Privacy Policies and Procedures for Small Healthcare Providers Under Scrutiny.

Although privacy incidents at the largest healthcare providers attract the most attention, The Department of Health and Human Services Office for Civil Rights enforcement (“OCR”) is actively investigating privacy and security incidents at small healthcare providers. This means that small healthcare providers, including solo practitioners, need to actively review their privacy policies and procedures to ensure full compliance with the Health Insurance Portability and Accountability Act Privacy Rule.

As an example, a small dental practice in Texas responded to a bad review by a patient on its yelp page, accidentally revealing protected health information (“PHI”) about the patient. The violation itself would have had consequences, but this dental practice failed to have sufficient privacy policies and procedures to protect the PHI, resulting in OCR settling with the dental practice in October of 2019. The corrective action settlement included a severe fine and a mandate to correct its policies and procedures. Another recent example pertains to a single physician that received a complaint from a patient through a reporter, and subsequently responded to questions from that reporter. OCR determined that the physician revealed PHI and violated the privacy rule, resulting in a six figure fine and corrective actions to its privacy policies and procedures.

For smaller healthcare providers, these examples are reminders to frequently review and update the privacy policies and procedures, then test to ensure such policies and procedures are enforced. A common issue is that many providers assume simply having the policy is enough, but OCR will review whether the policies are in place and that the policies and procedures are actually followed. Another common shortcoming by a small healthcare provider is neglecting to conduct sufficient diligence on their business associates, including a review of their healthcare technology providers. For a small healthcare provider, best practices means having policies and procedures that contemplate annual diligence on business associates, testing of the procedures, and review of the policies against the latest updates to the privacy and security rule.

VW Contributor: Alex Rainville
© 2019 Vandenack Weaver LLC
For more information, Contact Us

Integrated HRAs

A new option exists for employers when it comes to paying for employee health care coverage. On June 13^th, the U.S. Departments of the Treasury, Labor, and Health and Human Services (the Departments) issued a final rule allowing employers to use pretax dollars to subsidize employee premiums in the individual health insurance market. Now, employers of all sizes that do not offer a group coverage plan can fund a new health reimbursement arrangement (HRA) known as individual coverage HRA (ICHRA).

Previously, under the Affordable Care Act, employers were prevented from offering stand-alone HRAs that would allow an employee to purchase coverage on the individual market. That has changed. Employers now have the option to provide their workers and their families with tax-preferred funds to pay all or a portion of the cost of coverage that workers purchase in the individual market. The departments posted an FAQs regarding the new regulation. ICHRAs are advantageous to employers because they maintain the tax favored status that apply to a traditional group health plan. Additionally, another employer-sponsored insurance called Excepted Benefit HRAs (EBHRA) allows employers to finance an additional pretax $1,800 per year to reimburse employees for certain qualified medical expenses (such as premiums for vision and dental insurance) even if the employee opts out of enrollment in the traditional group plan.

Qualified Small Employer HRAs (QSEHRA) are still an attractive alternative to group coverage for smaller employers- those with fewer than 50 full-time employees. Under QSEHRAs, employers can give their employees money tax-free to purchase individual health policies through the ACA exchange, similar to ICHRAs. Employees can use these funds to pay all or part of the insurance plan premium or pay for out-of-packet medical costs. While ICHRAs are void of caps on annual allowance amounts, in 2019, QSEHRAs allowance amounts were capped at $5,150 for self-only employees and $10,450 for employees with a family. While ICHRAs are free of caps, employees who choose ICHRAs will not be able to receive any premium tax credit/subsidy for exchange-based coverage. In some instances, if an employer funds an ICHRA or a QSEHRA coupled with individual-market insurance, this will bar the individual-market coverage from becoming part of the Employee Retirement Income Security Act (ERISA).

If employers choose to offer ICHRAs, then the new regulations require a written notice be issued to all employees who are eligible. In this notice, employers need to include a provision that states the ICHRA may make them ineligible for a premium tax credit or subsidy when buying an Affordable Care Act exchange-based plan. ICHRAs will be available for plan years starting on or after January 1, 2020. Employers offering an ICHRA with a plan year that begins on January 1, 2020 should help eligible employees understand that they must enroll in individual health insurance coverage during the open enrollment period, November 1, 2019 through December 15, 2019, for individual health insurance coverage that takes effect on January 1, 2020.

