Presentation is loading. Please wait.

Presentation is loading. Please wait.

“Implementation of Healthcare Reform and HIT Implementation on Health Care Providers” Oct. 14, 2010 George Washington Hospital - Washington, DC Randi Kopf,

Similar presentations


Presentation on theme: "“Implementation of Healthcare Reform and HIT Implementation on Health Care Providers” Oct. 14, 2010 George Washington Hospital - Washington, DC Randi Kopf,"— Presentation transcript:

1 “Implementation of Healthcare Reform and HIT Implementation on Health Care Providers” Oct. 14, 2010 George Washington Hospital - Washington, DC Randi Kopf, RN, MS, JD Kopf HealthLaw, LLC Rockville, Maryland Rockville, Maryland

2 Randi Kopf, RN, MS, JD is the founding and principal attorney of Kopf HealthLaw, LLC, a general health law practice. Ms. Kopf has over 30 years of professional experience and serves as general and health counsel for individual physicians, medical groups, national and regional medical and allied health associations, healthcare practitioners and entities locally and across the country, as well as, certain patient matters. Her practice assists clients with corporate matters such as incorporation, practice structuring, medical practice acquisition and sale, employee agreements and employment related matters, e-medicine and e-law issues, managed care contracting and negotiations and professional grievance matters. Ms. Kopf provides advice regarding regulatory and legislative matters, practice Compliance plans, the application of federal and state legislation, fraud and abuse issues, HIPAA, Stark, Medicare, health insurance matters and the new HealthCare Reform legislation. She is an invited member of the Maryland Attorney Grievance Commission Peer Review Panel and has served on the Maryland Health Care Commission EDI/HIPAA task force that developed nationally accepted privacy guideline tools. Ms. Kopf has provided legal support for several U.S. Congressional health care bills and advocated on behalf of physicians before the US Attorney’s Health Care Fraud Task Force. She has been a sought after speaker for national and state conferences on medical legal topics. Ms. Kopf has extensive teaching experience and has held instructor and faculty positions at Georgetown University, the University of Maryland and Adelphi University. Her published work includes Compliance Program Guide, Before You Sign … Managed Care Contract Review for Health Care Providers, and The Nursing Handbook of Physical Assessment. She served as editor and contributor for the Business and Legal Guidebook for Nurse Practitioners published by The American Association of Nurse Attorneys, (TAANA). The American Bar Association, in their Health Lawyer Journal, published her article, “Antitrust Enforcement: How Medical Practices Feel the Effects”. Ms. Kopf has been a frequent contributor to professional journals. She has been an editor and contributing author for the Journal of Nursing Law. She serves on the Board of Advisors and contributor to Managed Care Contract Negotiator and Health Information Compliance Insider as well as contributing to Medicare Compliance Alert, Medical Economics, BNA E-Health Reporter and other professional publications. Ms. Kopf has been frequent lecturer for Bar and other professional associations Ms. Kopf received a B.S. from Cornell University, a B.S. and M.S. degree from the State University of New York at Stony Brook School of Nursing, and a J.D. degree from the University of Maryland School of Law. She is admitted to practice law in Maryland, the District of Columbia and the United Sates Supreme Court. Ms Kopf was Board certified as a Family Nurse Practitioner for over 25 years. She has received recognition by Who’s Who in American Medicine and Health Care, Who’s Who of American Women, Who’s Who in American Nursing and received the Cornell University Alumni Award for Outstanding Volunteerism, the National Distinguished Service Award in Nursing and the Distinguished Service Award for TAANA. Ms. Kopf is a member of the American Bar Association, American Health Lawyers Association, TAANA, Maryland (MSBA) and District of Columbia Bar, Montgomery County Bar Association (former Chair of the Health law section) and Special Technology Section of the MSBA. She serves as a Member of the Board of Directors and former Officer of TAANA, President of the Chesapeake Nurse Attorneys, Inc. and has been recognized as a “Super Lawyer” in healthcare law in Maryland and Washington, DC in SPEAKER BIO

3 DISCLAIMER This information is being provided as general education for informational purposes only and not for the purpose of providing legal advice. Although it was prepared by a professional it is not to be utilized as a substitute for personal legal counsel.

