by Elizabeth E. Hogue, Esq. | Jul 12, 2024 | Clinical, Privacy and Security, Regulatory
by Elizabeth E. Hogue, Esq.
Imagine that a celebrity receives care where you work and curiosity gets the better of you, or someone you know is admitted and you would love to know the details. It’s oh so very tempting! So, you access records of care provided to patients that you have no legitimate need to view. The HIPAA police are on it! Because let’s not forget that the HIPAA Privacy Rule is a criminal statute.
An emergency room physician, for example, pled guilty to illegally obtaining the personal health information of multiple individuals. He was convicted of one count of wrongfully obtaining individually identifiable health information under false pretenses. The physician received a resident physician license and participated in an emergency medicine residency program at a university hospital. He worked in the emergency room of two hospitals in the university system.
The doctor used his access as a resident physician to the hospitals’ electronic health record to access the records of two patients without their knowledge or consent. He was never the patients’ physician. The patients were not receiving care in the emergency rooms where the doctor worked at the time he accessed the records.
The doctor also admitted that he sent a photograph to someone else of one of the patients wearing a hospital gown in which the patient’s rectum was hanging out of the patient’s body. And now for the “best” part: the doctor also admitted that he falsely wrote in a letter that he sent the picture of the patient with a prolapsed rectum to his mother to remind her of the importance of fiber intake!
Do you remember the comedian, Flip Wilson, who repeatedly claimed that the devil made him do it? When it comes to accessing patients’ medical records in violation of HIPAA, you must “put the devil behind you!” Protecting patients’ private health information is serious business – serious criminal business. Be vigilant!
By the same token, providers must also always remember that the HIPAA Privacy Rule isn’t just about protecting health information; it’s also about giving appropriate access to it. In the zeal to protect information, it anecdotally seems that practitioners have lost sight of the fact that access to information is at least as important as protection of information. In fact, the Office for Civil Rights, the federal enforcer of HIPAA violations, has focused on denial of access in enforcement actions for the past several years.
Remember that, however tempting the information you would like to have may be, temptation pales in comparison to jail time!
Elizabeth Hogue is an attorney in private practice with extensive experience in health care. She represents clients across the U.S., including professional associations, managed care providers, hospitals, long-term care facilities, home health agencies, durable medical equipment companies, and hospices.
©2024 Elizabeth E. Hogue, Esq. All rights reserved.
No portion of this material may be reproduced in any form without the advance written permission of the author.
by Elizabeth E. Hogue, Esq. | Jun 20, 2024 | Admin, Caring for the Caregiver, Clinical, CMS
By Elizabeth E. Hogue, Esq.
Violence in Healthcare
According to a recent analysis of Bureau of Labor Statistics data, healthcare is one of the most dangerous places to work. Homecare field staff members who provide services on behalf of private duty agencies, hospices, Medicare-certified home health agencies, and home medical equipment (HME) companies may be especially vulnerable. Contributing to their vulnerability is the fact that they work alone on territory that may be unfamiliar and over which they have little control. Staff members certainly need as much protection as possible.
Must-Haves
First, regardless of practice setting, management should develop a written policy of zero tolerance for all incidents of violence, regardless of source. The policy should include animals. The policy must require employees and contractors to report and document all incidents of threatened or actual violence, no matter how minor. Emphasis should be placed on both reporting and documenting. Employees must provide as much detail as possible. The policy should also include zero tolerance for visible weapons. Caregivers must be required to report the presence of visible weapons.
Below are some additional important actions for healthcare organizations to take that are based on UCHealth’s SAFE Program:
- Encourage staff members to STOP if they feel unsafe for any reason.
- Workers should pause to generally ASSESS their environments. Staff members should think about what has happened and observe what is currently occurring. Is there, for example, mounting frustration or anger?
- Staff should then FAMILIARIZE themselves with the room. Who is the patient? Where is the patient? Are there any factors that might escalate behaviors? Staff members should also consider putting themselves in positions where they have a route to escape, if necessary.
