Best Lawyers
Super Lawyers
American Health Lawyers Association
AV Preeminent
Avvo Clients' Choice Award 2014
Avvo Clients' Choice Award 2017
Avvo Rating
Top Rated Lawyers
View Profile on Avvo
Lexis Nexis
International Association of Defense Counsel
Avvo Reviews

|

1334532_ambulance.jpgOn May 31, 2013, the Boards of Trustees of The Federal Insurance and Federal Supplementary Medicare Insurance Trust Funds (Boards of Trustees) issued the most recent report (the “Report”) on the financial condition of the U.S. Medicare Program. The Board of Trustees oversees the financial operations of the Medicare Part A and Supplementary Medical Insurance (SMI), which is Medicare Part B and D. The Social Security Act requires the Board of Trustees to report annually to the Congress on the financial status of the Medicare Program. The Report is 280 pages packed heavily with information and actuarial data analyzing the crippled patient, the U.S. Medicare Program, concluding that the Medicare Hospital Insurance Trust Fund will not run out of money until 2026, two years later than the last projection. The slightly improved forecast (from the prior report) is due apparently to slower growth in U.S. health care costs, according to current the Board’s analysis.

But whether and when the Medicare Program will go broke is apparently not possible to determine with reasonable certainty. There are too many variables. The Board, comprising or advised by the best the best minds on the subject, have said as much. The Board concedes in the Report:

Projections of Medicare Costs are highly uncertain, especially when looking out more than several decades. One reason for the uncertainty is that scientific advances will make possible new interventions, procedures, and therapies. Some conditions that are untreatable today will be handled routinely in the future. Spurred by economic incentives, the institutions through which care is delivered will evolve, possibly becoming more efficient. While most health care technological advances to date have tended to increase expenditures, the health care landscape is shifting. No one knows whether these future developments will, on balance, increase or decrease costs.

The Report, p. 2.
The Report further indicates that the ACA “The ACA introduced even larger policy changes and projection uncertainty. . . . This legislation [the ACA] contains roughly 165 provisions affecting the Medicare program by reducing costs, increasing revenues, improving benefits, combating fraud and abuse, and initiating a major program of research and development to identify alternative provider payment mechanisms, health care delivery systems, and other changes intended to improve the quality of health care and reduce costs.” Id.
Continue reading ›

|

1047190_instrument_collection.jpgThe concierge practice of medicine is the wave of the future. This is very good news for the American consumer and tax payer.

As the price tag for Medicare has increased, so has the pressure on federal lawmakers to do something to avoid the looming fiscal disaster that attends rising health care costs. Since the U.S. Taxpayer demands that Medicare costs somehow be contained while, ironically, the U.S. Voter (same person, different hat) views Medicare as a sacrosanct entitlement to consume health care, the lawmaker “solution” has thus far focused the cost-cutting pressure on the supply side of health care, including cutting physician reimbursement. See, e.g. The Plea for Repeal of the Medicare Sustainable Growth Rate, May 4, 2013 post, this Blog. The trend of private insurers and other non-government payers is to follow what Medicare does (at least with respect to setting physician reimbursement rates and billing rules). An unintended consequence of the downward pressure on physician reimbursement together with modern health care’s increasing red tape/regulation and associated costs and headaches has been to drive primary care physicians out of private practice altogether. They are fed up. Many doctors have found (or are looking for) hospital employment. Others have retired. This trend has been referred to as the “silent exodus” of physicians and threatens to profoundly impact patient access care in a negative way. See National Survey Points to a “Silent Exodus” of Physicians, Merritt Hawkins, September 24, 2012.

Thankfully, some physicians are discovering that the concierge practice of medicine can be a smart, rewarding way to own and operate a private medical practice as a business that, rather than suffering the severe strains of the third-party-payer model, is free to actually focus on practicing medicine. For many doctors, the concierge medical practice model is returning private practice to its correct state — a real practice of medicine, medical judgment and care that is patient focused and free from the intrusion into the business of rendering care that a commercial or governmental third-party payer necessarily creates.
Continue reading ›

|

251732_agreement__signing.jpgSome health plans would have doctors believe that all terms and conditions in health plan contracts are immutable. That is not true. Health plan contract language can and should be negotiated under some circumstances. All physicians are strongly cautioned against blindly signing health plan contracts or any “paper work” that comes across your desk concerning rates, charges, reimbursement or network participation on the assumption that you have no choice. All physicians should be vigilant about establishing an organized contracting methodology that will identify contract issues that may warrant concern and discussion with a health plan representative about possible language changes. There is strength in numbers: the more physicians proactive about negotiating health plan contract provisions, the more effective all physicians will be in contracting with payers.

