Thursday, January 27, 2005

OIG Issues Supplemental Program Compliance Guidance for Hospitals

Today the Office of Inspector General (OIG) of the Department of Health and Human Services issued "Supplemental Program Complaince Guidance for Hosptials". This supplemental guidance follows up on (and does not replace) the OIG's original Febuary 23, 1998 Compliance Program Guidance for the hospital industry.

The OIG issued a press release today announcing the updated voluntary compliance program guidance for hospitals to promote compliance with the rules and regulations for participation in Medicare and other Federal health care programs. The document will be on display at the Federal Register today and published on January 31, 2005.

Following is a excerpt from the preface to the supplemental guidance providing background on the OIG's position for issuing the supplemental guidance:

Continuing its efforts to promote voluntary compliance programs for the health care industry, the Office of Inspector General (OIG) of the Department of Health and Human Services (the Department) publishes this Supplemental Compliance Program Guidance (CPG) for Hospitals. This document supplements, rather than replaces, the OIG’s 1998 CPG for the hospital industry (63 FR 8987; February 23, 1998), which addressed the fundamentals of establishing an effective compliance program. Neither this supplemental CPG, nor the original 1998 CPG, is a model compliance program. Rather, collectively the two documents offer a set of guidelines that hospitals should consider when developing and implementing a new compliance program or evaluating an existing one.

We are mindful that many hospitals have already devoted substantial time and resources to compliance efforts. We believe that those efforts demonstrate the industry’s good faith commitment to ensuring and promoting integrity. For those hospitals with existing compliance programs, this document may serve as a benchmark or comparison against which to measure ongoing efforts and as a roadmap for updating or refining their compliance plans.

In crafting this supplemental CPG, we considered, among other things, the public comments received in response to the solicitation notice published in the Federal Register and the draft supplemental CPG,4 as well as relevant OIG and Centers for Medicare & Medicaid Services (CMS) statutory and regulatory authorities (including the Federal anti-kickback statute, together with the safe harbor regulations and preambles, and CMS transmittals and program memoranda); other OIG guidance (such as OIG advisory opinions, special fraud alerts, bulletins, and other guidance); experience gained from investigations conducted by the OIG’s Office of Investigations, the Department of Justice (DoJ), and the State Medicaid Fraud Units; and relevant reports issued by the OIG’s Office of Audit Services and Office of Evaluation and Inspections. We also consulted generally with CMS, the Department’s Office for Civil Rights, and DoJ.

Tuesday, January 25, 2005

Business Week Article: Between You, The Doctor, And The PC

For those of you interested in the increased growth of electronic medical record systems, the advantages/disadvantages, etc. You may want to read an article appearing in Business Week Online.

The article states that right now only about 15% of U.S. hospitals and doctors are using such systems. This percentage will certain increase over the coming years as more provider decide to shift from paper to electronic health records.

One reason that I believe there is value in making the transition is based on the likelihood of reduced medical errors due to problematic physician and other health care professional handwriting. The article cites a 1998 Journal of American Medical Association article saying that serious medication errors fell by 55% when orders were typed into the computer rather than handwritten by doctors. I have seen similar studies in other articles I have read.

As a health care attorney who reads physician handwriting on a daily basis -- I certainly think the health care system would benefit by getting away from handwritten notes. Although at times there is something very personal and beneficial to handwritten physician notes. Certain things come across better in handwritten notes that don't come across in typed notes. At times typed notes seem sterile and less "patient caring" oriented. For example, when defending a physician on issues that arise or are supported by their personal handwritten progress notes -- there is something comforting (when the physician is skilled at documenting his patient encounter) when defending a physician based upon his personal notes. I have not found this to be as true with electronically typed notes.

On the issue of privacy and handwritten vs. electronic medical records I often use a story told by my father, who I consider to be the quintessential "West Virginia country doctor". He practiced family medicine in New Martinsville, West Virginia from the early 1950s through the mid 1990s. He and his brother had a family practice located adjacent to the old Wetzel County Hospital.

