Posted by Ryan Blaney
on September 26, 2014
12,915 complaints were reported in 2013 to the Department of Health and Human Services Office of Civil Rights (“OCR”) according to Illiana L. Peters, Senior Adviser for HIPAA Compliance and Enforcement. Cozen O’Connor attended Ms. Peters’ presentation at the Safeguarding Health Information: Building Assurance through HIPAA Security conference on September 22-23, 2014. The conference was hosted jointly by OCR and the National Institute of Standards and Technology (“NIST”). Below are a few discussion points worth mentioning from the conference:
- Between September 2009 and August 31, 2014, OCR investigated 1176 reports involving breach of Protected Health Information (“PHI”) where more than 500 individuals were affected and approximately 122,000 reports affecting less than 500 individuals.
- According to Ms. Peters, 60% of the large breaches could have been prevented by encrypting the covered entities and business associates’ laptops and mobile devices.
- Theft and loss continues to be the most common cause of breaches but OCR expects that IT hacking will continue to rise as a significant breach risk.
- Since 2009, consumer complaints regarding HIPAA violations continue to rise.
- Covered entities and business associates should already have in place business associate agreements that have been updated for the Omnibus Rule.
- Business associates must comply with all of the HIPAA Security Rules applicable to covered entities, “PERIOD.”
- Given the known risks of hacking, theft and loss and the direct guidance from OCR, covered entities and business associates must recognize that inadequate security, inadequate physical and technical safeguards is not acceptable.
- OCR expects that covered entities and business associates will be familiar with recent corrective actions, resolution agreements such as Parkview, NYP/Columbia, Concentra, QCA, Skaget County, Adult & Pediatric Dermatology, P.C., and Affinity Health Plan, Inc.
About The Author
Tags: audit, breach, Business Associate, HHS, HIPAA, HITECH, NIST, OCR, Privacy Rule, Security Rule
Posted by J. Nicole Martin
on September 08, 2014
, Medical Assistance
CMS approved Pennsylvania’s Medical Assistance (“Medicaid”) waiver request entitled Healthy Pennsylvania (“Waiver” or “Healthy Pennsylvania”) by letter dated August 28, 2014. Governor Tom Corbett and the Pennsylvania Department of Welfare submitted the waiver application in February. The approval paves the way for a five-year demonstration project that begins on January 1, 2015 and is intended to “expand access to coverage to adults in Pennsylvania with incomes through 133 percent of the federal poverty level.” The Waiver includes changes that will be implemented through state Medicaid plan amendments and the demonstration project.
- Improving access;
- Ensuring quality; and
- Providing affordability.
- Promoting access to health insurance through the private insurance marketplace;
- Encouraging healthy behaviors and appropriate care, including early intervention, prevention, and wellness; and
- Increasing quality of care and efficiency of the health care delivery system.
Waiver Highlights (applicable to individuals enrolled in Medicaid and Healthy PA PCO)
- Inclusion of a private coverage option, Healthy PA PCO, which will make coverage available through a private commercial market that will operate outside of the Pennsylvania’s federally-run exchange
- Commercial insurance carriers, who are likely to be HealthChoices MCOs, will offer at least two health plans for individuals eligible for Healthy PA PCO
- Inclusion of Medicaid plan options categorized as “low risk” or “high risk” (these plans are not yet finalized and the parameters will be subject to negotiation with CMS)
- No premiums are required in year one
- Monthly premiums are required in year two for eligible individuals who have incomes greater than 100% of the federal poverty level (up to 2% of their income with the ability to reduce the premium based on healthy behaviors)
- Individuals enrolled in Healthy PA PCO and Medicaid will pay an amount equal to currently existing Medicaid copayments in year one of Healthy Pennsylvania’s implementation
- Elimination of copayments, except for $8 co-payments for non-emergency visits to emergency rooms, beginning in year two of Healthy Pennsylvania’s implementation
The Hospital & Healthsystem Association of Pennsylvania recently announced its support of Healthy Pennsylvania’s goals. Despite those who oppose Healthy Pennsylvania because among other reasons, it is viewed as not being the “traditional” Medicaid expansion as envisioned by the Affordable Care Act, Governor Tom Corbett anticipates that Healthy PA PCO will increase access to health care for over 600,000 eligible Pennsylvanians. Notably, CMS did not approve the proposed work search requirement, which would have required certain adults to undertake work search activities in order to qualify and remain eligible for health coverage under Healthy Pennsylvania. According to CMS, the approval of Pennsylvania’s Waiver makes it one of 28 states, including the District of Columbia, to expand Medicaid.
For more information regarding the Waiver, please contact Mark Gallant, Chris Raphaely, or J. Nicole Martin.
About The Author
Tags: Healthy Pennsylvania, medicaid expansion, Medicaid waiver, Medical Assistance
Posted by Mark Gallant
on September 03, 2014
With little fanfare just before the Labor Day weekend, CMS announced a program in which it would enter into administrative agreements with eligible providers in exchange for the providers’ withdrawal of pending appeals (“Settlement Process”). This announcement follows massive backlogs in administrative appeals resulting from retroactive denials of inpatient claims by Medicare contractors, including recovery auditor contractors (“RAC”), as well as a lawsuit brought by the American Hospital Association challenging these delays. Under the Settlement Process, CMS is willing to pay “68% of the net allowable amount” for eligible claims within 60 days. According to CMS, eligible providers should submit requests to participate in the Settlement Process by October 31, 2014, and eligible providers may file for an extension of time to request a settlement if they are unable submit requests by the end of October. Although this Settlement Process holds promise for certain providers, it does not apply to all providers or all claims.
Only acute care hospitals and critical access hospitals may participate in the Settlement Process. The following providers are not eligible to participate:
- Cancer hospitals;
- Children’s hospitals;
- Inpatient rehabilitation facilities;
- Long-term care hospitals; and
- Psychiatric hospitals that are paid under the inpatient psychiatric facility prospective payment system.
CMS may exclude eligible providers from participating in this Settlement Process if they are subject to pending False Claims Act litigation or investigations.
Only the following claims are eligible:
- Claims for dates of admissions prior to October 1, 2013;
- Claims for patients that were not Medicare Part C enrollees; and
- Claims that are pending appeals of inpatient-status claim denials, which were rejected by Medicare contractors, including RACs.
An eligible provider may select the eligible claims it would like to settle, while continuing to appeal certain other claims.
For more information regarding the Settlement Process, please contact Mark Gallant, Chris Raphaely, or Ryan Blaney.
About The Authors
Tags: agreement, appeals, audits, Inpatient, RAC, settlement