Category Archives: Governance

February 6, 2018

IMGMA Q/A: Producing Records

By Kim Stanger

Ed. note: This article also appears in an issue of the Idaho MGMA monthly newsletter.

Question:  What is the difference between a “designated record set” and “legal health record,” and what must we provide when we receive a request for “records”?

Answer:  HIPAA defines “designated record set” as:

A group of records maintained by or for a covered entity that is:

(i)        The medical records and billing records about individuals maintained by or for a covered health care provider; [or]

(iii)      Used, in whole or in part, by or for the covered entity to make decisions about individuals.

(45 CFR 164.501).  With very limited exceptions, patients and their personal representatives generally have a right to access protected health information in their designated record set.  (45 CFR 164.524).  As the OCR recently summarized: Continue reading

April 17, 2017

Group Compensation Arrangements: Stark Requirements

by Kim Stanger

Physician practices must ensure that their group compensation structures comply with the federal Ethics in Patient Referrals Act (“Stark”) if they intend to bill Medicare or Medicaid for services rendered or referred by the group physicians. Under Stark, if a physician1 (or a member of the physician’s family) has a financial relationship with an entity, the physician may not refer patients to the entity for certain designated health services (“DHS”)2 payable by Medicare and Medicaid unless the financial relationship is structured to fit within a regulatory safe harbor. (42 CFR § 411.353). Stark applies to DHS referrals within the group, so the physician’s compensation arrangement must be structured to comply with Stark; otherwise, the group may not bill Medicare and Medicaid for DHS that were referred improperly, and, if they were improperly billed, the entity must repay amounts improperly received. Failure to report and repay within 60 days may result in additional civil penalties of $15,000 per claim as well as False Claims Act liability. Repayments may easily run into hundreds of thousands of dollars. Given the potential liability, it is critical that physician group compensation arrangements be structured to fit within one of the following regulatory safe harbors if they intend to participate in Medicare or Medicaid. Continue reading

December 19, 2016

Requiring Referrals from Employees and Contractors

by Kim Stanger

Many providers mistakenly believe that the federal Stark law prohibits hospitals and other employers from requiring employed or contracted physicians to refer healthcare services to the employer. Stark actually allows a hospital or other employer to require contracted physicians to refer items or services to the hospital if the items or services relate to the physician’s services under the contract and certain additional conditions are satisfied.

Stark Regulations. Stark’s “special rules on compensation” state:

A physician’s compensation from a bona fide employer … or other arrangement for personal services may be conditioned on the physician’s referrals to a particular provider, practitioner, or supplier, provided that the compensation arrangement meets all of the following conditions. The compensation arrangement:
(i) Is set in advance for the term of the arrangement.
(ii) Is consistent with fair market value for services performed (that is, the payment does not take into account the volume or value of anticipated or required referrals).
(iii) Otherwise complies with an applicable exception under [42 CFR] §411.355 or §411.357.
(iv) Complies with both of the following conditions:

(A) The requirement to make referrals to a particular provider, practitioner, or supplier is set out in writing and signed by the parties.
(B) The requirement to make referrals to a particular provider, practitioner, or supplier does not apply if the patient expresses a preference for a different provider, practitioner, or supplier; the patient’s insurer determines the provider, practitioner, or supplier; or the referral is not in the patient’s best medical interests in the physician’s judgment.

(v) The required referrals relate solely to the physician’s services covered by the scope of the employment, the arrangement for personal services, or the contract, and the referral requirement is reasonably necessary to effectuate the legitimate business purposes of the compensation arrangement. In no event may the physician be required to make referrals that relate to services that are not provided by the physician under the scope of his or her employment, arrangement for personal services, or contract.

Continue reading

December 6, 2016

Liability for Non-Employees: Beware Apparent Authority

by Kim Stanger

As a general rule, hospitals and other healthcare providers are not liable for the acts of non-employed medical staff members, independent contractors or vendors; instead, each party is responsible for its own actions or those of its employees or agents who are acting within the scope of their employment or agency. However, courts are sometimes willing to hold a hospital or provider vicariously liable for the acts of non-employees under the doctrine of “apparent authority”.

