Author Archives: Daniel Meier

2016 Is Ramping Up For Telemedicine Developments

Two months in and this year has already seen significant movement in regulatory action across the country to expand the ability to provide telemedicine services. Below please find some of the more significant items that have already gone into effect in 2016 or are under consideration, including commercial payor and Medicaid reimbursement coverage for telemedicine services, reciprocal licenses for out-of-state providers and the ability to prescribe without an in-person evaluation.

Parity Laws in New York and Connecticut

Effective January 1, 2016, New York passed a Chapter Amendment clarifying last year’s telemedicine commercial coverage statute.  Under the 2016 Chapter Amendment, private insurers are required to cover services via telemedicine if provided by hospitals, home care and hospice agencies, licensed physicians, physician assistants, dentists, nurses, midwives, podiatrists, optometrists, ophthalmic dispensers, psychologists, social workers, speech language pathologists and audiologists.  The parity law prohibits an insurer from excluding from coverage a service provided via telehealth if that service is otherwise covered in-person.

The law also provides for Medicaid reimbursement to providers for telehealth services, which is defined broadly to include real-time two-way electronic audio visual communications, asynchronous store and forward technology and remote patient monitoring. However, with the exception of remote patient monitoring, telehealth will not be reimbursed by Medicaid when the patient is located in their home.  The New York Department of Health is expected to release telemedicine regulations later this year.

Similarly, Connecticut also recently passed a new telemedicine parity law that went into effect January 1, 2016. Under Connecticut’s parity law, commercial insurers must provide coverage for services rendered via telemedicine under the same terms and conditions as would apply if that service was provided in-person.  Connecticut broadly defines telehealth to include services performed by a telehealth provider at a distant site as well as synchronous interactions, asynchronous store and forward transfers and remote patient monitoring.

Notably, Connecticut went even farther than New York in its telehealth parity law by expressly preventing a health plan from excluding a service from coverage solely because the service is provided through telehealth and not in-person. In this way, a health plan cannot exclude a telehealth service, such as remote patient monitoring, simply because it does not lend itself to an in-person professional service.

Florida’s Controlled Substance Teleprescription Law

Florida recently implemented a new rule to permit physicians to prescribe controlled substances via telemedicine exclusively for the treatment of psychiatric disorders, effective March 4, 2016. Specifically, the amended regulation provides that controlled substances may not be prescribed through the use of telemedicine, “except for the treatment of psychiatric disorders.”

However, after passing this new rule, the Florida Board of Medicine recognized that it is still restricted by the Federal Ryan Haight Online Pharmacy Consumer Protection Act of 2008.  The Ryan Haight Act narrowly permits the remote prescription of controlled substances for patients without an in-person evaluation so long as the patient is: (1) physically located in a hospital or clinic with a valid DEA registration; and (2) treated by a DEA registered practitioner in the usual course of professional practice and in accordance with state law.  Accordingly, while Florida is expanding its telemedicine laws, the prescription of controlled substances via telemedicine will only be broadly permissible if the American Telemedicine Association, or other organizations, are successful in amending the Ryan Haight Act.

Newly Introduced Telemedicine Bills in New Jersey and Ohio

Various other states are also in the process of trying to pass telemedicine bills. For example, New Jersey recently introduced a bill on February 8, 2016, that would require private payors to provide coverage for telemedicine to the same extent that the services would be covered if they were provided through an in-person consultation.

Additionally, another NJ telemedicine bill was introduced on January 12, 2016, which would provide a mechanism for physicians and other health care providers to obtain reciprocal licenses to practice in New Jersey if the providers are licensed by another state in their particular specialty.  The bill would also provide a parity law for telemedicine services to be reimbursed under NJ Medicaid.  As a similar bill was proposed in 2015 and has now carried over into the 2016 session, the likelihood of its passing is even greater.

An Ohio legislative bill is also headed to the Senate that would allow patients to obtain prescriptions (for non-controlled substances) without an in-person exam or visit from a health care provider.

