Category Archives: Compliance

Subscribe to Compliance RSS Feed

Hospital Network Reports Large HIPAA Breach

  Community Health Systems announced today, August 18th, that hackers broke into its computers and stole data on 4.5 million patients.  The information included names, Social Security numbers, physical addresses, birthdays and telephone numbers.  More information on the breach is available at  http://money.cnn.com/2014/08/18/technology/security/hospital-chs-hack/index.html  … Continue Reading

OIG Finds Privacy and Security Risks with ONC EHR Certification Process

It is ironic to learn the Office of Inspector General (OIG) believes the Office of the National Coordinator for Health Information Technology (ONC) essentially has an insufficient compliance program to maintain the privacy and security of the protected health information (PHI) hosted by electronic health records (EHR). In an August 2014 report (A-06-11-00063), OIG concluded … Continue Reading

OIG Report: Questionable Billing for Medicare Part B Clinical Laboratory Services

Perhaps not coincidentally, immediately following the release of the Questionable Laboratory Payments Special Fraud Alert by the OIG, posted yesterday on the Med Law Blog, the OIG has followed up with Audit Report OIG – 03-11-00730: Questionable Billing for Medicare Part B Clinical Laboratory Services. Below are two quoted paragraphs from the executive summary stating … Continue Reading

Anti-Kickback Laboratory Enforcement Actions – Special Fraud Alert

There has been significantly enhanced scrutiny of financial relationships between referring physicians by both the Office of Inspector General (OIG) and Pennsylvania authorities. Pennsylvania Pennsylvania enacted amendments to the Pennsylvania Clinical Laboratory Act on December 18, 2013 (the amendments are referred to as Act 122) and the Department of Health and Bureau of Laboratories just … Continue Reading

CMS Cancels ICD-10 Testing

The MLN Connects™ Provider eNews contains important news, announcements, and updates for health care professionals.   Friday May 2, 2014     ICD-10 Compliance Date On April 1, 2014, the Protecting Access to Medicare Act of 2014 (PAMA) (Pub. L. No. 113-93) was enacted, which said that the Secretary may not adopt ICD-10 prior to October 1, … Continue Reading

Physical Therapy Provider Enters into HIPAA Settlement

U.S. Department of Health and Human Services Office for Civil Rights (OCR) recently announced yet another enforcement action.  Specifically, OCR opened a compliance review of Concentra Health Services (Concentra) upon receiving a report that an unencrypted laptop was stolen from the Springfield Missouri Physical Therapy Center.  The investigation revealed that Concentra had previously recognized in … Continue Reading

OCR PREPARING FOR NEXT ROUND OF HIPAA AUDITS

OCR PREPARING FOR NEXT ROUND OF HIPAA AUDITS By Paul J. Welk, PT, JD In a February 24, 2014 notice published in the Federal Register, the Department of Health and Human Services announced a pre-audit survey of HIPAA covered entities and business associates.  The information collected will involve a survey of up to 1,200 covered … Continue Reading

Do Windows XP Users Risk HIPAA Non-Compliance?

Microsoft recently announced that, after April 8, 2014, it will not longer provide security updates or technical support for Windows XP.  Microsoft’s statement that “businesses that are governed by regulatory obligations such as HIPAA may find that they are no longer able to satisfy compliance requirements” has spurred a certain level of panic among health … Continue Reading

Compliance Audit Information May Not Be Attorney Client Privileged

Attorneys routinely advise clients conducting audits and investigations that the audit or investigation should be conducted by outside counsel in order to establish attorney client privilege.  One of the problems with the OIG Self Disclosure protocol is that it requires the waiver of attorney client privilege.  Now a federal district court has decided that audits … Continue Reading

2014 OIG Work Plan: Questionable Billing Patterns for Part B Services During Nursing Home Stays

The 2014 OIG Work Plan includes the following: Billing and Payments. We will identify questionable billing patterns associated with nursing homes and Medicare providers for Part B services provided to nursing home residents during stays not paid under Part A (for example, stays during which benefits are exhausted or the 3-day prior-inpatient-stay requirement is not … Continue Reading

2014 OIG Work Plan: Impact of Provider-Based Status on Medicare Billing

The 2014 OIG Work Plan includes the following:  Policies and Practices. We will determine the impact of subordinate facilities in hospitals billing Medicare as being hospital based (provider based) and the extent to which such facilities meet CMS’s criteria. Context—Provider-based status allows a subordinate facility to bill as part of the main provider. Provider-based status … Continue Reading

