Articles Posted in Compliance

Published on:

by

The Department of Health and Human Services (HHS) Office of Civil Rights (OCR) recently entered into a first of its kind resolution agreement and corrective action plan to settle potential HIPAA violations arising out of a ransomware attack. The agreement to settle alleged HIPAA violations was entered into with Doctors’ Management Services (DMS), a practice management company acting as a business associate to several covered entities.

By way of background, in April 2019, OCR opened an investigation based on a breach report from DMS. The report stated that approximately 206,695 individuals were affected when the DMS network server was infected with ransomware. The initial unauthorized access to the network occurred several years prior. However, DMS did not detect the intrusion until late 2018 after ransomware was used to encrypt their files. Based on its investigation, OCR alleged that:

  • DMS failed to conduct an accurate and thorough risk analysis that assessed technical, physical, and environmental risks and vulnerabilities associated with handling electronic patient health information (ePHI);
Continue reading
Published on:

by

A recent report published by the Syntellis Performance Solutions and the American Hospital Association demonstrated a shocking 56% increase in Medicare Advantage (MA) claim denials from January 2022 to July 2023. The report was based on an analysis of data from over 1,300 health systems and hospitals, and further showed a 20% increase in commercial payor denials. The findings are especially concerning given that healthcare systems across the U.S. experienced drastic increased in operating expenses over the period, with a nearly 90% increase in maintenance costs, 33% increase in professional fees costs, 24% increase in labor costs, and a 35% increase in utility costs.

The substantial decrease in payments and significant increase in costs has put several health systems in the precarious position of being less equipped to navigate unforeseen market shifts. The serious physician and nursing labor shortage currently seen in the United States compounds the problem even further. Beneficiaries have also seen an increase in MA denials, which has led to increased congressional and regulatory scrutiny.

The increase of MA claim denials has led to increased scrutiny over the use of AI by insurance companies to evaluate claims for denial. A recent class action lawsuit was filed against UnitedHealth Group by MA beneficiaries, who claim the company’s AI algorithm systematically denies elderly patient’s claims. UnitedHealth began using an AI algorithm developed by its subsidiary NaviHealth, known as nH Predict, which the lawsuit alleges is used to “prematurely and in bad faith discontinue payment for healthcare services.”

Continue reading
Published on:

by

In November 2023, the Department of Health and Human Services (HHS) Office of Inspector General (OIG) released its General Compliance Program Guidance (GCPG). This guidance was released as part of OIG’s Modernization Initiative, which seeks to make compliance program guidance more user friendly and accessible. The document does not include new information but instead summarizes existing guidance regarding fraud and abuse risk, serving as an up-to-date comprehensive reference guide for the general healthcare community and industry stakeholders. OIG also noted that in 2024 it will begin publishing industry segment-specific CPGs (ICPGs) which will address compliance measures for industry subsectors.

The GCPG is not legally binding on any individual or entity, but contains valuable information regarding compliance with federal fraud and abuse statutes and regulations. The OIG guidance includes information regarding key fraud and abuse laws, the primary elements of an effective compliance program, program adaptations for small and large entities, other compliance considerations, and OIG resources and processes.

The GCPG begins with an overview of the principal federal fraud and abuse laws including the Anti-Kickback Statute (AKS), the Physician Self-Referral Law (PSL; also known as the “Stark law”), the False Claims Act (FCA), and the Civil Monetary Penalty law (CMP). Their stated goal in summarizing these laws is to “create awareness and provide tools and resources to aid compliance efforts in both preventing violations and identifying potential red flags early with respect to these laws and regulations.”

Continue reading
Published on:

by

On November 2, 2023, the Centers for Medicare & Medicaid Services (CMS) issued a final rule outlining the 2024 Medicare payment rates and policy updates for hospital outpatient and Ambulatory Surgical Center (ASC) services. The CMS final rule represents an annual update to the Medicare payment system and includes updates to the Outpatient Prospective Payment System (OPPS) and ASC payment rates, implementation of regulations aimed to improve hospital price transparency, and expansion of behavioral health services through the establishment of new payments and policies.

