Category: Health Care Law

Four Commonly Asked Questions About Patient Medical Information: VIDEO

Published in the National Law Review recently an article by Kimberly Leonard of the Center for Public Integrity regarding the 4 Most Commonly Asked Questions About Patient Medical Information:

The Center for Public integrity interviewed Harley Geiger, policy counsel for the Center for Democracy & Technology (CDT), about why patients should request a copy of their health records from their doctor.

The questions are based off a guide CDT issued on its website. It discusses the rights patients have to their health information and how they can correct errors that might appear in their record. It also details how they can protect their medical information.

Reprinted by Permission © 2012, The Center for Public Integrity®. All Rights Reserved.

7th Drug & Medical Device Litigation Forum, 7-8 Mar 2012, Philadelphia

The National Law Review is pleased to inform you of the 7th Drug & Medical Device Litigation Forum: Implementing Appropriate Litigation Readiness and Costs Management Policies That Ensure An Effective Defense at Trial

Event Date: 7-8 Mar 2012

Location: Philadelphia, PA, United States

Key conference topics

  • Mitigate and maintain costs associated with litigation
  • Gain judical insight on drug and medical litigation and its recent developments
  • Build better relationships with outside counsel in order to reduce the miscommunciation factor
  • Understand the limitations of marketing and advertising as it relates to emerging social media issues
  • Learn the latest on medical device product liability

Conference focus

 Pharmaceutical and medical device manufacturers have faced a growing array of legal challenges this year. With the increase of mass tort litigation, as it relates to product liability, pharmaceutical and medical device manufacturers must be prepared to defend the increasingly sophisticated, well-funded and multi-jurisdictional product liability campaigns against their companies.

The 7th Drug and Medical Device Litigation Conference will be a two-day, industry focused event specific to those within Drug & Medical Device Litigation, Product Liability and Regulatory Affairs in the Medical Device, Biotech and Pharmaceutical industries.

By attending this event, industry leaders will share best practices, strategies and tools on incorporating litigation readiness, utilizing cost efficient litigation strategies and accurately managing policies to ensure an effective defense at trial.

Attending This Event Will Enable You to:
1. Review the current landscape of drug and medical device litigation
2. Learn strategies in settlements and mass tort issues
3. Manage litigation expenses in order to effectively manage costs
4. Review recent case rulings, including the Mensing and Levine cases
5. Take a view from the bench: explore drug and medical device litigation
from a judicial point of view
6. Tackle product liability issues and challenges
7. Uncover the risks for drug and medical device companies when leveraging social media for marketing and advertising campaigns

With a one-track focus, the 7th Drug and Medical Device Litigation Conference is a highly intensive, content-driven event that includes case studies, presentations and panel discussions over two full days.

This is not a trade show; our Drug and Medical Device Litigation conference series is targeted at a focused group of senior level leaders to maintain an intimate atmosphere for the delegates and speakers. Since we are not a vendor driven conference, the higher level focus allows delegates to network with their industry peers.

Testimonials:

“Great selection & breadth of speakers. Uniformly high quality of presentations. Intimate nature of meeting provided excellent opportunities for networking” – Abbott

“Great venue to learn and exchange best practices. More importantly how to leverage lesions learned from others.” – Baxter

“One of the best meetings I’ve attended. Excellent organization, topics and speakers. Overall extremely well done.” – Sanofi Aventis

marcusevans


Health Care Entities Using Social Media: Guidance from the Division of Quality Assurance

Recently posted in the National Law Review an article by Diane M. Welsh and Linda C. Emery of von Briesen & Roper, S.C. regarding  the use of social media and web-based email services:

Many articles have been written about the legal and business risks associated with the use of social media and web-based email services. However, the risk of using social media is heightened in the health care industry in light of a health care entity’s legal and regulatory obligations to protect the privacy and security of health care information. Health care entities need to be particularly familiar with the risks of using social media in the health care industry and methods for reducing those risks.

The DQA October 24, 2011 Memorandum

On October 24, 2011, the Wisconsin Division of Quality Assurance (“DQA”) issued numbered memorandum 11-026 entitled, “Using Social Media Platforms, such as Twitter, Facebook, MySpace and LinkedIn”. The Memo is available at www.dhs.wisconsin.gov/rl_DSL/Publications/11-026.htm.