ICHRAs and EBHRA are two new health insurance arrangements that could provide smaller employers with innovative and more cost-effective ways to finance worker health insurance coverage. The IRS has noted that including safe harbor provisions to ensure employers still satisfy the ACA’s affordability and minimum value requirements with ICHRAs will come out later this year.

© 2019 Vandenack Weaver LLC

For more information, Contact Us

 

Healthcare Entities Required to Post New Non-Discrimination Notice

The Patient Protection and Affordable Care Act (ACA) prohibits health care entities from discriminating on the basis of race, color, national origin, sex, age, or disability. The ACA prohibition on discrimination applies to covered entities, which means those healthcare entities that receive federal financial assistance through the Department of Health and Human Services (HHS). For example, a covered entity includes a physician or pharmacy that accepts Medicare or Medicaid, health insurers that offer a plan on the healthcare exchange, and any entity that offers a Medicare part D plan.

In an effort to enforce the non-discrimination law, HHS issued a new rule in May of 2016 that requires all covered entities to post new non-discrimination notices. Although the rule was finalized in May of 2016, health care entities had until October 16, 2016 to post a new notice of non-discrimination. The new notice must state that the health care entity does not discriminate, that language assistance for the patient is available, and delineate how an individual can file a discrimination complaint with HHS. The new notice is intended to decrease discrimination by helping consumers become more aware of their rights.

For further information or to find example HHS non-discrimination notices, visit the following link:
http://www.hhs.gov/civil-rights/for-individuals/section-1557/translated-resources/index.html

© 2016 Vandenack Weaver LLC
For more information, Contact Us

Nebraska Legislature Adopts Stronger Prescription Drug Monitoring System

by M. Tom Langan, II

A recently adopted law in Nebraska calls for the state to create a prescription drug monitoring system designed to help prevent the misuse of controlled substances, namely prescription pain medicine.  The system will require physicians and pharmacists to enter into a database patient information when prescribing and dispensing certain medications. Patients are not allowed to opt out of the database. A goal is to help prevent so-called “doctor-shopping” – or when a patient visits multiple doctors to obtain multiple prescriptions.

Physicians and pharmacists should be aware that the system is required to be implemented by January 1, 2017.

© 2016 Vandenack Williams LLC
For more information, Contact Us

Delay Announced in CMS Star Rating System for Hospitals

Originally, the Centers for Medicare and Medicaid Services (CMS) intended to release a star rating system on hospitals, beginning April 21, 2016. However, CMS recently announced plans to delay the rating system until July, or potentially later. The exact timing will depend upon the development of the methodology for rating a hospital.

When the star rating system was designed, the purpose was to create a simple tool for consumers to evaluate hospitals. This system largely incorporated the previous, more complicated, performance measures that follows more than 100 quality measures. While the new star system will not replace the more complicated system, it will be in addition to the prior measures and make the review process simpler for consumers. The new star system incorporates factors such as readmission rates, mortality rates, timeliness of care, safety of care, and other patient driven statistics.

The delay is largely attributed to hospital and lawmaker complaints that the new rating system will impact consumer perceptions, when it may not have a direct bearing on the specific services sought. Moreover, a concern regarding the quality of the data, including the methodology for ensuring accuracy, remained a significant worry for the hospitals. It is unclear when the star rating system will be implemented, but hospitals and consumers should expect further information, if not the unveiling of the star rating system, this summer.

© 2016 Vandenack Williams LLC
For more information, Contact Us

New Nebraska Law Creates Mandatory Reporting of Controlled Substance Prescriptions for 2017

The over-prescribing of an opioid drug can create significant criminal and civil liability for a prescriber, as illustrated in the recent People v. Tseng decision and the proposed $1.1 billion White House initiative to combat prescription opioid and heroin abuse. To aid physicians and prescribers in controlling prescription opioids, every state, with the exception of Missouri, authorized a prescription drug monitoring program (PDMP).