The contracting guidelines below are recommended to physicians and their office administrators as a starting point for establishing effective contracting protocol for medical practices. Where there are particular concerns about the potential effect of contract language, there is no substitute for obtaining legal advice.

1. Reject the premise that health plan contracts are non-negotiable.

You can negotiate health plan contract language. If you assume all health plan contract language is a take-it-or-leave-it proposition, you will necessarily be unable to determine what particular provisions a health plan might be willing to negotiate with you.

2. Develop and follow a specific office contracting protocol.

Readiness is the first step to good contracting practices. Set up, then faithfully use, a plan for your office, to include the following elements:

• appoint a trusted, long-term employee to be responsible for contracting • systematically collect, organize and store all health plan contracts and all correspondence and notices from the health plans
• carefully read every contract (or, at a minimum, have your appointed employee do so) against a Contract Review Checklist (see below), and list any questions or issues of concern • monitor all contracts — most are evergreen and will automatically renew unless one party terminates or proposes modification • know when contracts expire, calendar expiration dates and deadlines for giving any required notice of cancellation
3. Establish strong rapport with a health plan representative.

You will accomplish much more if you are dealing with an individual you know and with whom you have good rapport. Good practices to develop rapport with health plan representatives include the following:

• have face to face meetings with the representative when possible • be prepared for all meetings with the representative • remember that you are negotiating a relationship not a transaction • as much as possible, channel contact with a health care plan through one person in your office and one with the health plan • train the health plan representative to believe that you are reasonable (by, for example, periodically making small language proposals)
• differentiate your practice – the health plan needs to want your participation • demonstrate that you do things professionally
4. Realistically assess your ability to negotiate a provision.

Various factors influence whether and to what extent a health plan will negotiate particular contract provisions. Before you raise an issue with a health plan, assess your negotiating position.

• What is the value of the contract to your practice?
• What percentage of your business does the health plan represent?
• Do the fees cover your true cost of doing business?
• Are the health plan’s administrative requirements realistic?
• Does the health plan steer patients to you?
• What is the impact of dropping a plan on referrals – do you need to stay in plan because referring doctors will also refer patients from good plans?
• What are the strengths of your practice that might make you more attractive to the health plan?
• Do you add value to the health plan’s network (e.g., you are the only specialist within so many miles).
Continue reading ›

|

861958_hidoc-on-white.jpgIn Georgia, seven insurers have announced plans to participate in the Health Insurance Exchange that will exist by virtue of the Affordable Care Act (ACA). The ACA authorized creation of State health insurance “exchanges” (HIX) – an online market place in which consumers can shop for and buy health insurance. The following insurers have indicated they will participate in the Georgia HIX: Blue Cross and Blue Shield of Georgia, Kaiser Foundation Health Plan, Peach State, Alliant, Coventry, Aetna and Coventry. The insurance plans will debut as part of the Georgia HIX in 2014.

When the health insurance plans are available, small businesses, families and individuals will have a new way to get insurance. The ACA intends for consumers to be able to compare the benefits and costs of competing plans and use an online calculator to assist them in determining which plan is best for them. The ACA will expand health insurance coverage, increasing the number of insured patients. Presently, nearly two million non-elderly Georgia residents are uninsured. Purported benefits of the ACA that will affect Georgia patients and providers include: greater ease in obtaining coverage for individuals difficult to insure due to pre-existing conditions; continued cost-saving home- and community-care programs;greater resources for Medicaid, lowering costs of prescription drugs and raising reimbursement to some health care providers; enhanced preventive care coverage; and allowing young adults to stay on parents’ health plans
For physicians, however, more insured patients under the auspices of the ACA is not all good news. While much remains to be seen, some problems have been predicted. For example, some physicians may experience delayed payment under the ACA, under which individuals have a three-month grace period to individuals who have not paid their premiums. Health plans may hold off on processing claims who have not paid for two months. After three months, a health plan may deny claims and leave the doctor to seek payment from the patient. Under traditional insurance, the health plan would remain liable to pay the doctor even if the premium has not been paid. Patients are not accustomed to keeping up with and paying insurance premiums. Further, under the ACA the patient may be able to sign up for another plan in the HIX and begin seeing another doctor. Many of the newly insured patients will also be individuals who have not had insurance before (or for a considerable time) and may therefore involve more complicated health issues.
Continue reading ›