One day back in 2002 I was discussing with him the advent of the new "HIPAA privacy laws" and he proceeded to tell me about a old country doctor from Wetzel County who was well known at the hospital and among the local medical community to have the worst handwriting of any doctor in the area. [Note: This story coming from a man who when I was growing up would leave notes on the refrigerator about where he would be and we would have to spend hours trying to decipher the message and when he would be back.] Well at some point the local hospital and a number of the doctors who had to work with this "note-torious" doctor had had enough of his poor handwriting and selected someone from the medical staff to approach him and suggest that he improve his handwriting. When approached about the concern he notified the chair of the medical staff that he was only looking out for the best interest of his patients is such a small community as New Martinsville. He said his writing was difficult to read and illegible to most because he was protecting his patient's privacy. He thought that too many people at the hospital already knew too much about his patients and he wanted to further protect the information. He didn't want just anyone to be able to pick up a chart and read the personal information that he wrote about his patients -- he wanted only those individuals who had a true "need to know" to be able to read the information. I've often thought of this story when considering today's privacy issues in health care. I find it a novel way to address meeting today's "minimum necessary" standard under the HIPAA privacy standard rules. It also serves as an altruistic excuse for physicians who don't want to improve their penmanship.

Friday, January 21, 2005

Practical Guidance and Forms for Litigators Requesting Medical Records Under HIPAA

Recently I came across information on the website of the Louisville Bar Association (LBA) that I found very practical and useful for attorneys having to deal with the change in the process for requesting medical records from health care providers required to comply with the Privacy Rule under the Health Insurance Portability and Accountability Act of 1996 (HIPAA).

The LBA created a very nice document titled "Recommended Procedures for Obtaining Medical Records in Kentucky Pursuant to HIPAA" which walks through some of the major issues, including the use of authorization forms, requests via subpoena, notice to take treating physician's depositions and qualified protective orders. Included in the materials are various "model documents and letters" that can be adapted for attorneys practices. There is a "quick links" section of the website to view and download each of the model documents. The LBA took a neutral positions and created model documents for plaintiff and defense attorneys to assist attorney and health care providers to comply with HIPAA and avoid disrupting the process and need for disclosure of patient information.

Although the forms will need to be adjusted and reviewed by attorneys wishing to use them in states other than Kentucky -- overall the model documents can be very useful to attorneys having to request patient information on a regular basis.

Tuesday, January 18, 2005

HHS Issues New HIPAA Privacy FAQs Regarding Litigation and Legal Matters

The Office of Civil Right Division of the United States Department of Health and Human Services (HHS) has issued nine new FAQs regarding the use and disclosure of protected health information (PHI) by covered entities related to litigation and legal proceedings.

The implementation of the Privacy Rule under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) raised many practical questions by covered entity health care providers on how to implement the requirements when releasing PHI to attorneys in the context of litigation. Among others, how should a covered entity handle the release of PHI when responding to discovery requests, subpoenas and court orders. What responsibilities does an attorney meeting the definition of a business associate have under the Privacy Rule and can the attorney share PHI with others involved in the litigation.

Although I have not had a chance to fully review the new FAQs I will be interested to see whether the FAQs address all of the issued raised in a letter submitted to OCR on October 28, 2003, by a task force of the American Health Lawyers Association (“AHLA”) Health Information Technology Practice (“HIT”) Group.

The new FAQs address the following questions. Click on the "Answer" link to go directly to the HHS FAQ answer.

  1. May a covered entity that is a plaintiff or defendant in a legal proceeding use or disclose protected health information for the litigation? Answer.
  2. May a covered entity that is not a party to a legal proceeding disclose protected health information in response to a subpoena, discovery request, or other lawful process that is not accompanied by a court order? Answer.
  3. In providing legal services to a covered entity, must a lawyer who is a business associate require that those persons to whom it discloses protected health information agree to abide by the privacy restrictions and conditions that apply to the lawyer? Answer.
  4. May a covered entity use or disclose protected health information for litigation? Answer.
  5. What “satisfactory assurances” must a covered entity that is not a party to the litigation receive before it may respond to a subpoena without a court order? Answer.
  6. When must a covered entity account for disclosures of protected health information made during the course of litigation? Answer.
  7. For disclosures for judicial and administrative proceedings, when is a copy of the subpoena itself sufficient satisfactory assurance of notice to the individual? Answer.
  8. For disclosures for judicial and administrative proceedings, can notice be provided to the individual's lawyer instead of the individual? Answer.
  9. May a covered entity disclose protected health information in response to a court order? Answer.

