OCR has settled its thirteenth enforcement action under the HIPAA Right of Access Initiative, which involved a primary care physician practicing in the State of Georgia. Dr. Peter Wrobel, M.D., P.C., operating under the fictitious name of Elite Primary Care, became subject to an OCR investigation (twice) for his alleged violations of the HIPAA Privacy Rule. Dr. Wrobel must pay a Resolution Amount of $36,000.00 and implement a two year Corrective Action Plan following the OCR’s second investigation. This is an example of another single patient complaint leading to a substantial penalty under the Right of Access Initiative.
Category: Alert
The owner of an Orlando-area telemarketing call center was convicted for his role in a kickback scheme involving expensive genetic tests and fraudulent telemedicine services that resulted in the payment of approximately $2.8 million in false and fraudulent claims to Medicare.
Ivan Andre Scott, 34, of Kissimmee, Florida was convicted after a four-day trial of one count of conspiracy to commit health care fraud, three counts of health care fraud, one count of conspiracy to defraud the United States and pay and receive health care kickbacks, and three counts of receiving kickbacks.
The evidence showed that Scott targeted Medicare beneficiaries with telemarketing phone calls falsely stating that Medicare covered expensive cancer screening genetic testing, or “CGx.” The tests could cost as much as $6,000 per test. After beneficiaries agreed to take the test, the evidence showed Scott paid bribes and kickbacks to telemedicine companies to obtain doctor’s orders authorizing the tests.
Between November 2018 and May 2019, labs submitted more than $2.8 million in claims to Medicare for genetic tests Scott referred to them, of which Medicare paid over $880,000. In that timeframe, Scott personally received approximately $180,000 for his role in the scheme.
Source: Patient Recruiter Convicted in $2.8 Million Telemedicine Scheme Against Medicare
The Hospital Price Transparency Rule went into effect on January 1, 2021. The Rule requires all hospitals operating within the United States to make public a list of their standard charges for items and services via the Internet in a machine-readable format. Hospitals must also provide prices for a list of 300 shoppable services that must be made publicly available in a searchable, consumer-friendly format. The Rule’s intent is to enable healthcare consumers to make more informed decisions based on cost, increase market competition, and ultimately drive down the cost of healthcare services, making them more affordable for all patients.
Proposed Changes to HIPAA Privacy Rule
HHS has proposed several important changes to the HIPAA Privacy Rule to bring it in line with HHS’s Sprint Toward Coordinated Care initiative. These proposed changes are not yet final. Comments on the proposed rules are due within 60 days of their publication in the Federal Register.
- Reducing the time that covered entities have to respond to a patient’s request to access his or her medical records to 15 calendar days (with the possibility of a 15 day extension);
- Allowing an individual to take notes, videos, and photographs, and use other personal resources to capture Protected Health Information (“PHI”) in a designated record set when accessing PHI in person;
- Changing the fee structure applicable to requests for access to PHI and adding a requirement that covered entities provide advance notice of approximate fees for copies of PHI;
- Modifying the definition of “health care operations” to clarify that the term encompasses both individual-level and population-based care coordination and case management activities by health plans and covered health care providers;
- Adding an exception to the minimum necessary standard for disclosures to, or requests by, a health plan or covered health care provider for care coordination and case management for an individual;
- Expressly allowing covered entities to disclose PHI to social services agencies, community based organizations, home and community based service providers, and other similar third parties that provide health-related services to specific individuals for individual-level care coordination and case management;
- Replacing the “professional judgment standard” with a “good faith standard” for certain disclosures of PHI allowed in the Privacy Rule;
- Eliminating the requirement for a direct treatment provider to obtain written acknowledgment of receipt of the Notice of Privacy Practices (“NPP”) and adding an individual right to discuss the NPP with a person designated by the covered entity;
- Expressly allowing covered entities and their business associates to disclose PHI to telecommunications relay service communications assistants; and
- Expanding the current Armed Forces exception for covered entities to use and disclose PHI for mission requirements and veteran eligibility to all uniformed services personnel.
Under the Affordable Care Act’s amendments to the Stark Law, a Physician Owned Hospital (POH) cannot expand the aggregate number of operating rooms, procedure rooms or licensed beds beyond the number for which the hospital was licensed on March 23, 2010.
The Secretary of Health and Human Services may grant an exception to this prohibition to POHs qualifying as either an “applicable hospital” or a “high Medicaid facility” (as those terms are defined in the regulations).
POHs meeting one of these two exceptions were nonetheless still limited in that they could only request an expansion once every two years and the expansion was limited to no more that 200% of the rooms or beds that existed as of March 23, 2010.