|

doc pic.jpgThe American Medical Association (AMA) and numerous other medical associations, including the Medical Association of Georgia (MAG), are a strong voice for repealing the Medical Sustainable Sustainable Growth Rate (SGR). Led by the AMA, a very large group of influential medical associations wrote Congress late last year advocating that the SGR is “an enormous impediment to successful health care delivery and payment reforms that can improve the quality of patient care while lowering growth in costs.” The call for repealing SGR is increasingly strong and urgent.

SGR is the method used by the U.S. Centers for Medicare and Medicaid Services (CMS) to set Medicare reimbursement rates for doctors with a formula purportedly tied to economic growth. The SGR issue derives from a well-intended but seriously flawed attempt to curb federal spending. Pursuant to the Balanced Budget Act of 1997, CMS employs SRG as a method to ensure yearly increases in Medicare expenses do not exceed increases in the level of growth in the U.S. Gross Domestic Product. Under the SGR scheme, if spending increases more than a set level, physician payments are adjusted downward; if spending is below a set level, rates are increased.

At first, the SGR formula arguably worked – to a degree – but only while the U.S. economy grew. After the US economy stalled in 2002, SGR number crunching changed for the worst as Medicare expenses exceeded projections, a trend that has continued. As a result, virtually every year for the last decade there has been a risk to physicians of very significant cuts in Medicare reimbursement rates required by law. Rather than repealing or revamping SGR, however, Congress has repeatedly effectuated a last minute, legislative patch “fix” to avert a crisis, deferring a permanent solution for future political wrangling. For example, with the latest “fix,” the American Taxpayer Relief Act of 2012, Congress delayed a 26.5 percent cut in Medicare physician payments for one year. The Congressional Budget Office projects that physician payments under Medicare will be reduced by about 25% in January 2014. Again, some fix will be needed, as the cuts would cause many medical practices to close, denying patients access to medical care. The recurrence of this political issue continues to frustrate physicians in a big way. Many have left the Medicare program; others threaten to do so. Access to medical care is thus diminished, contrary to the essential purpose of Medicare.
Continue reading ›

|

1177227_vintage_alarm_clock.jpgAs a general rule of thumb for legal issues, being proactive tends to be much less expensive than being reactive. This general rule certainly applies to health care providers, their business associates and, now, business associate subcontractors with respect to changes required by the Health Insurance Portability and Accountability Act of 1996 (HIPAA). The HIPAA Omnibus Final Rule (Final Rule), implementing provisions of the Health Information Technology for Economic and Clinical Health (HITECH) Act passed in 2009, became law last week on March 26, 2013. The Final Rule significantly modifies HIPPA requirements for compliance and security measures intended to protect health information (PHI), especially business associate agreements. Health care covered entities and their business associates and subcontractors have six months to become compliant with the rule, or face large fines (up to $1.5 million). The deadline for compliance is September 23, 2013, and the clock is ticking. Quickly.

According to the U.S. Department of Health & Human Services (HHS), the Final Rule is intended to bolster privacy and security protections for PHI under HIPAA by greatly enhancing the government’s ability to enforce the law. Health care provider audits are expected to dramatically increase in the coming months and years. Assuming that an audit will not happen is a mistake for any health care provider. Fines for HIPAA violations can be considerable, up to $1.5 million.

Under the Final Rule, parts of the HIPAA “Security Rule” (security requirements for electronic PHI) and “Privacy Rule” (security requirements for privacy of PHI) will now apply directly to business associates so that business associates will be potentially liable for civil and criminal penalties for any non-compliance with the HIPAA regulations, rather than just a breach of contract. Additionally, many subcontractors of business associates will now be covered. Liability for data breaches and other non-compliance can lie with the subcontractor, the business associate or the covered health care entity.

So, who is a “business associate”?

This is an important question because many changes under the Final Rule will profoundly impact not only covered entities and existing business associates, but other entities that now meet the definition of “business associate” and downstream business associate subcontractors whose services touch PHI. The Final Rule broadened the definition of “business associate” so that anyone who creates, receives, maintains, or transmits PHI might be deemed subject to HIPAA rules as a business associate. For example, the new definition includes companies or persons that “maintain” PHI, such as a data storage company or a company that provides data transmission services.