- Practitioners should also ENLIST help. Getting help may, for example, include pushing panic buttons on mobile devices.
Here is what Chris Powell, Chief of Security at UCHealth said in Becker’s Hospital Review on June 4, 2024:
“You can’t just talk about the shrimp and give you a good picture. We have to talk about the roux and the rice and everything else that goes into this for a good picture to be painted so people have an understanding. We want to solve this with an electronic learning or a 15-minute huddle, but we can’t. This is continuous and a persistent pursuit toward educating, communicating, recognizing, responding to, reporting and recovering from workplace violence.”
Every caregiver matters. The healthcare industry has lost caregivers to violence on the job in the past. Let’s not repeat these terrible events.
©2024 Elizabeth E. Hogue, Esq. All rights reserved.
No portion of this material may be reproduced in any form without the advance written permission of the author.
by Elizabeth E. Hogue, Esq. | May 30, 2024 | Admin, Regulatory
by Elizabeth E. Hogue, Esq.
The National Labor Relations Board (NLRB) has now joined the Federal Trade Commission (FTC) and some state legislatures to target non-compete agreements. The general counsel for the NLRB argued in a recent memo that non-compete agreements violate the National Labor Relations Act because they interfere with employees’ right to engage in protected concerted activity. Two recent actions by the Board provide more information about efforts of the NLRB to limit use of non-compete agreements.
Juvly Aesthetics Non-Compete Agreement Settlement
In February of 2024, the regional office of the Board in Cincinnati approved a settlement agreement between Juvly Aesthetics and three former employees. The Board claimed that Juvly, an operator of medical clinics, violated the rights of employees through the use of confidentiality, non-disparagement, non-competition, non-solicitation and requirements to repay training expenses under certain conditions.
According to the NLRB, Juvly prohibited employees from discussing their rates of pay. The Company also required some employees to sign a non-compete agreement that was in effect for a period of twenty-four months for any competing medical practice within twenty miles of any location of the Company.
Juvly agreed to a settlement agreement that required:
- Payment of back pay to some employees
- Termination of unlawful policies and procedures
- Release of employees from unlawful agreements
- Posting of all of requirements of the settlement agreements for review by employees
In December, the NLRB Division of Advice issued guidance that evaluated the legality of these issues:
- Customer non-solicitation provisions do not violate the Act because they only prevent employees from soliciting existing customers for one year so that employees are likely not barred from other employment opportunities for more than one year.
- Confidentiality agreements do not violate the Act because they prohibit only disclosure of trade secrets, marketing plans, customer lists, and other proprietary information, as opposed to information that could involve employee activity regulated by the Act, such as wage information.
- Provisions requiring the return of company property do not violate the Act.
Providers are now clearly operating in an environment that prohibits employers from restricting employee activities that were fair game in the past. The specifics of efforts to limit the actions of employers remain unclear, but will likely be “fleshed out” in enforcement actions.
©2024 Elizabeth E. Hogue, Esq. All rights reserved.
No portion of this material may be reproduced in any form without the advance written permission of the author.
by Elizabeth E. Hogue, Esq. | May 2, 2024 | Clinical
by Elizabeth E. Hogue, Esq.
Noora Health has developed a program of “health companions” in a variety of types of healthcare settings (“Teaching Patients How to Heal,” The New York Times, April 14, 2024) to help patient heal. The basis of these programs is that when medical information is properly communicated to patients and their families, complications of surgeries and illnesses are reduced. An added bonus is that acts of violence by frustrated family members against health care workers are reduced.
If patients are most comforted by their loved ones, why not involve them in the healthcare process?
“We realized that caregivers get little to no guidance within the health care system,” said Shahed Alam, a co-founder of Noora Health. Many patients do not know why they are receiving care. Doctors and nurses tend repeat the same information to patient after patient.
In institutional settings, staff nurses literally take over the floors to teach patients and their family members. On cardiac floors, for example, staff nurses tell patients how to cough without stressing their hearts, how to scratch without adversely affecting their wounds, and how pacemakers work. Staff nurses also help patients sift through good and bad information. Classes frequently include how to manage side effects of medications and the importance of handwashing.
