Proposed HIPAA Changes Intended to “Empower Patients” and “Improve Coordination of Care”

On December 10, 2020, the Department of Health and Human Services (HHS) and the Office of Civil Rights (OCR) collaborated on announcing proposed HIPAA changes, intended to “empower patients” and “improve coordination of care”.

That’s encouraging, although one would have thought that to be unnecessary by now.  HIPAA was enacted in 1996.  It is a little surprising this remains a problem.

The announcement and proposals occupy approximately 350 pages, accessible through this link, so we are going to wait until we get something more specific to discuss actual language, but the changes that appear to have the most potential impact are as follows:

  • Allowing patients to take images and make notes with respect to electronic records rather than waiting for paper copies
  • Facilitating the use of an “EHR pathway”, so that the patients can share records with multiple providers online
  • Providing exceptions to the “minimum necessary disclosure” language which would allow more sharing for the purpose of improving coordination of care
  • Allowing disclosure of PHI when the providers determine in good faith that it would be in the best interest of the patients, i.e. disclosure to family
  • Allowing more disclosures to law enforcement when there is a serious and reasonably foreseeable threat

2021 Medicare Fee Schedule Conversion Factor Reduction Reversed

CY 2021 Physician Fee Schedule Update

On December 27, 2020, the Consolidated Appropriations Act modified the Calendar Year (CY) 2021 Medicare Physician Fee Schedule (MPFS):

  • Provided a 3.75% increase in MPFS payments for CY 2021
  • Suspended the 2% payment adjustment (sequestration) through March 31, 2021
  • Reinstated the 1.0 floor on the work Geographic Practice Cost Index through CY 2023
  • Delayed implementation of the inherent complexity add-on code for evaluation and management services (G2211) until CY 2024

CMS has recalculated the MPFS payment rates and conversion factor to reflect these changes. The revised MPFS conversion factor for CY 2021 is 34.8931. The revised payment rates are available in the Downloads section of the CY 2021 Physician Fee Schedule final rule (CMS-1734-F) webpage.


Potential Federal Action Regarding Surprise Billing

Recent reports indicate that House and Senate Committee leaders have apparently mutually agreed on a bipartisan arrangement for correcting or preventing surprise medical bills, although legislation has not yet been passed.

Attached is an outline of the “No Surprise Act”, which essentially deals with insured patients receiving unexpected bills for medical services.

Note that this must be distinguished from uninsured patients receiving medical bills, especially bills for “full fee services” when insured members routinely receive the “in-network rate”.  Reports indicate this problem is a major cause for consumer bankruptcy.

Surprise billing is not as significant a problem as it was a decade or so ago, when many hospital based providers were separate providers that did not participate with all of the insurers with which the institution participated.  In those circumstances, patients who selected the hospital might be surprised to find out that the hospital based providers, primarily anesthesia, ER, pathology and imaging, were not participating and sent separate bills.  Most third party providers and large institutions have resolved that problem either by directly employing those providers, thereby ensuring their participation, or requiring participation in order to do business with the hospital.

The No Surprise Act, as expected, does not “prevent” balanced billing; it simply attempts to make it less of a surprise by requiring a number of things:

  • Transparency and advice in advanced notice
  • A dispute resolution procedure requiring the insurer and the provider to attempt to resolve the problem prior to patient billing
  • Prohibiting advanced billing that is not explained or is contravened by the insurance coverage rules

In addition, the bill has a separate provision regarding ambulances the appoints the President Advisory Committee.

Cybersecurity AKS Safe Harbor and Stark Exception

EHR Safe Harbor Permanent

The existing electronic health records items and services Safe Harbor in 42 CFR Section 1001.952(y) was amended by deleting the sunset provision, thereby making the protection permanent.

Cybersecurity Technology and Services

A new Safe Harbor for cybersecurity and technology services is added in 42 CFR Section 1001.952(jj) to facilitate improved cybersecurity.  The announcement states the healthcare sector is one of the most targeted industry sectors and that data breaches may have cost U.S. hospitals $6.2 billion in 2015 and 2016 – although these regulations will not be effective until 2021!

The new Safe Harbor provides that “remuneration” will not include non-monetary remuneration consisting of cybersecurity technology and services “necessary and used predominantly to implement, maintain or reestablish effective cybersecurity” if:

  1.    The donor does not take into account the value or volume of referrals or other business in determining eligibility and is not conditioned upon future referrals.
  1.    The recipient does not make the donation a condition of doing business with the donor.
  1.    A general description of the donation and the recipient’s contribution, if any, is set forth in writing and signed by the parties.
  1.    The donor does not shift the costs of the donation to a federal healthcare program.

Cybersecurity is defined as the process of protecting information by preventing, detecting and responding to cyberattacks.

Technology is defined as software or other types of information technology(?)

The Stark Exceptions definitions have been amended to add “cybersecurity technology and related services” in 42 CFR Section 411.351(bb) as an exception to prohibited compensation arrangements, but retains the requirement that physicians bear 15% of the costs.

Sprint to Coordinated Care AKS Safe Harbors and Stark Exceptions Finalized

On December 2, 2020, the Department of Health and Human Services (HHS), the Office of Inspector General (OIG) and the Center for Medicare and Medicaid Services (CMS) will jointly publish the final regulations first proposed on October 17, 2019:

1.     AKS Safe Harbors:
2.     Stark Exceptions:

The regulations will become effective January 19, 2021.

The Federal Register publications occupy approximately 2,000 pages. MedLaw Blog will publish a series of posts. This post merely provides the source links and will list the AKS Safe Harbors and Stark Exceptions announced. Subsequent posts will deal with specific topics, i.e. Value Based Enterprises (VBEs), EHR and Cyber Security, Outcomes Based Payments, etc.

Anti-Kickback Safe Harbors:

HHS/OIG have published the following Safe Harbors, both new and amended:

A.     These new Safe Harbors for Value Based Enterprises

1.     Coordinated Care Arrangements without risk;
2.     VBEs with substantial downside risk; and
3.     VBEs with full financial risk.

B.     Outcomes Based Payments

C.     Patient Engagement and Support

D.     CMS Sponsored Models and Arrangements

E.     Cyber Security and EHR Technology and Services

Stark Exception:

The new Stark Exceptions also include compensation exceptions for “Value Based Arrangements” in the definitions of Financial Arrangements in 42 CFR Section 411.354(c)(4)(iii).