Wednesday, January 12, 2005

Do You Have A Right to Privacy in the Restroom?

According to a decision issued by the 8th Circuit Court of Appeals yesterday a person does not have an absolute right to privacy in the restoom. The case involved a claim by a man found partly disrobed with a woman, cocaine and marijuana in the restroom of an Iowa convenience store. The 8th Circuit Court of Appeals unanimously rejected the individuals claim that police who found him in the restroom with the woman and drugs breached his Fourth Amendment right to privacy, thus making it an illegal seizure of drugs.

The 8th Circuit panel found that, "it was not a single person using the single toilet restroom but two persons of opposite gender and, under the circumstances, we hold that they had a diminished expectation of privacy which had expired by the time the officers arrived."

An article appearing on Yahoo News reported the factual background and circumstances behind the decision.

A full copy of the decision can be found on the 8th Circuit Court of Appeals website by searching the opinions section for United States of America vs. Lonnie Maurice Hill, 04-2020 (January 11, 2005).

Governor Elect Manchin Nominates Martha Walker as DHHR Secretary

Yesterday it was announced that Governor Elect Joe Manchin named fomer State Senator Martha Yeager Walker to head the West Virginia Department of Health and Human Resources. During her tenure in the Senate she was the Chairperson of the Senate Health Committee. Currently Walker has been serving as a board member of the West Virginia Public Service Commission.

An article on the appointment also appeared in today's Charleston Gazette.

Report on the Financial Outlook for West Virginia Acute Care Hospitals

An article appearing in the January 12, 2004 Charleston Gazette reported that less than one-half of the acute care hospitals in West Virignia are profitable. The article reported that only four hospitals had operating margins of 5 percent or better.

The information came from a report made by Sonia Chambers, Chair of the West Virginia Health Care Authority to the Legislative Oversight Commission on Health and Human Rescources Accountability.

Below is a copy of the article from the Charleston Gazette's website edition.


January 12, 2005
Hospitals get bleak forecast
By Phil Kabler
Staff writer

Fewer than half of all acute-care hospitals in the state are profitable, and the financial outlook for the industry is getting worse, the chairwoman of the state Health Care Authority told legislators Tuesday.

“There are a number of facilities in West Virginia that are starting to have serious financial difficulties,” Sonia Chambers told the Legislative Oversight Commission on Health and Human Resources Accountability.

For 2003, the most recent year available, only 19 of the state’s 41 acute-care hospitals reported a profit, according the HCA report.

Of those, only four had operating margins of 5 percent or better, topped by Greenbrier Valley Hospital at 9.3 percent, she said.

For the remaining 22 hospitals, operating losses ranged from 0.2 percent to nearly 23 percent at Welch Community Hospital.

“The financial outlook continues to slide,” Chambers said. “A number of West Virginia hospitals do not have the financial reserves to continue to sustain losses.”

She said hospital expenses increased only 6.6 percent in 2003, but said patient revenue has declined as underinsured or uninsured patients have increased.

Chambers said a particular concern is the increasing numbers of uninsured West Virginians between the ages of 50 and 64, who lost their health insurance coverage through company bankruptcy or downsizing.

Hospitals also had to write off as uncollectible about $400 million in charity care and bad debts in 2003.

The amount of uncompensated care — 6.2 percent of all patients — was roughly unchanged from 2002, Chambers said.

Steven Summer, director of the West Virginia Hospital Association, said the authority’s report reaffirms what the hospital industry has been saying for some time.

“The bottom line is, most hospitals can’t survive on income from patient care,” he said. “The biggest challenge we face is the growing population of people with non-commercial insurance.”

