU OR ANY OTHER PERSON, FOR THE PURPOSE OF (1) AVOIDING PENALTIES THAT MAY BE IMPOSED UNDER FEDERAL TAX LAW, OR (2) PROMOTING, MARKETING OR RECOMMENDING TO ANOTHER PARTY ANY TAX-RELATED TRANSACTION OR MATTER ADDRESSED HEREIN. If you are an individual with a disability who requires accommodation to participate, please let us know at the time of your registration so that we may consider your request.

©2012 Solutions Law Press, Inc. All Rights Reserved.


Learn Latest On OCR New HIPAA De-Identification Guidance & Other HIPAA Developments In 12/12 HIPAA Update Workshop!

November 27, 2012

Get Up To Date On Details of New De-Identification Guidance & Other HIPAA Developments By Participating In 12/12 HIPAA Update Web Workshop!

Health care providers, health plans, health care clearinghouses (covered entities) and their business associates and leadership should check and update their policies and practices for the de-identification of protected health information (PHI) in light of newly-released Guidance Regarding Methods for De-identification of Protected Health Information in Accordance With the Health Insurance Portability and Accountablity Act (HIPAA) Privacy Rule (Guidance) released by the Department of Health & Human Services (HHS) Office of Civil Rights yesterday (November 26, 2012). 

Solutions Law Press, Inc. will host a one hour HIPAA Update Webinar on the Guidance and other recent regulatory and enforcement developments under HIPAA for covered entities and their business associates on Wednesday, December 12 beginning at Noon Central Time. To register, see here.

Existing Privacy Rules and the Guidance recognize two alternative methods that covered entities and their business can use to properly de-identify PHI for purposes of the HIPAA Privacy Rule.

OCR published the Guidance to help covered entities to understand what qualifies as de-identification, the general process by which de-identified information is created, and the options available for performing de-identification for purposes of the HIPAA Privacy Rule.  The publication of this guidance was mandated as part of amendments to HIPAA enacted by Health Information Technology for Economic and Clinical Health (HITECH) Act included in the American Recovery and Reinvestment Act of 2009 (ARRA).  Section 13424(c) of the HITECH Act requires the HHS to issue guidance on how best to implement the requirements for the de-identification of health information contained in the Privacy Rule.  

De-identification & Its Rationale Under Privacy Rule

The Privacy Rule was designed to protect individually identifiable health information through permitting only certain uses and disclosures of PHI provided by the Rule, or as authorized by the individual subject of the information.  However, in recognition of the potential utility of health information even when it is not individually identifiable, §164.502(d) of the Privacy Rule permits a covered entity or its business associate to create information that is not individually identifiable by following the de-identification standard and implementation specifications in Privacy Rule §164.514(a)-(b).  These provisions allow the entity to use and disclose information that neither identifies nor provides a reasonable basis to identify an individual provided the Covered Entity can show that the PHI has been de-identified in accordance with either the Expert Determination Method or the Safe Harbor Method of the de-identification standard of the Privacy Rule and is not re-identified.  Regardless of the method used to de-identify PHI, the Privacy Rule does not restrict the use or disclosure of de-identified health information, as it is no longer considered PHI and is not re-identified.

Privacy Rule De-Identification Implementation Standards Permit Alternative Methods of De-identification

Section 164.514(a) of the HIPAA Privacy Rule provides the standard for de-identification of protected health information.  Under this standard, health information is not individually identifiable if it does not identify an individual and if the covered entity has no reasonable basis to believe it can be used to identify an individual. See Privacy Rule § 164.514.

Sections 164.514(b) and (c) of the Privacy Rule contain the implementation specifications that a covered entity must follow to meet the de-identification standard. As summarized in Figure 1, the Privacy Rule provides two methods by which health information can be designated as de-identified:

  • The formal determination by a qualified expert in accordance with the Privacy Rule (Expert Determination Method); or
  • The removal of specified individual identifiers as well as absence of actual knowledge by the covered entity that the remaining information could be used alone or in combination with other information to identify the individual (Safe Harbor Method).

In order for PHI to qualify as de-identified under the “Expert Determination Method, Privacy Rule § 164.514(b)(1) requires that a person with appropriate knowledge of and experience with generally accepted statistical and scientific principles and methods for rendering information not individually identifiable:

  • Applying such principles and methods, determines that the risk is very small that the information could be used, alone or in combination with other reasonably available information, by an anticipated recipient to identify an individual who is a subject of the information; and
  • Documents the methods and results of the analysis that justify such determination.

Alternatively, Privacy Rule § 164.514(b)(2) provides that PHI will qualify as de-identified under the Safe Harbor Method if:

  • All of an extensive list of identifiers of the individual or of relatives, employers, or household members of the individual, are removed from the data; and
  • The covered entity does not have actual knowledge that the information could be used alone or in combination with other information to identify an individual who is a subject of the information.

As long as the data is not re-identified, the Guidance indicates that a covered entity may prove fulfillment of the de-identification standard of Privacy Rule §164.514(a) by showing satisfaction of all applicable requirements of either method.  Under the Privacy Rule, de-identified health information created following these methods is no longer protected by the Privacy Rule because it does not fall within the definition of PHI.  Of course, de-identification leads to information loss which may limit the usefulness of the resulting health information in certain circumstances. Consequently, covered entities may wish to select de-identification strategies that minimize such loss.

Both alternatives for de-identification under the Privacy Rule require that covered entities and their business associates decide whether and how to keep the option for re-identification of PHI slated for de-identification and where applicable, appropriately manage the re-identification opportunity and data to avoid violation of the Privacy Rule.

