Category: Regulatory

Health Care Information Privacy and Security Forum

The National Law Review is pleased to inform you of American Conference Institute’s Health Care Information Privacy and Security Forum Conference on Monday, December 05 to Tuesday, December 06, 2011 at the Union League, Philadelphia, PA.

ACI

Our Nation is poised to harness the power of information technology to improve health care. Transforming our health care system into a 21st century model is a bold agenda… [I]t is more important than ever to ensure consumer trust in theprivacy and security of their health information and in the industry’s use of new technology.

Statement on Privacy and Security, Building Trust in
Health Information Exchange, July 8, 2010.
We Have Entered the Era of Health Information Technology and Face New and Daunting Challenges in Keeping Health Information Private and Secure. Assess Your Current HIPAA Compliance Program to Ensure Best HIT Practices as You Prepare for New Privacy and Security Responsibilities in the Age of HITECH.

Privacy and security of health care information are critical concerns for HIPAA covered entities and an ever expanding circle of business associates.  Knowing the basics of the HIPAA are no longer enough in the age of HITECH when mandates giving rise to the predominance of EHRs and HIEs are taking center stage in the privacy and security challenges with which privacy, information, and security officers, and their counsel must contend every day.  The modes and modalities for storing health care information are becoming more and more complex in the age of HIT — as are the safeguards for keeping this information from unauthorized disclosure.

Now is Not the Time for Regulatory Paralysis, but for Action.

Industry stakeholders are analyzing their obligations under the draft accounting and disclosure rule and awaiting the release of the final HIPAA privacy rule. However, they know that they cannot remain paralyzed with anticipation, but must act upon the information they have and that which they are already obligated to do. Now is the time to ensure that all systems are in compliance with existing law and regulation and flexible enough for reconciliation with new requirements.

Attend ACI’s Health Care Privacy and Security Forum and Get the Critical Information that You Need to Meet Your HIPAA
and HITECH Privacy and Security Challenges Head-On. 

ACI’s Health Care Privacy and Security Forum has been designed to help you navigate the legal and business complexities associated with HIPAA, HITECH (as well as state privacy and security laws and regulations) and the ever evolving legal and regulatory privacy and security landscape. Our faculty of privacy and security experts will walk you through legal and business challenges associated with the anticipated regulations; HIT infrastructure and EHRs; HIEs; business associates; breach; encryption; and enforcement.

Benefit from Special Training and Strategy Sessions that Will Address the Essentials of HIPAA and HITECH and Critical Privacy and Security Compliance Audit Competencies.

To enhance and complete your conference experience, we are pleased to offer the following training and strategy sessions:

•    HIPAA and HITECH Boot Camp: Intensive Training in Privacy and Security Essentials for Health Care Professionals which will provide you with the legal and regulatory backdrop for the more in-depth HIPAA and HITECH controversies discussed in the main conference. This is the perfect course for attendees who are new to health care privacy and security matters or for more experienced professionals who are in need of a refresher; and

•    The Working Group on Auditing, Updating and Perfecting Your Existing HIPAA / HITECH Privacy and Security Compliance Program which will help you implement best practices to ensure that your current health care privacy and security program is in-check with current law and regulations and prepare you for HITECH-mandated HHS compliance audits applicable to both HIPAA covered-entities and business associates.

As an added bonus, your conference registration includes
your choice of one of these sessions.

Reserve Your Place Now at this Critical HIPAA and HITECH Event.
Clearly, this is the health care privacy and security conference that every legal or business advisor to a HIPAA covered entity or business associate cannot afford to miss. Register now by calling 1-888-224-2480, faxing your registration form to 1-877-927-1563 or logging on to www.AmericanConference.com/HIPAA-HITECH.

EPA Proposes Changes to Underground Storage Tank Regulations

Posted in the National Law Review an article by attorneys Julie A. FournierMichael J. Hughes and Lisa S. Zebovitz of Neal, Gerber & Eisenberg LLP about the EPA’s porposed changes to the underground storage tanks:

 

For the first time since federal regulations regarding underground storage tanks (USTs) were first promulgated in 1988, the United States Environmental Protection Agency (EPA) is proposing significant changes and additions to these regulations. The proposed rulemaking, found at 76 FR 71708, includes new requirements for USTs primarily focusing on proper operation and maintenance and spill prevention. EPA asserts that the revisions will improve the detection and prevention of UST releases leading to increased protection of human health and the environment.

