HIPAA Update - August 2017August 2017
The Federal Department of Health & Human Services, Office for Civil Rights (OCR), the HIPAA enforcement agency, has announced the launch of a revised web tool for use by the public to obtain information about breaches of unsecured protected health information. According to the OCR’s announcement: “The HIPAA Breach Reporting Tool (HBRT) features improved navigation for both those looking for information on breaches and ease-of-use for organizations reporting incidents. The tool also helps educate industry on the types of breaches that are occurring, industry-wide or within particular sectors, and how breaches are commonly resolved following investigations launched by OCR, which can help industry improve the security posture of their organizations.” The OCR originally released the HBRT in 2009, and the agency has announced that it will continue to improve the tool over time to add functionality and features based on feedback it receives.
The revised HBRT includes the following new features:
Enhanced functionality that highlights breaches currently under investigation and reported within the last 24 months
New archive that includes all older breaches and information about how breaches were resolved
Improved navigation to additional breach information
Tips for consumers
The HBRT may be found at: https://ocrportal.hhs.gov/ocr/breach/breach_report.jsf.
Legislative Update - August 2017August 2017
Telemedicine – On July 21, 2017, Governor Chris Christie signed into law S291 to define and regulate the practice of telemedicine in New Jersey. The bill enables providers to use telemedicine to establish a provider-patient relationship; provides for the same standards of care as an in-person visit; and ensures coverage and payment parity for private payers, state Medicaid, and some other health plans.
Physical Therapy Statute – On June 21, 2017, Governor Chris Christie signed into law S1315 which revises the Physical Therapist Licensing Act. The bill expands the scope of practice for physical therapists to include: identification of balance disorders; wound debridement and care; utilization review; and screening, examination, evaluation, and application of interventions in populations of all ages exclusively related to physical therapy practice. The bill also provides for general or direct supervision of physical therapist assistants, as opposed to only direct supervision.
Governor Vetoes Personal Care Assistant Legislation – On July 21, 2017, Governor Chris Christie conditionally vetoed bill A320/S1018. The proposed bill requires the minimum hourly reimbursement rate for personal care services funded through a Medicaid managed care organization to be no less than the established Medicaid fee-for-service rate for these same services. The reason for the veto is that adjusting the managed care rates will have a significant impact on the state budget and there is no appropriation for the expanded costs in the Fiscal Year 2018 Appropriations Act.
Health Insurer Gender Discrimination - On July 21, 2017, Governor Chris Christie signed into law A4568 which prohibits health insurers, the State Health Benefits Program, the School Employees’ Health Benefits Program, certain health care providers, and Medicaid from discriminating in providing coverage and services based on gender identity.
New Jersey Health Insurance Advocate Act - On July 4, 2017, S3408 was introduced in the New Jersey Senate. The bill establishes the Office of the Health Care Advocate in the Department of Banking and Insurance as an advocate for health insurance consumers in New Jersey. The advocate would help health insurance consumers in all types of private and public health insurance plans to navigate the purchase of health insurance, as well as obtain access to care.
New Rule Proposal for DCA Residential Health Care FacilitiesAugust 2017
The New Jersey Department of Community Affairs (DCA) issued a proposed readoption, with amendments, to its regulations relating to “Residential Health Care Facilities Not Located With, and Operated By, Licensed Health Care Facilities,” set forth under N.J.A.C. 5:27A. Under New Jersey law, residential health care facilities that are affiliated and operated by a licensed health care facility are regulated by the Department of Health. Because of the similarities to rooming and boarding houses, however, residential health care facilities that are not affiliated with or operated by a licensed health care facility are regulated by DCA. The proposed readoption aims to create equal regulatory treatment for both facilities under DCA jurisdiction.
The rules for residential health care facilities were recodified to DCA from the Department of Health in 2005. Since then, requirements had to be adjusted to align with the regulations governing rooming and boarding homes. The proposed changes include a requirement that facilities maintain a daily record of the type and amount of medication taken by a resident and the time at which such medication was taken. Along with the proposed readoption is the inclusion of three appendices that address guidelines for inappropriate behavior and resident-to-resident abuse, a daily food guide, and recommendations for pet therapy.
DCA has provided a 60-day comment period with a deadline of September 15, 2017.
$1.3 Million EMTALA Settlement Should Have Hospitals Re-Evaluating Emergency Department Care Protocols for Behavioral Health PatientsAugust 2017
AnMed Health in South Carolina has agreed to pay the largest-ever settlement in a case brought under the Emergency Medical Treatment and Labor Act (“EMTALA”), a Federal law requiring hospitals to stabilize and treat patients in emergency situations. The three-hospital system will pay nearly $1.3 million to settle federal allegations that in 2012 and 2013 the hospital involuntarily held behavioral health patients in its emergency department for multiple days instead of admitting them to the hospital's inpatient behavioral health unit.
Medicare-participating hospitals with an emergency department are required by EMTALA to provide proper screening of patients who present for treatment. If the screening reveals that the patient has an emergency medical condition, the hospital must either (a) provide appropriate stabilizing treatment before discharging or transferring the patient, or (b) determine that the benefits of transfer outweigh the risks of transfer. Penalties for an EMTALA violation come in the form of monetary fines, at a maximum of $103,139 per violation, and exclusion from Medicare and Medicaid.