According to the Privacy Rule, if a covered entity or business associate successfully undertook an effort to identify the subject of de-identified information it maintained, the health information now related to a specific individual would again be protected by the Privacy Rule, as it would meet the definition of PHI.  Disclosure of a code or other means of record identification designed to enable coded or otherwise de-identified information to be re-identified is also considered a disclosure of PHI.  In this regard, Privacy Rule §164.514(c) specifies in relevant part:

Implementation specifications: re-identification. A covered entity may assign a code or other means of record identification to allow information de-identified under this section to be re-identified by the covered entity, provided that:

(1) Derivation. The code or other means of record identification is not derived from or related to information about the individual and is not otherwise capable of being translated so as to identify the individual; and

(2) Security. The covered entity does not use or disclose the code or other means of record identification for any other purpose, and does not disclose the mechanism for re-identification.

Proper Planning Required To Manage De-identification & Other PHI Privacy For Defensibility

The Guidance stresses that importance of documentation for which values in health data correspond to PHI, as well as the systems that manage PHI and its risk of identification or re-identification in the de-identification process cannot be overstated. 

The Guidance provides guidance to help guide covered entities and their business associates through the steps and analysis of using the Expert Determination versus Safe Harbor Method.  A review of this Guidance makes clear that the design and administration of the de-identification process under either method requires careful and well-documented planning, analysis and implementation to fulfill and to keep the documentation that a covered entity or business associate might need to defend its decision to treat and use PHI as de-identified under the Privacy Rule against a potential audit or enforcement inquiry.  The Guidance also seeks to further illuminate the requirements for effective de-identification  through a series of questions and answers, supplemented by work flow and other charts, examples and other illustrations and tips on the proper use of each alternative Method and managing risks and the process associated with that Method. A Glossary of Terms also is shared.  The discussion in the Guidance makes clear that covered entities and their businesses associates using either Method to de-identify PHI should be prepared to make a number of judgments about which Method to use, whether and how to make arrangements for re-identification, and how to properly manage the process to meet the requirements of the implementation standard and manage re-identification or other risks.

Register For 12/12 HIPAA Update Web Workshop To Catch Up On De-Identification Guidance & Other HIPAA & Texas HIPAA Regulatory & Enforcement Developments

Training and compliance mandates applicable to covered entities and their business associates under the newly strengthened Texas HIPAA law and HIPAA’s Privacy and Breach Notification Rules make it more  important than ever that covered entities and their business associates get the timely training and other assistance needed  to properly comply with requirements for the protection of PHI under the new Guidance and other HIPAA and Texas  HIPAA mandates. 

To aid in this process,  Solutions Law Press, Inc. will host a  2012 HIPAA Update Web Workshop covering the new Guidance on de-identification and other regulatory and enforcement developments under HIPAA and the newly amended Texas HIPAA law on December 12, 2012 from 1:00 P.M.-2:00 P.M. Eastern | Noon – 1:00 P.M. Central | 11:00 A.M-Noon Mountain | 10:00A.M-11:00 A.M. Pacific Time.

Expanded health care privacy mandates of the Texas Medical Records Privacy Act that take effect September 1, 2012 and HIPAA regulations require covered entities and their business associates conduct training and take other steps to protect the privacy and security of PHI.

Complete HIPAA Training While You Catch Up On The Latest On HIPAA & Texas Medical Records Privacy Rules & Get Helpful Compliance And Risk Management Tips!

Health care providers, health plans, health care clearinghouses face new imperatives to strengthen their HIPAA and other procedures for handling protected health information and other sensitive information to manage expanding risks and responsibilities arising from evolving rules, expanding enforcement and oversight, and rising penalties and other liabilities. 

Expanded health care privacy mandates of the Texas Medical Records Privacy Act that take effect September 1, 2012 and HIPAA regulations require covered entities and their business associates conduct training and take other steps to protect the privacy and security of personal health information (PHI) and certain other information.

The $4.3 million HIPAA Civil Monetary Penalty and growing list of $1 million plus resolution payments announced by the Office of Civil Rights coupled with its commitment to investigate all large breaches reported under the HITECH Act Breach Notification Rule and other stepped up enforcement and newly initiated audit activities send a clear signal that HIPAA-covered entities and their business associates face significant exposures for failing to appropriately manage their HIPAA and other responsibilities when handling protected health information.  Meanwhile, Texas House Bill 300 has raised maximum state civil penalties for unlawful disclosures of Protected Health Information under the Texas Medical Records Privacy Act to from $5,000 to $1.5 million per year.  Meanwhile HITECH Act amendments to HIPAA require covered entities provide notification of certain breaches while Texas House Bill 300 adds its own specific requirements to provide notice of certain breaches of computerized data containing sensitive personal information.

With Texas House Bill 300 expanding covered entities responsibilities and liabilities and OCR issuing new regulations and other guidance to implement amendments to the HIPAA Privacy & Security Standards and implement and enforce the HITECH Act Breach Notification Rule, health care providers, health plans and insurers, their brokers, third-party administrators, and other covered entities, as well as their business associates and employer and union clients must review and tighten their policies, practices, business associate and other contracts, and enforcement to manage HIPAA and other compliance and manage risks arising from the access, collection, use, protection and disclosure of PHI to meet expanding mandates and to guard against growing liability exposures under HIPAA and other federal and state laws. 

Solutions Law Press, Inc. invites you to catch up on the latest on these and other key HIPAA requirements and enforcement and learn tips for managing risks and liabilities by participating in the “HIPAA Update Workshop” on Wednesday, December 12, 2012 via WebEx for a registration fee of $125.00. 