4 Healthcare Reform (ACA), HITECH Act and Your Practice Reformation of system incorporating preventive, holistic care that benefits the patients, families and society overall Reformation of system incorporating preventive, holistic care that benefits the patients, families and society overall Patient protective legislation – more covered services (H&P), coverage for children w/ pre-existing illness, previously uninsured, people with expensive medical conditions, health insurance boundaries Patient protective legislation – more covered services (H&P), coverage for children w/ pre-existing illness, previously uninsured, people with expensive medical conditions, health insurance boundaries Interdisciplinary provider networks to provide team approach care (Medical Homes) Interdisciplinary provider networks to provide team approach care (Medical Homes) Payment shift from procedures to outcome Payment shift from procedures to outcome Lower covered fees for certain specialties Lower covered fees for certain specialties Bonus payments for better patient outcomes Bonus payments for better patient outcomes Bonus payments to qualified primary care practices Bonus payments to qualified primary care practices

5 Healthcare Reform (ACA), HITECH Act and Your Practice Use of HIT to further administrative, societal and best medical practices goals Use of HIT to further administrative, societal and best medical practices goals Federal PHI data collection Federal PHI data collection EHR and electronic claims filings will be mandatory EHR and electronic claims filings will be mandatory Eligible Providers (EP) can apply for EHR grant money Eligible Providers (EP) can apply for EHR grant money Increased provider monitoring, evidence based protocols, practices and limited medical formularies Increased provider monitoring, evidence based protocols, practices and limited medical formularies Compliance plans are mandatory Compliance plans are mandatory Increased provider and practice liabilities Increased provider and practice liabilities no tort reform no tort reform

6 Global EHR Considerations Global EHR Considerations Nationally centralized and accessible patient information - acceptable pubic and national interest Nationally centralized and accessible patient information - acceptable pubic and national interest Federal collection of health data to assist tracking of potential bioterrorism events Federal collection of health data to assist tracking of potential bioterrorism events Retrieval and remote access issues Retrieval and remote access issues System interfacing - Compatible technology System interfacing - Compatible technology Ability to treat and monitor patients from remote sites including space & war zones - acceptable national and public interest Ability to treat and monitor patients from remote sites including space & war zones - acceptable national and public interest

7 Federal EHR Considerations Federal EHR Considerations Reduction in health care costs as a permissible business purpose Reduction in health care costs as a permissible business purpose Administrative simplification Administrative simplification Federal determination of Medicare patients’ ‘best choice’ of medication or treatment Federal determination of Medicare patients’ ‘best choice’ of medication or treatment Increased ability of Medicare and insurance carriers to perform electronic clinical performance reviews, referrals and billing audits of providers/health care entities Increased ability of Medicare and insurance carriers to perform electronic clinical performance reviews, referrals and billing audits of providers/health care entities Health insurance payment determinations, Workers Compensation determinations, Disability SSI determinations Health insurance payment determinations, Workers Compensation determinations, Disability SSI determinations

8 Societal EHR Considerations Acceptable public interests Acceptable public interests Reduction in medical error Reduction in medical error Promotion of public health Promotion of public health Tracking of medication prescribing and use Tracking of medication prescribing and use Identification of repetitive drug procurement for addiction or sale Identification of repetitive drug procurement for addiction or sale Improved health via EHR and effective home health care Improved health via EHR and effective home health care Professional oversight Professional oversight E-Tracking of quality of care and outcome E-Tracking of quality of care and outcome

9 HITECH ACT ( HIPAA Enforcement Provisions) Applies to HIPAA Covered Entities (healthcare providers, health plans, health care clearing houses) and their Business Associates (BA) Applies to HIPAA Covered Entities (healthcare providers, health plans, health care clearing houses) and their Business Associates (BA) Imposed breach notification requirements on covered entities and their BAs. Imposed breach notification requirements on covered entities and their BAs. Increased an individual’s rights re: PHI. Increased an individual’s rights re: PHI. Increased enforcement and penalties for violation of privacy and security of PHI. Increased enforcement and penalties for violation of privacy and security of PHI. Notification obligations only apply to unsecured PHI Notification obligations only apply to unsecured PHI Breach is defined as unauthorized acquisition, access, use or disclosure of PHI Breach is defined as unauthorized acquisition, access, use or disclosure of PHI

