HIPAA vs. Florida and HIPAA Wins!

In a battle between a state statute and the federal Health Insurance Portability and Accountability Act of 1996 (HIPAA) (42 U.S.C. § 1320d to d-9), the Eleventh Circuit Court of Appeals has held that a Florida statute is preempted by HIPAA because it is an obstacle to the “accomplishment and execution of the full purposes and objectives of HIPAA in keeping an individual’s protected health information strictly confidential.” OPIS Management Resources, LLC, et al. v. Secretary Florida Agency for Health Care Administration, No. 12-12593 (11^th Cir. April 9, 2013).

OPIS, and the other plaintiff parties, are operators and managers of skilled nursing facilities in Florida. In the course of their operations, the nursing facilities received requests from spouses and attorneys-in-fact for the medical records of deceased nursing home residents. Because the parties requesting the records were not “personal representatives” pursuant to HIPAA and its implementing regulations, the facilities refused to disclose the records.  As a result, the requesting parties filed complaints with the U.S. Department of Health and Human Services Offices for Civil Rights, which concluded that the nursing facilities acted properly.

The Florida Agency for Health Care Administration, however, issued citations against the nursing facilities for violating Florida law by refusing to release the records because the state statute requires licensed nursing homes to release a former resident’s medical records to the spouse, guardian, surrogate, or attorney-in-fact of any such resident. Fla. Stat. § 400.145(1). Because of the conflicting interpretations of the relevant laws, the nursing facilities filed a complaint for declaratory judgment. The district court granted the nursing facilities’ motion for summary judgment, explaining that the Florida statute affords nursing home residents less protection than is required by the federal law; therefore, the state law is preempted by HIPAA.

Stricter Federal HIPAA Law Trumps State Law

At the heart of the issue is whether the state statute, in which the “unadorned text…. authorizes sweeping disclosures, making a deceased resident’s protected health information available to a spouse or other enumerated party upon request, without any need for authorization, for any conceivable reason and without regard to the authority of the individual making the request to act in a deceased resident’s stead,” conflicts with federal law, according to Judge Susan H. Black. Finding that it does conflict, the jurist wrote, the state law “frustrates the federal objective of limiting disclosures of protected health information” and is therefore “preempted by the more stringent privacy protections” imposed by federal law. Continue reading »

New Family and Medical Leave Act Guidance for Families of Adult Children with Disabilities

Families now have clarification on when parents may use leave to care for an adult child with a mental or physical disability.

On January 14, 2013, the Wage and Hour Division of the Department of Labor issued additional guidance to help employers determine eligibility of employees to take leave under the Family and Medical Leave Act (FMLA) when the employee has an adult child with a mental or physical disability incapable of self-care due to a serious health condition.

Generally,  entitlement to FMLA leave ends when a child is 18 years old. “Incapable of self-care” means that the individual requires active assistance or supervision to provide daily self-care in three or more of the “activities of daily living” or “instrumental activities of daily living.” Continue reading »

Employers and the Health Reform Law

On June 28, 2012, the Supreme Court, in a 5-4 decision, upheld the Patient Protection and Affordable Care Act (the “Act”), more commonly known as the health reform law, including the highly controversial individual mandate. While the Court limited the Act’s planned expansion of Medicaid, the decision was overwhelmingly a “win” for President Obama.

Now that President Obama has been elected to a second term, those who resisted implementing the first set of provisions (waiting for the Court to rule) will have to begin earnestly working to comply with both provisions already in effect and forthcoming provisions, including key provisions which require compliance in 2014: the individual mandate and the employer mandate.

Provisions currently in effect include:

• No lifetime limits on coverage.
• Restrictions on annual limits.
• No “rescissions,” meaning health plans cannot cancel coverage once you are sick unless you committed fraud when you applied for coverage.
• Dependent care coverage is provided up to age 26 for adult children without employer-sponsored coverage.
• Federal small business tax credits have also been available for employers who provide coverage, with credits differing depending on the size of the company and increasing to 50 percent in 2014.
•  Many consumer employees have already experienced not having to pay out-of-pocket costs for certain preventative services, such as breast cancer screenings and cholesterol tests, and the disqualification of over-the-counter drugs as medical expenses for Flexible Spending Accounts (FSAs) and Health Savings Accounts (HSAs).
• Insurers will have to provide rebates to consumers if they spend less than 80 to 85 percent of premium dollars on medical care.