Newly added requirements include secondary containment for new and replaced USTs, operator training programs, and periodic operation and maintenance requirements for UST systems, such as monthly inspections of spill prevention and release detection equipment, yearly testing of spill prevention equipment, and the testing of overfill prevention and certain secondary containment equipment every three years. In addition, deferrals for certain types of tanks will be eliminated. These requirements are intended to reflect significant technological advances made in the last two decades.

The proposed changes may be significant to the commercial and manufacturing sectors if they become effective. From a practical standpoint, owners and operators of tanks in the vast majority of states with approved UST programs may ultimately see changes in state regulations. States currently operating under an approved UST program will have three years to submit a revised program approval package to conform to the new regulations. Therefore, if the proposed regulations become effective, owners and operators of USTs should monitor changes to state programs closely. Owners and operators located in one of the few remaining states that do not have an approved UST program may be required under the new regulations to notify EPA when bringing a UST system into use or following a change in ownership.

Documents related to the proposed changes identified above, including a comparison of the current and proposed regulations and a Regulatory Impact Analysis, are available on EPA’s Web site. Comments to the proposed rule must be received by EPA on or before Feb. 16, 2012.

© 2011 Neal, Gerber & Eisenberg LLP.

Future of Tribal Internet Gaming Subject of Oversight Hearing

 
 
 
On November 17, 2011, the Senate Committee on Indian Affairs is conducting an oversight hearing to discuss the future of tribal Internet gaming. There are several witnesses from government regulatory agencies, tribal governments and gaming associations, and the gaming industry who will offer testimony regarding the use of the Internet to serve tribal gaming operations in the future. The Internet is a largely unregulated medium which has seen increased use by commercial interests to conduct business operations and exchanges. Recently, in the case of Comcast v. FCC, the federal Court has held that the FCC lacks the ability under the FCC’s ancillary authority in the Communications Act,to regulate Internet Service Providers like Comcast. In the Comcast case, the FCC attempted to prevent Comcast from using network management operations which allegedly excluded non-Comcast applications from its Internet network. Comcast challenged the assertion of FCC authority in regard to regulating the Internet under the Communications Act. Prior to this case, the FCC classified the Internet as an informational service as opposed to a common carrier like a traditional telephone company. Under the Communications Act and FCC regulations, a common carrier is subject to a wider range of FCC regulation than is an informational service. The decision by the Court in Comcast upheld the classification of the Internet as an informational service and as a result, the Court determined that the FCC had no authority to regulate the Internet, such that it could impose punitive action against an Internet Service Provider such as Comcast.On a similar front, states are generally allowed a minimal role in regulation of the Internet. States are permitted to regulate the Internet only so far as the action to be regulated occurs entirely within the state and the action does not involve interstate commerce. Thus, many tribes are not subject to state regulatory jurisdiction when it comes to the Internet. A question which may be raised as a part of the discussion about to occur in the Senate this week should involve the ability of the states to regulate gaming if it occurs over the Internet on an Indian Reservation or gaming facility. The push to regulate Internet gaming may also raise questions about the Communications Act and whether it will have to be amended to allow federal agencies an expanded role in regulating the Internet. There are no Internet Service Providers who appear to be testifying at the upcoming Senate hearing and it would likely be prudent at some point to include them in future discussions. After all, it is the Internet Service Providers who will provide gaming operations with the connectivity to the Internet, service the Internet connections to ensure reliability and speed, and most importantly, provide the necessary Internet security to prevent cyber attacks or the loss of customer personally identifiable information.

© 2002-2011 by Williams Kastner ALL RIGHTS RESERVED

OSHA Seeking Comment on SOX Whistleblower Complaint Rules

 

 

 

 

Posted in the National Law Review an article by attorney Virginia E. Robinson of  Greenberg Traurig regarding OSHA  seeking public comment on interim final rules that revise its regulations on the filing and handling of Sarbanes-Oxley Act (SOX) whistleblower complaints

GT Law

The U.S. Department of Labor’s Occupational Safety and Health Administration (OSHA) is seeking public comment on interim final rules that revise its regulations on the filing and handling of Sarbanes-Oxley Act (SOX) whistleblower complaints.

OSHA, the entity charged with receiving and investigating SOX whistleblower complaints, issued the interim rules in part to implement the amendments to SOX’s whistleblower protections that were included in the Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010. Those amendments include an extension of the statute of limitations period for filing a complaint from 90 to 180 days. They also clarify that nationally recognized statistical rating organizations and subsidiaries of publicly traded companies are covered employers under SOX.

In addition to implementing the Dodd-Frank amendments, the interim rules also seek to improve OSHA’s handling of SOX whistleblower complaints, and will permit the filing of oral complaints and complaints in any language.

The planned amendments to those regulations were published in the Nov. 3 Federal Register. Comments must be received by Jan. 3, 2012, and may be submitted online, by mail, or by fax. The Depatment of Labor’s recent news release provides additional details.

©2011 Greenberg Traurig, LLP. All rights reserved.

Department of Labor Revises Conflict Disclosure Requirements for Labor Union Officials

Barnes & Thornburg LLP‘s Labor and Employment Law Department recently posted in the National Law Review an article about the United States Department of Labor’s Office of Labor-Management Standards adopted a final rule revising the information that union officials must disclose on Form LM-30, the Labor Organization Office and Employee Report.:

 

 

On Oct. 26, 2011, the United States Department of Labor’s Office of Labor-Management Standards adopted a final rule revising the information that union officials must disclose on Form LM-30, the Labor Organization Office and Employee Report. The new rule reverses the rule published by the agency in 2007 that significantly expanded the financial disclosure requirements of union officials. Effective Nov. 25, 2011, union officials are now required to disclose only payments and interests that involve “actual or likely” conflicts between the official’s personal financial interests and his or her duties to the union. The DOL explains that such conflicts include “payments, interests and transactions involving the employers whose employees the union represents or actively seek to represent, vendors and service providers to such employers, the official’s union or the union’s trust and other employers from which a payment could create a conflict.” The new rule applies to reports required by union officials with fiscal years beginning on or after Jan. 1, 2012.

Use of Form LM-30 for reporting purposes began in 1963 pursuant to Section 202 of the Labor-Management Reporting and Disclosure Act. Although the reporting requirements for Form LM-30 were significantly expanded in 2007, the DOL had issued a non-enforcement policy in 2009 that allowed filers to use either the 2007 expanded version of Form LM-30 or the 1963 version of the Form to disclose potential conflicts.

© 2011 BARNES & THORNBURG LLP

CMS Releases its CY 2012 OPPS Final Rule

Posted recently in  the National Law Review by Scott J. Thill of von Briesen & Roper, S.C.  regarding  CY 2012 Outpatient Prospective Pzyment System:

 

CMS has released its CY 2012 Outpatient Prospective Payment System (OPPS) Final Rule, effective January 1, 2012.  Notable provisions of the Final Rule include:

  • A market basket update of 1.9%.
  • Adjustment to payment rates for certain cancer hospitals.
  • A process for the APC Panel to evaluate requests for alternative supervision levels for hospital outpatient therapeutic services and issue recommendations to CMS on the same.
  • The addition of three quality measures for hospital outpatient departments to report for purposes of the CY 2014 and CY 2015 payment determinations.  The new measures include: (i) a measure relating to cardiac rehabilitation patient referrals; (ii) a measure relating to the use of a safe surgery checklist; and (iii) a measure relating to hospital outpatient department volume for selected surgical procedures.
  • A reduction in the number of randomly selected hospitals (from 800 to 450) for validating hospital outpatient quality reporting data for the CY 2013 payment determination.
  • Revisions to the hospital value-based purchasing program.
  • A process for physician-owned hospitals to apply for an exception to the federal prohibition on expanding facility capacity in physician-owned hospitals.

How Lessors and Lenders Can Audit the Eurocontrol Accounts of Lessees

Recently posted in the National Law Review an article by attorney John I. Karesh of Vedder Price P.C. regarding  lessors will no longer receive an aircraft operator’s statement of account from Eurocontrol via e-mail.

Eurocontrol has implemented a change to the way lessors, lenders and security trustees can audit the Eurocontrol accounts of lessees. Effective September 1, 2011, lessors will no longer receive an aircraft operator’s statement of account from Eurocontrol via e-mail. In an attempt to provide better security, Eurocontrol will now provide such statements only upon the lessor’s request via a secured extranet system called CEFA (Central Route Charges Office Extranet for Airspace Users). We have been advised by Eurocontrol that lenders and security trustees also will be granted access to CEFA under the same protocol. In order to gain access, the requesting party needs to complete an Agreement (available on Eurocontrol’s website). Once the Agreement is completed and received by Eurocontrol, the requesting party can view an operator’s statement of account online 24/7. Access is free. However, requesting parties must obtain approval from each operator whose statement of account they wish to view by having the operator sign an Authorization Letter in the prescribed form.

Because lenders and lessors must execute the Agreement, they should take note that the Agreement contains various noteworthy provisions including the following: Article 4 provides that to the extent permitted by national law, in the event of a dispute, Eurocontrol’s data, including metadata, shall be admissible in court and shall constitute evidence of the facts contained therein unless contrary evidence is adduced. Section 9.2 provides that once a statement of account becomes available on CEFA, it shall be deemed received by the “Leasing Company,” which agrees to proactively and regularly check the CEFA site. Article 13 contains various provisions concerning confidentiality and protection of data. Section 14.2 requires the Leasing Company to indemnify Eurocontrol against any claims for damages made by third parties where the claims or damages are due to a fault of the Leasing Company. Article 15 provides that without prejudice to any mandatory national law, the transmission of electronic data under the Agreement shall be governed by Belgian law. Article 16 provides that any dispute arising out of or in connection with the Agreement shall be referred to the Brussels Court of First Instance (Belgium), which shall have sole jurisdiction.

Also, Section 17.3 provides that the Agreement is for an indefinite period, but either party may terminate it on not less than three months’ written notice, and that Eurocontrol is entitled to terminate or suspend the Agreement in a case foreseen under the confidentiality and protection of data provisions (Section 13.1) or if all authorizations to release Statements of Account to the lessor have been withdrawn. Section 17.4 provides that access to the Statements of Account of an Aircraft Operator will be terminated without notice in case of the withdrawal of the authorization to release such Statements of Account. However, the prescribed form of Authorization Letter provides that it may only be revoked or amended by written instructions from the operator and lessor.

The foregoing is merely a summary of a few of the provisions of the Agreement. All provisions should carefully be reviewed before signing. However, it appears the only way lessors, lenders and security trustees can obtain the statement of an operator’s account is by means of the Authorization Letter and signed Agreement.

© 2011 Vedder Price P.C.

Health Care Information Privacy and Security Forum

The National Law Review is pleased to inform you of American Conference Institute’s Health Care Information Privacy and Security Forum Conference on Monday, December 05 to Tuesday, December 06, 2011 at the Union League, Philadelphia, PA.

ACI

Our Nation is poised to harness the power of information technology to improve health care. Transforming our health care system into a 21st century model is a bold agenda… [I]t is more important than ever to ensure consumer trust in theprivacy and security of their health information and in the industry’s use of new technology.

Statement on Privacy and Security, Building Trust in
Health Information Exchange, July 8, 2010.
We Have Entered the Era of Health Information Technology and Face New and Daunting Challenges in Keeping Health Information Private and Secure. Assess Your Current HIPAA Compliance Program to Ensure Best HIT Practices as You Prepare for New Privacy and Security Responsibilities in the Age of HITECH.

Privacy and security of health care information are critical concerns for HIPAA covered entities and an ever expanding circle of business associates.  Knowing the basics of the HIPAA are no longer enough in the age of HITECH when mandates giving rise to the predominance of EHRs and HIEs are taking center stage in the privacy and security challenges with which privacy, information, and security officers, and their counsel must contend every day.  The modes and modalities for storing health care information are becoming more and more complex in the age of HIT — as are the safeguards for keeping this information from unauthorized disclosure.

Now is Not the Time for Regulatory Paralysis, but for Action.

Industry stakeholders are analyzing their obligations under the draft accounting and disclosure rule and awaiting the release of the final HIPAA privacy rule. However, they know that they cannot remain paralyzed with anticipation, but must act upon the information they have and that which they are already obligated to do. Now is the time to ensure that all systems are in compliance with existing law and regulation and flexible enough for reconciliation with new requirements.

Attend ACI’s Health Care Privacy and Security Forum and Get the Critical Information that You Need to Meet Your HIPAA
and HITECH Privacy and Security Challenges Head-On. 

ACI’s Health Care Privacy and Security Forum has been designed to help you navigate the legal and business complexities associated with HIPAA, HITECH (as well as state privacy and security laws and regulations) and the ever evolving legal and regulatory privacy and security landscape. Our faculty of privacy and security experts will walk you through legal and business challenges associated with the anticipated regulations; HIT infrastructure and EHRs; HIEs; business associates; breach; encryption; and enforcement.

Benefit from Special Training and Strategy Sessions that Will Address the Essentials of HIPAA and HITECH and Critical Privacy and Security Compliance Audit Competencies.

To enhance and complete your conference experience, we are pleased to offer the following training and strategy sessions:

•    HIPAA and HITECH Boot Camp: Intensive Training in Privacy and Security Essentials for Health Care Professionals which will provide you with the legal and regulatory backdrop for the more in-depth HIPAA and HITECH controversies discussed in the main conference. This is the perfect course for attendees who are new to health care privacy and security matters or for more experienced professionals who are in need of a refresher; and

•    The Working Group on Auditing, Updating and Perfecting Your Existing HIPAA / HITECH Privacy and Security Compliance Program which will help you implement best practices to ensure that your current health care privacy and security program is in-check with current law and regulations and prepare you for HITECH-mandated HHS compliance audits applicable to both HIPAA covered-entities and business associates.

As an added bonus, your conference registration includes
your choice of one of these sessions.

Reserve Your Place Now at this Critical HIPAA and HITECH Event.
Clearly, this is the health care privacy and security conference that every legal or business advisor to a HIPAA covered entity or business associate cannot afford to miss. Register now by calling 1-888-224-2480, faxing your registration form to 1-877-927-1563 or logging on to www.AmericanConference.com/HIPAA-HITECH.

Medicare Part B premiums for 2012 lower than projected

Recently posted in the National Law Review an article by U.S. Department of Human & Health Services regarding Medicare Part B premiums:

Health & Human Services

Affordable Care Act helps keep Medicare affordable 

The U.S. Department of Health and Human Services (HHS) announced that Medicare Part B premiums in 2012 will be lower than previously projected and the Part B deductible will decrease by $22. While the Medicare Trustees predicted monthly premiums would be $106.60, premiums will instead be $99.90. Earlier this year, HHS announced that average Medicare Advantage premiums would decrease by four percent and premiums paid for Medicare’s prescription drug plans would remain virtually unchanged.

Thanks to the Affordable Care Act, people with Medicare also receive free preventive services and a 50 percent discount on covered prescription drugs when they enter the prescription drug “donut hole.”  This year, 1.8 million people with Medicare have received cheaper prescription drugs, while nearly 20.5 million Medicare beneficiaries have received a free Annual Wellness Visit or other free preventive services like cancer screenings.

“The Affordable Care Act is helping to keep Medicare strong and affordable,” said HHS Secretary Kathleen Sebelius. “People with Medicare are seeing higher quality benefits, better health care choices, and lower costs. Health reform is also strengthening the Medicare Hospital Insurance Trust Fund and cracking down on Medicare fraud.”