The DQA definition of “Social Media” includes what one would normally consider social media, as well as “free and unencrypted web-based email services” such as Yahoo and Gmail, and web-based calendars. The purpose of the Memo is to “provide guidance to providers on the fast-changing landscape of the internet and the impact of using social networking and social media as a communications tool”.

DQA released the Memo to address concerns raised about (1) health care entities and their staff using web-based email accounts (e.g., Gmail) or web-based calendars (e.g., Yahoo Calendars) to convey patient or resident care information; and (2) health care entity staff members sharing protected health information on FaceBook.

The DQA notes that inappropriate use of Social Media or use of Social Media without adequate security protections may violate a patient’s or resident’s privacy rights. Moreover, DQA emphasizes that Social Media sites are now major targets of the hacker underground, creating further risk of a network security breach. DQA also warns health care entities of the potential for criminal and civil risks of using Social Media, (including criminal prosecution or civil actions under HIPAA) because it is the United States Department of Health and Human Services Office of Civil Rights—and not the Division of Quality Assurance—which has jurisdiction over such violations.

Risk Management Considerations With Regard to Entity Use of Social Media

DQA includes a number of recommendations for reducing the risks associated with the use of social media by health care entities.

First, the DQA recommends that each health care entity conduct a risk assessment to determine whether the entity or its staff members are utilizing Social Media in a manner that may violate patient or resident rights.

DQA also recommends that providers and staff members should be fully aware of the broad definition of “protected health information.” If a health care entity chooses to utilize a Social Media tool, it should insure that the information it discloses is “de-identified under HIPAA.” DQA points out that no health care provider should ever post any protected health information on-line without the appropriate written patient authorization. Merely omitting a patient’s name from a post does not make it a permissible disclosure. Posts that discuss the patient’s condition—even without disclosing the patient’s name—contain protected health information.

DQA emphasizes that “a covered entity should consider the need for a business associate agreement with a social media site, if the entity is uploading protected health information to the site. HIPAA makes it mandatory for all covered entities along with their business associates to ensure complete protection of patient health information, which they store, process and exchange between themselves.”

Finally, DQA recommends that health care entities should develop a social media policy that guides employees on the appropriate use of social media, and includes specific guidance (e.g., “Refrain from discussing patients, even in general terms.”). The organization should also provide staff with ongoing training on resident rights, privacy and security.

Marketing Uses of Social Media

DQA does not directly address the use by healthcare entities of social networking sites like FaceBook, Twitter or YouTube, or even the providers’ own websites, to promote their services or discuss advances they have made in healthcare. Many health care entities use videos, photos, and patient interviews to promote their services. If a health care entity posts a video, photograph, or patient interview of actual patients, that provider would be disclosing protected health information.

Any health care provider using protected health information in this manner should only do so with the express written authorization of the patient. Even with such authorization, the provider must be sure that the patient understands that when posting information online, the provider and the patient lose much control of the information. Although the provider could remove the materials if a patient withdraws authorization, the patient and the provider cannot get back any material that may have been downloaded by others.

Although not referenced in the Memo, health care providers should institute a social media policy which identifies who is permitted to use social media for the business purposes of the organization and what information may be posted on the company’s website or a social media web page.

Considerations for Staff Member’s Personal Use

One of the greatest risks of social media sites is that a health entity staff member may post protected information on the staff member’s social media page. The internet is filled with stories of hospital employees being fired for providing their opinions about a patient on a Facebook account, albeit without identifying the patient’s name. Given that any information disclosed about a patient or resident would likely constitute a breach of protected health information, it is imperative that providers inform staff that they are not to share any confidential information whether at work, or outside of work—including on their FaceBook pages or through Twitter (or in actual conversation with their family or friends). Staff should understand that they are not to share any patient information online—even if they are not naming the individual patient.

Additional Resources

Additional information on this issue is available through the HIPAA Collaborative of Wisconsin website, at www.hipaacow.org.

©2011 von Briesen & Roper, s.c

Imminent Withholding of Medicare Physician Payments Appears Likely

Recently posted in the National Law Review an article by attorney Frank R. Ciesla of Giordano, Halleran & Ciesla, P.C. regarding the Medicare payment rate which are scheduled to go into effect January 1, 2012:

 

 

As of today, there still has not been a resolution of the threatened reductions to the Medicare payment rate which are scheduled to go into effect ten (10) days from now .  As you are aware, the Medicare Sustainable Growth Rate will require reducing payments by over 27% as of January 1, 2012.