Pre-approved for various types of continuing and professional education credit, the December 12, 2012 HIPAA Update Workshop will brief participants on the De-Identification Guidance as well as the latest on other regulatory and enforcement guidance under the HIPAA Privacy, Security and Breach Notification rules and guidance and share compliance and risk management lessons emerging from recent OCR enforcement and audit activities and other selected federal and state litigation and enforcement actions impacting the handling of protected health information.  Among other things, the workshop will cover:

  • The De-Identification Guidance just released by OCR on November 26, 2012;
  • The latest HIPAA Privacy, Security & Breach Notification Guidance, Audits & Enforcement
  • Highlights Texas House Bill’s Amendments To Texas Medical Records Privacy Law That Took Effect September 1, 2012
  • Post HITECH Act Heightened Liability Risks:  Audits, Civil Penalties, Criminal Penalties & State Lawsuits
  • Expansion of HIPAA Responsibilities & Liabilities To Business Associates & What Covered Entities & Business Associates Should Do In Response
  • HIPAA Data Breach Notification Requirements
  • Practical Challenges & Strategies For Managing These Responsibilities
  • Tips For Coordinating HIPAA & Other Federal & State Medical Privacy, Financial Information, Identity Theft & Date Security Compliance and Risk Management
  • Practical Strategies For Monitoring & Responding To New Requirements & Changing Rules
  • Participant Questions

About The Speaker

The workshop will be conducted by attorney Cynthia Marcotte Stamer.  A Fellow in the American College of Employee Benefits Counsel, recognized in International Who’s Who, North Texas Health Care Compliance Professionals Association Vice-President and Board Certified in Labor & Employment Law, attorney  Cynthia Marcotte Stamer has 25 years experience advising and representing private and public health care providers, employers, employer and union plan sponsors, employee benefit plans, associations, their fiduciaries, administrators, and vendors, group health, Medicare and Medicaid Advantage, and other insurers, governmental leaders and others on privacy and data security, health care, health and other employee benefit. employment, insurance and related matters. A well-known and prolific author and popular speaker, Ms. Stamer has worked extensively with heath care providers, health plans and other payers, health and insurance IT and data systems, and others on HIPAA and other privacy and data security concerns.  She served as the scrivener for the ABA JCEB Agency Meetings with the Office of Civil Rights on HIPAA Privacy for the past two years.  She presently serves as Co-Chair of the ABA RPTE Section Welfare Plan Committee, Vice Chair of the ABA TIPS Employee Benefit Committee, an ABA Joint Committee on Employee Benefits Representative, an Editorial Advisory Board Member of the Institute of Human Resources (IHR/HR.com) and Employee Benefit News, and various other publications.  A primary drafter of the Bolivian Social Security privatization law with extensive domestic and international regulatory and public policy experience, Ms. Stamer also has worked extensively domestically and internationally on public policy and regulatory advocacy on HIPAA and other privacy and data security risks and requirements as well as a broad range of other health,  employee benefits, human resources, insurance, tax, compliance and other matters and representing clients in dealings with OCR and other HHS agencies, as well as the Departments of Labor, Treasury, Federal Trade Commission, HUD and Justice, Congress and state legislatures, and various state attorneys general, insurance, labor, worker’s compensation, medical licensure and disciplinary and other agencies and regulators. A prolific author and popular speaker, Ms. Stamer regularly authors materials and conducts workshops and professional, management and other training on HIPAA and other privacy, health care, employee benefits, human resources, insurance and related topics for the ABA, Aspen Publishers, the Bureau of National Affairs (BNA), SHRM, World At Work, Government Institutes, Inc., the Society of Professional Benefits Administrators and many other organizations. Her insights on privacy and other matters are quoted in Modern Healthcare, HealthLeaders, Benefits, Caring for the Elderly, The Wall Street Journal and many other publications.  She also regularly serves on the faculty and planning committees of a multitude of symposium and other educational programs.  For more details about Ms. Stamer’s services, experience, presentations, publications, and other credentials or to ask about arranging counseling, training or presentations or other services by Ms. Stamer, see www.CynthiaStamer.com.

Registration

The Registration Fee is $125.00 per person.  Registration Fee Discounts available for groups of three or more. Pre-payment required via website registration required via website PayPal.  No checks or cash accepted.  Persons not registered at least 48 hours in advance will only participate subject to system and space availability.

 Professional & Continuing Education Credit

The HIPAA Update Workshop is approved to be offered for general certification credit by the State Bar of  Texas, Texas Department of Insurance, HRCI and WorldAtWork education credit  for the time period offered subject to fulfillment all applicable accrediting agency requirements, completion of required procedures.  Note that the applicable credentialing agency retain the final authority to determine whether an individual qualifies to receive requested continuing education credit.  Neither Solutions Law Press, Inc., the speaker or any of their related parties guarantees the approval of credit for any individual or has any liability for any denial of credit.  Special fees or other conditions may apply.  CANCELLATION   & REFUND POLICY:  In order to receive credit, cancellation (either fax or mail) must be received at least 48 hours in advance of the meeting and are subject to a $10.00 refund processing fee.  Refunds will be made within 60 days of receipt of written cancellation notice.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides business and management information, tools and solutions, training and education, services and support to help organizations and their leaders promote effective management of legal and operational performance, regulatory compliance and risk management, data and information protection and risk management and other key management objectives.  Solutions Law Press, Inc.™ also conducts and assist businesses and associations to design, present and conduct customized programs and training targeted to their specific audiences and needs.  For additional information about upcoming programs, to explore becoming a presenting sponsor for an upcoming event, e-mail your request to info@Solutionslawpress.com   These programs, publications and other resources are provided only for general informational and educational purposes. Neither the distribution or presentation of these programs and materials to any party nor any statement or information provided in or in connection with this communication, the program or associated materials are intended to or shall be construed as establishing an attorney-client relationship,  to constitute legal advice or provide any assurance or expectation from Solutions Law Press, Inc., the presenter or any related parties. If you or someone else you know would like to receive future Alerts or other information about developments, publications or programs or other updates, send your request to info@solutionslawpress.com.  If you would prefer not to receive communications from Solutions Law Press, Inc. send an e-mail with “Solutions Law Press Unsubscribe” in the Subject to support@solutionslawyer.net.  CIRCULAR 230 NOTICE: The following disclaimer is included to comply with and in response to U.S. Treasury Department Circular 230 Regulations.  ANY STATEMENTS CONTAINED HEREIN ARE NOT INTENDED OR WRITTEN BY THE WRITER TO BE USED, AND NOTHING CONTAINED HEREIN CAN BE USED BY YOU OR ANY OTHER PERSON, FOR THE PURPOSE OF (1) AVOIDING PENALTIES THAT MAY BE IMPOSED UNDER FEDERAL TAX LAW, OR (2) PROMOTING, MARKETING OR RECOMMENDING TO ANOTHER PARTY ANY TAX-RELATED TRANSACTION OR MATTER ADDRESSED HEREIN. If you are an individual with a disability who requires accommodation to participate, please let us know at the time of your registration so that we may consider your request.