Legal counsel should be consulted to determine what business partners and vendors might be deemed “business associates” by HHS in the event of an audit. The reality is that many (probably most) business associates are currently not compliant with HIPAA and, if they consider the issue at all, may be in denial. HHS has decided it will deal with the issue more aggressively. Prudent health care providers must promptly inventory their business relationships to identify all business partners and vendors that meet the broadened definition of “business associate” under HIPAA rules and ascertain whether business associates are compliant with HIPAA’s risk assessment and other compliance protocol. This process should include evaluation of existing business associate agreements and, ultimately, health care providers should insist that every business associate demonstrate compliance.

Do your business associate agreements need to be updated?

Covered entities, business associates and subcontractors have until September 23, 2013 to execute business associate agreements compliant with the Final Rule. Under the Final Rule, business associate agreements must be updated to require that:

– the business associate comply with applicable requirements of the Security Rule.

– business associate ensure subcontractors that create, receive, maintain or transmit electronic PHI on behalf of the business associate agree to comply with the requirements of the Security Rule.

– the business associate ensure that any subcontractors that create, receive, maintain or transmit PHI on behalf of the business associate agree to the same restrictions and conditions that apply to the business associate with respect to such PHI.

– the business associate report breaches of unsecured PHI.

– the business associate carry out a covered health care entity’s obligation under the Privacy Rule (e.g., serving as the privacy official)

– the business associate comply with the requirements of the Privacy Rule that apply to the performance of such obligation.

It is estimated that up to 500,000 existing Business Associates will have to have new business associate agreements.
Continue reading ›

|

1221952_to_sign_a_contract_3.jpgThe U.S. Department of Health and Human Services (HHS) published the HIPAA final omnibus rule (Final Rule) on January 25, 2013. The Final Rule deals with required changes for medical practices and other health care providers that HHS determined are necessary to secure protected health information (PHI). As a result of the Final Rule, many health care providers must update existing business associate agreements, revise existing notices of privacy practice, and require some business associates’ subcontractors to execute business associate agreements. For many medical practices and health care businesses, this process may be a tedious undertaking and, therefore, should begin promptly. The deadline for compliance is September 23, 2013.

A “business associate” is a person or entity that acts on behalf of or provides services to a health care provider (a “covered entity”) who, by doing so, obtains access to PHI. The purpose of a business associate agreement is to ensure business associates will appropriately safeguard PHI and limit permissible uses and disclosures of PHI, to protect patient privacy and related purposes advanced by HIPAA. A business associate is directly liable under HIPAA and subject to civil (and potentially criminal) penalties for data breaches and other violations of HIPAA.

The Final Rule is published in the Federal Register (78 FR 5565) and is 523 pages. Under the Final Rule, a “business associate” includes a broader scope of entities. “Business associate” now includes subcontractors and entities that create, receive, maintain, or transmit PHI. How this change will impact particular situations may require determinations on an ad hoc basis. All physicians, physician groups, other health care providers, and health care businesses, should promptly marshal their existing business associate agreements for review and analysis to determine which agreements must be changed to comply with the Final Rule. Additionally, all business arrangements need to be inventoried and reviewed for a determination as to whether the relationship necessitates a business associate agreement under the Final Rule. For every business arrangement that will require a new business associate agreement, the business associate should be contacted now regarding the requirement of a business associate agreement.
Continue reading ›

|

1066466_dice[1].jpgOur health care system’s slow-but-sure conversion from paper to electronic health records (EHR) continues throughout the United States. The push toward EHR is strong, both as an inevitable industry trend toward efficiency and because of the mandate of federal law. EHR is obviously an integral part of health care reform changes. See January 31, 2013 post. Unintended adverse consequences of going paperless have appeared, however, including an apparent trend by doctors and other health care providers to haphazardly copy and paste identical notes from one patient visit to another.

This phenomenon — dubbed “sloppy and paste,” “sloppy pasting,” “copy-forward” and “cloning” — is a new problem in the industry and appears to be a strong trend. Although EHRs facilitate quick moves through patient records, the tempting ease of copy/pasting lends itself to mistakes. While many such mistakes may be innocuous, as an expansive trend copy/pasting EHR seems to have some meaningful unintended consequences, ranging from serious embarrassment, the appearance of billing fraud, or patient harm.