While the news seems to be focused on the deadlock in regard to the payroll tax cut and extension of unemployment benefits, the issue regarding physician compensation is as vital, not only to the physicians, but to the Medicare population, as either of the other two issues.  The pending Republican proposal for resolving the physician payment issue is focused on reducing payment to other healthcare providers.  This appears to be unacceptable to the Democratic contingent in both the House and the Senate.

As of this point in time, Medicare will withhold all Medicare physician payments for services rendered during the first ten (10) days of 2012, until there is either:  (1) a resolution of the issue; or (2) implementation of the reduction because the Sustainable Growth Rate issue has  not been resolved.  Clearly, the providers of healthcare to the Medicare population are being held hostage in this crisis.

See our prior blog as to steps you can take regarding your continued provision of services to Medicare patients.

© 2011 Giordano, Halleran & Ciesla, P.C. All Rights Reserved

7th Drug & Medical Device Litigation Forum, 7-8 Mar 2012, Philadelphia

The National Law Review is pleased to inform you of the 7th Drug & Medical Device Litigation Forum: Implementing Appropriate Litigation Readiness and Costs Management Policies That Ensure An Effective Defense at Trial

 

Event Date: 7-8 Mar 2012

Location: Philadelphia, PA, United States

Key conference topics

 

  • Mitigate and maintain costs associated with litigation
  • Gain judical insight on drug and medical litigation and its recent developments
  • Build better relationships with outside counsel in order to reduce the miscommunciation factor
  • Understand the limitations of marketing and advertising as it relates to emerging social media issues
  • Learn the latest on medical device product liability

Conference focus

 Pharmaceutical and medical device manufacturers have faced a growing array of legal challenges this year. With the increase of mass tort litigation, as it relates to product liability, pharmaceutical and medical device manufacturers must be prepared to defend the increasingly sophisticated, well-funded and multi-jurisdictional product liability campaigns against their companies.

The 7th Drug and Medical Device Litigation Conference will be a two-day, industry focused event specific to those within Drug & Medical Device Litigation, Product Liability and Regulatory Affairs in the Medical Device, Biotech and Pharmaceutical industries.

By attending this event, industry leaders will share best practices, strategies and tools on incorporating litigation readiness, utilizing cost efficient litigation strategies and accurately managing policies to ensure an effective defense at trial.

Attending This Event Will Enable You to:
1. Review the current landscape of drug and medical device litigation
2. Learn strategies in settlements and mass tort issues
3. Manage litigation expenses in order to effectively manage costs
4. Review recent case rulings, including the Mensing and Levine cases
5. Take a view from the bench: explore drug and medical device litigation
from a judicial point of view
6. Tackle product liability issues and challenges
7. Uncover the risks for drug and medical device companies when leveraging social media for marketing and advertising campaigns

With a one-track focus, the 7th Drug and Medical Device Litigation Conference is a highly intensive, content-driven event that includes case studies, presentations and panel discussions over two full days.

This is not a trade show; our Drug and Medical Device Litigation conference series is targeted at a focused group of senior level leaders to maintain an intimate atmosphere for the delegates and speakers. Since we are not a vendor driven conference, the higher level focus allows delegates to network with their industry peers.

Testimonials:

“Great selection & breadth of speakers. Uniformly high quality of presentations. Intimate nature of meeting provided excellent opportunities for networking” – Abbott

“Great venue to learn and exchange best practices. More importantly how to leverage lesions learned from others.” – Baxter

“One of the best meetings I’ve attended. Excellent organization, topics and speakers. Overall extremely well done.” – Sanofi Aventis

 

marcusevans


Thirty-Two Health Care Organizations to Participate in Pioneer ACO Program

Barnes & Thornburg LLP‘s Heather Fesko Delgado recently posted in the National Law Review  an article about  32 health care organizations from around the country will participate in the Pioneer Accountable Care Organization (ACO) program.

According to a U.S. Department of Health & Human Services media release that was issued earlier today, 32 health care organizations from around the country will participate in the Pioneer Accountable Care Organization (ACO) program.

Under the program, which is operated by the Centers for Medicare & Medicaid Services (CMS) Innovation Center, groups of health care providers that have formed ACOs will be rewarded by Medicare based on how well they are able to both improve the health of their Medicare patients and lower their health care costs. HHS hopes the program will save up to $1.1 billion over the next five years by encouraging health care specialists “to provide better, more coordinated care for people with Medicare.”

The 32 Pioneer ACOs were selected from a pool of over 80 applicants. According to the media release, “selected Pioneer ACOs include physician-led organizations and health systems, urban and rural organizations, and organizations in various geographic regions of the country, representing 18 states and the opportunity to improve care for 860,000 Medicare beneficiaries.”

The first performance period of the Pioneer ACO Model will begin Jan. 1, 2012.

Additional information on the Pioneer ACO model can be accessed by downloading the CMS Fact Sheet here.

© 2011 BARNES & THORNBURG LLP

Is Coming Together to Form the Larger Same (or Multi) Specialty Medical Practice the Answer?

Recently posted in the National Law Review an article by David Schick of Baker Hostetler regarding solo medical  practitioners have come together to form larger same (or multi) specialty groups for the following reasons:

Many small or solo practitioners have come (or are considering coming) together to form larger same (or multi) specialty groups for the following reasons.  The principle reason is to get a leg up on managed care.  Managed care entities often take advantage of small or solo practitioners in the same geographic area by forcing them to accept lower reimbursements rates.  Small or solo practitioners, who join together in a single group, can effectively negotiate with managed care as a unit and obtain higher reimbursement rates.

This same principle applies to negotiating for lower malpractice insurance and group health, life and disability insurance premiums, as well as other employee benefits.  The larger groups are able to obtain discounts on the premiums they pay, because the insurance carriers are covering a larger population of physician providers or employees, thereby spreading the risk across a larger population, and thereby reducing the cost of coverage per physician or per employee.  These are the same principles Wal-Mart, Costco and other large businesses use when negotiating with vendors.  They use their purchasing power to influence the vendors to lower the costs because of the volume.

Purchasing power has another twist.  Small or solo practitioners, who come together to form a larger group, can use their own numbers and collective net worth to purchase the sophisticated equipment used to generate ancillary revenue.  A new sonogram machine, MRI, PET, CT or linear accelerator can cost hundreds of thousands or millions of dollars.  On their own, physicians cannot afford these items and banks will not lend them the money to purchase the same because the banks feel the risk is too great.  By coming together, physicians can spread the cost over their numbers and either purchase the equipment themselves and/or obtain financing to purchase the same.  Once again, there is safety in numbers and purchasing power eliminates the obstacle.

Of course, the reason physicians want to obtain this equipment is to obtain the ancillary revenues this equipment generates.  Physicians typically can only bill for the professional component or the component of the health care generated only by the physician’s efforts (i.e. the consult, the surgical procedure, etc.).  Hospitals, on the other hand, can bill a facility fee and/or fees for the images or tests the equipment generates.  These fees are often much higher than the professional component.  Physician groups, with the purchasing power to obtain this equipment on their own, can bill for both the professional and technical components.

The federal and state antitrust, Medicare fraud and abuse, antikickback and self-referral prohibitions prohibit groups of small or solo practitioners from negotiating with managed care and from sharing ancillary revenues when they are loosely organized in “name only”, and not legally organized and operated as a “true” group practice.  As a fully organized and operated group practice, the physicians are no longer competitors, they are on the same team.  The same is true for sharing ancillary revenues, so long as that sharing is done in a legally permissible manner.

The legal entity constituting the group practice can be virtually any form of legal entity including, but not limited to, a corporation, whether a C corporation or S corporation; a limited liability company; a limited liability partnership, etc.  However, the choice of entity analysis is an involved one and should not be taken lightly.  A properly trained corporate attorney with a tax and health care background should be consulted to put this together, as it is not simply a matter of filing articles of incorporation with the Secretary of State.

Next the entity needs an agreement between its shareholders, members or limited liability partners, as well as properly drafted employment agreements: to govern their relationship with each other; to set forth the manner in which they will be compensated and share in ancillary revenues; and to govern the parties obligations in the event the physician shareholders’, members’ or limited liability partners’ employment and relationship with the entity is terminated for reasons including, but not limited to, the physician’s death, disability, retirement, or by the entity with or without cause.

Typically, the practice owners also own interests in the building within which the practice is located; as well as other joint ventures or entities such as ambulatory surgical or imaging centers.  Properly drafted shareholder, buy-sell, operating and/or partnership agreements governing these other entities define the physicians’ rights, duties and obligations to each other during their association, and specify whether and how the departing physician is to be bought out in the event that association terminates.

I often hear the following objections to coming together, the first of which is the most common.  “I generate the most ancillary revenues and I should get all of the ancillary revenues I generate one for one”.  The permissible rules for sharing ancillary revenues do not permit this and this thought process is short sighted.  Typically, it only takes one conversation to convince this same physician that he can get a 100% of $50,000 worth of ancillary revenues on his own; or he can get 20% of $1,000,000 (depending on the permissible sharing method used) by coming together with other physicians to former a larger group that generates significantly more and different ancillary revenues, than he can on his own.

Another objection I hear is, “Our group compensates each other equally, their group compensates each other on productivity, and the other group compensates each other using a hybrid of the two.  Further, our group is lean and mean, our office is nice and efficient and our rent is much lower than the other group.  We cannot bear their higher overhead”.  These obstacles can be overcome by cost center accounting whereby the revenues generated, and expenses incurred, by one cost center can be allocated to that cost center.

I once brought together four practices that wanted to come together for all the reasons described above.  The fact pattern was not exactly as follows, but this will do for purposes of illustrating my point: the four practices were located in four different cities; one practice was used to sharing revenues equally, one practice was used dividing revenues based on productivity, one practice used a hybrid model of 50% equal sharing and 50% productivity based, and the fourth practice was a solo practitioner; two of the practices had very high end expensive offices, lots of granite, marble and expensive improvements, the other practices were more modest; one practice had six members to begin with, another five, another two and the last practice was a solo practioner. The members of the larger practices were significantly younger than the members of the smaller practices, but the older practitioners had more mature practices, longstanding community relationships and well established referral patterns.

Each practice had strengths and weaknesses, and they were all tired of being beat up by managed care forcing them to compete against each other.  They came to me to bridge their differences so they could peacefully and successfully coexist and change their prognosis for the future.  We formed an S corporation and prepared a sophisticated shareholders’ agreement to govern their relationship with each other.  We set forth decision making parameters that gave every member an equal voice in decision making, but also set forth specific parameters designed to protect the smaller practices from being out voted by the larger blocks on key issues including compensation, termination, etc.

We designed a cost center accounting and compensation arrangement that shared global overhead by number of physicians and allocated revenues and non-global expenses to the cost centers.  The group used their purchasing power to negotiate higher rates and to purchase malpractice and group health, life and disability insurance at a lower cost per man.  They also were able to eliminate duplicate positions across the group thereby further reducing overhead.  Finally, they were able to use their purchasing power to purchase sophisticated and expensive equipment and they began sharing the ancillary revenues therefrom.  They have grown a lot since the beginning.  However, they remain nimble, have little trouble governing themselves and have enjoyed very little physician turnover.

Who knows what lies ahead.  Are ACOs and physician/hospital integration the future?  What about comanagement of patients?  No one knows for sure, but some form of integration and/or comanagement will likely be in the future.  If so,the larger group is likely to have more leverage when it comes time to negotiating integration and comanagement arrangements with area hospitals.

It is the golden rule: He who has the gold makes the rules and patient control is the gold.  Control the number of patients, the care they need and manage their healthcare in a way that discourages duplication and over utilization, while maintaining their health and maximizing the chances they stay out of the system, and you control the flow of the health care dollar.  The country also gets healthier in the meantime and individual suffering can be reduced.

I represent hundreds of physicians all across Florida; and although many enjoy a nice lifestyle, not one of them ever told me they got into medicine to get rich.  They took an oath and they wanted to help people.  Hospitals, the federal government, and managed care entities cannot treat patients without you; and, although they serve a valuable purpose, they are not the front line of defense and are not the tip of the sword.  Never forget that.  The patient needs his physician now more than ever.  Let us see to it that the patient gets what he needs and you do not go broke delivering it.

© 2011 Baker & Hostetler LLP

Health Care Information Privacy and Security Forum

The National Law Review is pleased to inform you of American Conference Institute’s Health Care Information Privacy and Security Forum Conference on Monday, December 05 to Tuesday, December 06, 2011 at the Union League, Philadelphia, PA.

ACI

Our Nation is poised to harness the power of information technology to improve health care. Transforming our health care system into a 21st century model is a bold agenda… [I]t is more important than ever to ensure consumer trust in theprivacy and security of their health information and in the industry’s use of new technology.

Statement on Privacy and Security, Building Trust in
Health Information Exchange, July 8, 2010.
We Have Entered the Era of Health Information Technology and Face New and Daunting Challenges in Keeping Health Information Private and Secure. Assess Your Current HIPAA Compliance Program to Ensure Best HIT Practices as You Prepare for New Privacy and Security Responsibilities in the Age of HITECH.

Privacy and security of health care information are critical concerns for HIPAA covered entities and an ever expanding circle of business associates.  Knowing the basics of the HIPAA are no longer enough in the age of HITECH when mandates giving rise to the predominance of EHRs and HIEs are taking center stage in the privacy and security challenges with which privacy, information, and security officers, and their counsel must contend every day.  The modes and modalities for storing health care information are becoming more and more complex in the age of HIT — as are the safeguards for keeping this information from unauthorized disclosure.

Now is Not the Time for Regulatory Paralysis, but for Action.

Industry stakeholders are analyzing their obligations under the draft accounting and disclosure rule and awaiting the release of the final HIPAA privacy rule. However, they know that they cannot remain paralyzed with anticipation, but must act upon the information they have and that which they are already obligated to do. Now is the time to ensure that all systems are in compliance with existing law and regulation and flexible enough for reconciliation with new requirements.

Attend ACI’s Health Care Privacy and Security Forum and Get the Critical Information that You Need to Meet Your HIPAA
and HITECH Privacy and Security Challenges Head-On. 

ACI’s Health Care Privacy and Security Forum has been designed to help you navigate the legal and business complexities associated with HIPAA, HITECH (as well as state privacy and security laws and regulations) and the ever evolving legal and regulatory privacy and security landscape. Our faculty of privacy and security experts will walk you through legal and business challenges associated with the anticipated regulations; HIT infrastructure and EHRs; HIEs; business associates; breach; encryption; and enforcement.

Benefit from Special Training and Strategy Sessions that Will Address the Essentials of HIPAA and HITECH and Critical Privacy and Security Compliance Audit Competencies.

To enhance and complete your conference experience, we are pleased to offer the following training and strategy sessions:

•    HIPAA and HITECH Boot Camp: Intensive Training in Privacy and Security Essentials for Health Care Professionals which will provide you with the legal and regulatory backdrop for the more in-depth HIPAA and HITECH controversies discussed in the main conference. This is the perfect course for attendees who are new to health care privacy and security matters or for more experienced professionals who are in need of a refresher; and

•    The Working Group on Auditing, Updating and Perfecting Your Existing HIPAA / HITECH Privacy and Security Compliance Program which will help you implement best practices to ensure that your current health care privacy and security program is in-check with current law and regulations and prepare you for HITECH-mandated HHS compliance audits applicable to both HIPAA covered-entities and business associates.

As an added bonus, your conference registration includes
your choice of one of these sessions.

Reserve Your Place Now at this Critical HIPAA and HITECH Event.
Clearly, this is the health care privacy and security conference that every legal or business advisor to a HIPAA covered entity or business associate cannot afford to miss. Register now by calling 1-888-224-2480, faxing your registration form to 1-877-927-1563 or logging on to www.AmericanConference.com/HIPAA-HITECH.

Health Care Information Privacy and Security Forum

The National Law Review is pleased to inform you of American Conference Institute’s Health Care Information Privacy and Security Forum Conference on Monday, December 05 to Tuesday, December 06, 2011 at the Union League, Philadelphia, PA.

ACI

Our Nation is poised to harness the power of information technology to improve health care. Transforming our health care system into a 21st century model is a bold agenda… [I]t is more important than ever to ensure consumer trust in theprivacy and security of their health information and in the industry’s use of new technology.

Statement on Privacy and Security, Building Trust in
Health Information Exchange, July 8, 2010.
We Have Entered the Era of Health Information Technology and Face New and Daunting Challenges in Keeping Health Information Private and Secure. Assess Your Current HIPAA Compliance Program to Ensure Best HIT Practices as You Prepare for New Privacy and Security Responsibilities in the Age of HITECH.

Privacy and security of health care information are critical concerns for HIPAA covered entities and an ever expanding circle of business associates.  Knowing the basics of the HIPAA are no longer enough in the age of HITECH when mandates giving rise to the predominance of EHRs and HIEs are taking center stage in the privacy and security challenges with which privacy, information, and security officers, and their counsel must contend every day.  The modes and modalities for storing health care information are becoming more and more complex in the age of HIT — as are the safeguards for keeping this information from unauthorized disclosure.

Now is Not the Time for Regulatory Paralysis, but for Action.

Industry stakeholders are analyzing their obligations under the draft accounting and disclosure rule and awaiting the release of the final HIPAA privacy rule. However, they know that they cannot remain paralyzed with anticipation, but must act upon the information they have and that which they are already obligated to do. Now is the time to ensure that all systems are in compliance with existing law and regulation and flexible enough for reconciliation with new requirements.

Attend ACI’s Health Care Privacy and Security Forum and Get the Critical Information that You Need to Meet Your HIPAA
and HITECH Privacy and Security Challenges Head-On. 

ACI’s Health Care Privacy and Security Forum has been designed to help you navigate the legal and business complexities associated with HIPAA, HITECH (as well as state privacy and security laws and regulations) and the ever evolving legal and regulatory privacy and security landscape. Our faculty of privacy and security experts will walk you through legal and business challenges associated with the anticipated regulations; HIT infrastructure and EHRs; HIEs; business associates; breach; encryption; and enforcement.

Benefit from Special Training and Strategy Sessions that Will Address the Essentials of HIPAA and HITECH and Critical Privacy and Security Compliance Audit Competencies.

To enhance and complete your conference experience, we are pleased to offer the following training and strategy sessions:

•    HIPAA and HITECH Boot Camp: Intensive Training in Privacy and Security Essentials for Health Care Professionals which will provide you with the legal and regulatory backdrop for the more in-depth HIPAA and HITECH controversies discussed in the main conference. This is the perfect course for attendees who are new to health care privacy and security matters or for more experienced professionals who are in need of a refresher; and

•    The Working Group on Auditing, Updating and Perfecting Your Existing HIPAA / HITECH Privacy and Security Compliance Program which will help you implement best practices to ensure that your current health care privacy and security program is in-check with current law and regulations and prepare you for HITECH-mandated HHS compliance audits applicable to both HIPAA covered-entities and business associates.

As an added bonus, your conference registration includes
your choice of one of these sessions.

Reserve Your Place Now at this Critical HIPAA and HITECH Event.
Clearly, this is the health care privacy and security conference that every legal or business advisor to a HIPAA covered entity or business associate cannot afford to miss. Register now by calling 1-888-224-2480, faxing your registration form to 1-877-927-1563 or logging on to www.AmericanConference.com/HIPAA-HITECH.

Physician Separation Issues

Posted in the National Law Review an article by attorney David Schick of Baker Hostetler physician Separation Agreements:

Physician Separation Issues are best dealt with upfront in the documents the physician enters into with the practice, when the physician joins the practice as an employee and/or when the physician becomes an owner of the practice.  Obtaining a Separation Agreement at the time a physician departs, while ideal, is often not possible, especially if the departure is not amicable; which is generally the case when the practice has terminated the physician’s employment.  The best way to avoid costly and time consuming litigation at the time of separation is to have carefully drafted documents prepared up front.  Think of these documents as a prenuptial agreement of sorts designed to govern post practice relationship issues, rather than post marital relationship issues.

For example, a well drafted Employment Agreement will specify the manner in which the physician’s employment may be terminated whether for cause (i.e. a specific set of reasons the practice may terminate the physician’s employment immediately); or for no cause (i.e. by the practice or by the physician voluntarily with a required period of notice).  This Agreement also will specify the parties’ rights and obligations to each other following termination.  These rights and/or obligations can vary depending upon whether the physician terminated his employment, whether the practice terminated the physician’s employment for cause, or whether the practice terminated the physician’s employment without cause.

For example, the practice usually will pay for the physician’s malpractice insurance during the physician’s employment.  However, the physician is usually responsible for the cost of “tail” coverage upon termination of employment, which can be very expensive. A common compromise, however, is for the physician to be responsible for the cost of “tail” coverage if the physician terminates his own employment (i.e. quits), or if the practice terminates the physician’s employment for cause (i.e. because the physician committed one of the wrongful acts specified in the Employment Agreement); however, the practice may be obligated to purchase the “tail” coverage if the practice terminates the physician’s employment without cause.

The well drafted Employment Agreement also will specify that all patients treated by the physician are the practice’s patients, not the physician’s patients; and upon termination, the patients’ medical records remain the property of the practice.  However, the Employment Agreement should grant the physician the right to make copies of such records for any legitimate (non-competitive) purpose including defense of a malpractice action or a third party audit at the physician’s expense.

These Employment Agreements also will specify the parties’ obligations to each other regarding the non-disclosure of confidential information, the non-solicitation of the practice’s patients and employees, and non-competition, both during employment and following termination.  The non-competition provisions will typically specify a certain geographic service area within (and a time period during which) the physician may not practice or establish an office.  These provisions are of particular importance to both the physician and the practice; and if not properly drafted can be rendered unenforceable.  A non-competition provision that turns out to be unenforceable will come as a pleasant surprise for the departing physician and as a bitter pill for the practice to swallow.  This area of the law is currently in a state of flux, and legal expertise is critical to draft critical to draft contractual language that stands the best chance of meeting the parties’ expectations during and following the parties’ relationship with each other.

Carefully drafted buy in and entity governing documents also are necessary to deal with the issues pertaining to the practice’s and the physician’s relationship with each other during the period of ownership, and upon termination of such ownership.  The physician owner’s Employment Agreement will not only deal with the issues described above, but also will deal with the payment of any earned, but unpaid compensation payable upon the physician’s termination of employment.  This earned, but unpaid compensation typically represents the physician’s share of the practice’s accounts receivables based on a formula set forth in the Employment Agreement.  The amount payable can sometimes vary depending upon whether the practice terminated the physician’s employment for cause or without cause; or whether the physician terminated his employment.

The buy-in documents (i.e. shareholder buy-sell, operating and/or partnership agreements) depending on the nature of the entity involved, also will deal with the amount of money, if any, the physician is entitled to be paid for the physician’s ownership interest in the practice.  These Agreements, if properly drafted, spell out how the value of such ownership interest will be determined, and the manner in which payment for such interest will be made (i.e. immediately, via insurance proceeds in the event of death, and/or via a promissory note over time).  Once again, the purchase price and/or the manner of payment can vary depending upon the reason for the separation and/or on whether the physician’s separation occurs close to (or coincidently with) another owner’s separation.  Simultaneous withdrawal provisions are critical to prevent the practice from having to pay out multiple physicians at the same time, when those physicians leave together or within a relatively short period of time of each other.  Otherwise, these “simultaneous” withdrawals can create a financial burden on the practice (or a “run on the bank”) that the practice may not be able to satisfy; a disappointing result for both the practice and the departing physician.

Similar documents govern the parties’ relationship with each other, during (and upon termination of) the parties’ relationship with each other, in connection with other business entities connected with the practice.  Typically, the practice owners also own interests in the building within which the practice is located; as well as other joint ventures or entities such as ambulatory surgical or imaging centers.  Properly draft shareholder buy-sell, operating and/or partnership agreements governing these ancillary entities, also will define the parties’ rights, duties and obligations to each other in the event the physician’s relationship with the practice is terminated, and will dictate whether the departing physician also is to be bought out or otherwise removed from these entities.

In summary, not all physician departures are amicable; and in fact, many are not.  Further, the practice might not even be dealing with the physician at the time of separation; which is the case in the event of a physician’s death.  Emotions typically run high at this juncture, and carefully drafted documents will give the parties’ the security of knowing what will be expected of them at the time of separation.  The time and expense spent up front also will be significantly less than the time and expense associated with the litigation that is almost certain to ensue in the absence of pre-existing definitive agreements that govern the separation.

© 2011 Baker & Hostetler LLP