2014 OIG Work Plan: Oversight of Hospital Privileging

The 2014 OIG Work Plan includes the following: Quality of Care and Safety. We will determine how hospitals assess medical staff candidates prior to granting initial privileges, including verification of credentials and review of the National Practitioner Databank. Context—Hospitals that participate in Medicare must have an organized medical staff that periodically appraises its members (42 … Continue Reading

FTC and Accretive Health Settle Unfair Business Practice Complaint Centered on Data Security Measures

Accretive Health recently agreed to settle a Federal Trade Commission (FTC) complaint that stems from a July, 2011 incident in which an Accretive employee’s laptop was stolen from his car. As a medical billing and revenue management services provider, Accretive grants its employees access to “sensitive personal health information” including “patient names, dates of birth, … Continue Reading

HHS Proposed Rule Affects HIPAA Privacy Rule and Background Check Reporting

The Department of Health and Human Services (HHS) has released a proposed rule that would modify the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule by allowing health care providers to make certain disclosures to the National Instant Criminal Background Check System (NICS).  The NICS aims to keep guns from being sold to those … Continue Reading

OIG Extends Electronic Health Records AKS Safe Harbor

The Office of Inspector General (OIG) has amended the Safe Harbor Regulation regarding electronic health record (EHR) items and services. The primary purpose of the amendment is to extend the Safe Harbor, which was scheduled to expire on December 31, 2013, until December 31, 2021. Obviously, congressional hopes that EHR would be fully implemented by … Continue Reading

Exclusive Contracts Raise Anti-Kickback Issues

A new OIG Advisory Opinion 13-15, the OIG has resurrected the issue of whether awarding exclusive contracts to hospital based providers involves remuneration in exchange for referrals, because it grants the opportunity for access to an income stream. In the text of OIG Advisory Opinion13-15, the OIG states as follows:  “The OIG has stated on … Continue Reading

OIG KO’s PODs: Physician Owned Distributorships

The OIG has issued a Special Fraud Alert, dated March 26, 2013, describing specific attributes and practices of Physician Owned Distributorships (PODs) believed to produce substantial fraud and abuse risk and pose dangers to patient safety. PODs are physician owned entities that derive revenue from selling or arranging for the sale of implantable medical devices … Continue Reading

OIG Approves Per Diem Call Pay

OIG Advisory Opinion No. 12-15 has approved an existing arrangement under which a hospital pays physicians a per diem fee for providing on call ER coverage. Under the arrangement, the hospital pays per diem fees to 130 specialty physicians on staff who provide on-call services, including: ·         telephone consultations; ·         in-person consultations, as well as … Continue Reading

Questionable Billing for Medicare Independent Diagnostic Testing Facility Services

EXECUTIVE SUMMARY: QUESTIONABLE BILLING FOR MEDICARE INDEPENDENT DIAGNOSTIC TESTING FACILITY SERVICES OEI-09-09-00380 WHY WE DID THIS STUDY Independent Diagnostic Testing Facilities (IDTF), a type of Medicare provider, offer diagnostic services and are independent of physicians’ offices or hospitals. IDTF services have historically been vulnerable to abuse. In 1997, the Office of Inspector General found that … Continue Reading

OIG HEAT Toolkit for Healthcare Board

The Healthcare Fraud Prevention and Enforcement Action Team (HEAT) and the Office of Inspector General have posted a Toolkit consisting of a series of podcast training videos on the following subjects: ·       How to Use the Exclusions Database ·       How to Report Fraud to the OIG ·       OIG’s Self-Disclosure Protocol ·       Tips for Implementing an … Continue Reading

60 Day Return of Overpayments — You Must Give the Money Back

Section 6402(a) of the Affordable Care Act established a new Section 1123J(d) of the Social Security Act entitled “Reporting and Returning Overpayments.” This new provision requires a person who has received an overpayment to report and return the overpayment, and to provide written notification for the reason of the overpayment. On February 16, 2012, CMS published the … Continue Reading

HHS Announces Intent to Delay ICD-10 Compliance Date

  HHS announces intent to delay ICD-10 compliance date As part of President Obama’s commitment to reducing regulatory burden, Health and Human Services Secretary Kathleen G. Sebelius today announced that HHS will initiate a process to postpone the date by which certain health care entities have to comply with International Classification of Diseases, 10th Edition … Continue Reading
LexBlog