For example, since by definition coordinated patient care (another integral part of health care reform for which there is strong impetus) involves multiple health care professionals communicating with each other via the patient’s chart, the ability of each provider to rely upon the accuracy of information conveyed in the chart is critical. Proper management of all patient care in an integrated way requires an effective, accurate and timely exchange of information. The reliance of each provider upon inaccurate or misleading information copy/pasted into chart as a short cut can lead to confusion and mistakes and actually prevent “coordinated” care. In one reported example, a physician visited a patient in a coma who had postoperative complications. After reviewing the patient’s chart, the doctor visited with the patient’s very concerned family and commented to them that the patient was only in the third day of recovery, unaware that that the patient had been in recovery for over five weeks. For more than five weeks, the note “post-op day No. 2” was copied and brought forward each day. The highly embarrassed doctor’s credibility with the family was gone.
Continue reading ›

|

1269437_laptop_and_cellphone[1].jpgA single unencrypted laptop computer containing electronic protected health information (ePHI) cost The Hospice of North Idaho (HONI) $50,000. HONI agreed to pay the U.S. Department of Health and Human Services (HHS) a $50,000 fine to settle potential breaches of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security Rule.

HONI regularly used laptops in field work. However, according to HHS, HONI did not conduct an accurate and thorough analysis of the risk to the confidentiality of ePHI posed by mobile devices on an on-going basis as part of its security management process in violation of HIPAA. HONI also failed to implement security measures sufficient to ensure the confidentiality of ePHI that it created, maintained and transmitted using portable devices, another alleged HIPAA breach. In addition to the fine, HHS required HONI to enter into a corrective action plan.

The HONI settlement is notable as the first settlement of an alleged HIPAA violation based on breach of ePHI affecting fewer than 500 individuals. The government discovered in its investigation that HONI simply failed to conduct any risk assessment to safeguard ePHI and failed to have policies and procedures to address mobile devices. Leon Rodriquez, the Director of the HHS Office for Civil Rights, explained: “This action sends a strong message to the health care industry that, regardless of size, covered entities must take action and will be held accountable for safeguarding their patients’ health information.”
Continue reading ›

|

1066058_patrol_hat_too[1].jpgThe Health Information Technology for Economic and Clinical Health (HITECH) Act requires the U.S. Department of Health and Human Resources (HHS) to conduct audits to ensure health care providers, health care industry organizations, and their business associates comply with HIPAA. The HHS Office for Civil Rights (OCR) audit program scrutinizes policies and procedures (or lack of same) of HIPAA-covered entities. Audit protocol looks at many elements (which may vary based on the type of covered entity audited) categorized as privacy requirements, security requirements, and breach notification requirements. The OCR makes available its audit protocol for public review online. OCR awarded KPMG a $9.2 million contract to create HIPAA auditing protocols and to handle audits. The government is keen on these audits; audits will increase in the near future.

According to OCR, “To avoid enforcement penalties, covered entities must ensure they are always in compliance with the HIPAA Privacy and Security Rules.” Be prepared. Do not wait for an audit notice. A few of the many factors potentially relevant if your medical practice or other health care business is selected for the review include:

Is there a signed business associate agreement with each business associate?

Do you encrypt protected health information (PHI)?

Do you have policies and procedures in place for employees (new employees, existing employees, terminated employees, etc.)?

Do you have policies in place with regard to the removal of PHI from the medical practice site (e.g. a smartphone)?

Do you have a written policy for ascertaining and reporting a security breach?

Do your policies cover everything you do with PHI?

Do you really do things consistently with your existing policies?

Continue reading ›

Contact Information
Atlanta
75 14th St NW
Suite 2840-B
Atlanta, GA 30309
Phone: 404-685-1662Fax: 404-795-5855
Augusta
1450 Greene Street
Suite 3600
Augusta, GA 30901
Phone: 706-722-7886Fax: 404-795-5855

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Please do not include any confidential or sensitive information in a contact form, text message, or voicemail. The contact form sends information by non-encrypted email, which is not secure. Submitting a contact form, sending a text message, making a phone call, or leaving a voicemail does not create an attorney-client relationship.

Copyright © 2015 – 2025, Little Health Law
JUSTIA Law Firm Blog Design