In this case, the U.S. Department of Health & Human Services Office of Inspector General (OIG) considered the patients’ unstable psychiatric conditions to be emergency medical conditions triggering EMTALA obligations and alleged that AnMed did not properly stabilize the patients. Specifically, the OIG alleged that AnMed failed to have its on-call psychiatrists examine and treat the patients, and refused to admit patients to the hospital's inpatient behavioral health unit, instead holding them until they could be transported to another facility specializing in behavioral health.
This settlement indicates a twofold position from the U.S. Department of Health & Human Services: that (1) behavioral health patients should be seen by an on-call psychiatrist in order to satisfy EMTALA requirements, and (2) acute care hospitals with behavioral health units that have open beds cannot discriminate between voluntary commitments and involuntary commitments. This position should trigger hospitals to re-evaluate current emergency department policies, procedures, and practices for all behavioral health patients to ensure that they are in compliance with EMTALA requirements. With the recent increase in penalties for EMTALA violations, the cost of noncompliance is steep.
Link to settlement: http://src.bna.com/qyD
DOJ Charges 412 Individuals Responsible for Health Fraud Losses Totaling $1.3 BillionAugust 2017
On July 13, 2017, the Department of Justice (DOJ) announced a “nationwide takedown” of 412 individuals, including 115 licensed health care professionals, charged with defrauding the government of $1.3 billion. According to Federal prosecutors, health care providers billed Medicare, Medicaid, and TRICARE for drugs that were never purchased, collected money for false treatment and testing, and sold prescriptions for cash.
Nearly one-third of those charged were accused of opioid-related crimes. The focus on opioids is due, in part, to the fact that addiction is escalating at epidemic levels. According to the Center for Disease Control and Prevention, approximately 91 Americans die each day of an opioid-related overdose.
Some of the schemes targeted vulnerable populations. For example, a rehabilitation clinic in Florida allegedly recruited addicts using gift cards, drugs, and casino and strip club visits to enable $58 million in false billing. A Texas doctor was accused of prescribing two million doses of painkillers in exchange for cash. One pharmacist was charged with $192 million in false and fraudulent claims related to dispensing unnecessary compounded medications.
According to U.S. Attorney General Jeff Sessions, greed not only caused the taxpayers to suffer, but resulted in new addictions, fed existing addictions, and delayed or stopped needed treatment for sick people.
DOJ compiled a comprehensive resource of the related complaints and indictments, which can be found on its website: https://www.justice.gov/opa/documents-and-resources-july-13-2017-national-health-care-fraud-takedown-press-conference
OIG Data Brief Documents Excessive Medicare Part D Opioid PrescriptionsAugust 2017
The U.S. Department of Health & Human Services Office of Inspector General (OIG) released a data brief that summarizes data on opioid prescriptions for Medicare Part D enrollees. The data illustrates that in 2016, a third of beneficiaries received a prescription for opioids and one-tenth of all enrollees received opioids on a regular basis. Eighty percent of the prescriptions were for Schedule II or III controlled substances, the highest potential for abuse. Many of these beneficiaries were prescribed for over two and a half times the recommended dosage by the Centers for Disease Control.
The OIG concluded that the data raised concerns that (1) beneficiaries are receiving medically unnecessary drugs; (2) opioids could be diverted for resale; (3) beneficiaries’ identification numbers may be stolen; and (4) beneficiaries are doctor shopping (receiving high dosages from four or more prescribers and four or more pharmacies). These issues contribute to the risk of overuse, overdose, and the ongoing opioid epidemic.
The report warns that prescribers who are outliers in the data for prescribing opioids are prime targets for investigation. In the study, 401 prescribers’ (one-third of which were nurse practitioners or physician assistants) prescription patterns were found to warrant scrutiny and, in fact, the OIG announced fraud charges against these providers on July 13, 2017.
All providers should carefully consider their prescribing patterns for opioids to avoid OIG scrutiny. It is recommended that providers ensure medical necessity and check the New Jersey Prescription Monitoring Program. Moreover, providers are reminded to adhere to the new requirements issued by the New Jersey Board of Medical Examiners concerning initial prescriptions for acute pain.
