Author Archives: Frank W. Carsonie

HITECH Compliance Deadline for Protected Health Information is Almost Here

The Health Information Technology for Economic and Clinical Health (HITECH) Act’s compliance deadline for its HIPAA amendments is just around the corner. On September 23, 2013, the Department of Health and Human Services (HHS) will require covered entities, including most health care providers, and many of their business associates to meet the new Privacy Rule, Security Rule, and Breach Notification requirements for protected health information (PHI). In preparation, covered entities and business associates should have updated policies, procedures, and business associate agreements, as well as trained employees on the new rules. Business associate agreements created, modified, or renewed on or after January 25, 2013 must be compliant by September 23, while agreements existing before January 25 that have not been subsequently renewed or modified must be compliant by September 22, 2014.  Continue reading

New Ohio Law Requires Employers to Notify Patients of Termination of Physician’s Employment

Under new Ohio Revised Code § 4731.228, which becomes effective on March 22, 2013, hospitals, physician practices and other entities employing physicians in Ohio will be required to send patient notices when a physician’s employment is terminated. This notice must go to all patients seen by the physician in the previous two years and must be sent by the later of the date the physician’s employment is terminated or 30 days from when the employer has actual knowledge of the physician’s termination or resignation. The notices may be sent by the employer, or the employer may require the physician to send the notices. Continue reading

CMS Releases Final Rule to Implement Physician Payment Sunshine Act

On February 1, 2013, the Centers for Medicare & Medicaid Services (“CMS”) released the long-awaited final version of the Physician Payment Sunshine Act Final Rule (the “Sunshine Act”). The Sunshine Act will make information publicly available concerning payments or other transfers of value from applicable manufacturers to physicians. The Sunshine Act will also make information publicly available concerning physician ownership or investment interests in applicable manufacturers and group purchasing organizations (“GPOs”), including physician-owned distributors (“PODs”). Continue reading

HHS Announces $100,000 HIPAA Settlement with a Physician Practice

On April 17, 2012, the U.S. Department of Health and Human Services announced that Phoenix Cardiac Surgery, P.C. agreed to a $100,000 settlement for the continuing failure of the covered entity from complying with the HIPAA Privacy and Security Rules. (HHS Press Release) The settlement also included the requirement of the implementation of an extensive corrective action plan to bring the covered entity into compliance with the HIPAA Privacy and Security Rules. The settlement came about after an investigation by the HHS Office of Civil Rights in response to a report it received related to the covered entity’s practice of posting protected health information on an Internet-based calendar accessible by the public.  Continue reading