Many patients and their family members come to view the staff nurses as therapists, coaches, friends and philosophers all rolled into one. A family member who received help from a health companion described the companion as a “friend” without whom she would not have been able to care for her family member.
Although home care providers, including Medicare certified home health agencies, hospices, private duty home care agencies, and durable medical equipment (DME) companies do not necessarily have a “captive audience” like institutional providers, it is still possible to utilize health companions. Field staff can be trained to provide teaching that is similar to that provided by health companions. Teaching from health companions may also be provided to home care patients and their family members in group settings. Hospices may, for example, provide volunteers to be with patients while their caregivers attend. And, of course, virtual teachings with health companions may also prove valuable.
Providers often consider ways to differentiate their services in a competitive marketplace. Perhaps the use of health companions is one way to do so, Providers may also enhance loyalty from patients and their families, improve quality of care and prevent emergency room visits, hospitalizations and rehospitalizations. Think about it!
©2024 Elizabeth E. Hogue, Esq. All rights reserved.
No portion of this material may be reproduced in any form without the advance written permission of the author.
©2024 This article appeared in The Rowan Report. All rights reserved.
by Elizabeth E. Hogue, Esq. | Apr 18, 2024 | Clinical, Regulatory
by Elizabeth E. Hogue, Esq.
Some owners and managers of private duty home care agencies mistakenly think that fraud and abuse prohibitions apply only to services paid for by the Medicare Program. In fact, fraud and abuse prohibitions apply to providers if they accept any state or federal funds, including, but not limited to, Medicaid, Medicaid waiver, VA, and Tri-Care. Many private insurers have adopted the prohibitions on fraud implemented by state and federal programs.
Private duty home care agencies are increasingly in the crosshairs of fraud enforcers if they receive reimbursement from Medicaid and/or Medicaid Waiver Programs. The reason for enhanced scrutiny is that both the federal government, which partially funds state Medicaid and Medicaid Waiver Programs, and state governments that also fund these programs are alarmed about the high costs of them.
Conventional wisdom says that there are big bucks to be saved if fraud and abuse in the Programs are controlled and ultimately eliminated. Conventional wisdom also says that enforcement actions in Medicaid Programs have just scratched the surface. According to this “wisdom,” there are big bucks to be recouped from “low-hanging fruit!”
A recent report from the Office of Inspector General of the U.S. Department of Health and Human Services seems to support this perception regarding private duty home care agencies based on the following:
Between 2014 and 2023, at least 34% of fraud convictions in some years were based on private duty home care services. In some years, this percentage was as high as 48%.- In fiscal year 2023, there were 279 criminal convictions related to private duty home care services compared to 66 for registered nurses and 43 for home health agencies.
- Recoveries from private duty home care agencies in 2023 totaled $26.4 million.
- The amount of civil recoveries reached a 4-year high in 2023 and the combined criminal and civil recoveries were $1.2 billion, resulting in a return on investment of $3.35 for every $1 spent.
The return on investment of more than three times the amount spent is perhaps the most important figure of all. With a three to one return, regulators will not hesitate to “beef up” enforcement actions.
THE CONSEQUENCES OF FRAUD AND ABUSE ARE SEVERE WHEN SERVICES ARE PAID FOR BY THE MEDICAID AND OTHER STATE AND FEDERAL PROGRAMS!
Personal care private duty agencies, don’t believe the myth that only services paid for by the Medicare Program are subject to fraud and abuse enforcement. The consequences may be devastating, including the loss of businesses. Heads up!
©2024 Elizabeth E. Hogue, Esq. All rights reserved.
No portion of this material may be reproduced in any form without the advance written permission of the author.
©2024 This article appeared in The Rowan Report. All rights reserved.
by Elizabeth E. Hogue, Esq. | Apr 11, 2024 | Clinical, Regulatory
By Elizabeth E. Hogue, Esq.