10 HITECH Act Enforcement HITECH Act raises the level of enforcement HITECH Act raises the level of enforcement Secretary of HHS to perform investigation of cases identified with willful neglect and to impose civil money penalties Secretary of HHS to perform investigation of cases identified with willful neglect and to impose civil money penalties State Attorney Generals permitted to bring civil action in federal court if they have reasonable belief that a citizen has been adversely affected by a HIPAA violation State Attorney Generals permitted to bring civil action in federal court if they have reasonable belief that a citizen has been adversely affected by a HIPAA violation FTC will also have regulatory authority to take action FTC will also have regulatory authority to take action

11 HITECH EHR Grant Medicare Eligible Providers Eligible Medicare Professionals (EP) Eligible Medicare Professionals (EP) Doctor of Medicine or Osteopathy, Dental Surgery, Dental Medicine, Podiatry, Optometry, Chiropractor Doctor of Medicine or Osteopathy, Dental Surgery, Dental Medicine, Podiatry, Optometry, Chiropractor Eligible Medicaid Professionals Eligible Medicaid Professionals Physicians, nurse practitioners, nurse midwives, dentist, PA in HRSA facilities Physicians, nurse practitioners, nurse midwives, dentist, PA in HRSA facilities Must register for the incentive program- begins Must register for the incentive program- begins Must have 80% of patients in certified EHR technology Must have 80% of patients in certified EHR technology Must demonstrate meaningful use for the EHR reporting period Must demonstrate meaningful use for the EHR reporting period Must meet meaningful use requirements of Stage 1 Must meet meaningful use requirements of Stage 1 90 days consecutive use for year 1 90 days consecutive use for year 1

12 EHR Grant Resources and Help

13 EHR Practice Issues Practice concerns: Practice concerns: Inhibition of patient disclosure of personal information due to access to their information Inhibition of patient disclosure of personal information due to access to their information Chilling effect of appropriate and customary Chilling effect of appropriate and customary ‘off label’ use of medications ‘off label’ use of medications Increased potential for legal liability Increased potential for legal liability Compliance with laws and policies Compliance with laws and policies Creation of forensic evidence Creation of forensic evidence Ease of misuse and abuse of PHI Ease of misuse and abuse of PHI Unauthorized redisclosure concerns Unauthorized redisclosure concerns

14 Preliminary Legal EHR Issues Contracting issues for commercial software Contracting issues for commercial software Legal compliance Legal compliance Risk assessment Risk assessment Ownership Ownership Access and Security Access and Security Certified Software Certified Software Interoperability Interoperability Insurance coverage for hardware and technology software and electronic practice Insurance coverage for hardware and technology software and electronic practice

15 EHR Practice Issues Practice concerns: Practice concerns: ed PHI is vulnerable to: ed PHI is vulnerable to: Breach of confidentiality Breach of confidentiality HIPAA/policy violation HIPAA/policy violation Incorrect party/employer viewing Incorrect party/employer viewing Theft for commercial use – cyber pirates Theft for commercial use – cyber pirates Common cause of legal action Common cause of legal action

16 EHR Practice Issues Practice Concerns: Practice Concerns: HIPAA Security Rules and HITECH ACT compliance HIPAA Security Rules and HITECH ACT compliance EHR format reduces provider critical assessment EHR format reduces provider critical assessment Forces choice of displayed options only Forces choice of displayed options only Charting errors difficult to correct and may stay with patient’s record “forever” Charting errors difficult to correct and may stay with patient’s record “forever” Increased ability to perform clinical performance reviews, referrals and billing audits of providers/entities Increased ability to perform clinical performance reviews, referrals and billing audits of providers/entities Medication prescribing controlled by program Medication prescribing controlled by program Any documentation omissions, errors, billing claim irregularities or red flags detected by computer screening Any documentation omissions, errors, billing claim irregularities or red flags detected by computer screening

17 Potential Legal Actions Civil actions Civil actions Negligence –malpractice, failure to inform, warn or protect, breach of duty of care or standard of care Negligence –malpractice, failure to inform, warn or protect, breach of duty of care or standard of care Fraud, misrepresentation, falsifying encounter information (insurance fraud) Fraud, misrepresentation, falsifying encounter information (insurance fraud) Medical record or patient consent State laws violations Medical record or patient consent State laws violations Breach of Contract Breach of Contract Breach of fiduciary duty Breach of fiduciary duty Defamation Defamation Breach of confidentiality & invasion of privacy Breach of confidentiality & invasion of privacy Federal consent laws and regulations Federal consent laws and regulations Commercial use of PHI without consent Commercial use of PHI without consent

