by Kim C. Stanger, Holland & Hart LLP
The HIPAA privacy and security rules generally apply to protected health information of deceased persons as well as the living. Providers may generally use or disclose such information as follows:
1. Treatment, Payment, or Operations. As with living persons, HIPAA allows providers to use or disclose protected health information of deceased persons for purposes of treatment, payment, or the provider’s healthcare operations, unless the provider has agreed otherwise. (See 45 CFR 164.506 and 164.522(a)). This may include treatment of other living relatives. As the Office for Civil Rights (OCR) explained, “disclosures of protected health information for treatment purposes—even the treatment of another individual—do not require an authorization; thus, a covered entity may disclose a decedent’s protected health information, without authorization, to the health care provider who is treating the surviving relative.” (OCR FAQ, available here). Continue reading
Physicians and other providers are often paid by employers to conduct drug tests, fitness-for-duty or return-to-work exams, or employment physicals for employees. In such circumstances, the physician may mistakenly assume that they may disclose the test and exam results to the employer without the patient’s authorization, but that is not correct.
As with any other protected health information, physicians and other providers generally need the patient’s written, HIPAA-compliant authorization to disclose exam results to the employer. (45 CFR 164.508(a); see also 65 FR 82592 and 82640). However, unlike other treatment situations, a provider may condition the performance of an employee physical or test on the patient’s provision of an authorization, i.e., the provider may refuse to perform the exam unless the patient executes a valid authorization. (45 CFR 164.508(b)(4)(iii); 65 FR 82516 and 82658). In addition, the employer may condition the employee’s continued employment on the provision of the exam results (at least under HIPAA), thereby creating an incentive for the employee to execute the authorization. (65 FR 82592 and 82640). The foregoing rules also apply when the health care provider is the employer, e.g., when a hospital employee receives treatment or tests at the hospital. In those situations, the hospital/employer generally may not access or use the patient/employee’s health information for employment-related purposes without the patient’s written authorization. (67 FR 53191-92). Continue reading
by Kim C. Stanger, Holland & Hart LLP
Regulatory Compliance. If the physician will be performing or referring items or services payable by government healthcare programs, you should generally structure the contract to satisfy applicable safe harbors under the federal Ethics in Patient Referrals Act (“Stark”), 42 CFR 411.355 or 411.357(c), (d) or (l), and the Anti-Kickback Statute (“AKS”), 42 CFR 1001.952(d) or (i). For information concerning those regulatory requirements, see our Client Alert, Stark Requirement for Physician Contracts. In addition, the federal Civil Monetary Penalties Law generally prohibits hospitals from offering inducements to physicians to limit services payable by government programs. (42 USC 1320a-7a(b)(1); 42 CFR 1003.102). If you are a tax-exempt entity, you will also want to ensure the compensation reflects fair market value to avoid 501(c)(3) tax issues. If your state recognizes the corporate practice of medicine doctrine, you may need to structure your arrangement to fulfill any unique requirements applicable to your state.
Written Agreement. Stark and AKS safe harbors generally require current written contracts for independent contractors. Although written contracts are not required for the employee safe harbors, it is usually a good idea to document the arrangement to avoid disputes, especially if there are special compensation requirements, employment is other than “at-will”, or you wish to include a restrictive covenant. Continue reading
by Pia Dean, Holland & Hart LLP
On September 3, 2015, the Department of Health and Human Services (HHS) issued a proposed rule intended to advance health equity and reduce disparities in health care. Section 1557 of the Patient Protection and Affordable Care Act (ACA) is the first federal civil rights law to prohibit discrimination, including denial of health services or health coverage, on the basis of race, color, national origin, age, disability, or sex. The proposed rule, Nondiscrimination in Health Programs and Activities, codifies and expounds on the these protections. The proposed rule applies to any health program or activity which receives funding from HHS, such as providers that accept Medicare or Medicaid patients. In addition, it applies to individuals enrolled in coverage through the Health Insurance Marketplaces (commonly referred to as “Exchanges”) and to all health plans offered by insurers that operate in Exchanges. Continue reading