Wednesday, January 20, 2010

WVHCA: 2010 CON Capital Expenditure Minimum

The West Virginia Health Care Authority announced that the capital expenditure minimum for calendar year 2010 is $2,767,500.

The capital expenditure minimum is typically used by the Authority when reviewing whether or not certain health relate projects require certificate of need review.

The Authority provided the following announcement via its website:
Pursuant to West Virginia Code §§ 16-2D-2(h) and (s), the Authority is required to adjust the expenditure minimum annually and publish an update of the amount on or before December 31 of each year. The expenditure minimum adjustment shall be based on the DRI inflation index published in the Global Insight DRI/WEFA Health Care Cost Review. The DRI inflation index as of December 31, 2009 is 2.5%.

The capital expenditure minimum for calendar year 2010 is $2,767,500.

Friday, January 15, 2010

State Attorney General HIPAA HITECH Enforcement

My health law colleague, David Harlow, covers the news today on the first HIPAA enforcement action taken by a state attorney general under the new HITECH provision of American Recovery and Reinvestment Act of 2009 (ARRA).

David's post, HIPAA enforcement by state attorney general: The shape of things to come, provides a good summary of the announcement by the Connecticut Attorney General. More information via the Connecticut Attorney General press release.

The lawsuit filed by the Connecticut Attorney General Richard Blumenthal (coincidentally brother of David Blumenthal, National Coordinator of Health Information Technology) alleges that a health insurer, Health Net of Connecticut, Inc., failed to promptly notify the AG and other officials of a missing portable computer disk drive that contained unencrypted protected health information, Social Security numbers and bank accounts for approximately 446,000 individuals. The lawsuit also named UnitedHealth Group Inc. and Oxford Health Plans, LLC who acquired ownership of Health Net of Connecticut. The action also seeks a court order against Health Net to encrypt all information held on electronic devices.

Since the early days of HIPAA implementation and compliance there has largely been a lack of real enforcement efforts. The new provisions under HITECH allowing state attorney generals to file HIPAA enforcement actions on behalf of the public bring a new era of enforcement against health care providers who are unfortunate to have a health data breach and fail to properly respond to such breach in a timely manner.

David offers some good advice and takeaway points to health care providers and others who regularly handle health information. It is not enough to have policies and procedures in place but to regularly monitor whether they are being followed. Today's health data is liquid and it can flow in many directions. Providers need to understand where and how data is stored, used and transferred.

Wednesday, January 13, 2010

HISPC Reports on State Health Information Law, Business Practice and Policy

The Office of the National Coordinator for Health Information Technology (ONC) has made available a compendium of reports which detail variations in state health information law, business practices and policy related to privacy and security of health information and the electronic exchange of health information.

The reports were developed in 2009 as a part of the ongoing efforts of the Health Information Security and Privacy Collaboration (HISPC) that started in 2006 when I had the the opportunity to work on the initial round of HISPC work as it related to West Virginia. The efforts by HISPC was to take a national look (at a state level) on the privacy and security challenges faced by the variation of state laws, policies and practices.

The reports will be a great resource for those who regularly look at state health information legal issues. Following are the summaries of the five reports along with links to the various tables/appendices:
  • Report on State Medical Record Access Laws This report analyzes state laws that are intended to require health care providers (specifically, medical doctors and hospitals) to afford individuals access to their own health information and to identify potential barriers to the electronic exchange of health information. Specific state law provisions examined: scope of medical records to which patients are afforded access, format of information furnished, deadlines for responding to requests, fees for furnishing copies, record retention laws and access to records of minors.
  • Report on State Law Requirements for Patient Permission to Disclose Health Information In Phase I of the HISPC project a majority of participants reported significant variation in the business practices and policies surrounding the need for and process of obtaining patient permission to use and disclose personal health information for a variety of purposes, including for treatment. This report furthers the initial work of this project by collating and analyzing state laws that govern the disclosure of identifiable health information for treatment purposes to identify commonalities and differences.
  • Releasing Clinical Laboratory Test Results: Report on Survey of State Laws For this report, state statutes and regulations were analyzed to determine to whom clinical laboratories may release test results. This report focused on clinical laboratory and hospital licensing laws (that contain standards for hospital laboratories). It also examined general state medical record access laws to determine whether they provided an avenue for patients to access their clinical laboratory results directly.
  • Report on State Prescribing Laws: Implications for e-Prescribing This report identifies and analyzes the impact and variation of state laws related to e-prescribing. The report addresses state laws related to the e-prescribing of controlled and non-controlled substances as well as topics such as record keeping and content requirements, out-of-state prescriptions, and generic substitution laws.
  • Perspectives on Patient Matching: Approaches, Findings, and Challenges This report analyzes various approaches to matching patients to their health information in the context of electronic health information exchange. Current and potential methods for matching patients to their health records are discussed, challenges to performing patient matching such as scalability and ease of use are analyzed, and the types of information some HIOs use to match patients to their health records is described.