The PDMP collects information on the prescription of controlled substances, but the specific substances monitored will vary state by state. Usually, however, it will be a mix of drugs considered controlled substances under state and federal law. The information stored in the database is accessible only by certain individuals, such as pharmacists, physicians, and other prescribers. The goal is to provide information about patient prescriptions to those with prescribing power, to ensure that over-prescribing of drugs, such as opioid drugs, does not occur.

In Nebraska, the PDMP was established by law in 2011, but the system was not truly implemented at that time. Until a February 2016 law, prescriber participation was not required and, regardless, the system was not truly operational. Moreover, until the 2016 law, patients that paid via Medicare or cash could opt-out of participation, removing a significant population of patients. However, the new law requires that all prescriptions of controlled substances be reported by the prescriber, starting January 1, 2017. Similarly, all prescription information, including patient information, must be reported to the PDMP starting January 1, 2018. The new law also eliminates the previous loopholes for patients to opt-out of the reporting requirements. Notably, however, the prescriber does not have an obligation to check the system prior to prescribing a controlled substance, such as an opioid drug, but they will have free access to check the PDMP. Of course, the Dr. Tseng decision highlights the potential for either criminal or civil liability for over-prescribing.

To see further information on the Dr. Tseng decision, please visit: https://vwhealthlaw.wordpress.com/2016/02/19/new-criminal-precedent-for-physicians-over-prescribing-opioid-drugs/

© 2016 Vandenack Williams LLC
For more information, Contact Us

Nebraska Passes Bill Expanding Telehealth Coverage

The Unicameral has passed a bill that expands the definition of telehealth, which will presumably expand Medicaid coverage for these services. Under the new law, telehealth includes all usage of medical information electronically exchanged between sites to aid providers in diagnosing or treating patients. The bill explicitly includes telemonitoring and “store-and-forward” technology in the definition of telehealth. It also removes language from the prior statute that excluded telephone conversations, e-mails, and faxes from the definition of telehealth consultations.

The bill makes a number of other minor changes to the state’s telehealth laws. Specifically, it prohibits changes in reimbursement rates that depend on the distance between a patient and her healthcare provider. Thus, as a result of this bill, Nebraska providers may be able to claim reimbursement for new services, and are protected from changing reimbursement rates based on distance.

© 2014 Parsonage Vandenack Williams LLC

For more information, Contact Us

ICD-10 Deadline Delayed at Least 1 Year

The implementation deadline for ICD-10 has been delayed to at least October 1, 2015.  Congress has previously pushed back the deadline several times, most recently to October 1st, 2014.  The law provides that the implementation date may not be prior to October 1^st, 2015, leaving open the possibility of it being further extended.  President Obama signed the bill into law on April 1^st, 2014.

© 2014 Parsonage Vandenack Williams LLC

For more information, contact us

How Does the Affordable Care Act (Obamacare) Affect My Business?

 

How the Affordable Care Act will affect your business depends, in part, on the size of your business. If you are a business that has 50+ employees then you have certain requirements regarding proving health insurance or paying a penalty. If you are an employer who has less than 50 employees, there are some tax credit opportunities available to you if you do provide health insurance to your employees.

© 2014 Parsonage Vandenack Williams LLC

For more information, contact us

Plan to Repeal SGR, Revamp Physician Compensation Introduced

A bipartisan Congressional group introduced a new bill that would drastically change physician compensation. The SGR Repeal and Medicare Provider Payment Modernization Act would repeal the SGR and provide for flat payment increases of .5% per year until 2018. At that point, payment would shift to an incentive-based structure.

The proposed incentive-based structure, called MIPS, consolidates the PQRS measures, Meaningful Use requirements, and the Value-Based Payment Modifier. By doing so, the bill hopes to enable an orderly transition to an alternative, value-based payment structure. However, the proposal does not address funding, which may be a difficult sticking point between the parties. Analysts estimate that the cost of repealing the SGR would be between $100 billion and $250 billion over the next ten years.

© 2014 Parsonage Vandenack Williams LLC

For more information, contact us