These new rules relax these expansion limitations for “high Medicaid facilities,” but not “applicable hospitals”.
Though there are other requirements, a “high Medicaid facility” POH is one that for the three (3) most recent 12-month periods for which data is available, has an annual percentage of total Medicaid inpatient admissions that is estimated to be greater than the percent of such admissions for any other hospital located in the same county in which the POH is located (as determined by the data sources approved by CMS.
The new Final Rule, removes the limitation on the number of times a high Medicaid facility can request an expansion so long as the POH only has one request under review at any given time.
CMS also removed the 200% capacity limitation that previously existed for high Medicaid facilities seeking expansion.
High Medicaid facility POHs can now expand off of their main campus, but must continue to comply with Medicare rules and regulations regarding distance limitations relative to off-campus facilities and provider-based departments.
Source: CMS Provides Additional Expansion Opportunities for High Medicaid Physician-Owned Hospitals
A jury found Rodney Mesquias guilty last week on charges of: conspiracy to commit healthcare fraud, conspiracy to commit money laundering, conspiracy to obstruct justice, conspiracy to pay and receive kickbacks, and six counts of healthcare fraud.
Mesquias owned and operated Merida Group, a healthcare company with dozens of locations in Texas. The Department of Justice says Mesquias conspired with the company’s CEO and medical director to mislead thousands of people with long-term, but not fatal, illnesses into believing they had only six months to live. This led to their enrollment in Merida’s “expensive and unnecessary” group homes, nursing homes, and housing projects.
This story has been widely reported and is one of the more egregious examples of intentional fraud I’ve seen. It has everything – false medical records, kickbacks, medically unnecessary services. To make matters worse, there were allegations that those involved were lying to patients telling them they had fatal illnesses, going so far as to send “chaplains” to lie to patients and give them last rites.
Given the complexities of the fraud and abuse laws, there are occasions when providers unintentionally run afoul of the rules. This is not one of those instances. The jury clearly thought this was intentional deceit.
Huge qui tam settlement where the qui tam plaintiffs will recover $13.9 million. The underlying action involves allegations that the Heart Hospital violated the Stark Law and the Anti-Kickback Statute by requiring physician owners to satisfy the Heart Hospital’s yearly 48 patient-contact requirement in order to maintain ownership in the hospital.
This settlement arises from a lawsuit filed by former Heart Hospital physician owners Mitchell Magee, M.D. and Todd Dewey, M.D. pursuant to the whistleblower or qui tam provisions of the False Claims Act, which permit private persons to bring a lawsuit on behalf of the government and to share in the proceeds.
Dr. Dewey and Dr. Magee will collectively receive $13,920,000 as their share of the recovery.
A federal grand jury indicted two home health agency on allegations that they fraudulently billed Medicare more than $10 million.
The indictment alleges that Tataw and Anglea Bisong, co-owners of SierCam Healthcare Services LLC, billed Medicare for home health services that were not medically necessary or not actually provided as billed.
Under the alleged scheme, the Bisongs paid SierCam patients to sign up for medically unnecessary home health services and provided free transportation and covered the copayments and other fees at doctor’s office visits to facilitate their health care fraud scheme.
It is also alleged that they created created false medical records to make it appear the services met Medicare’s criteria for reimbursement.
They were charged with six counts of health care fraud and conspiracy to commit health care fraud.
Source: Two area home health agency owners charged in health care fraud and illegal kickback scheme
The proposed changes to the HIPAA Privacy Rule include strengthening individuals’ rights to access their own health information, including electronic information; improving information sharing for care coordination and case management for individuals; facilitating greater family and caregiver involvement in the care of individuals experiencing emergencies or health crises; enhancing flexibilities for disclosures in emergency or threatening circumstances, such as the Opioid and COVID-19 public health emergencies; and reducing administrative burdens on HIPAA covered health care providers and health plans, while continuing to protect individuals’ health information privacy interests.
A federal grand jury returned an indictment charging Neeraj Jindal, the former owner of a therapist staffing company, for participating in a conspiracy to fix prices by lowering the rates paid to physical therapists and physical therapist assistants in north Texas, including the Dallas-Fort Worth metropolitan area, the Department of Justice announced today. The indictment also charges Jindal with obstruction of the Federal Trade Commission’s separate investigation into this conduct.
Price fixing is per se illegal under Section 2 of the Sherman Act. This appears to be an alleged horizontal price-fixing claim. One element in this type of charge is that the conduct must “unreasonably” restraint trade. That inquiry depends on the degree of the restraint’s adverse effect on competition and on the degree of any pro-competitive effects from restrain.
Source: Former Owner of Health Care Staffing Company Indicted for Wage Fixing | Department of Justice