Monday, January 11, 2010

West Virginia Law Review: Call for Scholarly Health Care Articles

Over the weekend I received an email from Todd Bergstrom, Executive Editor of the West Virginia Law Review announcing a "Call for Articles" for an upcoming issue of the West Virginia Law Review focusing on health care.

Great to see the law review staff looking at the social disparities in access and outcomes that exist in our current health care system. I hope that some of my fellow health care policy and legal colleagues will consider submitting a article for consideration. 

The West Virginia Law Review recently announcement the launch of its new website, including a blog. I look forward to following posts from the College of Law.

Todd asked that I post the following announcement with details on submitting an article for consideration.
The West Virginia Law Review announces a call for articles and invites scholars, practitioners, and researchers to submit contributions for its upcoming issue focusing on health care. This issue will include articles from the Law Review’s Lecture Series, “Beyond Politics: A Discussion of Health Care in America,” a thoughtful discourse on the social disparities in access and outcomes engrained in our current health care system. For this issue, we are particularly interested in scholarship discussing the following topics:
  • Health care reform;
  • Health care access and outcome disparities, especially as they affect women and children, racial minorities, and the rural poor;
  • Health care as a human right;
Articles will be selected by our Articles Selection Team and the Editor-in-Chief based on scholarly merit, originality, relevancy, and writing style. Articles should be thoroughly researched and contain appropriate footnotes in bluebook format. Please submit articles electronically to by June 30, 2010. Any questions regarding the call for articles or article submissions generally should be sent to

West Virginia Law Review Staff

WV Law Blog: Welcome BR Employment Law Blog

A welcome to West Virginia's newest law blog, BR Employment Law Blog, by the Bowles Rice Employment Law Group. The blog plans to provide information useful for employers with an emphasize on news from the region of West Virginia, Kentucky, Ohio, Virginia and Maryland.

The team of employment law bloggers at Bowles Rice is lead by Beth Walker, a partner in the Charleston office who focuses her practice on labor and employment law.

Congratulations on the launch and welcome to the blogosphere!

The Saga Over The Privacy of Medicare Claims Data Continues . . .

Guest post by Michele Grinberg, my colleague in the Health Care Practice Group at Flaherty, Sensabaugh Bonasso PLLC.

Through indirection find direction out? With apologies to William Shakespeare, the U.S. Court of Appeals for the11th Circuit and D.C. circuit say: NO, not this time.

In Jennifer D. Alley, Real Time Medical Data, LLC v. U.S. Dept. of Health and Human Services, issued Dec. 18, 2009, the Court held that plaintiffs Alley & Real Time Data cannot obtain certain Medicare data for procedures performed in Florida, Georgia, Mississippi and Tennessee by AMA physicians and for all Florida physicians (the certified class). Specifically, Medicare Part B raw claims data that could easily be matched to a particular physician and then aggregated to calculate the total annual Medicare payment by physician cannot be disclosed to Alley. Alley had sought the information through filing a federal Freedom of Information Request (FOIA).