©2012 Solutions Law Press, Inc. All Rights Reserved.


$12M+ Settlement Recoveries In 2 Health Care Fraud Whistleblower Claims Shows Providers, Owners, Management & Staff Must Manage Compliance & Risks

November 23, 2012

The Justice Department’s announcement that it will recover more than $11.3 million in False Claims Act recoveries under two settlements announced on November 20, 2012 provides yet another sharp reminder to health care providers of the critical need to carefully manage billing, referral and other practices to manage health care fraud related exposures.

On November 20, the Justice Department announced that Morton Plant Mease Health Care Inc. and its affiliated hospitals (Morton Plant) will pay $10,169,114 to the federal government to resolve allegations that Morton Plant facilities violated the False Claims Act by submitting false claims for services rendered to Medicare patients.  The same day, the Justice Department also announced its achievement of a $1.286 million settlement with Harmony Care Hospital, Inc. and its owner Harmony Care Hospice Inc. (Harmony) and Harmony owner and chief executive officer Daniel J. Burton of allegations that the South Carolina-based company submitted false claims to Medicare for patients under care at its hospice facilities.  

Both settlements show the role that disgruntled current or former employees or other whistleblowers increasingly play in these and other health care fraud investigations as well as the significant exposures that health care providers, their owners and management risk by engaging or failing to investigate and resolve practices that Federal officials consider to violate the False Claims Act or other federal health care fraud laws.

Morton Plan Settlement

The Morton Plant settlement resolves whistleblower allegations that, between July 1, 2006 and July 31, 2008, Morton Plant improperly billed for certain interventional cardiac and vascular procedures as inpatient care when those services should have been billed as less costly outpatient care or as observational status.   See United States ex rel. Randi Ferrare v. Morton Plant Mease Health Care, Inc., No. 08:cv:01689-T-266MSS (M.D. Fl.).

Morton Plant owns and operates, or is affiliated with, Morton Plant Hospital, St. Joseph’s Hospital, Morton Plant North Bay Hospital, St. Anthony’s Hospital, Mease Countryside Hospital and Mease Dunedin Hospital.  These hospitals are part of the BayCare Health System in Florida’s Pinellas, Hillsborough and Pasco counties.

The Morton Plant action arose from a qui tam, or whistleblower, lawsuit filed by Randi Ferrare, a former director of Health Management Services at Morton Plant Hospital.   Under the False Claims Act, private citizens, known as relators, can bring suit on behalf of the United States and share in any recovery.  Ms. Ferrare will receive over $1.8 million as her share of the government’s recovery.

Harmony $1.2 Million Settlement

The Harmony settlement arises out of a qui tam action filed against Harmony Care Hospice Inc. (Harmony) and Harmony owner and chief executive officer Daniel J. Burton have agreed to pay the United States $1,286,999.32 to settle allegations that the South Carolina-based company submitted false claims to Medicare for patients under care at its hospice facilities.

The Harmony settlement resolves a lawsuit filed by former Harmony employees Mona Singletary and Lynda Fulton under the qui tam, or whistleblower, provisions of the False Claims Act.   The qui tam case is captioned United States ex rel. Singletary, et al. v. Harmony Care Hospice, Inc., et al. , Case No. 2:10-cv-01404-PMD (D.S.C.).

Hospices provide palliative care – medical treatment that concentrates on reducing the severity of a disease’s symptoms – to patients who decide to forego curative care of their illness.   Medicare beneficiaries are entitled to hospice care if they have a terminal prognosis of six months or less. The United States alleged that Harmony and Burton knowingly submitted or caused to be submitted false claims for patients who did not have such a prognosis and thus were not eligible for hospice care.

Under the Harmony settlement agreement, its owner and chief executive officer, Burton is individually liable for $200,000 of the settlement amount.  The balance of more than $1 million will be paid by Harmony.  As part of the settlement, Harmony and Burton will enter into a Corporate Integrity Agreement with the Office of Inspector General (OIG), Department of Health and Human Services (HHS), to address the allegations raised in the qui tam complaint.  Together, Singletary and Fulton will receive $244,529.87 as their share of the government’s recovery.