For more information on telehealth and telemedicine legal and regulatory considerations, continued legislative developments or related issues, please feel free to contact Daniel Meier or any member of our health care practice group for a further discussion.

CareFirst, Third Major Health Insurer This Year To Be Hit By Cyberattack

On May 20, 2015, CareFirst BlueCross BlueShield (“CareFirst”) announced that it was the latest victim of a major cyberattack, with as many as 1.1 million plan customers affected.  Current and former CareFirst members and individuals who do business with CareFirst online who registered to use CareFirst’s websites prior to June 20, 2014 are impacted by this event.

CareFirst said that although the hackers may have acquired customer names, email addresses, birthdates, customer-created user names and subscriber identification numbers, they did not obtain sensitive financial or medical information like Social Security numbers, medical claims, credit card or employment information or passwords associated with the user names.  The company has stated that those affected by the cyberattack will be provided two free years of credit monitoring and identity theft protection.

As an explanation of how CareFirst learned of the breach, Chet Burrell, CareFirst’s chief executive, said that after cyber attacks on other insurers earlier this year, he created a task force to review the company’s information technology systems.  CareFirst then hired Mandiant, a division of FireEye, to perform a forensic review of its systems.  Last month, Mandiant determined a breach had occurred in June 2014 allowing unauthorized access to a single database with the information listed above.

Just hours after the announcement of the breach, class action law firms were already investigating the circumstances of the breach and seeking plaintiffs who may have been affected.  Now that state claims may be brought based on HIPAA as a standard of care, the suits will likely consider potential harm due to the disclosure and whether CareFirst adequately protected the information and provided timely notice.  These are the same types of claims brought in the numerous class action lawsuits after the Anthem cyber-attack in February 2015.

The cyber-attack and pending lawsuits should serve as a reminder for healthcare companies to review and properly implement their HIPAA privacy and security policies and procedures.  For more information on HIPAA, health care compliance or related issues, please feel free to contact Daniel Meier or any member of our health care practice group for a further discussion.

What Makes A Five Star Hospital?

The Affordable Care Act includes many provisions aimed at improving the quality of care provided by different types of health care professionals and providers. Along these lines, the ACA expands the types of facilities and providers for which quality data will be publically available.  The Secretary of the United States Department of Health and Human Services was therefore directed to develop a Hospital Compare website (amongst other similar sites such as Physician Compare and Nursing Home Compare) that would allow Medicare enrollees to compare scientifically sound measures of physician quality and patient experience.

In accordance with these directives, on April 16, 2015 the Centers for Medicare and Medicaid Services (“CMS”) released the first ever Hospital Compare Star Ratings on its public information website.  The site is intended to make it easier for consumers to choose a hospital and understand the quality of care they deliver.  The data set from the website contains hospital-specific quality data for over 4,500 hospitals nationwide.  The ratings are based on the 11 publicly reported measures in the Hospital Consumer Assessment of Healthcare Providers and Systems (“HCAHPS”) survey, which assesses patient experiences.

The star ratings allow for an easy comparison using a five-star scale, with more stars indicating better quality care.  The quality data on Hospital Compare includes clinical process of care, patient outcomes and patient experience of care measures.  The national rankings are based on hospitals’ performance on the clinical process of care measures and a national survey of patients’ experience of care.  The hospitals’ ranks are combined into an overall, composite performance ranking, with process of care measures contributing 70% and patient experience of care measuring 30%.

However, just 251 out of 3,553 hospitals received the highest score in the rating system based on the experiences of patients who were admitted between July 2013 and June 2014.  Hospitals had an opportunity to preview the ratings in the fall and many have already expressed concern.  Hospitals question the methodology and whether the ratings reflect meaningful reflections of performance.  They also assert that the ratings are oversimplifying the hospital’s performance to a single score.

