While the implementation of compliance programs to encourage the development and use of internal controls to monitor adherence of the health care industry to applicable statutes, regulations, and program requirements has long been considered a best practice, the Patient Protection and Affordable Care Act (“ACA”) has made them mandatory. Continue reading…
On January 25, 2013, the Office of Civil Rights (OCR) of the Department of Health & Human Services (HHS) published the long-awaited omnibus final regulation governing health data privacy, security and enforcement (Omnibus Rule).[i] The Omnibus Rule is a group of regulations that finalizes four sets of proposed or interim final rules, including changes to the Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security Rules mandated by the Health Information Technology for Economic and Clinical Health (HITECH) Act[ii] and proposed in 2010;[iii] changes to the interim final breach notification rule;[iv] modifications to the interim final enforcement rule; and implementation of changes to the Genetic Information Nondiscrimination Act of 2008 (GINA). The Omnibus Rule goes into effect on March 26, 2013, and compliance is required by September 23, 2013. As expected, the Omnibus Rule did not finalize the May 31, 2011 proposed regulation regarding accounting for disclosures. Continue reading…
On January 10, 2013, President Obama signed into law H.R. 1845, which includes the Strengthening Medicare and Repaying Taxpayers Act of 2011 (SMART Act).[1] The SMART Act, amends several portions of the Medicare Secondary Payer (MSP) Act that apply to non-group health plans, including liability (including self-insurance) and no-fault insurance and workers’ compensation plans (together, NGHPs). Although the SMART Act makes significant substantive and procedural amendments to the MSP Act, many practical issues will continue to bedevil parties who are trying to settle a personal injury claim. Continue reading…
Since the implementation of the privacy and security regulations of the Health Insurance Portability and Accountability Act (“HIPAA”) in 2003 and 2005 respectively, business associates (“BAs”) – those entities that perform services for or on behalf of covered entities – had been a weak link in the overall protection of protected health information (“PHI”). BAs were not directly subject to HIPAA, but were only indirectly subject to its requirements through the business associate agreements – which were generally boilerplate – that covered entities were required to maintain as a condition of sharing PHI. Thus, under the original regulatory structure, the only risk for a BA was for a breach of contract. Continue reading…
A few weeks ago we posted on this Blog an article highlighting the “gathering storm” surrounding HIPAA enforcement and predicted an ominous future for hospitals and other providers who fail to develop and maintain adequate HIPAA compliance policies. While there is no doubt the future is bleak for those unwilling to abide by HIPAA’s mandate, the forecast for providers who commit healthcare fraud is equally devastating. This is because, in 2013, the federal government will attack healthcare fraud from two angles. First, the Office of Inspector General (“OIG”), per the terms of its 2013 Work Plan (“Work Plan”), will review many of the government’s anti-fraud efforts to maximize recovery of Medicare and Medicaid overpayments. Second, many of the new anti-fraud provisions in the Affordable Care Act (“ACA”) will kick into high gear now that the result of the presidential election has guaranteed the law’s survival. Continue reading…
Since the Health Insurance Portability and Accountability Act (“HIPAA”) privacy rules became effective in April 2003, there has been minimal enforcement activity by the U.S. Department of Health and Human Services (“HHS”) Office of Civil Rights (“OCR”). However, this has changed dramatically over the last two years, as evidenced by some recent high-profile and high-penalty enforcement actions taken by OCR. In addition to being concerned about OCR investigations, moreover, covered entities and business associates must also be on the alert for enforcement actions by state Attorney Generals, potential class action lawsuits, and OCR’s HIPAA audit program. Continue reading…
On September 12, 2012, the Senate Special Committee on Aging held a roundtable hearing on the Sunshine Provisions in Section 6002 of the Patient Protection and Affordable Care Act (the “Sunshine Provisions”). Under the Sunshine Provisions, certain drug and device manufacturers must annually report to the government many payments and other transfers of value they make to physicians and teaching hospitals. Certain drug and device manufacturers and group purchasing organizations (“GPOs”) must also report ownership and investment interests in them held by physicians and their immediate family members. In this post, we will report on the roundtable hearing, provide an overview of a Proposed Rule regarding the Sunshine Provisions, and discuss their implementation. Continue reading…
As its title makes clear, the August 2012 report “Questionable Billing by Community Mental Health Centers” (the Report) by the U.S. Department of Health and Human Services Office of Inspector General (OIG) demonstrates its significant concern with fraud, waste, and abuse in Medicare payments for mental health services. The OIG’s key findings include that in 2010, about 50% of community mental health centers (CMHCs) exhibited unusually high billing for at least one of nine so-called “questionable billing characteristics” in seeking reimbursement for partial hospitalization program (PHP) services; about 33% exhibited at least two of these characteristics. Continue reading…
President Obama recently signed a bipartisan bill that authorizes Food and Drug Administration (“FDA” or “Agency”) user fees for five more years and establishes new user fees for the FDA’s review of generic drugs and biosimilar products.[1] The bill reauthorizes the Prescription Drug User Fee Act (“PDUFA” or the “Act”), a law originally passed by Congress in 1992. PDUFA permits the FDA to collect user fees from drug manufacturers to fund, among other FDA endeavors, new drug and medical device approval. The most recent reauthorization of the bipartisan bill, which increases the amount of money drug and device manufacturers must pay the FDA to review a new drug or device application, has gained the support of both Congress and the pharmaceutical industry.
Every day Groupon, Living Social, Buy With Me, and a host of other social coupon websites flood the inboxes of millions of consumers with daily deals. These websites offer discounts on a variety of products and services, and are extremely popular among restaurants and businesses for their ability to bring in new customers and generate revenue.
But what if the deal is for a dental exam, laser vein removal, or Botox® treatments? The general public probably doesn’t care about the ramifications of using social coupons for health care services, because, let’s face it, everyone likes a great deal. Health care providers, however, definitely should.
Why? Because, depending on the nature of the daily deal, a health care provider who offers a discount through these types of social coupon websites could be violating federal and/or state laws. Continue reading…
© 2025 Health Law Informer All Rights Reserved.