IHCP Announces 1st Quarter ACA Supplemental Payment for Primary Care Physicians

In previous bulletins the Indiana Health Coverage Program (“IHCP”)  explained that under the Affordable Care Act (“ACA”), Indiana will temporarily increase Medicaid payments to self-attested qualifying providers for qualifying primary care services, at rates that are the lesser of: (1) the calendar year (CY) 2013 and CY 2014 Medicare rates, or if greater, the rates that would be applicable in CY 2013 and CY 2014 using the CY 2009 Medicare physician fee schedule conversion factor; or (2) the provider’s actual billed charge for the service provided (“ACA increased rate”).  In addition, under the Vaccines for Children (“VFC”) program, vaccine administration rates will be increased to the lesser of (1) the CY 2013 or CY 2014 Medicare rate or (2) the maximum regional VFC rate in CY 2013 and CY 2014.  These original bulletins, BT201247, BT201255, and BT201302 described how providers can qualify for the ACA increased rate and explained that the difference between the current Indiana Medicaid State  Plan rate and the ACA increased rate would be distributed to self-attested qualifying providers, in a quarterly supplemental payment.

On August 2, 2013, the IHCP  published notice that IHCP had completed the first quarter ACA Primary Care Physician supplemental payment for qualifying services provided to fee-for-service members, including members that are dually eligible for Medicaid and Medicare.  Qualifying providers that have self-attested should expect to see these supplemental payments in their August 6, 2013 remittance advice.    IHCP is waiting on CMS’ approval of supplemental payments for services provided to managed care members, after which such supplemental payments will be paid. If you have any further questions on supplemental payments for primary care physicians, please contact Meghan Linvill McNab at mmcnab@kdlegal.com.

Changes to CMS’ Process for Opening, Deciding or Reconsidering National Coverage Determinations

On August 7, 2013, the Centers for Medicare and Medicaid Services (“CMS”) published a Notice in the Federal Register that CMS is updating the process for opening, deciding or reconsidering national coverage determinations (“NCDs”) from prior guidance from September 26, 2013.   

§1862(l) of the Social Security Act (“the Act”) defines an NCD as a determination by the Secretary of the Department of Health and Human Services (“HHS”) “with respect to whether or not a particular item or service is covered nationally under [Title XVIII-Medicare].” 

NCDs are the general rules to ensure that similar claims for similar items or services are covered similarly, under Medicare Part A or Part B.   In addition, §1862(l) of the Act also establishes the timeframe for the NCD process and opportunity for public comment.

The Notice details the process for: (1) informal contacts and inquiries made prior to requesting an NCD, which are encouraged but not required by CMS; (2) formal requests for an NCD or reconsideration of an NCD, including the elements required for a request to be considered complete; (3) requests for NCDs from external parties, such as Medicare beneficiaries, manufacturers, physicians, or physician professional associations; (4) CMS reviews of NCDs that are initiated internally by CMS; and (5) an expedited process to remove NCDs under certain circumstances to ensure CMS’ policies and processes remain effective and efficient.  

The Notice also reiterates: (1) the internal and external process for requesting an NCD or NCD reconsideration; (2) a tracking system that provides public notice of CMS’ acceptance of a complete, formal request and subsequent actions; (3) the process for public comment prior to CMS’ issuance of a decision memorandum; and (4) how CMS uses public comments to inform the NCD final decision.

For additional information on NCD’s please contact Meghan Linvill McNab at mmcnab@kdlegal.com.

Hospital Fairness Bill to Decrease False Claim Risk

On August 1st Representatives Howard Coble (R-NC) and David Scott (D-GA) introduced a bill in the House of Representatives which aims to limit the exposure hospitals may face under a False Claims Act (“FCA”) suit.  In particular, the bill, if enacted, would amend the FCA to ensure that unintentional billing issues are not penalized as fraud under the FCA.
If enacted, this would be a considerably step towards reducing the risk associated with billing and other unintentional errors that impact hospitals through the FCA.  Recently, the University of Pittsburgh Medical Center and a joint venture settled a FCA allegation related to a billing error for just under $1 million.  In addition, fifty-five (55) hospitals settled FCA allegations regarding inappropriate billing for more than $34 million in July.
Hospitals and health care organizations should still be mindful of FCA exposure, as this bill has yet to be enacted.  Nevertheless, all hospitals and health care organizations should have an established compliance program to assist their organization in reducing FCA, Stark Law, and Anti-Kickback Statute risk.
If you would like additional information or have any questions regarding this bill or the issues discussed, please contact Robert A. Wade at (574) 485-2002 or Alex T. Krouse at (574) 485-2003.

CMS and ONC Jointly Publish Strategy for Accelerating Health Information Exchange (HIE)