He said a significant percentage of West Virginians are insured through government-operated plans, such as Medicare, Medicaid, and the Public Employees Insurance Agency, which he said set low reimbursement rates for health-care services.

Closure or consolidation of hospitals would have a serious impact on the state, and not just on the quality of health care, Chambers noted.

Hospitals are a significant force in the state’s economy, the authority’s report found, accounting for 36,411 full-time jobs and a payroll of $1.8 billion in 2003.

To contact staff writer Phil Kabler, use e-mail or call 348-1220.


Tuesday, January 11, 2005

Reporting of Contraband to Law Enforcement vs. Legal and Ethical Duty of Medical Confidentiality

Below is an interesting article which appeared in the Lincoln County News, Lincoln County, Maine addressing the competing interests between health care providers and law enforcement on the handling of contraband found on patients who come to a health care provider for emergency treatment.

Does a health care provider have a responsibility to report or provide contraband to law enforcement? Do the new privacy standards under HIPAA or eithical standards of medical confidentiality prevent a health care provider from disclosing or providing the contraband to law enforcement? This The article takes a practical look at these issues.

I have had a number of clients raise this question under the privacy provisions of HIPAA. We have discussed the legal responsibilities, pros/cons of reporting contraband to law enforcement, duty of confidentiality to patinet, liability of the health care provider and need to maintain a good working relationship with law enforcement.

Hospital, Police Consider Privacy vs Enforcement
By Sherwood Olin
A recent conflict of interest in Damariscotta has put Miles Memorial Hospital in the delicate position of cooperating with local law enforcement while adhering to legal and ethical standards of medical confidentiality.

On Dec. 3, acting upon information and belief, the Damariscotta Police Dept. executed a search warrant on the hospital. Information developed by the search warrant subsequently resulted in the arrest of a Friendship woman on drug charges.

According to a police report, Devin E. Crowley, 28, was arrested by state police in Friendship Dec. 8 and charged with unlawful possession of scheduled drugs.

According to reliable sources, Crowley was receiving treatment at Miles for injuries received in a traffic accident on or around Dec. 1 when a number of packages containing a powder like substance were discovered on her person.

According to Damariscotta Police Chief Steve Drake, anonymous information led to the issuing of the warrant. Among the items seized were a sealed biohazard bag containing the powder and the medical report of Crowley’s Dec. 1 treatment.

Preliminary tests have indicated the powder to be heroin, Drake said.

According to Miles Hospital Chief Executive Officer Judy Tarr, the hospital and local police are both fulfilling their legal obligations. Tarr points out the hospital is bound by the strictest of confidentiality laws, federally regulated under the 2003 Health Insurance Portability and Accountability Act (HIPA).

In regards to patient care, the hospital is in the health care business, not law enforcement, Tarr said. Patients in need need to know they can come to the hospital for treatment without worrying whether they will be reported to law enforcement for an alleged offense.

“The hospital needs to be a safe haven for people who need treatment,” Tarr said.

Miles Hospital attorney Jim Bailinson seconded that point. Hospital personnel are not trained to make probable cause determinations and they are not law enforcement.

“I think it does put the medical provider in an awkward position to say the least,” Bailinson said.

Under no legal obligations to report the discovery of a contraband substance, and restricted by patient confidentiality, the hospital’s options include disposing of the substance quietly with no notification, or turning it over to law enforcement with no information regarding its source.

“Our first priority is to provide medical care,” Bailinson said. “Beyond that you have to be careful about making hospital employees make judgments. Who do you want to make a probable cause judgment?”

Where required by law, there are codified procedures for reporting cases to the appropriate authority. However, as this case has demonstrated, there is no clear-cut procedure for reporting instances involving contraband substances, Tarr said

“You name it there is a whole listing,” Tarr said. “There are things we are required to report and things we are not required to report… It is a matter of conflicting obligations and a little bit of grayness in the law. The law is not very specific on contraband.”

According to Miles Hospital Risk Manager/ Compliance Officer Julie Marsden, state statute is very clear. “The process to report these cases that are mandated is all very well prescribed,” she said. “Elder abuse, child abuse, that is all very clear cut.”

