The Office of the National Coordinator for Health Information Technology (“ONC”) has released a revised Guide to Privacy and Security of Electronic Health Information (the “Guide”), which is intended to be a resource for small and medium-sized health care providers, health IT and other information technology professionals, and business associates regarding federal health information privacy and security requirements. The Guide, first published in 2011, is organized by chapters that address some of the most important privacy and security issues today, including electronic health records, cybersecurity, Meaningful Use, the security management process, and breach notification requirements. Continue Reading
Cornell Prescription Pharmacy (“CPP”), a Colorado single-location pharmacy, has agreed to pay $125,000 to the United States Department of Health and Human Services, Office for Civil Rights to settle alleged violations of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). CPP will also adopt a two-year corrective action plan.
The settlement is the result of an OCR investigation that began in 2012 after OCR received a media report stating that CPP improperly disposed of protected health information (“PHI”) in a dumpster accessible by the public. Documents containing PHI were found in an unlocked open container. They were not shredded. Over 1,600 patients were compromised as a result. Continue Reading
President Obama has signed the “doc fix” into law, which permanently avoids a 21% pay cut for physicians that was slated to take effect this April. The law received broad bipartisan support, passing in the House of Representatives by a sweeping vote of 392-37 and passing in the Senate by a vote of 92-8. Continue Reading
On March 25, 2015, the Centers of Medicare and Medicaid Services (“CMS”), launched the Health Care Payment Learning and Action Network (the “Network”), an ambitious private-public partnership designed to further move the health care system away from quantity-based care and closer to value-based, quality-driven care.
The Network is being established to “help the U.S. health care payment system meet or exceed recently established Medicare goals for value-based payments and alternative payment methods.” The Medicare goals are as follows: (i) move 30% of Medicare payments into alternative payment models, such as Accountable Care Organizations, bundled payments and advanced primary care medical homes, by 2016; and (ii) move 50% of Medicare payments into alternative payment models by 2018.
Overall, HHS seeks to have almost 90% of Medicare payments tied to quality or value in the next three years.
The House of Representative recently passed legislation, by a sweeping vote of 392-37, which aims to change the way physicians are paid. The legislation, called the Medicare Access and CHIP Reauthorization Act, repeals and replaces Medicare’s sustainable growth rate formula (“SGR”). Despite the broad bipartisan support the legislation received in the House, the Senate failed to act on it before leaving for a two-week recess. A decision is expected from the Senate shortly after they return to the office on April 13. Continue Reading
The Centers for Medicare and Medicaid Services (“CMS”) has released information about a new accountable care organization (“ACO”) model, called the Next Generation ACO. According to CMS, “the Next Generation ACO Model offers a new opportunity in accountable care – one that sets more predictable financial targets, enables providers and beneficiaries greater opportunities to coordinate care, and aims to attract the highest quality of care.”
The ACO model has been developed as a result of the Patient Protection and Affordable Care Act. The main objective of an ACO model is to effectively coordinate high-quality care between providers and suppliers at lower costs to Medicare beneficiaries. If the ACO provides high-quality care and lowers the cost of care, it will be able to receive a share of those savings. Continue Reading
Premera Blue Cross (“Premera”) announced this week that it has been the target of a sophisticated cybersecurity attack in which the information of approximately 11 million individuals has been compromised. This announcement comes on the heels of the cybersecurity attack against health insurer Anthem, Inc., which affected approximately 80 million individuals. Continue Reading
A Health Law Gurus™ blog post, “Is Your Mobile Health App HIPAA Compliant?” was referenced in a LexBlog Network article, “Apple’s ResearchKit is Living Up to the FTC’s Expectations for the Internet of Things,” written by Zosha Millman. To read a copy of the article, click here.
Between 2008 and 2010, hackers stole credit card information from the computer network of Wyndham Hotels & Resorts LLC (“Wyndham”), which affected hundreds of thousands of Wyndham’s customers in the process. The Federal Trade Commission (the “FTC”) took action and filed suit against Wyndham in U.S District Court, alleging that Wyndham violated Section 5 of the FTC Act by failing to take reasonable measures to protect customers’ credit card information.
Wyndham has taken the position that the FTC does not have the authority to regulate the data security practices of companies. U.S. District Court Judge, Esther Salas, found otherwise. This issue is now before the Third Circuit. Continue Reading
News from the Health Law Gurus™ is a weekly summary of notable health law news from around the country with helpful links to related content. Check back every week for the latest health law news stories.
Meaningful Use Attestation Deadline Extended to March 20, 2015 – According to a news alert from the Centers for Medicare and Medicaid Office (“CMS”), Eligible Professionals may attest to meaningful use for the Medicare Electronic Health Record (EHR) Incentive Program 2014 reporting year until 11:59 p.m. ET on March 20, 2015. The deadline has been extended to allow Eligible Professional additional time to submit their data. However, CMS encourages providers to begin the attestation process as soon as possible. CMS also noted that this extension deadline allows Eligible Professionals extra time to switch programs (i.e., from Medicare to Medicaid or Medicaid to Medicare), provided that the Eligible Professionals have not already used their one switch. Continue Reading