For calendar year (CY) 2024, CMS finalized an increased payment rate of 3.1% for OPPS and ASC services. This update reflects a projected hospital market basket increase of 3.3%, reduced by 0.2% for the productivity adjustment. This rate has been criticized by many leaders in the healthcare industry as inadequate to meet the financial burdens faced by hospitals and ASCs. American Hospital Association (AHA) Executive Vice President Stacey Hughes released the following statement in response to the final rule: “The AHA is concerned that CMS has again finalized an inadequate update to hospital payments…  Most hospitals across the country continue to operate on negative or very thin margins that make providing care and investing in their workforce very challenging day to day. Hospitals’ and health systems’ ability to continue caring for patients and providing essential services for their communities may be in jeopardy, which is why the AHA is urging Congress for additional support by the end of the year.”

The final rule also made changes to the CMS hospital price transparency requirements. All hospitals will now be required to display standard charge information through the use of a CMS template. The template is offered in various formats and requires hospitals to encode its standard charge information into the template. The rule also requires hospitals to place a “footer” at the bottom of their homepage linking users to the Hospital Price Transparency machine readable file (MRF). There will also be an affirmation statement requirement in which hospitals affirm they have made a good faith effort to ensure the MRF data is true, accurate, and complete.

Continue reading
Published on:

by

In light of the rapid technological advancements and increasing utilizations of artificial intelligence (AI), the World Health Organization (WHO) issued a publication outlining key regulatory considerations on AI for healthcare. The publication highlights emerging best practices for the development and use of AI in healthcare and aims to lay out an overview of regulatory considerations on AI for healthcare covering six general topic areas discussed below.

As the publication explains in greater detail, the WHO recommends that stakeholders take into account the following considerations as they continue to develop frameworks and best practices for the use of AI in healthcare:

  1. Documentation and transparency: Pre-specifying and documenting the intended medical purpose and development process should be considered in a manner that allows for the tracing of the development steps as appropriate. A risk-based approach should also be considered for the level of documentation and record-keeping utilized for the development and validation of AI systems.
Continue reading
Published on:

by

In November 2021, the Centers for Medicare & Medicaid Services (CMS) published a final rule expanding their ability to revoke Medicare billing privileges of providers and suppliers. This rule went into effect January 1, 2022, and has significantly increased the importance of a diligent and careful response when faced with a CMS audit.

Prior regulations required CMS to consider the following three factors when determining whether a provider or supplier was engaged in the type of billing practices which could support a revocation: (1) the reason for any claim denials, (2) the length of time over which any pattern or practice of submitting claims that fail to meet Medicare requirements occurred, and (3) how long the provider or supplier had been enrolled in Medicare.

CMS asserted that these three considerations inhibited their ability to “target brief periods involving a significant percentage of denied claims” and therefore proposed revisions to this framework which it believed would strengthen CMS’ overall program integrity efforts. The new framework now considers the following four factors:

Continue reading
Published on:

by

The Department of Health and Human Services (HHS) Office of Inspector General (OIG) announced several new changes in its Work Plan update for October 2023. The OIG Work Plan forecasts the projects that OIG plans to implement over the foreseeable future. These projects usually include OIG audits and evaluations. Below are the highlights from the Work Plan update of which providers and suppliers should take notice.

First, OIG will perform an audit of the Morehouse School of Medicine’s National Infrastructure for Mitigating the Impact of COVID-19 (NIMIC) initiative. The NIMIC initiative is a 3-year, $40 million cooperative agreement between HHS’s Office of Minority Health and the Morehouse School of Medicine to fight COVID-19 in racial and ethnic minority, rural, and socially vulnerable communities. The Morehouse School of Medicine is leading the initiative to coordinate a strategic network to deliver COVID-19 related information to communicates hit hardest by the pandemic.

Second, OIG will audit the accuracy of the Child Care and Development Fund (CCDF) attendance records at Minnesota child care centers. The CCDF is the primary federal funding source devoted to subsidizing the child care expenditures of low-income families. OIG has stated that it identified issues with the completeness and accuracy of child care attendance records and with related billings for child care services. Minnesota, as well as possibly additional states, have been selected by OIG for a review to determine whether the state(s) complied with federal and state requirements related to attendance records and whether payments for services at child care centers were allowable.

Continue reading
Published on:

by

On October 10, 2023, the Department of Health and Human Services (HHS) Office of Inspector General (OIG) issued an advisory opinion reinforcing the broad protection of physician employees under the safe harbor provision of the Anti-Kickback Statute (AKS). The AKS is a federal criminal law which prohibits payment for the inducement or reward of patient referrals or generation of business where any item or service payable by a federal healthcare program is involved.  Remuneration under the law has been interpreted to mean “the transfer of anything of value, directly or indirectly, overtly or covertly, in cash or in kind.” Violation of the AKS can result in severe penalties, including imprisonment of up to 10 years, a maximum fine of $100,000, and exclusions from Medicare and Medicaid reimbursement.