On August 7, 2013, the Centers for Medicare and Medicaid Services (“CMS”) and the Office of the National Coordinator for Health IT (“ONC”) published a strategy to “accelerate” interoperability of health information exchanges. CMS and ONC also hosted a webinar to explain the strategy (the “Strategy”). The Strategy was issued in a response to a Request for Information (RFI) about how to accelerate health information exchange (HIE) and interoperability, published March 7, 2013 in the Federal Register.
According to CMS/ONC, the Strategy was developed because existing incentive and certification programs for electronic health records are not considered to be enough to achieve the widespread interoperability desired. Further, CMS/ONC fear that the marketplace does not yet offer a strong enough business motivation across all providers and settings to encourage interoperability.  Based on more than 200 responses to the RFI, the Strategy was developed to set forth a set of principles for a comprehensive effort across agencies within the Department of Health and Human Services (“HHS”) to further encourage and accelerate HIE. The principles are organized into three categories: (1) Accelerating HIE, (2) Advancing Standards and Interoperability, and (3) Consumer/Patient Engagement.
Under the first principle (Accelerating HIE), HHS will seek to ensure that all new regulations and guidance enable a patient’s health information to follow the patient wherever he or she accesses care. The goal with policy development will be to make HIE a standard business practice for all providers. This includes interoperability across governmental units, including the federal government, Medicaid, and state agencies.
Under the second principle (Advancing Standards and Interoperability), HHS will advance the development of standards among various organizations through a variety of policies and programs. The goal of HHS is to align standards for quality measurement and improvement across the Medicare and Medicaid programs. Also, HHS will accelerate alignment and implementation of electronic clinical quality measures, electronic decision support interventions, and electronic reporting mechanisms.
Under the third principle (Consumer/Patient Engagement), HHS will develop policies and programs to support appropriate patient access to their health information. The goal will be to make standardized data available to patients wherever possible.
For more information about electronic medical records, interoperability or health information exchange, contact Mark T. Morrell at mmorrell@kdlegal.com or Susan Ziel at sziel@kdlegal.com.

$1.2 Million HIPAA Breach Settlement with Health Plan

Recently, a non-profit managed care plan in the New York City area entered into a Resolution Agreement with the U.S. Department of Health and Human Services, Office of Civil Rights (OCR) for alleged HIPAA violations, settling the matter for over a million dollars ($1,215,780), with additional corrective action. 

The managed care plan, Affinity Health Plan, Inc. (“Affinity”) received notification of the alleged breach from a CBS Evening News representative, who as part of a CBS investigation, had purchased a photocopier previously leased by Affinity.  CBS discovered protected health information (PHI) remained on the photocopier’s hard drive.  Affinity estimated that as many as 344, 579 persons may have been affected by the breach. Pursuant to the Breach Notification Rule, promulgated under the Health Information Technology for Economic and Clinical Health (HITECH) Act, Affinity filed a breach report with OCR in April 2010.

Upon investigation by OCR, it was determined that Affinity had returned leased photocopiers without erasing (or destroying, i.e., rendering unusable, unreadable, or indecipherable) the information contained on the photocopier’s hard drives, which included patients’ PHI.  It was also determined that Affinity had not incorporated the data on the photocopiers in its Security Risk Assessment as required under the HIPAA Security Rule, nor did it implement appropriate HIPAA policies and procedures, such that the PHI would have been destroyed when returning the photocopiers.  Therefore, in addition to the large settlement payment, as part of its Corrective Action Plan, it must also take additional measures to safeguard all electronic PHI (ePHI), including using its “best efforts” to locate all photocopier hard drives previously leased. Affinity’s Resolution Agreement and Corrective Action Plan can be found on the OCR website at: http://www.hhs.gov/ocr/privacy/hipaa/enforcement/examples/affinity-agreement.html.

So what does this all mean?  First, as we have mentioned before, the HIPAA Compliance deadline is looming within the next month (September 23, 2013).  Do you qualify as a HIPAA covered entity?  If yes, does your practice have HIPAA policies and procedures in place, which have been updated since the issuance of the HIPAA “Final Rule” in January 2013?  Do these policies include a Security Risk Assessment to be performed on a regular basis?  We recommend such an Assessment be performed at least annually, and would include confirming procedures regarding the return or retirement of electronic media AND the destruction of ePHI so that it is rendered unusable, unreadable, and indecipherable. 
As evidenced by Affinity’s corrective action plan with OCR, HIPAA breaches are a serious, and expensive matter, with penalties ranging up to $1.5 million, per violation.  If your practice qualifies as a HIPAA covered entity, please contact Susan Ziel at sziel@kdlegal.com, or Jaya White at jwhite@kdlegal.com, to learn more about how our firm can assist you to achieve full compliance with the HIPAA Final Rule requirements in advance of the September 23, 2013 compliance deadline.

CMS Issues Guidance on Short Term Inpatient Admissions

On August 2, 2013, the Centers for Medicare and Medicaid Services (“CMS”) published a final rule, effective October 1, 2013, regarding evaluation of inpatient hospital admissions.  This topic has received a high level of scrutiny from CMS due to short stays occurring in which patients would be admitted for less than one day.  The ultimate question being whether the patient should have received an outpatient level of care rather than the more expensive inpatient services under Medicare Part A.

Under the rule, CMS is now advising that inpatient hospital stays that include “2 midnights” will not be focused on by contractors in their review efforts.  This is important because it does provide a more defined benchmark that is consistent with the 24-hour period under prior guidance.  Nevertheless, there is still a need for a documented formal order of inpatient admission in the medical record.
This guidance from CMS does raise concerns with respect to stays that do not meet the two (2) midnight threshold.  For example, a patient may get admitted as an inpatient at 1:30 am and stay until 11:30 pm nearly 46 hours later and still not meet the threshold.  Finally, in the event an inpatient does not meet the two (2) midnight threshold, it is extremely important that your staff is trained on properly and thoroughly documenting such an event.  This guidance does provide answers; however hospitals should be mindful of short stays in general.  Recently a medical center was required to repay $1.09 million to the Federal government after an audit highlighted incorrect billing with respect to short stays.
Should you or your organization have any questions regarding the guidance discussed above or any other health care issues, please feel free to contact Robert A. Wade at 574-485-2002 or Alex T. Krouse at 574-485-2003.