Whistleblowers Key Prosecutorial Tool

The approximately $2 million paid out to whistleblowers under these two settlements drives home the growing importance that current or former employees, officers or other insiders increasingly play in federal and state health care fraud prosecutions. Whistleblowers like Ferrare, Singletary and Fulton are increasingly common and valuable tools that the federal government uses to find and prosecute alleged health care fraud.  By promoting the availability of qui tam and other recoveries and broadly advertising their payment, federal prosecutors and investigators are priming the pump for future investigations and prosecution. See also Nextcare Inc. $10 Million False Claims Act Settlement Shows Qui Tam Role In False Claims Act Prosecutions; Oklahoma’s Harmon Memorial Hospital, Physician Pay $1.5M Qui Tam Health Care Fraud Settlement.

The two settlements also show the growing zealousness of the federal war on health care fraud.  Both cases were investigated by the Health Care Fraud Prevention and Enforcement Action Team (HEAT) initiative, which was announced by Attorney General Eric Holder and Kathleen Sebelius, Secretary of the Department of Health and Human Services in May 2009.

The partnership between the two departments has focused efforts to reduce and prevent Medicare and Medicaid financial fraud through enhanced cooperation.  One of the most powerful tools in that effort is the False Claims Act, which the Justice Department has used to recover more than $10.1 billion since January 2009 in cases involving fraud against federal health care programs. The Justice Department’s total recoveries in False Claims Act cases since January 2009 are over $13.9 billion.  Federal officials have and continue to rack up an ever-increasing list of civil settlements and judgments using the False Claims Act and other civil enforcement tools.  See e.g., See, e.g., Feds Health Fraud Suit Against Psychiatrists Shows Risks Providers Run From Aggressive Referral or Billing Activities; Recent OIG Audit Reports Provide Insights Where Fraud Audits Likely To Look Next; Hospital Chain HCA Inc. Pays $16.5 Million to Settle False Claims Act Allegations That HospitalPharmas Face New Pressure To Put Patients Before Profits After GlaxoSmithKline Record $3 Billion Health Care Fraud, FDCA Conviction & Settlement.

In addition to the high dollar civil judgments and settlements recovered. by the HEAT Task Force, federal prosecutors also are racking up a growing list of criminal convictions and sentences.  See e.g., Health Care Providers Warned To Raise Defenses As Feds Charge 91 Individuals Bilked Medicare For Approximately $430 Million; Detroit-Area Doctor Charged for Role in Alleged $40 Million Medicare Fraud SchemeFive More Individuals Charged in Detroit for Alleged Roles in $24.7 Million Medicare Fraud Scheme; Baton Rouge Area Women Heading To Prison For DME Health Care Fraud Participation; Houston Man Gets 24 Month Prison Sentence For Anti-Kickback & Other Health Care Fraud Convictions.

For instance, along with the Morton Plan and Harmony civil settlements, the Justice Department also announced on November 20, 2012 that a registered nurse pleaded guilty November 20 and a former program coordinator pleaded guilty November 19 for their roles in a $63 million mental health care fraud scheme involving defunct health provider Health Care Solutions Network Inc. (HCSN) in Miami.  See here.

These and other investigations and enforcement actions show that health care providers, their owners, officers, providers and other staff need to take seriously health care reimbursement, referral and other health care fraud and compliance responsibilities, as well as to carefully manage workforces to mitigate exposures to qui tam and other health care fraud exposures.

These activities are intended to send a strong message to health care providers that bill Medicare, Medicaid, or other public or private health care programs that they must be prepared to defend any charges billed to these or other federal health care programs and to defend their other business practices.

Providers Urged To Manage Risks

In response to these threats, health care providers should take steps to strengthen their billing, referral, audit, medical and other recordkeeping and other compliance and risk management practices to enhance their ability to defend or prevent these exposures.  While most providers already are moving to tighten these practices, the move to electronic health records, changing rules and other pressures are undermining the sufficiency of these efforts.  This investigation shows that beyond mere aggressive billing practices, federal officials also are targeting for enforcement physicians and other health care providers that participate in financial or other referral incentive or reward practices prohibited by the anti-kickback, STARK or other relevant law as well as the filing of Medicare, Medicaid or other health claims for undelivered, unnecessary or otherwise uncovered care or services. 

Amid these and other enforcement actions, all health industry players should exercise care to steer clear of activities that might violate federal health care fraud rules as well as consider whether corrective or other action might be necessary to address risks of prior activities that with the benefit of hindsight taking into account the current enforcement climate reflect potential exposures.  Providers should carefully monitor existing Medicare, Medicaid and other federal and state program reimbursement, terms of participation, reimbursement and other guidance; Office of Inspector General (OIG), Justice Department and other agency audit and enforcement activities and other developments that could impact on the defensibility of their billing, referral or other practices and tighten compliance and oversight as necessary to mitigate risks.

In the case of physicians and certain other professionals, these plans need to include both efforts to manage potential government investigation risks and management of their practices to mitigate peer review or other disciplinary or practice regulatory oversight that often arises when the practices and hospitals start tightening oversight and controls on practices as part of their own efforts to protect their organizations from fraud or other audits. 

While almost all health care providers can find room to improve their documentation and tighten other compliance, it also is important that providers also plan for how they will finance the cost of defending an audit or other investigation.  Often, the financial cost of defending these and other charges prevents physicians or other health care providers from lodging effective defenses of legitimate practices.  To help avoid this quagmire, providers generally will want to explore getting special liability coverage, indemnification or other protection as part of their planning arrangements.