A key purpose of the Health Insurance Portability and Accountability Act (HIPAA) is certainly to protect patient information. Another is to help ensure that patients have access to their health information. In fact, the Office of Civil Rights (OCR) of the U.S. Department of Health and Human Services, the primary enforcer of HIPAA, has focused on enforcement actions against providers that do not make information available to patients on a timely basis. OCR launched a right to access enforcement initiative in 2019 that is continuing.
Providers must give medical information to patients and their representatives within thirty days of requests. When they fail to do so, they may be subject to enforcement action by OCR. Following are two examples of recent enforcement actions.
OCR announced on April 1, 2024, that Essex Residential Care in New Jersey will pay a civil money penalty of $100,000 to resolve violation of HIPAA’s right of access standard. This is the 48th settlement reached under the right of access initiative. OCR received a complaint in May of 2020 from the personal representative of the estate of a patient who passed away. Following an investigation by OCR, the personal representative, who was the son of the patient, received the records in November of 2020. The provider did not contest the fine.
In another recent case, the daughter of a patient who passed away was appointed as the personal representative of her mother’s estate. She made multiple requests to Phoenix Healthcare for a copy of her mother’s medical records. She finally received the records one year after her initial request. Phoenix Healthcare initially received a civil money penalty of $250,000 for failure to provide timely access.
The provider appealed. An administrative law judge (ALJ) upheld the violation and ordered Phoenix to pay a civil money penalty of $75,000. The Departmental Appeals Board affirmed the ALJ’s decision. Then Phoenix agreed to settle for $35,000 and waived the right to further appeals. While it may seem in this case that the provider’s appeals significantly lowered its costs, it is important to note that the provider also undoubtedly expended significant resources on two appeals of OCR’s enforcement action.
Providers have placed a great deal of time and effort into the protection of healthcare information in compliance with HIPAA. Rightfully so, but providers seem to have lost sight of the fact that HIPAA is also about ensuring that patients and their representatives have timely access to their records. Now is the time for providers to conduct intensive education of staff members about HIPAA’s requirements regarding access in order to avoid enforcement actions like those described above.
©2024 Elizabeth E. Hogue, Esq. All rights reserved. No portion of this material may be reproduced in any form without the advance written permission of the author. For more information on how to get access to this or any other article, please contact The Rowan Report.
by Elizabeth E. Hogue, Esq. | Mar 6, 2024 | Admin, CMS, Regulatory
by Elizabeth E. Hogue, Esq.,
CMS recently issued guidance about how to build and maintain worker registries, i.e., management platforms, that make qualified health workers easy to find so that more individuals who receive Medicaid-covered home and community-based services (HCBS) can receive care in settings of their choice. Worker registries are designed to answer these questions: Who is qualified to provide HCBS in each state and how can Medicaid recipients find them?
On February 27, 2024, CMS announced several new initiatives and Resources from the Administration for Community Living’s (ACL) Direct Care Workforce (DCW) Strategies Center to address the shortage of workers who provide direct care to elderly and disabled clients. New initiatives include several types of assistance that are intended to help states strengthen their systems for recruiting, retaining, and developing direct care workers; and a national hub to connect states, stakeholders, and communities to best practices and other resources related to the direct care workforce.
Specifically, DCW Intensive Technical Assistance will facilitate collaboration among state agencies and with stakeholders to improve recruitment, retention, training, and professional development of direct care workers. The DCW Strategies Center will provide up to two hundred fifty hours of individualized technical assistance on a variety of issues for up to six teams involving multi-agency state teams.
A coach will be assigned to each team and have access to subject matter experts to support them in addressing states’ unique needs. Support provided through this initiative will be coordinated by a consortium led by ADvancing States in partnership with the National Association of State Directors of Developmental Disability Services and the National Association of State Medicaid Directors.
The DCW Peer-Learning Collaborative will bring representatives of four to six states into working groups focused on a particular topic. The DCW Strategies Center will host monthly virtual meetings focused on group learning to facilitate information sharing on best practices, innovative strategies, and demonstrated models for growing the direct care workforce. In addition, each participating state will receive up to seventy hours of individual technical assistance on a topic or issue important to each state. Each participating state is expected to accomplish at least one policy or program-related milestone as a result of participation in this initiative.