18 Potential Legal Actions Criminal actions Criminal actions Health care fraud is a felony Health care fraud is a felony Patient encounter documentation Patient encounter documentation Billing, coding and claims submission Billing, coding and claims submission Proof of intent no longer needed Proof of intent no longer needed Practicing medicine/nursing without a license via or telemedicine Practicing medicine/nursing without a license via or telemedicine

19 Potential Legal Actions Administrative actions Administrative actions Federal or State regulatory violations can lead to civil and/or criminal actions - potential fines, penalties, restitution, imprisonment, exclusion as a Medicare/Medicaid provider and loss of professional license Federal or State regulatory violations can lead to civil and/or criminal actions - potential fines, penalties, restitution, imprisonment, exclusion as a Medicare/Medicaid provider and loss of professional license Filing a complaint with OCR, HHS, CMS, DOJ, OIG, EEOC, FBI, USAG, or State AG office Filing a complaint with OCR, HHS, CMS, DOJ, OIG, EEOC, FBI, USAG, or State AG office Filing a professional grievance with the professional Board Filing a professional grievance with the professional Board Noncompliance with documentation principles or professional guidelines Noncompliance with documentation principles or professional guidelines Professional Board investigation into violations of Professional Rules of Conduct and Practice Acts Professional Board investigation into violations of Professional Rules of Conduct and Practice Acts Filing a complaint with JCAHO or State Department of Health Filing a complaint with JCAHO or State Department of Health

20 EHR Increases Practice Liabilities Use of electronic forensic firms to reveal ‘deleted’ data, metadata and other e- evidence Use of electronic forensic firms to reveal ‘deleted’ data, metadata and other e- evidence Greater potential for significant damages with the EHR Greater potential for significant damages with the EHR Ease & Speed of disclosure Ease & Speed of disclosure Breadth of potential disclosure Breadth of potential disclosure Reproduction of initial error Reproduction of initial error Identification and creation of pattern of errors Identification and creation of pattern of errors HITECH Act gives everyone in a medical office personal liability HITECH Act gives everyone in a medical office personal liability

21 Potential Consequences of Regulatory Violations Loss of Professional License Loss of Professional License Loss of Employment Loss of Employment Legal Actions Against you, your practice or your employer Legal Actions Against you, your practice or your employer Fines – you, your practice or your employer Fines – you, your practice or your employer Exclusion from Medicare/Medicaid as a Provider Exclusion from Medicare/Medicaid as a Provider Personal Property & Asset Forfeiture Personal Property & Asset Forfeiture Prison Prison

22 Steps to Minimize EHR Related Liabilities Perform a technology risk assessment Perform a technology risk assessment Assess computer security and file access Assess computer security and file access Identify security of electronic communications Identify security of electronic communications EHR, , PDA, Texting, Website EHR, , PDA, Texting, Website Identify any current noncompliant physicians, staff or office practices Identify any current noncompliant physicians, staff or office practices Policy regarding taking laptops home Policy regarding taking laptops home Review electronic vendor contracts Review electronic vendor contracts HIPAA Privacy & Security compliance HIPAA Privacy & Security compliance Liability Liability Warranty and Fitness for use Warranty and Fitness for use

23 Reducing Practice Liability Technology Risk Assessment Perform a risk assessment prior to notification if there is an unauthorized breach or disclosure Perform a risk assessment prior to notification if there is an unauthorized breach or disclosure What was the type and amount of PHI involved? What was the type and amount of PHI involved? Determine if the impermissible disclosure compromised the privacy or security of the PHI and/or the individual Determine if the impermissible disclosure compromised the privacy or security of the PHI and/or the individual Are there any applicable exceptions? Are there any applicable exceptions? What, if any, notification requirements apply What, if any, notification requirements apply Time runs from when breach is discovered Time runs from when breach is discovered These reporting exceptions are considered controversial and HHS is currently considering revising or repealing these criteria by the end of 2010 These reporting exceptions are considered controversial and HHS is currently considering revising or repealing these criteria by the end of 2010 To remove the ‘harm’ determination from the breaching entity and increased patient protection To remove the ‘harm’ determination from the breaching entity and increased patient protection

