On Tuesday, June 18, 2019, our team of legal professionals and industry experts hosted a Compliance Considerations for Pharmacy Sale or Acquisition Webinar that took a look at the regulatory pitfalls and problems that can arise in a pharmacy transaction.

The free on-demand recording will provide real-life examples of what to do – and not

If you happen to miss our NHIA Talk Infusion Webinar on Compliance and Risk Considerations for Compounding Pharmacies, please click on the link to enjoy a free on-demand recording.

Our program guides you through the current landscape and common compliance concerns in compounding. We will help you understand the focus of FDA and state

The United States Department of Justice (“DOJ”) has intervened in a False Claims Act (“FCA”) case against a Florida compounding pharmacy, Diabetic Care Rx, LLC d/b/a Patient Care America (“PCA”), and, in an unexpected move, named PCA’s private equity sponsor and controlling shareholder, Riordan, Lewis & Haden, Inc. (“RLH”), as a co-defendant. The DOJ complaint accuses PCA, RLH and two PCA officers/directors (who were also RLH partners) of overseeing a kickback scheme which DOJ alleges induced referrals that resulted in TRICARE paying over $68 million for medically unnecessary compound drug prescriptions. DOJ alleges the illegal scheme was designed by RLH.
Continue Reading DOJ Adds Private Equity Firm to False Claims Act Complaint

As most healthcare providers know, HIPAA requires that covered entities or business associates  conduct an accurate and thorough assessment of the potential risks and vulnerabilities to the confidentiality, integrity, and availability of electronic protected health information (“ePHI”) held by the covered entity or business associate.[1] Providers who receive Meaningful Use incentive payments from the Centers for Medicare and Medicaid Services (“CMS”) for implementing electronic health record (“EHR”) systems into their practices or operations are also likely aware of the fact that one of the many requirements for these incentive payments is to conduct a HIPAA security risk analysis annually. Now, perhaps more than ever before, both CMS and the U.S. Department of Health and Human Services’ Office for Civil Rights (“OCR”) is demonstrating the importance of ensuring that these risk analyses are performed, or providers can face dire consequences. Below are the top reasons to conduct a thorough HIPAA security risk analysis.
Continue Reading Top 5 Reasons to Conduct a Thorough HIPAA Security Risk Analysis

My New Year’s resolutions will likely be broken early and often in 2016. My consequences are mostly non-monetary: a few more pounds, a little less savings, and not winning the triathlon in my age group. Your consequences, as a HIPAA-covered entity or business associate, for not complying with the Privacy and Security Rules could be much greater, and could put you into serious debt to the HHS Office of Civil Rights (OCR). Therefore, we propose that you resolve now to become fully HIPAA compliant in 2016.

OCR delivered an early holiday gift, wrapped in the Director’s Sept. 23, 2015, report to the Office of Inspector General. In that report, she disclosed that OCR will launch Phase 2 of its HIPAA audit program in early 2016, focusing on noncompliance issues for both covered entities and business associates.

So, grab that cup of hot cocoa and peruse this review of 2014-2015 HIPAA enforcement actions, which should help identify noncompliance issues on which OCR will focus in 2016.
Continue Reading HIPAA compliance: another year older, but hopefully not deeper in debt

The state of Georgia reached a civil settlement agreement on April 23, 2015, with Grady Health System based on allegations that Grady incorrectly coded claims for neonatal intensive care unit (NICU) patients, resulting in overpayments by Georgia Medicaid. For more details, read the Georgia Attorney General’s press release announcing the settlement.
Continue Reading Grady Health System to pay over $2.9 million to settle claims of alleged inflated Medicaid NICU billing

Due diligence is often perceived as a mundane part of the mergers & acquisitions (M&A) process, but its importance in healthcare transactions is critical. Due diligence is one of the first steps of any transaction and involves a buyer undertaking an in-depth examination of the target to evaluate the business and uncover potential issues or liabilities. In the healthcare industry, diligence is especially important considering the heavy regulation of the industry, the unique areas of risk, and the significant liabilities that could be imposed upon a buyer if issues and liabilities are not identified before the transaction closes.
Continue Reading Unique Considerations in Healthcare M&A Part 1 – Due Diligence

In the Electronic Health Records (EHR) space, unconnected and competing systems carry the potential for organizational train wrecks.

Until robust, efficient, and mandatory interoperability standards emerge, providers should consider linking systems through other means, as failure to do so may lead to malpractice and regulatory compliance issues.

A new White Paper, Driving the Golden Spike:

Hopefully all of our nursing home clients know by now that CMS and the OIG have psychotropic drug use by nursing home residents on their radar.  A recent case filed by the Department of Justice (DOJ)  raises another concern that nursing homes may not have considered.  A Chicago psychiatrist was charged with violating the False Claims

On September 25, 2012, two members of the Husch Blackwell Healthcare team, Brian Bewley and David Pursell, presented a webinar discussing:

  • An overview of Stark
  • Stark overpayment reporting requirements
  • Steps to take after discovering a potential Stark violation

As former Senior Counsel in the Office of Inspector General for Health and Human Services and