The impact of both the individual mandate and the employer mandate will not be fully known until closer to 2014; however, there has been great speculation about who will be most impacted. Continue reading »

The Impact of Electronic Storage on Mental Health Care Records

The looming clash over the privacy of mental health care records as they are increasingly being stored electronically was revealed in “As Records Go Online, Clash over Mental Care Privacy,” an article in the June 21, 2012 issue of the Boston Globe.

The Globe article highlighted the case of a patient who attended weekly therapy sessions and, as is typical, revealed her most private secrets, including depression and childhood sexual abuse.  Her psychiatrist at Massachusetts General Hospital would then type a summary into her computerized medical record.  With that, more than 200 pages of sensitive notes became available to any doctor who cared for her within the sprawling Partners HealthCare system.  She discovered this only when a doctor later referenced the notes.

On one hand, Partners (the hospital system) argues that doctors must have a complete picture to make accurate diagnoses and having different rules for psychiatric records contributes to the stigma of mental illness.

On the other hand, this article highlights the delicate privacy issues that are surfacing as electronic medical records become widespread.  Providers in separate networks are preparing to share patients’ records more widely online — to better coordinate care and cut wasteful spending.  This will probably intensify the debate about what should and should not be shared, as well as fears about the unauthorized release of patient information.

As Dr. David Blumenthal, Partners’ chief health information and innovation officer and former national coordinator for health information technology for the Obama administration, said: Continue reading »

Breastfeeding in Public: Mother Sues Sheriff’s Deputy

A mother is suing a sheriff’s deputy in Cook County, Illinois for violation of the state’s Right to Breastfeed Act. The mother, who was at the courthouse to apply for food-assistance benefits, was breastfeeding her seven-week-old daughter in the lobby of the courthouse. The mother and her daughter were covered by a blanket at the time of the feeding. The deputy demanded that the mother move from the courthouse lobby to a public bathroom to breastfeed the baby. Because the mother feared she would disrupt the application process for her benefits if she were kicked out of the courthouse, she quit feeding her daughter instead of moving.

Right to Breastfeed in Illinois

In 2004 the General Assembly of Illinois passed the Right to Breastfeed Act. The stated purpose being:

“The General Assembly finds that breast milk offers better nutrition, immunity, and digestion, and may raise a baby’s IQ, and that breastfeeding offers other benefits such as improved mother-baby bonding, and its encouragement has been established as a major goal of this decade by the World Health Organization and the United Nations Children’s Fund. The General Assembly finds and declares that the Surgeon General of the United States recommends that babies be fed breast milk, unless medically contraindicated, in order to attain an optimal healthy start.”

Continue reading »

Is This by Consent? Changes to Missouri Supreme Court Rule Affect Use of Non-party Subpoenas

Part of a series on issues related to Manufacturers, Distributors and International Trade

A major change involving subpoenas to non-parties has hit the business world in the state of Missouri.

A new amendment to the Missouri Supreme Court Rules now requires non-party record custodians to physically appear at deposition to produce subpoenaed items, unless all parties to the litigation have agreed that the subpoenaed party may produce the items without appearing.

The amendment changes the prevailing practice where parties send out subpoenas to third parties with a letter explaining that they will be excused from appearing at deposition if they produce the requested items along with what is known as a business records affidavit.

Rule 57.09, as amended, now requires parties to first obtain consent from all other parties to the litigation before a subpoenaed witness may produce documents without attending the deposition. This agreement must be communicated to the witness in writing. Absent this agreement, a witness must appear to produce subpoenaed items at deposition.

What does this mean to you? If you receive a subpoena, you may only produce the documents to the party serving the subpoena without appearing at deposition if that party represents to you in writing (e.g., in a letter) that all other parties have consented to production of the docume

nts without need for you to appear at the deposition. Such a letter should protect you from allegations that you improperly produced records by mail, instead of bringing the documents to the deposition. You do not need to see the actual agreement. If you have any questions as to whether you can simply mail the documents, instead of appearing at deposition, you should either call your attorney for advice or simply wait and bring the documents at the time and place designated in the subpoena.