OIG Announces New Inquiries into Fraudulent BillingAugust 2017
On July 17, 2017, the U.S. Department of Health and Human Services Office of Inspector General (OIG) announced their review of 14 possible instances of Medicare and Medicaid billing fraud. These new inquiries join over 200 pending inquiries already being conducted. The most recent investigations include:
Whether certain states made payments in accordance with Federal and state regulations for Consumer-Directed Personal Assistance programs;
Whether nonresidential adult care centers comply with applicable health and safety standards;
Whether Medicare Parts A and B are being billed appropriately by ambulance companies for services provided to skilled nursing facilities;
Whether states are meeting Federal requirements in setting payment rates for those treated for severe and persistent mental illness at Assertive Community Treatment programs;
Whether states calculated incorrectly the number of children enrolled in Medicaid, causing unallowable bonus payments made to States under the Children’s Health Insurance Program Reauthorization Act of 2009;
Identifying, using data from the Comprehensive Error Rate Testing (CERT) program, the common characteristics of “at risk” Home Health Agency providers that could be used to target pre- and post-payment review of claims, as the CERT program concluded “the 2016 improper payment error rate for home health claims was 42%, or about $7.7 billion;”
Whether states reported and returned the Federal Government’s share of settlement and judgment amounts received by states resulting from harm to the states’ Medicaid programs;
Whether hospitals that adopted electronic health record technology were overpaid Medicare incentive payments;
Further review of overpayments received by hospital outpatient providers for non-physician services;
Whether state agencies complied with Federal and State requirements when claiming Medicaid reimbursement for Opioid Treatment Program services;
Whether states made Medicaid payments for targeted case management services in accordance with certain Federal and state requirements;
Whether Medicare claims for telehealth services met Medicare requirements;
Whether duplicate Medicare payments were made regarding home health claims and Part B claims; and
Whether duplicate Medicare payments were made regarding hospice claims and Part B claims.
CMS Proposes Updates to Medicare OPPS for CY 2018August 2017
The Centers for Medicare & Medicaid Services (CMS) recently published its proposed rule to update the Medicare Hospital Outpatient Prospective Payment System (OPPS) and Ambulatory Surgical Center (ASC) payment systems for calendar year (CY) 2018. In the proposed rule, CMS proposes a 1.75% update to OPPS payments for CY 2018, which CMS expects will result in an overall increase in OPPS payments of 2%, amounting to approximately $897 million, compared to CY 2017 levels. Payments to hospitals that fail to meet the Hospital Outpatient Quality Reporting Program (Hospital OQR) reporting requirements would be reduced by 2%.
Also under the proposed rule, CMS would modify the threshold for separate payment for outpatient drugs to cost-per-day that exceeds $120 in CY 2018 (up from $110 in CY 2017). While CMS would generally continue to reimburse non-pass-through, separately payable drugs and biologicals at the rate of average sales price (ASP) plus 6%, CMS proposes to pay separately payable, non-pass-through drugs (other than vaccines) purchased through the 340B drug pricing program at ASP minus 22.5%. In addition, under the proposed rule, CMS has proposed removing total knee arthroplasty from the inpatient-only list procedures, which would allow these procedures to be performed in an outpatient setting. The proposed rule also attempts to modify certain other OPPS policies, including modifications to Hospital OQR measures; revisions to the clinical diagnostic laboratory test date of service policy; and payment rates for partial hospitalization program services furnished in hospital outpatient departments and community mental health centers, among other changes.
With regard to ASC payments, CMS has proposed to increase reimbursement rates by 1.9% for ASCs that meet ASC Quality Reporting (ASCQR) Program requirements. According to CMS estimates, under the proposed rule, total payments to ASCs for CY 2018 would rise by approximately $155 million compared to CY 2017. In addition, CMS is requesting recommendations and input regarding ASC payment system reforms to address the decline in ASC payment rates relative to OPPS payment rates over the past several years, including whether to adopt an alternative update factor for ASC payments, data regarding ASC costs compared to hospital or physician office codes, and whether CMS should collect ASC cost data to use in determining updates. Finally, CMS has also proposed certain updates to the ASCQR Program and revisions to the list of ASC covered surgical procedures. CMS will accept comments on the proposed rule until September 11, 2017.
OCR Offers Free Continuing Education Credits for Completion of HIPAA Access Right Training ModuleJuly 2017
On July 6, 2017, the Department of Health & Human Services, Office for Civil Rights (OCR) announced the launch of a new video training module for health care providers on patients’ right of access under HIPAA. The OCR states that the “module provides helpful suggestions about how health care providers can integrate aspects of the HIPAA access right into medical practice.” Providers completing the module may obtain continuing education credits. The module is available via Medscape at: http://www.medscape.org/viewarticle/876110 or via OCR’s Training and Resources webpage at: https://www.hhs.gov/hipaa/for-professionals/training/index.html.
Legislative Update - July 2017July 2017
Minimum Reimbursement Rate for Private Duty Nursing Services – On July 1, 2017, Senate Bill S3400 was introduced, establishing minimum Medicaid reimbursement rates for private duty nursing services. The bill provides that the minimum Medicaid reimbursement rate for such services is to be no less than $60 per hour when a registered professional nurse provides the services, and no less than $48 per hour when a licensed practical nurse provides the services.
CONs for Certain Inpatient Hospital Beds – On July 3, 2017 Governor Christie signed into law S2844, eliminating the Certificate of Need requirement for inpatient hospital beds for treatment of psychiatric and substance abuse disorder dual diagnosis.
Licensure of NJ Surgical Practices as ASCs – On June 29, 2017, the NJ State Senate passed Senate Bill 278 which would require surgical practices to apply for licensure as ambulatory care facilities. The bill would repeal the requirement that surgical practices be registered by the Department of Health (DOH). Instead, it provides that surgical practices must be licensed by DOH within one year as ambulatory care facilities licensed to provide surgical and related services subject to the same regulatory requirements as the larger ambulatory surgical facilities.