Fraser Trebilcock Attorney Appointed to AHA Leadership Development Committee

Fraser Trebilcock Attorney Jonathan RavenFraser Trebilcock attorney Jonathan Raven has been appointed to a term on the American Hospital Association Committee on Governance’s Leadership Development Committee, comprised of trustees of major hospitals around the country.

Leadership Development Committee members  are appointed by the Chair of Committee on Governance. During their three year term, members serve as the nominating committee of the Committee on Governance for the American Hospital Association (AHA), identifying and recommending trustees for participation in AHA governance, policy development, and field leadership opportunities.

Continue reading Fraser Trebilcock Attorney Appointed to AHA Leadership Development Committee

The Evolution of Health Care Reform: What Businesses Need to Know

It is crucial for businesses to respond to the changing regulatory landscape, as the Patient Protection and Affordable Care Act (“ACA”) continues to evolve. Some recent updates center around the implementation of various components of the legislation, while others focus on the obligations of individuals and businesses under the new system.  The only constant in this process — is that businesses can expect health care reform to continue to evolve over time. Accordingly, business leaders must understand the current regulatory environment and be ready to adapt to future changes.

Continue reading The Evolution of Health Care Reform: What Businesses Need to Know

Accountable Care Organizations: Operations and Audits

In the wake of health care reform, health care providers face numerous challenges that require them to adopt sustainable continuous improvements that advance care for their patients, enhance health in their populations and reduce the growth of their expenditures.  Accountable Care Organizations (ACOs) are one vehicle through which providers are meeting these challenges head-on.   Continue reading Accountable Care Organizations: Operations and Audits

Small Group Market Annual Deductible Limit Repealed

One of the requirements under the Affordable Care Act effective for plan years beginning on or after January 1, 2014 was that insured health plans in the small group market could not impose a deductible exceeding $2,000/$4,000.

However, this provision has now been repealed.  Continue reading Small Group Market Annual Deductible Limit Repealed

Client Alert: Final PCORI Rules – Payment Due July 31st

Please remember that $1/covered life under your health plans must be reported and paid by July 31, 2013.  This is applicable for any plan with a plan year that ended on or after October 1, 2012.  Please see below for more details.

Continue reading Client Alert: Final PCORI Rules – Payment Due July 31st

Michigan Moves One Step Closer to a Federal-State Partnership Health Exchange

On February 27, 2013, the Michigan House Appropriations Committee overwhelmingly approved $30.67 million in federal grant money to establish a State Partnership Exchange.  A day later, House Bill 4111, which permits the state to accept the federal grant, passed the Michigan House of Representatives with a vote of 78 to 31. The bill now moves to the Michigan Senate.

Continue reading Michigan Moves One Step Closer to a Federal-State Partnership Health Exchange

Client Alert: New Final HIPAA Regulations Released

Health plans, their sponsors, associated employers, and business associates have a lot of HIPAA work to do (including major updates to current documents) over the next several months. On January 25, 2013,
pursuant in part to the statutory framework of the HITECH Act, the Department of Health and Human
Services (“HHS”) published long-awaited final regulations modifying HIPAA’s privacy, security, enforcement, and breach notification rules.

The final regulations reflect both HITECH Act amendments and other comprehensive refinements to the current HIPAA rules. Indeed, HHS officials describe these new regulations as making “the most sweeping changes to the HIPAA Privacy and Security Rules since they were first implemented.” Specifically, the final regulations, among other things, enhance an individual’s privacy protections, strengthen the government’s ability to enforce the law, impose additional obligations on business associates (and their subcontractors), and require updates to a health plan’s HIPAA documents.

Highlights of changes include (but are not limited to) the following:

  1. Business Associates. The final regulations clarify the provisions in the Privacy and Security Rules that are directly applicable to business associates, and that direct liability applies to business associates that fail to comply with these provisions. Subcontractors of business associates will also now be directly obligated to comply with HIPAA, and business associates must enter into agreements with subcontractors in accordance with the requirements for business associate agreements. The final regulations also explicitly expand the definition of business associate and provide an agent/principal analysis to be used in determining whether liability of the business associate attaches to the covered entity . Business associate agreements will need to be updated to reflect the changes set forth in the final regulations (although under certain circumstances, a special transition rule may apply to a valid business associate agreement in effect before January 25, 2013 ).
  2. Changes to the breach notification requirements. The final regulations expand the definition of “breach.” The final regulations replace the original “risk of harm threshold” with a more objective standard. Specifically, the final regulations modify the definition of “breach” and the risk assessment approach that was set forth in the interim final rule. Under the new definition of breach, an impermissible use or disclosure of PHI is presumed to be a breach unless the covered entity or business associate, as applicable, demonstrates that there is a low probability that the PHI has been com promised. This standard replaces the “significant risk of harm” standard. The final regulations also modify the factors that covered entities and business associates must consider when performing a risk assessment with respect to a potential breach.
  3. Increased and tiered civil monetary penalties for noncompliance. Pursuant to the HITECH Act, the final regulations adopt higher penalties for HIPAA violations. Penalties, which range from $100 per violation to $50,000 per violation, are based on violation category (ranging from “did not know” to “willful neglect—not corrected) and the facts and circumstances surrounding the violation. The manner in which HHS counts violations may result in multi-million-dollar penalties.
  4. Restrictions on use of genetic information (pursuant to GINA). The final regulations expressly incorporate “genetic information” into the definition of PHI and generally prohibits the use or disclosure of genetic information for underwriting purposes to health plans that are covered entities.
  5. Expanded individual rights. The final regulations perm it covered entities to disclose a decedent’s PHI to family members and others who were involved in the care or payment for care of the decedent prior to death, unless doing so would be inconsistent with any known preference of the individual. The final regulations implement the HITECH Act requirement that covered entities, in certain circumstances, com ply with an individual’s request to restrict disclosure of his or her PHI. The final regulations also strengthen an individual’s right to access his or her PHI (including the right to receive electronic copies of PHI).
  6. Notice of privacy practices. The final regulations make significant changes to the content of a covered entity’s notice of privacy practices including (but not limited to) statements (1) regarding uses and disclosures that require authorizations, (2) related to fundraising communications, and (3) regarding an affected individual’s right to be notified following a breach of unsecured PHI. Thus, a covered entity is required to revise and redistribute its notice of privacy practices.
  7. Additional limitations. The final regulations impose additional limitations on how information is used and disclosed for marketing and fundraising purposes. The final regulations also prohibit the sale of an individual’s health information without their permission. Additionally, patients are permitted to restrict insurance companies from accessing portions of their medical records if they paid for the corresponding treatment out of their own pocket.
  8. Authorizations for research purposes disclosures and uses. The final regulations amend requirements for authorizations related to research. As such, authorizations for this purpose will need to be revised and updated.

These are just a few highlights of provisions found in the 560+ pages of the final regulations. The effective date for the final regulations is March 26, 2013, with a compliance deadline for most of the rules of September 23, 2013.

Health plans and their business associates need to begin preparing for the necessary changes now. The final regulations require health plans to update their policies and procedures, business associate agreements, and notices of privacy practices. Additional workforce training will also be necessary to update workforce members with access to PHI on the new regulations. HHS, even prior to the publication of the new final regulations, has aggressively investigated and enforced the HIPAA requirements. As such, it is as important as ever to ensure your health plan is HIPAA compliant.

For more information on compliance obligations under the new regulations, please reach out to your Fraser Trebilcock attorney

Reminder: Disclosure Due to CMS for Medicare Part D/Form W-2 Reporting Due/Notice of Exchanges Delayed

Deadline Coming Up for Calendar Year Plans to Submit Medicare Part D Notice to CMS

As you know, group health plans offering prescription drug coverage are required to disclose to all Part D-eligible individuals who are enrolled in or were seeking to enroll in the group health plan coverage whether such coverage was “actuarially equivalent,” i.e., creditable. (Coverage is creditable if its actuarial value equals or exceeds the actuarial value of standard prescription drug coverage under Part D.) This notice is required to be provided to all Part D eligible persons, including active employees, retirees, spouses, dependents and COBRA qualified beneficiaries.

Continue reading Reminder: Disclosure Due to CMS for Medicare Part D/Form W-2 Reporting Due/Notice of Exchanges Delayed

Client Alert: Revised Notice Under CHIRPA

The government has revised the CHIP Notice as of July 31, 2012.  As you are likely preparing and updating your open enrollment materials, if you are required to send the CHIP notice, please be sure to use the attached revised notice.

Continue reading Client Alert: Revised Notice Under CHIRPA