For Help With Compliance, Investigations Or Other Needs

If you need help providing compliance or other training, reviewing or responding to these or other health care related risk management, compliance, enforcement or management concerns, the author of this update, attorney Cynthia Marcotte Stamer, may be able to help. Vice President of the North Texas Health Care Compliance Professionals Association, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has more than 24 years experience advising health industry clients about these and other matters. Ms. Stamer has extensive experience advising and assisting health care providers and other health industry clients to establish, audit, administer and defend billing, referral, privacy, staffing and recruitment and other compliance and risk management policies, to health care industry investigation, enforcement and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns. A popular lecturer and widely published author on health industry concerns, Ms. Stamer continuously advises health industry clients about compliance and internal controls, workforce and medical staff performance, quality, governance, reimbursement, and other risk management and operational matters. Ms. Stamer also publishes and speaks extensively on health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns. She also regularly designs and presents risk management, compliance and other training for health care providers, professional associations and others.   Her publications and insights appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, World At Work, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications.  You can get more information about her health industry experience here. Contact Ms. Stamer at (469) 767-8872 or via e-mail here.

About Solutions Law Press

Solutions Law Press™ provides business risk management, legal compliance, management effectiveness and other resources, training and education on human resources, employee benefits, compensation, data security and privacy, health care, insurance, and other key compliance, risk management, internal controls and other key operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press resources available at here.

If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information – including your preferred e-mail – by creating or updating your profile here. For important information concerning this communication see here. 

THE FOLLOWING DISCLAIMER IS INCLUDED TO COMPLY WITH AND IN RESPONSE TO U.S. TREASURY DEPARTMENT CIRCULAR 230 REGULATIONS.  ANY STATEMENTS CONTAINED HEREIN ARE NOT INTENDED OR WRITTEN BY THE WRITER TO BE USED, AND NOTHING CONTAINED HEREIN CAN BE USED BY YOU OR ANY OTHER PERSON, FOR THE PURPOSE OF (1) AVOIDING PENALTIES THAT MAY BE IMPOSED UNDER FEDERAL TAX LAW, OR (2) PROMOTING, MARKETING OR RECOMMENDING TO ANOTHER PARTY ANY TAX-RELATED TRANSACTION OR MATTER ADDRESSED HEREIN.

©2012 Cynthia Marcotte Stamer.  Non-exclusive license to republish granted to Solutions Law Press, Inc.  All other rights reserved.


Feds Health Fraud Suit Against Psychiatrists Shows Risks Providers Run From Aggressive Referral or Billing Activities

November 16, 2012

A civil lawsuit seeking millions of dollars of damages  from a Chicago-area psychiatrist provides a clear warning to physicians and other health care providers of the significant potential legal risks that can arise if they improperly receive compensation or other perks for participating in conferences, prescribing treatments or engage in other arrangements that violate federal or state anti-kickback or other health care fraud laws.On November 15, 2012, the Justice Department sued Chicago-area psychiatrist Dr. Michael J. Reinstein in the Northern District of Illinois with receiving illegal kickbacks on at least 50,000 claims and filing at least 140,000 false Medicare and Medicare Claims for antipsychotic medications he prescribed for thousands of mentally ill patients in area nursing homes.  The suit against Dr. Michael J. Reinstein seeking triple damages under the False Claims Act, plus a civil penalty of $5,500 to $11,000 for each alleged false claim. See here.

The lawsuit involves Reinstein’s use of clozapine, a rarely-used medication that has serious potential side effects and is generally considered a drug of last resort, particularly for elderly patients. While clozapine has been shown to be effective for treatment-resistant forms of schizophrenia, it is also known to cause numerous side effects, including a potentially deadly decrease in white blood cells, seizures, inflamation of the heart muscle, and increased mortality in elderly patients.

According to the suit, 69-year old Reinstein has provided psychiatric medical services in the Chicago area since 1973. According to the lawsuit, Reinstein routinely prescribed antipsychotic and other psychiatric medications knowing that, because most of his patients are indigent nursing home residents, pharmacies dispensing the medications submitted claims to Medicaid, and beginning in 2006, to Medicare Part D. Reinstein also submitted Medicare and Medicaid claims for pharmacologic management of his patients, knowing that he did not engage in substantive evaluations of his patients’ medical and psychiatric conditions to properly manage their medications. Instead, he allegedly prescribed medications to his patients based on his receipt of kickbacks from pharmaceutical companies.

Prior to August 2003, Reinstein prescribed Clozaril, the trade name for clozapine manufactured by Novartis, and he often had more than 1,000 patients using the medication at any given time. For many years, Novartis paid Reinstein to promote Clozaril, the complaint alleges. After Novartis’ patent for Clozaril expired in 1998, Reinstein resisted pharmacy and drug company efforts to switch his patients to generic clozapine and he continued to be the largest prescriber of Clozaril to Medicaid recipients in the United States. In July 2003, Novartis notified Reinstein that was withdrawing its support for Clozaril, and ended the regular payments that it had been making to Reinstein. 

In August 2003, Reinstein finally agreed to switch his patients to generic clozapine manufactured by Miami-based IVAX Pharmaceuticals, Inc., the suit alleges, if IVAX agreed to pay Reinstein $50,000 under a one-year “consulting agreement;” pay his nurse to speak on behalf of clozapine; and fund a clozapine research study by a Reinstein-affiliated entity known as Uptown Research Institute. IVAX agreed and Reinstein immediately began switching his patients from Clozaril to IVAX’s clozapine. He quickly became the largest prescriber of generic clozapine in the country.

“Reinstein’s inordinate prescribing of clozapine stands in stark contrast to its extremely limited use by other physicians,” the lawsuit states. While generally only four percent of schizophrenia patients who were prescribed antipsychotics received clozapine, during the time Reinstein was alegedly accepting kickbacks from IVAX, more than 50 percent of his patients were prescribed IVAX’s clozapine. At one nursing home, Reinstein had 75 percent of the 400 residents on IVAX’s clozapine.