The reason? Because the Florida District Court in 1979 issued a permanent injunction in Florida Medical Assn. v. Dept. of Health Education & Welfare, prohibiting DHHS (then HEW) from disclosing “any list of annual Medicare reimbursements…for any years, which would personally and individually identify those providers of services …. Any such disclosure of annual Medicare reimbursement amounts, for any years, in a manner that would personally and individually identify the providers….is contrary to federal law.” (quoted in Alley)

Judge Carnes in a well-authored opinion (for those of you, like me, who care about good writing) enjoys the irony of hearing argument that sounds much like the health policy arguments heard in the mid-1970s. His second sentence reads: “The present national debate over health care rhymes a lot with one that took place three decades ago.” But whether it’s still good policy or not, Judge Carnes holds that plaintiffs cannot collaterally attack the 1979 injunction by arguing it does not apply to the data sought or the context has shifted in favor of disclosure or the reimbursement methodology has changed. Rather, if plaintiffs believe the injunction is no longer valid, their recourse is to go back to the court where the injunction issued and challenge it there.

In a footnote, the 11th Circuit references a recent 2009, United States of Court of Appeals D.C. Circuit, decision: Consumers’ Checkbook, Center For Study of Services. v. U.S. Department of Health and Human Services. The lower court’s holding in this case was discussed in this blog in 2008 (Consumers' Checkbook v HHS Update). In the 11th Circuit footnote (No.9), the court observes that in a factually similar case, the D.C. Circuit has held that FOIA exemption 6 permits DHHS to not disclose the requested Medicare data. FOIA exemption 6 protects from disclosure government agency files that constitute “a clearly unwarranted invasion of personal privacy.”

What we have then are two cases: one that upholds a 1979 injunction which enjoins DHHS from providing Medicare data that can be manipulated to identify annual reimbursements to individual physicians and other providers but which injunction reaches only the certified class of providers (identified above); and a second case that holds that providing similar Medicare data that can be tied to individual providers is protected from disclosure by a FOIA exemption. Thus, data elements which might indirectly seem disclosable are not if they lead to a resulting disclosure which invades personal privacy. We will see what changes health insurance reform brings, if any.

The AMA provides additional analysis of the decision in a story posted January 11, 2010, Appeals court rejects effort to sell Medicare physician claims data. Also, reports on the decision in its article, Mark Twain Lives On in Federal Judge's Ruling on Release of Medicare Data.

Thursday, January 07, 2010

2010 AHLA Hospitals and Health Systems Law Institute: Hot 2010 Health Law Legal Topics

Although it is cold today in West Virginia - I'm hoping it will be hot in Florida in February.

I thought I would take a moment on this cold wintry day to write about the hot health topics that will be discussed at the American Health Lawyers Association (AHLA) Hospitals and Health Systems Law Institute scheduled for February 25-26, 2010 at the Doral Golf Resort & Spa in Miami, Florida (Conference Brochure PDF).

I will be speaking at the Hospitals Law Institute along with my colleague, Jody Joiner, Assistant Operations Counsel at Sisters of Charity of Leavenworth Health System. Our topic scheduled for Friday, February 26 is Hospital’s Friend or Foe: The Age of Social Media and Health 2.0 where we plan to cover:
  • The social media technology tools used by health care providers and hospitals
  • Pros/cons and legal implications of social media and health 2.0 services such as blogs, wikis, social networking, podcasting, video sharing, etc.
  • Best practices and development of policies and procedures which address staff and employees using social media
In addition to our session there will be variety of "hot" health law legal topic covered at the conference that will interest hospital administrators and their legal counsel, including sessions on government data mining to identify hospital compliance, understanding the recent ARRA HITECH developments impacting HIPAA and EHR, hospital/physician collaboration and relationships, best practices in hospital practitioner credentialing, peer review and privileging, voluntary disclosure strategies, hospital clinical research issues, and much more.

The AHLA Hospital and Health System Law Institute overlaps with the AHLA Physicians and Physician Organizations Law Insitute which will be held on February 24-25.The Physician Law Insitute will include "hot" physician topics on on call payments, Accountability Care Organizations, HITECH, disruptive physician behavior intervention, Stark issues for physicians, hospital/physician mergers, FMV for physician compensation and much more.

You can register for one or both. As an AHLA Member I regularly attend the Physician/Hospital Law Institutes every year or so because of quality and breadth of health law related materials for those who work in the health care industry. More information, along with how to register, can be found at the AHLA website:
Hospitals and Health Systems Law Institute
Physicians and Physician Organizations Law Insitute