There are several statutory and regulatory exceptions to the AKS, which allow for specific remuneration arrangements when certain criteria are met. One statutory exception protects payments made by employers to employees who are in bona fide employment relationships for providing covered items and services under the employment agreement. Similarly, safe harbor regulations have been promulgated by HHS which clarify that “remuneration” under the AKS does not include payments under the bona fide employer-employee relationship described above.

In the recent advisory opinion, the OIG considered whether employer payment of bonuses based on net profits to employed physicians in a multi-specialty ambulatory surgery center (ASC) would constitute a violation of the AKS. The employer practice operated two separate ASCs – noted to be divisions and not subsidiaries – and planned to compensate physician employees via a bonus structure where employed physicians who performed procedures at the ASCs would receive 30% of the practice’s net profits in addition to base employment compensation. The OIG concluded that this type of arrangement would not violate the terms set forth in the AKS.

Continue reading
Published on:

by

In August 2023, the Department of Health and Human Services (HHS) Office of Inspector General (OIG) announced its strategic plan to investigate the life cycle of Medicare and Medicaid managed care contracts. OIG’s plan will scrutinize these contracts from inception through enrollment, reimbursement, services, and renewal. In order to address fraud, waste, and abuse risks, the goal of OIG’s plan is to hold accountable Medicare Advantage organizations (MAOs) and Medicaid managed care organizations (MCOs).

Currently, more than half of Medicare enrollees and more than 80% of Medicaid enrollees are covered by managed care programs. In order to oversee the approximate $700 billion that the federal government spent on managed care programs in 2022, OIG has set out four phases of managed care that it intends to investigate: (1) plan establishment and contracting, (2) enrollment, (3) payment, and (4) provision of services.

In the first phase, OIG intends to review activities that occur when the Centers for Medicare & Medicaid Services (CMS) or states initially establish or renew managed care contracts. In this contract review phase, OIG will evaluate whether MAOs and MCOs are providing the government with accurate information, including in their bids, and abiding by the contract terms for their plan design, service offerings, and coverage area. In the second phase, OIG will review enrollment processes. Specifically, OIG will focus on potentially aggressive marketing campaigns and inaccurate information collection.

Continue reading
Published on:

by

As part of the Biden Administration’s initiative to improve quality and safety in nursing home care, the Centers for Medicare & Medicaid Services (CMS) issued a notice of proposed rulemaking on September 1, 2023, entitled “Minimum Staffing Standards for Long-Term Care Facilities and Medicaid Institutional Payment Transparency Reporting.” This initiative resulted in part from a 2022 Nursing Home Staffing Study, which sought to establish “the level and type of staffing needed to promote acceptable quality and safety.” Notably, the study projected that the cost of implementing such new minimum staffing requirements could range from $1.5-6.8 billion, increasing the burden on an industry already struggling with personnel shortages and demanding regulatory requirements.

The proposed rule is comprised of three core staffing proposals, including establishing new minimum staffing standards for RNs and NAs, requiring an RN to always be onsite, and enhancing facility assessment requirements. There are staggered implementation protocols and possible hardship exemptions for qualifying facilities included in the proposed rule. CMS also announced a collaboration with the Health Resources and Services Administration (HRSA) to assist in training and growing the nursing workforce, by investing over $75 million in scholarships and tuition reimbursement.

The first core staffing proposal establishes a minimum staffing standard of 0.55 hours per resident day (HPRD) for RNs and 2.45 HPRD for NAs. Practically speaking, this translates to a facility with 100 residents having two RNs for each 8-hour shift and a third RN for one shift during the day, as well as ten NAs per 8-hour shift. As these are minimums, CMS noted that they expect facilities to increase staffing above this baseline pursuant to the individual facility assessment and acuity levels.

Continue reading
Contact Information
210 E 3rd St #204
Royal Oak, MI 48067
Phone: 248-544-0888
Fax: 248-544-3111

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Please do not include any confidential or sensitive information in a contact form, text message, or voicemail. The contact form sends information by non-encrypted email, which is not secure. Submitting a contact form, sending a text message, making a phone call, or leaving a voicemail does not create an attorney-client relationship.

Copyright © 2016 – 2024, Wachler & Associates, P.C.
JUSTIA Law Firm Blog Design