Health Care Lawyer Blog

Today the Department of Health and Human Services' final regulations governing the new Health Insurance Portability and Accountability Act (HIPAA) security breach notification requirements were published in the Federal Register. These regulations take effect September 23, 2009, and health care providers should take care to familiarize themselves with the requirements by then.

The Health Information Technology for Economic and Clinical Health (HITECH Act), which was part of the 2009 Stimulus Bill, requires HIPAA-covered entities to provide notification to affected individuals and the Secretary of Health and Human Services following the discovery of a breach of unsecured protected health information (PHI). In some cases, the HITECH Act requires covered entities to provide notification to the media of the breaches. In the case of a breach of unsecured PHI by a business associate (such as an accountant or attorney) of a covered entity, the Act requires the business associate to notify the covered entity of the breach. Finally, the Act requires the Secretary of Health and Human services to post a list of covered entities that experience a breach of the PHI of 500 or more individuals on the HHS website.

However, it is important to note that the HITECH Act does not require the reporting of every slip-up and privacy violation by a covered entity or business associate. For example, in order for a breach to occur the PHI must be “unsecured”. This means that the information must not be rendered unuseable, unreadable, or indecipherable to unauthorized individual. For example, if a covered entity accidentally emails notes on a patient file to the wrong address, but the email is encrypted in a certain fashion delineated by the regulations, the notice requirements would not be triggered because the information is not “unsecured”.

After the jump - how to determine if a "breach" has occurred >>

Continue reading " Health Care Providers Should Take Note of Final HIPAA Breach Notification Laws " »

While tuning in to a NPR broadcast last week, the subject invariably turned to the recent health care reform “town hall” meetings and the legislators behind them. The guest speaker on that particular morning’s broadcast was Senator Robert Menendez (D-New Jersey), and the segment featured a clip of him addressing a frenzied town hall crowd during a discussion on end-of-life care and how a national health care plan may incorporate the issue.

During the broadcast, Menendez noted that contrary to the sentiments voiced by some opponents (i.e., such as Former Alaska Governor Sarah Palin), the proposed health care legislation does not include the creation of a “panel” which will ration health care to seniors or those with terminal illnesses. Instead, the legislation incorporates the use of “end of life" or "advance care" treatment consultations and provides coverage for patients to engage in discussions with their doctors about end of life care. Menendez also explained that this provision had created quite a bit of misunderstanding and confusion among the public, although the aim of the legislation is simply to increase communication between patient and doctors. To which, the NPR correspondent offered the query of: “Wouldn’t it just be easier to cut it out altogether?”

***
While doing so may certainly lead to less public outcry, it may also diminish the use of such end-of-life treatment consulations, which are an effective method of reducing the costs of health care and easing the emotional burdens on patients and their families who are faced with terminal illnesses or other end-of-life decisions. Specifically, a recent study published by the AMA’s Archives of Internal Medicine found that “patients with advanced cancer that reported having [end of life] conversations with physicians had significantly lower health care costs in their final week of life,” while “higher costs were associated with worse quality of death.” Further, the study’s findings suggested that if end of life discussions increased to only 50 percent, there would be a cost difference of $76,466,891 between individuals who had end of life discussions versus those who had not. (This cost savings figure was based solely on the number of cancer deaths in the United States per year and did not factor in other terminal illnesses, diseases or causes of death.) See Health Care Costs in the Last Week of Life: Associations With End-of-Life Conversations, Arch Intern Med. 2009; 169(5):480-488.

From a purely legal perspective, having simple discussions with one’s medical provider can certainly help ensure that patients' end-of-life wishes are communicated. While not specifically addressed in the proposed legislation, an additional tool that may be employed is the use of “advanced directives” or legal documents that patients can execute to direct their medical treatment should they become incapacitated or unable to communicate their wishes.

What is an Advance Directive?
Advance directives are also commonly referred to as a living will, power or attorney, or patient advocate designation. While such legal protections ease the burden on patients, families and health care providers - both emotionally and financially - they are largely under-utilized. In 2003, the Agency for Healthcare Research and Quality found that less than 50 percent of severely or terminally ill patients had an advance directive in their medical record, and up to 76 percent of physicians whose patients did have an advance directive were not aware that it existed.

Continue reading " End of Life Planning Takes Center Stage at Health Care Reform Debates " »

The Sixth Circuit Court of Appeals recently held that hospitals cannot recoup unpaid costs attributable to dual Medicare/Medicaid patients, where the “bad debts” exceed state Medicaid payment caps. Essentially, the opinion held that hospitals are forced to take losses on services provided to dual-enrolled Medicare and Medicaid patients, where such patients cannot pay the applicable co-pays and deductibles.

In Detroit Receiving Hospital, et al. v Sebelius, No. 08-1920, the plaintiff group consisted of numerous hospitals conducting business in Michigan and Missouri who provide services to patients covered under both Medicare and Medicaid. Under Medicare Part A, hospitals are paid based on a fixed-rate system for inpatient hospital care, while Medicare beneficiaries are charged co-pays and deductibles for services provided to them. In some instances, the Medicare beneficiaries either refuse to or are unable to pay these charges.

Previously, these “bad debts” were reimbursed to hospitals by the Medicare program. However, the Balanced Budget Act of 1997 placed a limit on the amount of “bad debt” reimbursement from Medicare, leaving hospitals with the choice of either accepting the loss or continuing to pursue debt collection from the Medicaid beneficiary.

Hospitals attempting to recoup such “bad debts” are faced with an additional hurdle when these delinquent patients are also Medicaid beneficiaries. While state Medicaid agencies are responsible for “Medicare cost-sharing” (i.e. paying a dual-enrolled patient’s co-payments and deductibles), both Michigan and Missouri have place caps on the Medicare cost-sharing under their Medicaid programs. Specifically, under a provision of the Balanced Budget Act, if the Medicare payment rate is above the rate that the state Medicaid program pays for the same treatment, Medicaid will not pay additional amounts for co-pays or deductibles. If the Medicare payment is below the Medicaid rate, the Medicaid program only pays the amount necessary to provide the hospital with the Medicaid rate amount.

Continue reading " Sixth Circuit holds Medicaid Caps on “Bad Debt” Valid " »