CMS also announced the official launch of the DCW Strategies Center website at https://acl.gov/dcwcenter. This website is intended to serve as the national hub for resources about best practices, promising strategies, upcoming events, webinars, and technical assistance opportunities to strengthen and expand local direct care workforces.
CMS acknowledges in the announcement that low wages, lack of benefits, limited opportunities for career growth, and other factors have resulted in a continuing shortage of critical workers. The shortage reached crisis levels, says CMS, during the COVID-19 pandemic and currently continues, with more than three-fourths of service providers that decline new clients and more than half of providers cutting services.
According to CMS, the problem described above must be addressed in order to help ensure that people who need assistance have options other than moving to a nursing home or other institutional setting.
Now is the time for providers of private duty or home care services and the associations that represent them to work intensively with state programs, especially Medicaid Programs, to maximize available assistance as described above.
©2024 Elizabeth E. Hogue, Esq. All rights reserved.
No portion of this material may be reproduced in any form without the advance written permission of the author.
by Elizabeth E. Hogue, Esq. | Feb 28, 2024 | Clinical
by Elizabeth E Hogue, Esq.,
After a hospitalized patient suffered a severe choking incident and was placed on life support, his family faced a difficult decision in response to a telephone call from the hospital. They were asked if they wanted to remove life support. The family told the hospital that they did. The hospital subsequently removed life support and the patient passed away. Then came something that no one expected: the patient who was allegedly deceased telephoned his family!
The mix-up started with a call to 911. Medics responded to a call about a choking incident involving a piece of steak. The man who choked was not breathing and was unconscious when they arrived. Somewhere along the line, the patient was misidentified and treated as another patient.
Parents that were called to make life-ending decision for wrong person
The family of the living patient called non-emergency police services to notify authorities that the patient was not, in fact, deceased. The Medical Examiner’s Office retrieved the body from the funeral home, conducted an external examination, and used fingerprints to confirm the deceased patient’s identity. In a gross understatement, a member of the patient’s family said, “Somebody messed up.”
Although the consequences of decision-making by so-called “substitute decision-makers” are not usually so dire, the fact remains that providers and practitioners are obligated to seek informed consent from those authorized to give it when patients cannot consent for themselves.
Here are some questions that providers frequently ask about substitute consent:
If patients cannot consent, who can consent on their behalf?
The answer to this question varies depending on the laws of the state in which patients reside. Consent may be provided on behalf of incapacitated adults by:
- An attorney-in-fact, i.e., someone who has authority under a durable power of attorney
- Individuals authorized to consent under state substitute consent statutes
- Guardians or conservators of the person
- Courts
How old must patients be in order to be able to give valid informed consent?
Generally, patients must have reached the age of adulthood before they can give informed consent. The age at which individuals become adults, as opposed to minors, is defined by state law, so the age of adulthood varies from state to state. Practitioners who provide services in multiple states must take this fact into account when obtaining consent. When minors are unable to consent, the general rule is that their parents may give substitute consent on their behalf.
Are there any exceptions to this rule?
Yes. Patients who are not adults, but who seek certain types of care, such as treatment for sexually transmitted diseases, or who are “emancipated” may consent on their own behalf depending on the law in the state in which the patient resides.
What evidence of valid informed consent should practitioners obtain?
Providers may:
- Ask patients to sign a consent form
- Document consent in patients’ charts with or without patients’ signatures on the documentation
- Record consent
- Video the consent process
- Give patients a short written quiz on the material provided and, if patients answer the questions correctly, put a copy in patients’ charts
- Utilize any other credible forms of evidence of consent
The above case certainly illustrates the need to make sure that consent is obtained from appropriate givers of substitute consent and to document their authority.
©2024 Elizabeth E. Hogue, Esq. All rights reserved.
No portion of this material may be reproduced in any form without the advance written permission of the author.