24 Plan to Minimize Potential Violations Create HIPAA compliant policies and procedures for your workplace Create HIPAA compliant policies and procedures for your workplace Inform staff that violations can be grounds for immediate termination Inform staff that violations can be grounds for immediate termination Obtain proper consent from patients Obtain proper consent from patients Discuss or disclose PHI in private and appropriate areas Discuss or disclose PHI in private and appropriate areas Don ’ t leave a computer, laptop, PDA, cell phone with PHI unattended or unlocked Don ’ t leave a computer, laptop, PDA, cell phone with PHI unattended or unlocked Policy regarding portable devices containing EHR Policy regarding portable devices containing EHR

25 Plan to Minimize Potential Violations Confirm compliance efforts required by HIPAA, related laws and regulations Confirm compliance efforts required by HIPAA, related laws and regulations Limit staff access to PHI with passwords, biometrics, etc. Limit staff access to PHI with passwords, biometrics, etc. Be sure EHR includes the ability to retrieve PHI and a trail of any disclosures Be sure EHR includes the ability to retrieve PHI and a trail of any disclosures Have a signed Business Associate Agreement with vendors, lawyers, etc. prior to releasing PHI Have a signed Business Associate Agreement with vendors, lawyers, etc. prior to releasing PHI Post, make available and update the NPP Post, make available and update the NPP Work with an experienced health lawyer Work with an experienced health lawyer

26 26 E-Health Resources National Coordinator for Health Information Technology of HHS (ONC) – National Coordinator for Health Information Technology of HHS (ONC) – CMS Doctors’ Office Quality Information Technology (DOQ-IT) CMS Doctors’ Office Quality Information Technology (DOQ-IT) The President's Information Technology Advisory Committee – June 2004 The President's Information Technology Advisory Committee – June 2004 Certification Commission for Health Information Technology – Certification Commission for Health Information Technology – ARRA HIT Grants – ARRA HIT Grants – Healthcare Information and Management Systems Society –www.himss.org Healthcare Information and Management Systems Society –www.himss.org Office for the Advancement of Telehealth (OAT) – telehealth.hrsa.gov Office for the Advancement of Telehealth (OAT) – telehealth.hrsa.gov American Health Information Community of HHS American Health Information Community of HHS Patient Privacy Rights – org Patient Privacy Rights – org

27 27 E-Health Resources Telemedicine Information Exchange - tie.telemed.org Telemedicine Information Exchange - tie.telemed.org Electronic Privacy Center – Electronic Privacy Center – Association of Telehealth Service Providers – Association of Telehealth Service Providers – International Society for Telemedicine – International Society for Telemedicine – Center for Telemedicine Law – Center for Telemedicine Law – American Medical Association – assn.org American Medical Association – assn.org Dept. of Health & Human Services – HIT – ts/plans/hit Dept. of Health & Human Services – HIT – ts/plans/hit American Medical Informatics Association - American Medical Informatics Association - American Health Information Management Association - American Health Information Management Association - American Telemedicine Association – American Telemedicine Association – Office of Rural health Policy – Office of Rural health Policy –

28 Federal Governance of the EHR PPACA – Patient Protection and Affordable Care Act PPACA – Patient Protection and Affordable Care Act HIPAA – Privacy and Security Rules & HITECH Act HIPAA – Privacy and Security Rules & HITECH Act ARRA & HITECH Act ARRA & HITECH Act Office of the National Coordinator of Health Information Technology (ONC) Office of the National Coordinator of Health Information Technology (ONC) Certification Commission of Health Information Technology (CCHIT) Certification Commission of Health Information Technology (CCHIT) Social Security Act - Medicare\Medicaid Social Security Act - Medicare\Medicaid E-Prescribing Act of 2005 E-Prescribing Act of 2005 Health Care Fraud/False Claims Act (FCA) Health Care Fraud/False Claims Act (FCA) Prohibited Physician Referral Laws – Stark Prohibited Physician Referral Laws – Stark Referral linked on E-Rx Referral linked on E-Rx Antikickback Statute Antikickback Statute Workers Compensation Workers Compensation Freedom of Information Act (FOIA) Freedom of Information Act (FOIA) Home Land Security Home Land Security Public Health laws Public Health laws Substance Abuse Treatment records Substance Abuse Treatment records Disease and abuse reporting Disease and abuse reporting


Download ppt "“Implementation of Healthcare Reform and HIT Implementation on Health Care Providers” Oct. 14, 2010 George Washington Hospital - Washington, DC Randi Kopf,"

Similar presentations


Ads by Google