Notably, the patient experience star ratings are only based on the information on quality of care that is reported by patients.  The surveys are provided to a random sampling of patients within two days after discharge from a hospital and must be completed within 42 days.  Further, positive results may mean that the hospital is delivering good care.  However, these results are not taking into account other factors such as timely and efficient care and results or outcomes of care measures.  Moreover, the results places substantial reliance on patient review, which is just one measurement of hospital quality.  Lastly, if one does not review Hospital Compare extensively, information aside from the star ratings may easily be overlooked.  For example, the complete results for each HCAHPS measure can be found in the “Survey of Patients’ experiences” section.

On the other hand, supporters of Hospital Compare argue that while it’s not a perfect measurement system, it creates a healthy competition among hospitals.

For more information on Hospital Compare, other CMS initiatives or related issues, please feel free to contact Daniel Meier or any member of our health care practice group for a further discussion.

Lessons Learned: May a Healthcare Professional Say No To Treating Ebola?

May a licensed healthcare professional refuse to treat a patient?  Healthcare providers have legal, ethical and professional duties to address a patient’s needs that fall within the provider’s scope of practice. However, are doctors, and other health care personnel, required to treat any and all patients, even if doing so might cost them their lives? While this is an issue that has arisen with the recent Ebola outbreak, it is not a new issue and has been previously addressed.

History of Refusing to Treat

During the early HIV/AIDS era in the 1980s, when there was little known about the disease, there were physicians and other health care workers who refused to treat HIV infected patients.  Accordingly, in 1992, the American Medical Association declared in an ethics opinion that “A physician may not ethically refuse to treat a patient whose condition is within the physician’s current realm of competence solely because the patient is seropositive for HIV. Persons who are seropositive should not be subjected to discrimination based on fear or prejudice.” AMA Opinion 9.131 (March 1992, updated June 1996 and June 1998).

Similarly, the American Dental Association stated in its Principles of Ethics and Code of Professional Conduct that, “[a] dentist has a general obligation to provide care to those in need. A decision not to provide treatment to an individual because the individual has AIDS or is HIV seropositive based solely on that fact is unethical.”  American Dental Association, ADA Principles of Ethics and Code of Professional Conduct III § 4.A.1 (2012).

During the recent Ebola outbreak, healthcare personnel were once again refusing to treat infected patients.  Is this acceptable?

EMTALA

The Emergency Medical Treatment and Labor Act (“EMTALA”) is a federal law that requires that any patients that present at an emergency department must be stabilized and treated in a non-discriminatory manner, regardless of their insurance status, ability to pay, national origin, race, creed or color.  42 U.S.C. § 1395dd.  Hospitals may not transfer or discharge patients needing emergency treatment except with the informed consent (itself a legal doctrine) or stabilization of the patient, or when their condition requires transfer to a hospital better equipped to administer the treatment.

Since Ebola qualifies as an emergency medical condition, patients with the disease would fall under EMTALA.  See CMS Bulletin (November 21, 2014).  Upon arrival at the emergency department, even if Ebola is suspected, EMTALA would require the patient be medically screened and treated until the emergency condition is resolved or stabilized.  Hospitals lacking the ability to provide care to such patients may transfer the patients to another facility under strict transfer guidelines.  Both individual providers and hospitals have a legal obligation to comply with EMTALA. If found in violation of the act, hospitals and healthcare providers may lose their Medicare provider agreement and be fined up to $50,000 per violation as well as be subject to any lawsuits that may arise.

Pre-existing or Contractual Relationships

Aside from EMTALA which governs treatment of patients in emergent situations within emergency facilities, U.S. law generally allows healthcare providers to accept or decline patients at will.  There are a few exceptions to this rule.  First, many hospital medical staff bylaws, state medical board licensing and discipline requirements and contractual arrangements require physicians to comply with American Medical Association ethics guidelines. These ethics guidelines may well require a physician to provide care to an Ebola patient, such as the AMA opinion cited above.  Additionally, managed care agreements may also require an assessment of the patient.

A second exception concerns a prior-existing provider-patient relationship. Breaking this relationship without transferring care to another provider constitutes “abandonment.”  For example a patient with whom a healthcare professional has previously established a professional relationship may present in the professional’s office with complaints of fever, muscle ache and abdominal pain.  That patient may also have a history showing that he or she recently travelled to an Ebola hot spot or area with a high risk of Ebola.  As with any other patient, the provider must provide treatment and/or refer them to another source for treatment. Otherwise, the healthcare professional is at risk for abandonment of the patient.

However, if a patient with whom the healthcare professional has no pre-existing care relationship presents in the professional’s office with the above-described complaints, and there is no other duty under any other basis (i.e. not an ER physician, or in any other way obligated to treat the patient), then the question becomes is the healthcare professional qualified to treat the patient.  In most situations, the professional typically has the legal right to decide whether to accept the patient or not.

Third, the American with Disabilities Act of 1991 prohibits providers from refusing care to patients on the basis of disability.

Lastly, states may have their own laws outlining when providers can and cannot refuse to treat certain patients. For example, the Rhode Island Department of Health recently released a statement providing that, “In Rhode Island, licensed healthcare professionals in active practice are obligated to treat and/or care for Ebola patients, while minimizing the risk of Ebola transmission to self and others.”  The statement notes that failure to comply is a potential breach of the state’s healthcare licensing laws and could result in sanctions.

Personal Safety

Healthcare providers also operate along ethical principles concerning their duty to treat.  The general guideline acts to ensure that the provider does not feel threatened for his or her personal safety.  In fact, the preparedness protocols that were designed by the Centers for Disease Control and Prevention (“CDC”) presents a mission to care for those in need, but has an underlying theme of safety as the number one priority.  The protocols emphasize that all healthcare workers involved in the care of Ebola patients:  (i) must have received repeated training and demonstrated competency in performing all Ebola-related infection control practices and procedures; (ii) should have no skin exposed; and (iii) must have an onsite manager at all times overseeing the safe care of Ebola patients in a facility.  Notably, the CDC has also stated that the risk of transmission of Ebola, in and of itself, does not provide a basis for the relaxation of a health professional’s duty to help a patient as the risk of disease transmission is understood and can be readily mitigated.

Ultimately, the decision to treat an Ebola patient is fact dependent, based on the overall safety of the healthcare professional.  For example, a healthcare worker may be situated in a rural area without proper equipment and without any safety mechanisms in place.  If the professional is confronted with a patient diagnosed with Ebola and in the active stages of the disease, the ethical concerns may be trumped by treatment concerns.  Similarly, a leading medical ethicist, Dr. Joseph J. Fins, has stated that a medical team should not try to resuscitate an Ebola patient whose heart has stopped beating.  Dr. Finns explained that the risks of cardiopulmonary resuscitation efforts are too great for health care workers and even for some Ebola patients whose heartbeat is restored.

On the other hand, a healthcare professional may work in a health system that is ripe with safety protocols and mechanisms available.  If that professional is confronted with a patient diagnosed with Ebola, the concern for personal safety may not outweigh the ethical duty to treat.  Ultimately, it will be a decision for the healthcare professional to make concerning his or her personal safety.

National Guidelines

Conflicting laws, ethical guidelines and varying circumstances have created great uncertainty about the duty to treat.  In fact, the decision whether the duty to treat trumps safety concerns has sparked a thorny debate at hospitals across the country along with a call for national guidelines.  See U.S. Hospitals Weigh Staff Safety, WSJ (October 31, 2014).

For more information on legal concerns in the treatment of Ebola or related clinical legal issues, please feel free to contact Daniel Meier or any member of our health care practice group for a further discussion.

One Of The Country’s Largest Hospital Organizations to Pay $98.15 Million Settlement on False Claims Act Allegations

On Monday, August 4, 2014, The Department of Justice announced that Community Health Systems (“CHS”), the nation’s largest operator of acute care hospitals, agreed to pay $98.15 million to settle nine whistleblower lawsuits alleging that the company violated the False Claims Act between January 2005 and December 2010. The whistleblowers alleged that CHS knowingly billed Medicare, Medicaid, and TRICARE for medically unnecessary inpatient admissions rather than the lower outpatient or observation rates at 119 hospitals. Additionally, allegations were made that services were rendered to patients at one of CHS’s hospitals in Laredo, Texas by a physician who was offered a medical directorship in violation of the physician self-referral law, known as the Stark Law.