Between 2003 and 2006, the lawsuit charges Reinstein requested, and IVAX provided, additional direct and indirect benefits to Reinstein and his associates, including paying airfare, lodging, meals, and entertainment expenses for a pharmacy owner and spouse, Reinstein’s nurse, his accountant and spouse, his administrative assistant and spouse, and Reinstein and his wife to travel to IVAX’s headquarters in Miami. IVAX also paid for Reinstein and his entourage to go on a fishing trip, a boat cruise, and a golf outing; annual renewal of Reinstein’s $50,000 “consulting agreement;” and tickets to sporting events and free IVAX-manufactured medication for Reinstein’s personal use.

In January 2006, IVAX became a subsidiary of Teva Pharmaceuticals Industries, Ltd., an Israeli company. About seven months before the merger, Reinstein began moving large numbers of his patients to a form of clozapine manufactured by a competitor of IVAX/Teva. In April 2006, Teva paid all expenses for Reinstein and his entourage to travel to Miami, including a $2,300 boat cruise, and at least two dinners costing more than $1,700 each. During this trip Teva employees asked Reinstein what the company could do to induce Reinstein to prescribe more clozapine, and Reinstein suggested that Teva hire an associate of his from Chicago, the lawsuit alleges. Teva agreed and in the months after the hiring Reinstein put several hundred patients back on Teva’s clozapine. From 2007 to 2009, the suit alleges, Teva and Reinstein entered into annual “speaker agreements” that resulted in Teva paying Reinstein more than $100,000.

Based on this alleged conduct, the suit charges Medicaid received and paid more than 100,000 false claims from various pharmacies for IVAX/Teva clozapine prescriptions written by Reinstein between August 2003 and July 2011 as a result of illegal kickbacks he solicited and received from IVAX and Teva. Between 2006 and July 2011, Medicare Part D received and paid more than 40,000 false claims involving similar kickback-induced prescriptions. Likewise, between August 2003 and July 2011, Reinstein allegedly submitted more than 40,000 false claims and received payment from Medicaid for purported pharmacologic management, as well as more than 10,000 similar false claims to Medicare.

This lawsuit is one a growing list of civil and criminal investigations and enforcement actions by federal and state prosecutors targeting health care providers using expanded health care fraud laws and investigatory and prosecutorial powers granted under the Affordable Care Act and other legislation to help bring down health care costs. 

Through these and other flashy prosecutions, as well as a continuous campaign of audits and other activities, federal officials are trying to reduce Medicare and other health care expenditures, both by prosecuting health care providers for intentionally submitting false claims, as well as using the treat of audits, program, disqualification or civil or criminal prosecution to scare health care providers to reduce legitimate billings that could trigger a federal audit or other federal scrutiny. 

Federal officials are aided in these efforts by an arsenal of new health care fraud statistical profiling and other health care fraud detection and enforcement tools granted by Congress in recent years that make it easier for federal officials to target and successfully prosecute or bring other sanctions against health care providers whose billing or other business practices come under scrutiny. 

Coupled with the ever-lengthening list of civil settlements and civil monetary penalties, program disqualifications, and audits, Federal officials use high profile criminal sweeps like those announced today both to send a message to health care providers generally, and as a tool to pressure and encourage health care providers to accept settlements proposed by federal auditors and prosecutors to avoid the potential threat of more serious criminal, civil or administrative prosecutions. 

These activities are intended to send a strong message to health care providers that bill Medicare, Medicaid, or other public or private health care programs that they must be prepared to defend any charges billed to these or other federal health care programs and to defend their other business practices. 

In response to these threats, health care providers should take steps to strengthen their billing, referral, audit, medical and other recordkeeping and other compliance and risk management practices to enhance their ability to defend or prevent these exposures.  While most providers already are moving to tighten these practices, the move to electronic health records, changing rules and other pressures are undermining the sufficiency of these efforts.  This investigation shows that beyond mere aggressive billing practices, federal officials also are targeting for enforcement physicians and other health care providers that participate in financial or other referral incentive or reward practices prohibited by the anti-kickback, STARK or other relevant law as well as the filing of Medicare, Medicaid or other health claims for undelivered, unnecessary or otherwise uncovered care or  services. 

Amid these and other enforcement actions, all health industry players should exercise care to steer clear of activities that might violate federal health care fraud rules as well as consider whether corrective or other action might be necessary to address risks of prior activities that with the benefit of hindsight taking into account the current enforcement climate reflect potential exposures. 

In the case of physicians and certain other professionals, these plans need to include both efforts to manage potential government investigation risks and management of their practices to mitigate peer review or other disciplinary or practice regulatory oversight that often arises when the practices and hospitals start tightening oversight and controls on practices as part of their own efforts to protect their organizations from fraud or other audits. 

While almost all health care providers can find room to improve their documentation and tighten other compliance, it also is important that providers also plan for how they will finance the cost of defending an audit or other investigation.  Often, the financial cost of defending these and other charges prevents physicians or other health care providers from lodging effective defenses of legitimate practices.  To help avoid this quagmire, providers generally will want to explore getting special liability coverage, indemnification or other protection as part of their planning arrangements.

For Help With Compliance, Investigations Or Other Needs

If you need help providing compliance or other training, reviewing or responding to these or other health care related risk management, compliance, enforcement or management concerns, the author of this update, attorney Cynthia Marcotte Stamer, may be able to help. Vice President of the North Texas Health Care Compliance Professionals Association, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has more than 24 years experience advising health industry clients about these and other matters. Ms. Stamer has extensive experience advising and assisting health care providers and other health industry clients to establish, audit, administer and defend billing, referral, privacy, staffing and recruitment and other compliance and risk management policies, to health care industry investigation, enforcement and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns. A popular lecturer and widely published author on health industry concerns, Ms. Stamer continuously advises health industry clients about compliance and internal controls, workforce and medical staff performance, quality, governance, reimbursement, and other risk management and operational matters. Ms. Stamer also publishes and speaks extensively on health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns/ She also regularly designs and presents risk management, compliance and other training for health care providers, professional associations and others.   Her publications and insights appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, World At Work, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications.  You can get more information about her health industry experience here. Contact Ms. Stamer at (469) 767-8872 or via e-mail here.

