Client Alerts, News Articles & Blog Posts

Everything you need to know about BMD and the industry.

Time to Update Your HIPAA Compliance Plan for Telehealth Policies and Procedures

The delivery of healthcare in this country may be forever changed following the COVID-19 pandemic. Providing services through telehealth technologies initially allowed providers to connect with patients in a safe and socially distant manner and helped keep vital hospital beds free for COVID-19 care. Now, while still a safe, socially distant option, telehealth allows patients to access healthcare services in an efficient manner, decreases the likelihood of cancellations, and expands access to services that do not require an in-person encounter (i.e., surgery, procedure, or test). Telehealth is now widely reimbursed by both federal and commercial payors and more provider types are able to provide telehealth services within their licensed scope of practice.

While the use of technology by both providers and patients is now commonplace in the industry, protected health information (PHI) must be safe and secure. Providers are still obligated to keep PHI confidential and comply with the rules and requirements of the Health Insurance Portability and Accountability Act of 1996 (HIPAA). An increased frequency of technology introduces another avenue for potential risk and unauthorized uses or disclosures of PHI.

At the start of the COVID-19 public health emergency, the Office of Civil Rights (OCR), responsible for enforcing HIPAA, issued a notice of enforcement discretion to not impose penalties against healthcare providers for noncompliance with the regulatory requirements under HIPAA in connection with the good faith provision of telehealth through the duration of the national emergency. As of September 8, 2020, this enforcement discretion is still in place. It will not remain forever and enforcement actions are still at the decision of the OCR. Therefore, in a world with an increased use of technology for healthcare services and the risk of more unauthorized uses or disclosures of PHI, providers should still comply with all of the HIPAA rules and regulations and incorporate telehealth in a compliance plan and/or HIPAA policies and procedures.

The Healthcare and Hospital Law Department at Brennan Manna & Diamond, LLC is here to help account for telehealth and the increased use of technology in your current HIPAA compliance plan to ensure the safety and privacy of the PHI you create and/or maintain. The BMD team can help your practice mitigate risk in the ever changing healthcare delivery world. 

 

Vaccination Considerations for Employers

Today, three Covid-19 vaccines have tested as highly effective (90%+ efficacy) and are advancing in the process for emergency use. This is especially welcome news in Ohio, which has skyrocketing cases and our strategic response has been to turn the entire state into the small town of Bomont with strict curfews and bans on social gatherings.

Did You Receive More than $750,000 in Provider Relief Funds?

The Provider Relief Funds (“PRF”) - authorized under the CARES Act - has been a vital tool for health care providers during the COVID-19 public health emergency. These funds have allowed providers to stay open and continue to offer care during these pressing times. While helpful, these funds do come with several important obligations. First, fund recipients are required to comply with certain record-keeping requirements as well as comply with certain balance billing prohibitions. See our Client Alert. Second, fund recipients are required to report their intent, use of funds, and other data elements, which helps promote transparency to the federal government. Please see our Client Alert on provider relief fund reporting requirements. Third, and perhaps a new concept for many providers, fund recipients of more than $750,000 must undergo a “single audit” to ensure program compliance and appropriate use of funds.

Important Updates Every Provider Should Know: Information Blocking

In December 2016, Congress passed the 21st Century Cures Act (“Cures Act”) which: (1) authorized funding for the National Institutes of Health to promote medical research and drug development, (2) implemented provisions aimed at addressing the prevention and treatment of mental illness and substance abuse, and (3) reformed certain standards of the Medicare program and federal tax laws to foster healthcare access and quality improvement.

PPP Update: Loan Necessity Questionnaires

On October 26, 2020, the Small Business Administration (“SBA”) published a notice in the Federal Register which foreshadowed the release of two new forms seeking information from for-profit and nonprofit organizations that received Paycheck Protection Program (“PPP”) loans of $2 million or more. If approved, the SBA would use information from these forms to evaluate and determine whether economic uncertainty made a PPP loan request necessary.

Exposure to COVID-19 Flow Chart

Exposure to COVID-19 Flow Chart