Medicare Part B covers physicians’ services, outpatient hospital services, certain home health services, durable medical equipment, and other items. In 2012, the “standard” Medicare Part B premium will be $99.90. This is a $15.50 decrease over the standard 2011 premium of $115.40 paid by new enrollees and higher income Medicare beneficiaries and by Medicaid on behalf of low-income enrollees.

The majority of people with Medicare have paid $96.40 per month for Part B since 2008, due to a law that freezes Part B premiums in years where beneficiaries do not receive cost-of-living (COLA) increases in their Social Security checks. In 2012, these people with Medicare will pay the standard Part B premium of $99.90, amounting to a monthly change of $3.50 for most people with Medicare. This increase will be offset for almost all seniors and people with disabilities by the additional income they will receive thanks to the Social Security cost-of-living adjustment (COLA). For example, the average COLA for retired workers will be about $43 a month, which is substantially greater than the $3.50 premium increase for affected beneficiaries. Additionally, the Medicare Part B deductible will be $140, a decrease of $22 from 2011.

“Thanks in part to the Affordable Care Act, people with Medicare are going to have more money in their pockets next year,” said Centers for Medicare & Medicaid Services (CMS) Administrator Donald Berwick, M.D. “With new tools provided by the Affordable Care Act, we are improving how we pay providers, helping patients get the care they need, and spending our health care dollars more wisely.”

Today, CMS also announced modest increases in Medicare Part A monthly premiums as well as the deductible under Part A. Monthly premiums for Medicare Part A, which pays for inpatient hospitals, skilled nursing facilities, and some home health care, are paid by just the 1 percent of beneficiaries who do not otherwise qualify for Medicare. Medicare Part A monthly premiums will be $451 for 2012, an increase of $1 from 2011. The Part A deductible paid by beneficiaries when admitted as a hospital inpatient will be $1,156 in 2012, an increase of $24 from this year’s $1,132 deductible. These changes are well below increases in previous years and general inflation.

For more information on how seniors are getting more value out of Medicare, please visit:http://www.healthcare.gov/news/factsheets/2011/10/medicare10272011a.html

For more information about the Medicare premiums and deductibles for 2012, please visit:https://www.cms.gov/apps/media/fact_sheets.asp

© Copyright 2011 U.S. Department of Human & Health Services

IRS Announces Retirement Plan Limitations for 2012 Tax Year – Most Limits Increased

Recently posted in the National Law Review an article written by Alyssa D. Dowse of von Briesen & Roper, S.C. regarding the cost of living adjustments for the 2012 tax year:

The Internal Revenue Service (“IRS”) has announced the cost of living adjustments for the 2012 tax year, which affect various dollar limitations for retirement plans. The IRS increased many of these limitations for the first time since 2009. Some limitations remain unchanged. The following chart highlights many of the noteworthy limitations for the 2012 tax year.

Plan Limit

2011

2012
Social Security Taxable Wage Base $106,800 $110,100
Annual Compensation (Code Section 401(a)(17)) $245,000 $250,000
Elective Deferral (Contribution) Limit for Employees who Participate in 401(k), 403(b) and most 457(b) Plans (Code Sections 402(g), 457(e)(15)) $16,500 $17,000
Age 50 Catch-Up Contribution Limit (Code Section 414(v)(2)(B)(i)) $5,500 $5,500
Highly Compensated Employee Threshold (Code Section 414(q)(1)(B)) $110,000 $115,000
Defined Contribution Plan Limitation on Annual Additions (Code Section 415(c)(1)(A)) $49,000 $50,000
Defined Benefit Plan Limitation on Annual Benefit (Code Section 415(b)(1)(A)) $195,000 $200,000
ESOP Distribution Period Rules—Payouts in Excess of Five Years (Code Section 409(o)(1)(C)) $985,000

$195,000

 $1,015,000

$200,000
Key Employee Compensation Threshold for Officers (Code Section (416(i)(1)(A)(i)) $160,000 $165,000

Plan sponsors should review employee communications and update such communications as appropriate based on the 2012 cost of living adjustments. Other cost of living adjustments can be found on the IRS  website: http://www.irs.gov/retirement/article/0,,id=96461,00.html.

©2011 von Briesen & Roper, s.c