About Solutions Law Press

Solutions Law Press™ provides business risk management, legal compliance, management effectiveness and other resources, training and education on human resources, employee benefits, compensation, data security and privacy, health care, insurance, and other key compliance, risk management, internal controls and other key operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press resources including:

If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information – including your preferred e-mail – by creating or updating your profile here. For important information concerning this communication see here. 

THE FOLLOWING DISCLAIMER IS INCLUDED TO COMPLY WITH AND IN RESPONSE TO U.S. TREASURY DEPARTMENT CIRCULAR 230 REGULATIONS.  ANY STATEMENTS CONTAINED HEREIN ARE NOT INTENDED OR WRITTEN BY THE WRITER TO BE USED, AND NOTHING CONTAINED HEREIN CAN BE USED BY YOU OR ANY OTHER PERSON, FOR THE PURPOSE OF (1) AVOIDING PENALTIES THAT MAY BE IMPOSED UNDER FEDERAL TAX LAW, OR (2) PROMOTING, MARKETING OR RECOMMENDING TO ANOTHER PARTY ANY TAX-RELATED TRANSACTION OR MATTER ADDRESSED HEREIN.

©2012 Cynthia Marcotte Stamer, P.C.  Non-exclusive license to republish granted to Solutions Law Press.  All other rights reserved


ONC Changes Start Time, Releases Agenda For 11/13 Virtual Workshop On Health IT Test Standards

November 9, 2012

The Office of the National Coordinator for Health IT (ONC) today (November 9, 2012) announced a preliminary agenda of topics and  the procedures that health care providers and other interested parties wishing to participate in  a public virtual workshop on the ONC Health Information Technology (IT) Certification Program and 2014 Edition Test Methods that ONC plans to host on Tuesday, November 13, 2012 from 8:15 AM-4:30PM EST.   

The announced commencement time is 45 minutes earlier than the originally announced 9:00 AM start time that ONC had announced as the start time for the workshop in November 8 announcements.

To review the preliminary agenda for the workshop, see http://www.healthit.gov/policy-researchers-implementers/2014-edition-draft-test-methods.

According to today’s  ONC announcement, parties wishing to participate in the virtual workshop should  register for ONC Certification Technical Workshop on Nov 13, 2012 8:15 AM EST at https://attendee.gotowebinar.com/register/2114316126469925632 .  ONC says that successful registrants will receive a confirmation email containing information about joining the webinar. 

The planned workshop follows ONC’s anno0uncement of the release for review of the latest in a series of electronic medical records Test Standards that ONC has issued recently in its march to implement its mandate.    ONC says all Test Methods will undergo public review and comment before being finalized and approved by ONC for use in testing and certification.   ONC  typically allows  a two week period of public review and comment from the date posted for public review and comment on each Wave.  

In keeping with this process, ONC is inviting interested persons to  submit comments and suggestions to ONC.Certification@hhs.gov. All submissions should include “2014 Test Methods” in the subject line. ONC asks that parties submitting input to be as specific as possible in their comment submissions.

ONC says it expects the final set of Test Methods to be available for use in early 2013. 

For Help With Monitoring Developments, Compliance, Investigations Or Other Needs

If you need help reviewing or commenting on the Tests Procedures or monitoring or responding to these or other health care or health IT related risk management, compliance, enforcement or management concerns, the author of this update, attorney Cynthia Marcotte Stamer, can help.  Vice President of the North Texas Health Care Compliance Professionals Association, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has more than 24 years experience advising health industry clients about these and other matters. Ms. Stamer has extensive experience advising and assisting health care providers, health plans, their business associates and other health industry clients to establish and administer medical privacy and other compliance and risk management policies, to health care industry investigation, enforcement and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns. She regularly designs and presents HIPAA and other risk management, compliance and other training for health plans, employers, health care providers, professional associations and others.   

Ms. Stamer also regularly works with OCR and other agencies, publishes and speaks extensively on medical and other privacy and data security, health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns.  Her publications and insights appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, World At Work, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications.   For instance, Ms. Stamer for the second year will serve as the appointed scribe for the ABA Joint Committee on Employee Benefits Agency meeting with OCR.  Her insights on HIPAA risk management and compliance frequently appear in medical privacy related publications of a broad range of health care, health plan and other industry publications Among others, she has conducted privacy training for the Association of State & Territorial Health Plans (ASTHO), the Los Angeles Health Department, the American Bar Association, the Health Care Compliance Association, a multitude of health industry, health plan, insurance and financial services, education, employer employee benefit and other clients, trade and professional associations and others.

You can get more information about her HIPAA and other experience here.

Other Recent Updates & Resources

If you found this information of interest, you also may be interested in the following recent updates on health care, health plan and employee benefits, human resources and other risk management and compliance matters.  Recent examples on health care compliance and risk management matters include:

For additional resources and publications training materials by Ms. Stamer, see here.  

If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information – including your preferred e-mail – by creating or updating your profile here. For important information concerning this communication click here.  If you do not wish to receive these updates in the future, send an e-mail with the word “Remove” in the Subject to here.

©2012 Cynthia Marcotte Stamer, P.C. nonexclusive license to republish granted to Solutions Law Press, Inc.  All other rights reserved.

 

Follow

Get every new post delivered to your Inbox.

Join 658 other followers

%d bloggers like this: