Government Issues

The U.S. Dept. of Health & Human Services Centers for Medicare and Medicaid Services (CMS) published a memo (Ref:  S&C: 16-33-NH) Aug. 5, 2016, to state nursing home survey agency directors related to protecting resident privacy and prohibiting mental abuse related to photographs and audio/video recordings by nursing home staff. The memo is a response to recent media reports regarding inappropriate posting to social media of pictures of nursing home residents – namely a disconcerting report by ProPublica detailing 47 incidents in which workers shared photos or videos with friends or the public – these incidents involved both mistreatment of residents and inadvertent disclosure or patient health information. Within 30 days of the memo, surveyors are to implement changes to address these issues.

Backing up electronic health record data may become an important aspect of complying with and mitigating risk under the Health Insurance Portability and Accountability Act (HIPAA) and Health Information Technology for Economic and Clinical Health Act (HITECH) if the U.S. Health and Human Services Office of Civil Rights (OCR) heeds legislators’ recommendations.

Employers often misconstrue the terms “non-exempt employee” and “hourly employee,” leading them to believe the terms are interchangeable. But, not all non-exempt employees are necessarily hourly employees. The Fair Labor Standards Act (FLSA) allows employers to pay their non-exempt employees on a salary basis as long as they meet minimum wage and overtime mandates. Paying certain non-exempt employees on a salary basis may prove a useful tool as healthcare institutions weigh changes in employee compensation practices necessitated by new FLSA regulations (previously discussed).

The Supreme Court’s unanimous decision in Universal Health Services, Inc. v. United States ex rel. Escobar, No. 15-7 (U.S. June 16, 2016) upholds the viability of the implied certification theory of False Claims Act liability. But it also makes cases arising from minor instances of noncompliance much harder to prove. The Court held that a knowing failure to disclose a violation of a material statutory, regulatory, or contractual requirement can create False Claims Act liability. The requirement need not be an express condition of payment, but it must be material to the government’s decision to pay.

On April 27, 2016, the Department of Health & Human Services Centers for Medicare & Medicaid Services (CMS) released its proposed rule regarding models for tying professional reimbursement to quality. While this may be great news for providers who enjoy the challenges of tracking and reporting data, these challenges are going to cause problems (namely, reimbursement reductions) for some providers. Regardless of whether providers think this is good or bad, providers should start looking at the proposed regulations now because, as proposed, quality-based payments will be a fact of life for all physicians, mid-levels, CRNAs and groups effective Jan. 1, 2019. The regulations will be published in the May 9, 2016, Federal Register. The comment period will officially start at that time and run through 5 p.m. on June 27, 2016.

In some courts in the United States today, a government contractor or a healthcare provider seeking reimbursement from a federal program can violate the False Claims Act even when its work is satisfactory and its invoices are correct. Under the theory of “implied certification,” a minor instance of non-compliance with one of the thousands of applicable statutes, regulations, and contract provisions can be the basis for a federal investigation, years of litigation, as well as fines, penalties, suspension and debarment, even imprisonment of company personnel.

A new ordinance went into effect April 4, 2016, which prohibits many employers in Austin from asking job applicants about their criminal histories until they’re well into the hiring process. The Fair Chance Hiring Ordinance, colloquially known as the “Ban the Box” measure, will forbid most employers from considering an applicant’s criminal record until after making a conditional offer of employment. Thus, Austin employers must evaluate whether the ordinance will affect their operations and, if so, what steps they need to take to alter their hiring processes and related guidelines.

Based on recent news stories and our experience, it appears that cybercriminals may be targeting healthcare providers with ransomware attacks. Publicly reported incidents and others of which we are aware have involved providers ranging from clinics and imaging centers to hospitals, and these entities have had to pay hundreds to thousands of dollars to gain access to their medical records, billing records or other vital computer systems – often after significant interruption of operations. On March 31, 2016, the U.S. Dept. of Homeland Security issued an alert about these attacks as a result of recent attacks on businesses including healthcare facilities and hospitals worldwide.