In both civil and criminal enforcement proceedings, 2017 was perhaps most notable for the cases brought against individual health care providers and small physician practice owners. Among the factors that may have resulted in the uptick in cases against individuals are the Yates Memo issued in late 2015, improved and increased reliance on sophisticated data analytics, and the aggressive focus on opioid addiction and its causes. Continue Reading Health Care Enforcement Review and 2018 Outlook: Criminal and Civil Enforcement Trends
Earlier this week, Mintz Levin’s Health Care Enforcement Defense Group published its most recent Health Care Qui Tam Update. This Update covers 34 health care-related qui tam cases that were unsealed in July 2017.
Here are some of the highlights:
– Of the 34 cases unsealed in July 2017, the government intervened (in whole or in part) in six cases and declined to intervene in 28.
– These 34 unsealed cases were filed in 21 different courts, including:
- Five in the Southern District of Ohio;
- Three in the District of Arizona; and
- Three in the Western District of Virginia.
It was a busy April for the Office for Civil Rights (“OCR”) (see our prior post on a settlement from earlier in April). On April 20, OCR announced a Resolution Agreement with Center for Children’s Digestive Health, S.C. (“CCDH”) related to CCDH’s failure to enter into a business associate agreement with a paper medical records storage vendor. The cost of that missing agreement? $31,000. Then, on April 24, OCR announced a settlement with CardioNet, a remote monitoring company for cardiac arrhythmias, related to CardioNet’s failure to implement compliant HIPAA policies and procedures and failure to conduct a sufficient risk assessment. The price of those failures? $2.5 million! Continue Reading Two HIPAA Mistakes Lead to Fines from OCR
Next week, the Massachusetts House will continue the budget process and debate over 1000 amendments that members filed to the House Ways and Means Committee’s proposed $40.3 billion FY2018 budget. The Committee’s budget includes some notable departures from Governor Baker’s proposed budget, including changes to budget items impacting the health care industry. In an Alert released earlier this week, my ML Strategies colleagues Julie Cox, Steven Baddour, Dan Connelly, Caitlin Beresin, Max Fathy and Haejin Hwang describe some of the variances in health care and public health spending proposals. Continue Reading Massachusetts Budget Process Continues with Impact on Health Care
On Wednesday, March 8, James B. Comey, Director of the FBI, was at Boston College to deliver the keynote address for the inaugural Boston Conference on Cyber Security (BCCS 2017). Director Comey addressed various industry, cyber security, FBI, law enforcement and military experts in attendance regarding current cyber threats to both industry and government assets and the FBI’s approach to confronting them. During his remarks, Director Comey was asked to opine on the biggest cyber threat to healthcare providers, to which Comey quickly responded, “ransomware.” Continue Reading Advice to Healthcare Providers on Ransomware from the Head of the FBI
Last week, the Massachusetts Department of Public Health issued another round of proposed amendments to its regulations, continuing the Baker Administration’s regulatory reform efforts. Today, we take a closer look at the proposed amendments to the proposed regulations governing the licensure of hospice programs.
As expected, many of the proposed changes are aimed at making the hospice regulations consistent with the rules that govern other health facilities such as hospitals and clinics. For example, consistent with the hospital and clinic regulations, the Commissioner would be given broad authority to determine under what circumstances a change in control of the operation of the hospice rises to the level of a “transfer of ownership”. Another change for consistency purposes is the proposed revision to the rules governing incident reporting. Under the proposed rule, a hospice inpatient facility must report unanticipated deaths and any serious incidents or accidents as defined in guidelines of the Department. Continue Reading Massachusetts Licensure of Hospice Programs Proposed Regulations – Key Take-Aways
At yesterday’s Public Health Council meeting, the Massachusetts Department of Public Health (DPH) released yet another round of proposed regulatory amendments. On deck were regulations concerning Long Term Care Facilities, Hospice Programs, and Temporary Nursing Service Agencies, as well as requirements for Training of Nurses’ Aides in Long-Term Care Facilities. Also presented were updated regulations on the Drug Formulary Commission (formerly List of Interchangeable Drug Products regulations). Senior DPH staff presented the proposed regulations, highlighting key objectives. Council members were highly engaged in the discussions, asking numerous questions and offering comments. Commissioner Monica Bharel, MD, MPH, commended DPH staff for their hard work on the amendments and the Council for its support of these ongoing efforts. Continue Reading Massachusetts Regulatory Overhaul Continues
The Massachusetts Department of Public Health (DPH) has released for public comment proposed amendments to DPH’s Medical Marijuana Regulations (105 CMR 725) (the “regulations”). DPH believes that the proposed amendments will streamline the Medical Use of Marijuana Program (the “Program”) by updating existing processes, providing additional clarity, and creating consistency with changes made to related laws, all with the goal of promoting patient access while assuring public safety is maintained. At a meeting of the Public Health Council (PHC) held on September 14, 2016, DPH representatives, including Program Director Bryan Harter, MBA, LICSW, presented the proposed amendments. DPH’s presentation to the PHC at the meeting includes a summary of the proposed amendments, as well as a brief history of the Program, including applications received, provisional Certificates of Registration to operate a Registered Marijuana Dispensary (RMD) (41), and number of RMDs currently open and dispensing marijuana for medical use (7).
Amendments are undoubtedly necessary. The current regulations, which became effective on May 24, 2013, were implemented in connection the creation of the Program, and DPH now has the benefit of experience with the RMD process to amend its regulations to reflect, in some cases, lessons learned. As with proposed amendments to other regulations (see our prior posts here and here), these amendments are also necessary to comply with Governor Baker’s Executive Order 562, which directed all executive branch state agencies to review and, where possible, streamline, simplify and improve their regulations. Continue Reading Medical Marijuana in Massachusetts – DPH Proposes Amendments to Regulations
Mintz Levin’s TCPA & Consumer Calling Practice team has issued its first monthly newsletter with legal updates and trends in this area. As we have pointed out before, the healthcare industry is not immune from litigation and enforcement based on the Telephone Consumer Protection Act (TCPA). Pharmacies and providers have been subject to settlement payments resulting from calls to consumers, and the FCC has addressed so-called “robocalls” made by healthcare providers in its rulings.
We are excited to present this inaugural Monthly TCPA Digest – Part I highlights TCPA Regulatory updates and considerations (including information about an FCC Public Notice seeking comment on a petition relating to the interaction between FCC rules and HIPAA), and then Part II explores TCPA Litigation developments. You can also learn more about our TCPA & Consumer Calling Practice from the newsletter.
With the continuing compliance challenges faced by health care industry participants and the overlay of sometimes competing regulatory frameworks, we hope this TCPA newsletter helps keep you informed of the risks and opportunities in this area. In an industry where timely and confidential communication is key, many providers and other industry participants are trying to navigate the legal landscape and keep an open line of communication with their patients and customers.
HHS Office for Civil Rights will cast a wider net and increase its investigations into smaller HIPAA privacy breaches starting this month. OCR announced a new initiative to increase its efforts examining breaches that affect fewer than 500 individuals. OCR Regional Offices already investigate every reported breach affecting 500 or more individuals, and will continue to do so, but now they will intensify efforts to scrutinize smaller breaches.
Investigations into the root cause of even a small breach can discover system- and enterprise-wide noncompliance and security and privacy shortcomings. An investigation into a single stolen laptop that held PHI of 80 individuals may uncover an entity’s failure to encrypt any of the data it stores and uses. And just as easily as a larger breach, a small breach can reveal that a covered entity has not completed a full risk assessment of its organization and its PHI protections. Continue Reading OCR to Increase Investigations of Smaller HIPAA Breaches