Among the steps that the hospital is taking is convening an in house panel to review the incident with an possibility of developing an appropriate procedure. Tarr said the hospital hopes to work with Drake who suggested such a panel.

Tarr said the hospital works as a partner with area law enforcement. Frequently in cases when a patient is determined to be a danger to himself and others, police are called to the hospital to enforce the peace.

“It is a very important relationship,” Tarr said.

“They have their concerns about confidentiality and HIPA and all that, but obviously I felt differently and I was able to convince an independent fact finder,” Drake said.

Following Crowley’s arrest, Drake said he spent the next weekend reviewing all available literature. Federal and state laws differ slightly on the scope of police authority regarding medical protocols, he said. Federal law authorizes police authority in the event of a crime. State law specifies a crime against the hospital Drake said.

In any event, Drake said his sole interest is not probing private medical issues but protecting the public safety. “If someone is coming in for treatment for heroin that is one thing, but when someone is in a traffic accident, and has drugs on them, that is another,” he said.

Drake pointed out there are reporting mechanisms in place for medical staff members who have reason to believe someone has operated machinery under the influence. For whatever reason, the hospital declined to report this case so Drake followed the legal process.

“The hospital wouldn’t turn it over so I went through the steps to get the information,” he said.

Agreeing HIPA laws are a very real concern, Drake said his unnamed sources are to be commended for their courage in reporting this matter. Heroin is a dangerous drug, he said. If this incident was not reported, what would have kept this person from selling this drug in the community.

“This is a dangerous, dangerous drug,” Drake said. “It is highly addictive. When you start getting heroin in your community, then everything else comes with it, burglary, prostitution, theft.”


In Re: PPA Litigation - A look at HIPAA preemption in NJ

Recently I ran across a NJ decision in the matter of In re: PPA Litigation regarding HIPAA preemption issues. The decision looks at the preemption of NJ law under the Administrative Simplification Section of HIPAA.

The matter involved a motion filed by defendants, the Phenylpropanolamine (PPA) Manufacturers, compellinging ex parte physician interviews and seeking judicial approval of a revised medical authorization. The plaintiff, consumers of PPA, who allege injuries caused from the durg claim that HIPAA preempted the informal standards under a NJ decision, Stempler v. Speidell, 100 N.J. 368 (1985).

The decision can be found here. Here is a short summary and analysis of the decision in the Middlesex County Bar Association's Monthly Newsletter written by Marc D. Goldstone, Esq., Counsel with the law firm of Hoagland, Longo, Moran, Dunst & Doukas, LLP, in New Brunswick, NJ.

Monday, January 10, 2005

OIG Issues Information on Audit of Medicaid Payments for Skilled Professional Medical Personnel Reimbursed

On December 7, 2004, the Office of Audit Services of the OIG issued a final report regarding an audit of West Virginia medicaid payment for skilled professional medical personnel reimbursed at enhanced rates. The review was to determine if the State of West Virginia properly claimed Federal Medicaid reimbursement at the enhanced rate for skilled professional medical personnel.

The West Virginia Bureau for Medical Services (State agency) claimed and was reimbursed the Federal enhanced rate for 38 individuals improperly classified as skilled professional medical personnel. Those individuals did not meet the definition of "skilled professional medical personnel" as defined in the Social Security Act and implementing Medicaid regulation.

As a result, the State agency received Medicaid overpayments for fiscal year 2003 totaling $296,485 for individuals and $2,875 for non-compensation expenditures that did not meet the criteria of skilled professional medical personnel. The OIG recommended that the State agency refund $299,360, and implement procedures to properly classify skilled professional medical personnel. The Centers for Medicare and Medicaid Services and State agency generally agreed with our findings and recommendations. However, the State agency reclassified 11 individuals who were claimed and reimbursed at the Federal enhanced rate for skille! d professional medical personnel as Medicaid Management Information System operations personnel in order to retain the Federal enhanced rate.

You can review a full copy of the report here.