Category Archives: Compliance

Subscribe to Compliance RSS Feed

OCR PREPARING FOR NEXT ROUND OF HIPAA AUDITS

OCR PREPARING FOR NEXT ROUND OF HIPAA AUDITS By Paul J. Welk, PT, JD In a February 24, 2014 notice published in the Federal Register, the Department of Health and Human Services announced a pre-audit survey of HIPAA covered entities and business associates.  The information collected will involve a survey of up to 1,200 covered … Continue Reading

Do Windows XP Users Risk HIPAA Non-Compliance?

Microsoft recently announced that, after April 8, 2014, it will not longer provide security updates or technical support for Windows XP.  Microsoft’s statement that “businesses that are governed by regulatory obligations such as HIPAA may find that they are no longer able to satisfy compliance requirements” has spurred a certain level of panic among health … Continue Reading

Compliance Audit Information May Not Be Attorney Client Privileged

Attorneys routinely advise clients conducting audits and investigations that the audit or investigation should be conducted by outside counsel in order to establish attorney client privilege.  One of the problems with the OIG Self Disclosure protocol is that it requires the waiver of attorney client privilege.  Now a federal district court has decided that audits … Continue Reading

2014 OIG Work Plan: Questionable Billing Patterns for Part B Services During Nursing Home Stays

The 2014 OIG Work Plan includes the following: Billing and Payments. We will identify questionable billing patterns associated with nursing homes and Medicare providers for Part B services provided to nursing home residents during stays not paid under Part A (for example, stays during which benefits are exhausted or the 3-day prior-inpatient-stay requirement is not … Continue Reading

2014 OIG Work Plan: Impact of Provider-Based Status on Medicare Billing

The 2014 OIG Work Plan includes the following:  Policies and Practices. We will determine the impact of subordinate facilities in hospitals billing Medicare as being hospital based (provider based) and the extent to which such facilities meet CMS’s criteria. Context—Provider-based status allows a subordinate facility to bill as part of the main provider. Provider-based status … Continue Reading

2014 OIG Work Plan: Oversight of Hospital Privileging

The 2014 OIG Work Plan includes the following: Quality of Care and Safety. We will determine how hospitals assess medical staff candidates prior to granting initial privileges, including verification of credentials and review of the National Practitioner Databank. Context—Hospitals that participate in Medicare must have an organized medical staff that periodically appraises its members (42 … Continue Reading

FTC and Accretive Health Settle Unfair Business Practice Complaint Centered on Data Security Measures

Accretive Health recently agreed to settle a Federal Trade Commission (FTC) complaint that stems from a July, 2011 incident in which an Accretive employee’s laptop was stolen from his car. As a medical billing and revenue management services provider, Accretive grants its employees access to “sensitive personal health information” including “patient names, dates of birth, … Continue Reading

HHS Proposed Rule Affects HIPAA Privacy Rule and Background Check Reporting

The Department of Health and Human Services (HHS) has released a proposed rule that would modify the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule by allowing health care providers to make certain disclosures to the National Instant Criminal Background Check System (NICS).  The NICS aims to keep guns from being sold to those … Continue Reading

OIG Extends Electronic Health Records AKS Safe Harbor

The Office of Inspector General (OIG) has amended the Safe Harbor Regulation regarding electronic health record (EHR) items and services. The primary purpose of the amendment is to extend the Safe Harbor, which was scheduled to expire on December 31, 2013, until December 31, 2021. Obviously, congressional hopes that EHR would be fully implemented by … Continue Reading

Exclusive Contracts Raise Anti-Kickback Issues

A new OIG Advisory Opinion 13-15, the OIG has resurrected the issue of whether awarding exclusive contracts to hospital based providers involves remuneration in exchange for referrals, because it grants the opportunity for access to an income stream. In the text of OIG Advisory Opinion13-15, the OIG states as follows:  “The OIG has stated on … Continue Reading

OIG KO’s PODs: Physician Owned Distributorships

The OIG has issued a Special Fraud Alert, dated March 26, 2013, describing specific attributes and practices of Physician Owned Distributorships (PODs) believed to produce substantial fraud and abuse risk and pose dangers to patient safety. PODs are physician owned entities that derive revenue from selling or arranging for the sale of implantable medical devices … Continue Reading

OIG Approves Per Diem Call Pay

OIG Advisory Opinion No. 12-15 has approved an existing arrangement under which a hospital pays physicians a per diem fee for providing on call ER coverage. Under the arrangement, the hospital pays per diem fees to 130 specialty physicians on staff who provide on-call services, including: ·         telephone consultations; ·         in-person consultations, as well as … Continue Reading

Questionable Billing for Medicare Independent Diagnostic Testing Facility Services

EXECUTIVE SUMMARY: QUESTIONABLE BILLING FOR MEDICARE INDEPENDENT DIAGNOSTIC TESTING FACILITY SERVICES OEI-09-09-00380 WHY WE DID THIS STUDY Independent Diagnostic Testing Facilities (IDTF), a type of Medicare provider, offer diagnostic services and are independent of physicians’ offices or hospitals. IDTF services have historically been vulnerable to abuse. In 1997, the Office of Inspector General found that … Continue Reading

OIG HEAT Toolkit for Healthcare Board

The Healthcare Fraud Prevention and Enforcement Action Team (HEAT) and the Office of Inspector General have posted a Toolkit consisting of a series of podcast training videos on the following subjects: ·       How to Use the Exclusions Database ·       How to Report Fraud to the OIG ·       OIG’s Self-Disclosure Protocol ·       Tips for Implementing an … Continue Reading

60 Day Return of Overpayments — You Must Give the Money Back

Section 6402(a) of the Affordable Care Act established a new Section 1123J(d) of the Social Security Act entitled “Reporting and Returning Overpayments.” This new provision requires a person who has received an overpayment to report and return the overpayment, and to provide written notification for the reason of the overpayment. On February 16, 2012, CMS published the … Continue Reading

HHS Announces Intent to Delay ICD-10 Compliance Date

  HHS announces intent to delay ICD-10 compliance date As part of President Obama’s commitment to reducing regulatory burden, Health and Human Services Secretary Kathleen G. Sebelius today announced that HHS will initiate a process to postpone the date by which certain health care entities have to comply with International Classification of Diseases, 10th Edition … Continue Reading

Telemedicine Arrangement Receives OIG Approval

In OIG Advisory Opinion No. 11-12, a nationally ranked tertiary hospital proposes to establish a telemedicine program for neuro-emergency clinical protocols and consultations for stroke victims and to provide this program without cost to existing affiliated community hospitals. Since a key component of the program would be the provision of hardware, software and communications applications (Tele-Stroke … Continue Reading

CMS Proposes Nursing Home Voluntary Disclosure Rules

On July 12, 2010 CMS published the proposed rules to implement the 50% Civil Money Penalty (CMP) reductions for nursing homes that self-report compliance violations. The potential for the 50% reductions was enacted by Section 6111 of the Patient Protection and Affordable Care Act (PPACA), and is available under the following conditions: 1.         The nursing home … Continue Reading

HIPAA Security Rule Guidance for Physicians

Contributed by Lee Kim, Esquire The American Medical Association has posted HIPAA Security Rule guidance for physicians.  It recommends that electronic protected health information ("ePHI") should be encrypted and suggests that AES technology should be used (as a more secure alternative to RSA technology).  Both data at rest (e.g., files which reside on your hard drive … Continue Reading
LexBlog