Health Law Gurus

Health Law Gurus

Health Law: News,
Commentary & Insights

News from the Health Law Gurus™: Week of December 14, 2014

Posted in HIPAA, Marketplace/Exchanges, News from the Health Law Gurus, Technology

Patient Medical Records Stolen from New Jersey Storage Facility – Tribeca Medical Center is notifying patients that their protected health information may be compromised. According to a privacy notice posted on Tribeca Medical Center’s website, patient records were stolen from a locked storage facility in Jersey City, New Jersey on October 21, 2014. Unidentified individuals cut door latches to enter the facility, and they stole boxes of medical records. The records included patient names, addresses, telephone numbers, social security numbers, dates of birth, gender designation, insurance information, billing information, medical diagnoses, treatment records, laboratory and test results, and pharmacy/medication records. The theft was immediately reported to the Jersey City Police Department. To read the entire privacy notice, click here. Continue Reading

Anchorage Community Mental Health Services to Pay $125,000 in Newest HIPAA Settlement: Covered Entities and Business Associates Must Update Unpatched and Unsupported Software, Says OCR

Posted in Compliance Issues, HIPAA

Anchorage Community Mental Health Services, Inc. (“ACMHS”) will pay $125,000 to the United States Department of Health and Human Services, Office for Civil Rights (“OCR”) to settle alleged violations of the Health Insurance Portability and Accountability Act (“HIPAA”). The settlement arises from a breach of unsecured electronic protected health information (“PHI”) due to malware that compromised the security of ACMHS’s information technology resources. Over 2,700 individuals were affected by the breach. ACMHS provides behavioral health care services to children, adults, and families in Anchorage, Alaska. Continue Reading

CMS Issues Proposed Rule Addressing Changes to Medicare Shared Savings Program

Posted in Affordable Care Act (ACA), Regulations

The Centers for Medicare and Medicaid Services (“CMS”) issued a proposed rule (the “Proposed Rule”) on December 1, 2014 regarding certain changes to the Medicare Shared Savings Program (the “Program”). The Proposed Rule, spanning 429 pages, discusses proposed changes to various aspects of the Program such as beneficiary assignment, data sharing, available risk models, eligibility requirements, participation agreement renewals, and compliance and monitoring. Continue Reading

News from the Health Law Gurus™: Week of November 9, 2014

Posted in Affordable Care Act (ACA), HIPAA, News from the Health Law Gurus

News from the Health Law Gurus™ is a weekly summary of notable health law news from around the country with helpful links to related content. Check back every week for the latest health law news stories.

HIPAA in the Time of Ebola – Ebola has recently been the source of much concern, and health care providers and hospitals are taking steps to prepare themselves for the possibility of treating patients with Ebola. In addition to all of the medical preparations underway, covered entities and business associates must also continue to be aware of the protections in place that limit the uses and disclosures of a patient’s protected health information (“PHI”), even in an emergency situation. The U.S. Department of Health and Human Services, Office for Civil Rights (“OCR”), recently released a bulletin to provide guidance to covered entities and business associates about the ways in which PHI may be shared in an emergency under the HIPAA Privacy Rule. As the OCR emphasizes in its bulletin, the “protections of the Privacy Rule are not set aside during an emergency.” To read our full blog post, click here.   Continue Reading

HIPAA in the Time of Ebola

Posted in Business Associates, Compliance Issues, HIPAA, Privacy, Regulations, Trends

Ebola has recently been the source of much concern, and health care providers and hospitals are taking steps to prepare themselves for the possibility of treating patients with Ebola. In addition to all of the medical preparations underway, covered entities and business associates must also continue to be aware of the protections in place that limit the uses and disclosures of a patient’s protected health information (“PHI”), even in an emergency situation. The U.S. Department of Health and Human Services, Office for Civil Rights (“OCR”), recently released a bulletin to provide guidance to covered entities and business associates about the ways in which PHI may be shared in an emergency under the HIPAA Privacy Rule. As the OCR emphasizes in its bulletin, the “protections of the Privacy Rule are not set aside during an emergency.” Continue Reading

No Kidding: Overseas Medical Tourism Is Well Worth Trip

Posted in Medical Tourism, Trends
Renée-Marie Stephano, J.D.

Renée-Marie Stephano, J.D.

Surgery was on his bucket list, but Bruce Ryan didn’t want to wait until he retired to repair his debilitating and painful rotator cuff injury. The 59-year-old construction manager could have traveled the six hours to Stanford Medical Center – considered one of the top facilities in the United States. He had other reservations, instead.

“No, we went to France – to Toulouse, France – and did it,” said Ryan, chuckling at the thought. “It was great.”

All kidding aside, the American patient didn’t have to pay a dime for his medical tourism surgery in France – even $7,000 worth of deductibles and co-pays were waived – plus, he got to tour the Pyrenees Mountains, take in the local art scene, and sample baguettes, chateaux, truffles and other French indulgences. Continue Reading

HITECH Act Assures Meaningful Use & Care Coordination…For Some

Posted in Behavioral Health, EHR, HITECH, Technology, Trends
Brandon Danz, M.P.A.

Brandon Danz, M.P.A.

The passage of the ARRA HITECH Act in 2009 fostered significant advancements in patient engagement and care coordination by incentivizing primarily physical health providers and acute care hospitals to make smarter use of technology. Specifically, the Act provided funding for eligible providers and hospitals to adopt electronic health records (EHR) and then “meaningfully use” those EHRs to improve care coordination, reduce health disparities, promote population health, enhance patient engagement, and maintain patient privacy.

Eligible providers and hospitals benefit greatly from transferring patient records from the filing cabinet to the computer. Information becomes instantaneously available to inform improved patient engagement and person-centered care decisions. Most importantly, this information can be used to manage a patient’s care across the many health systems he or she uses. Continue Reading

Proposed Reforms to Liver Transplant System Address Disparity, Raise Ethical Questions

Posted in Guest Contributor, Legislation, Trends

 

Brandon Danz, M.P.A.

Brandon Danz, M.P.A.

Each year over 1,500 individuals in the United States die while waiting for a liver transplantation. Another 1,500 candidates are removed from waiting lists because they are deemed too medically frail to receive a liver. Some reformers believe that these figures can be reduced by changing administrative procedures used to determine how organs are distributed. Others believe that these changes would have detrimental effects on certain regions of the nation. Central to this discussion is our underlying ethical obligation to maximize benefits across a population while assuring a minimum level of duty and fairness to each individual. Continue Reading

CMS Announces Launch of Open Payments Database: $3.5 Billion Paid to Physicians and Teaching Hospitals

Posted in Affordable Care Act (ACA), Anti-Kickback Statute, Fraud and Abuse, Trends

The Open Payments database (the “Database”) is now live, and the first round of data is available to the public on the Centers for Medicare and Medicaid Services (“CMS”) website. This first round of data reflects “nearly 4.4 million payments valued at nearly $3.5 billion attributable to 546,000 individual physicians and almost 1,360 teaching hospitals,” according to a recent CMS press release (the “Press Release”). Continue Reading

September 22, 2014 – HIPAA Compliance Deadline for Business Associate Agreements Is Just Around the Corner

Posted in Business Associates, Compliance Issues, HIPAA, Regulations

All business associate agreements (“BAAs”) must be updated and compliant with current Health Insurance Accountability and Portability Act (“HIPAA”) regulations by September 22, 2014. Failure to meet this deadline could result in large penalties for covered entities and/or business associates if there is a breach of protected health information (“PHI”) or a government audit. If you have not already done so, act now to ensure that you meet this important deadline. Continue Reading