Under the settlement, CHS entered into a five-year Corporate Integrity Agreement requiring it to retain independent review organizations to review the accuracy of the claims for inpatient services under federal health care programs, and to engage in significant compliance efforts over the next five years.

The allegations against CHS are particularly notable in light of new regulations such as the two-midnight rule, which took effect October 1, 2013. The two-midnight rule requires that physicians deem a patient’s condition as serious enough to require at least two overnight stays in order to qualify for Medicare reimbursement under inpatient rates. Patients who aren’t formally admitted may remain under outpatient or observation status. Emergency and internal medicine physicians often struggle to get the right designation and status for the patient. The federal government has delayed enforcement of the rule until March 31, 2015 at which time hospitals may face financial penalties if auditors determine the hospital could have met the patient’s needs in an outpatient setting.

For more information on the CHS settlement, the two-midnight rule, the Stark Law, the Anti-Kickback Statute, or related fraud and abuse issues, please feel free to contact Daniel Meier or any member of our health care practice group for a further discussion.

You can find a more extensive discussion about the CHS settlement, the impact of observation status on patients and the two-midnight rule in the following Client Bulletin.

OIG Publishes Special Fraud Alert Regarding Laboratory Payments To Referring Physicians – Some Arrangements May Violate the Anti-Kickback Statute

The laboratory market has become quite competitive in recent years, raising compliance concerns and investigations into lab relationships with referring physicians. Accordingly, on June 25, 2014, the OIG released a Special Fraud Alert (the “Fraud Alert”) which provides guidance about two different types of suspect arrangements: (1) Blood-Specimen Collection; and (2) Registry Payments. The concerns raised here by the OIG involve referring physicians receiving payments from laboratories who may not even be aware that these arrangements are violating the Anti-Kickback Statute due to their complicated nature.

The OIG explained that it is concerned about arrangements in which a lab pays a physician more than fair market value (“FMV”) for the physician’s services or for services the lab does not actually need or for which the physician is compensated. The four major concerns typically associated with kickbacks involving labs include: (1) corruption of medical judgment; (2) overutilization; (3) increased costs to the Federal health care programs and beneficiaries; and (4) unfair competition. These concerns arise because arrangements with labs could induce physicians to order tests from a lab that provides them with payment, rather than utilizing laboratories that provide the best, most clinically appropriate service. Indeed, the choice of which laboratory to use and whether to even order lab tests are decided by or at least strongly influenced by the physician. Continue reading

The Halifax $85 Million Lesson: Compensation Arrangements Between Hospitals and Physicians Must Be Reviewed

The Department of Justice (“DOJ”) announced another multi-million dollar settlement of alleged False Claims Act violations on March 11, 2014. Specifically, Halifax Hospital Medical Center and Halifax Staffing, Inc. agreed to settle various issues with the DOJ for $85 million in order to resolve allegations that they violated the False Claims Act (“FCA”) by submitting claims to Medicare that violated the federal prohibition on physician self-referrals, 42 USC §1395nn (the “Stark Law”). United States ex rel. Baklid-Kunz v. Halifax Hospital Medical Center, et al., No. 09-cv-1002 (M.D. Fla.).

The Stark Law and the Bona Fide Employment Exception

The Stark Law prohibits a physician from referring a patient for certain designated health services (“DHS”) to an entity in which the physician, or an immediate family member, has a financial interest, such as an ownership or investment interest in the entity or a compensation arrangement with the entity. Certain exceptions for arrangements are permitted under Stark. However, because the Stark Law is a strict liability statute, the arrangement must fit completely within the criteria of the exception in order not to violate the statute. At issue in Halifax, as explained below, is the bona fide employment exception, Continue reading