As we’ve discussed in previous articles,[1] and as you are no doubt aware by now, the Health Insurance Portability and Accountability Act (HIPAA) recently received a significant facelift.  In addition to extending direct liability to business associates and subcontractors, the updated HIPAA regulations (Updated Regulations), which were authorized by the Health Information Technology for Economic and Clinical Health Act (HITECH), contain many new provisions to address growing privacy concerns for the increasing amount of protected health information (PHI) stored on electronic media.  Covered entities and their business associates and subcontractors must comply with the Updated Regulations by September 23, 2013.  In order to help you prepare for the September 23, 2013 compliance deadline, this article (1) explains the difference between two important compliance deadlines contained in the Updated Regulations, (2) suggests a 5-step process to efficiently update and/or create compliant HIPAA policies and procedures, and (3) discusses a few observations we’ve made as we’ve helped our clients prepare for the September 23, 2013 compliance deadline. Continue reading…

On May 8, 2013, the Office of Inspector General (“OIG”) of the Department of Health & Human Services issued an updated Special Advisory Bulletin (the “Updated Bulletin”)[1]  on the effect of exclusion from participation in Medicare, Medicaid and other Federal health care programs (collectively “FHPs).  The Updated Bulletin, which replaces and supersedes guidance originally provided by OIG in a 1999 Special Advisory Bulletin (the “1999 Bulletin”), details OIG’s broad interpretation of the scope and effect of its exclusion authority under the Civil Monetary Penalties Law (“CMPL”).[2]  The Updated Bulletin addresses many of the questions OIG has received about exclusions and purports to convey insight gained from resolving self-disclosure cases since publishing the 1999 Bulletin. Continue reading…

UPDATE

The Senate Health, Education, Labor, and Pensions (HELP) committee approved a bill on May 22 that largely tracks the Draft Legislation.  As outlined below, the bill would create a new category for large-scale compounders – known as “compounding manufacturers” – and give the FDA greater authority over compounding pharmacies. Continue reading…

On January 25, 2013, the Office of Civil Rights (OCR) of the Department of Health & Human Services (HHS) published the long-awaited omnibus final regulation governing health data privacy, security and enforcement (Omnibus Rule).[i]  The Omnibus Rule is a group of regulations that finalizes four sets of proposed or interim final rules, including changes to the Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security Rules mandated by the Health Information Technology for Economic and Clinical Health (HITECH) Act[ii] and proposed in 2010;[iii] changes to the interim final breach notification rule;[iv] modifications to the interim final enforcement rule; and implementation of changes to the Genetic Information Nondiscrimination Act of 2008 (GINA).  The Omnibus Rule goes into effect on March 26, 2013, and compliance is required by September 23, 2013.  As expected, the Omnibus Rule did not finalize the May 31, 2011 proposed regulation regarding accounting for disclosures. Continue reading…

A few weeks ago we posted on this Blog an article highlighting the “gathering storm” surrounding HIPAA enforcement and predicted an ominous future for hospitals and other providers who fail to develop and maintain adequate HIPAA compliance policies.  While there is no doubt the future is bleak for those unwilling to abide by HIPAA’s mandate, the forecast for providers who commit healthcare fraud is equally devastating.  This is because, in 2013, the federal government will attack healthcare fraud from two angles. First, the Office of Inspector General (“OIG”), per the terms of its 2013 Work Plan (“Work Plan”), will review many of the government’s anti-fraud efforts to maximize recovery of Medicare and Medicaid overpayments.  Second, many of the new anti-fraud provisions in the Affordable Care Act (“ACA”) will kick into high gear now that the result of the presidential election has guaranteed the law’s survival. Continue reading…

President Obama recently signed a bipartisan bill that authorizes Food and Drug Administration (“FDA” or “Agency”) user fees for five more years and establishes new user fees for the FDA’s review of generic drugs and biosimilar products.[1]  The bill reauthorizes the Prescription Drug User Fee Act (“PDUFA” or the “Act”), a law originally passed by Congress in 1992.  PDUFA permits the FDA to collect user fees from drug manufacturers to fund, among other FDA endeavors, new drug and medical device approval.  The most recent reauthorization of the bipartisan bill, which increases the amount of money drug and device manufacturers must pay the FDA to review a new drug or device application, has gained the support of both Congress and the pharmaceutical industry.

Continue reading…

The Centers for Medicare and Medicaid Services (CMS) has outlined its plan to temporarily raise Medicaid rates to Medicare levels for primary care services, and pay states to cover the difference.  On May 11, 2012, CMS issued a proposed rule requiring Medicaid payment for primary care services furnished by eligible physicians at rates “not less than the Medicare rates” for fiscal years 2013 and 2014.[1]  The proposed rule provides for 100% federal matching for any increase in payment above the amounts that would be due under the provisions of a state’s plan as of July 1, 2009.[2]  By increasing Medicaid rates for 2013 and 2014, CMS is implementing certain provisions of the Patient Protection and Affordable Care Act (ACA).  CMS hopes the increased rates will encourage sufficient primary care physician participation in the Medicaid program to accommodate the nearly 16 million new patients that will be eligible to receive Medicaid benefits if the ACA survives the Supreme Court’s review.  The proposed rule does not say, however, what will happen to Medicaid rates – and, more importantly, whether there will be enough physicians to care for the larger Medicaid patient population – after 2014.  Nor does the proposed rule say whether the increased rates for primary care services will be applied regardless of the Supreme Court’s decision. Continue reading…