Continue reading »

Supreme Court: Will Five and a Half Hours Be Enough?

Fate of the Patient Protection and Affordable Care Act Lies in Hands of Supreme Court

According to the National Law Journal, the Supreme Court justices granted review in three of the five petitions that it had before them regarding the Patient Protection and Affordable Care Act, all from the 11th Circuit Court of Appeals. That court had struck down the mandate that individuals who can afford health insurance must purchase coverage or pay a penalty.

The Journal article lists the issues on which the Court would hear arguments and the amount of time allotted to each issue, for a total of five and one-half hours.

Oral arguments will be made by the United States Solicitor General, 26 state attorneys general (handled by a single lawyer from a Washington firm), and the National Federation of Independent Business (NFIB).

Typically, Supreme Court oral arguments are scheduled for two hours of argument. Arguments are likely to be held in March.

Undoubtedly, with all of the questions raised by the health care act, five hours will not be sufficient time to answer all of them.

Electronic Health Records: Could Your Practice Be at Risk?

The federal government’s efforts at incentivizing medical providers to use electronic health records (EHRs) may be putting some practices at risk.

In “Electronic Records May Increase Malpractice Lawsuit Risk,” Neil Versel with Information Week refers to a white paper published by the AC Group, a Montgomery, Texas, health IT research and consulting firm. The white paper describes the kinds of risks that medical practices may face if they try to implement EHRs too quickly without the appropriate vendors.

Even vendors who have been certified by the Office of the National Coordinator for Health Information Technology (ONC) have been found lacking in the area of “medico-legal training.” For example, according to Versel, it has been discovered that ONC certification may not require providers “to check drug orders against laboratory results or take into account social and family medical history in creating alerts,” such as the need for more frequent mammograms for a female patient with a mother who has had breast cancer.

Here are just a few other issues that have arisen :

• Critical safety alerts are being missed due to incomplete medication lists;
• Problems with time synchronization of records between electronic charting systems; and
• A high percentage of EHRs do not run drug interaction checks when filling prescriptions.

So to the medical practice community: buyer beware.

The Security Breach Notification Rule

A security breach notification only applies to “unsecured PHI”. PHI that is not encrypted or completely destroyed is considered “unsecured” by HHS. The only way, generally, that HHS has said that PHI would be considered “secured” is if it encrypted or completely destroyed. If that is the case, then the covered entity does not need to develop internal procedures for notification of security breaches. In any event, those practices should review their existing Notice of Privacy Practices to update it with respect to the new notification rule.

WHAT IS A “BREACH” REQUIRING NOTIFICATION UNDER THE RULE?

HHS has defined “breach” to mean a use or disclosure of unsecured PHI in violation of the HIPAA Privacy Rule. As we learned when the Privacy Rule was implemented, PHI generally cannot be used or disclosed without the individual’s prior, written authorization. However, the Privacy Rule also contains a laundry list of exceptions to the general rule. Consequently, covered entities may often have to scrutinize the Privacy Rule to determine whether a breach, indeed, even occurred. Hence, a breach will only occur if the following requirements are met: Continue reading »

Kicking the Habit and Getting Fit Helps Employers’ Bottom Lines

Employee costs are the bottom line

The fact is that employee costs, and curbing those costs, are the “bottom line” for most employers. For years, employers have been struggling to control and minimize the rising costs of health care for their employees. Employers are increasingly forced to transfer health care costs to their employees through higher premiums, copayments and deductibles. Only in the past few years have employers realized that they can assist their employees in improving their overall wellness, while at the same time potentially reducing the employers’ health care costs. The methods that employers have begun experimenting with include implementing wellness programs, offering health risk assessments, and education.

Hard, Cruel Facts

Since 2000 U.S. healthcare cost increases have exceeded the overall inflation rate by a factor of two to five times. (National Coalition on Healthcare, Economic Cost Fact Sheets.)

Continue reading »