Apparent Authority. In Jones v. Healthsouth Treasure Valley, for example, the Idaho Supreme Court held that a hospital might be liable for the acts of an independent contractor if: (1) the hospital’s conduct would lead a plaintiff to reasonably believe that another person acts on the hospital’s behalf (i.e., the hospital held out that other person as the hospital’s agent); and (2) the plaintiff reasonably believes that the putative agent’s services are rendered on behalf of the hospital (i.e., the plaintiff is justified in believing that the actor is acting as the agent of the hospital). (147 Idaho 109, 206 P.3d 473 (2009)). The Idaho Supreme Court recently reaffirmed the apparent authority theory in Navo v. Bingham Memorial Hospital, 160 Idaho 363, 373 P.3d 681 (2016). Continue reading

October 10, 2016

Office of the National Coordinator for Health Information Technology Issues Formal Guidance for Selecting and Negotiating Contracts with Electronic Health Record Vendors

by Teresa Locke, Holland & Hart LLP

On September 26, 2016, the U.S. Department of Health and Human Services’ (HHS) Office of the National Coordinator for Health Information Technology (ONC) released a practical and straightforward tool to assist health care providers as they select and negotiate the acquisition of an electronic health record system (EHR). The document’s title accurately encapsulates the content of the 53-page guide: “EHR Contracts Untangled: Selecting Wisely, Negotiating Terms, and Understanding the Fine Print.” The guide can be found at The new contract guide explains important concepts in EHR contracts and includes example contract language to help providers and health administrators in planning to acquire an EHR system and negotiating contract terms with vendors. Continue reading

September 13, 2016

Idaho Board of Medicine Disavows the Corporate Practice of Medicine Doctrine

By Kim Stanger, Holland & Hart LLP

For decades, the Idaho Board of Medicine took the position that, with limited exceptions, the Idaho Medical Practice Act “prohibits unlicensed corporations and entities from hiring physicians as employees to provide medical services to patients.” Memo from J. Uranga to Idaho State Bd. of Medicine dated 2/26/07. This “corporate practice of medicine doctrine” had its Idaho foundation in a 1952 Idaho Supreme Court case which held that:

[n]o unlicensed person or entity may engage in the practice of the medical profession though licensed employees; nor may a licensed physician practice as an employee of an unlicensed person or entity. Such practices are contrary to public policy.

Worlton v. Davis, 73 Idaho 217, 221 (1952). The Board of Medicine warned that violations of the doctrine may result in disciplinary action against physicians and, more recently, physician assistants. Entities that improperly employed physicians or physician assistants risked the possibility of criminal action for the unauthorized practice of medicine.

Over the years, the corporate practice of medicine doctrine has been criticized as anachronistic and inconsistent with recent legislative action. See, e.g., M. Gustavson and N. Taylor, At Death’s Door—Idaho’s Corporate Practice of Medicine Doctrine, 47 Idaho L. Rev. 480 (2011). Continue reading

July 30, 2014

Beware Excluded Individuals and Entities

by Kim C. Stanger, Holland & Hart LLP

Federal laws generally prohibit providers from billing for services ordered by, or contracting with, persons or entities that have been excluded from participating in Medicare, Medicaid, or other federal health care programs. Violations may result in significant penalties, including repayment of amounts improperly received. To avoid penalties, providers should check the OIG’s List of Excluded Individuals and Entities (“LEIE”) before hiring, contracting with, or granting privileges to employees, contractors, or practitioners, and should periodically re-check the LEIE thereafter.

Effect on Excluded Entities. Federal statutes such as the Civil Monetary Penalties (“CMP”) law allows HHS to exclude individuals and entities from participating in federal health care programs if they have been convicted of fraud or abuse or engaged in certain other misconduct. (See, e.g., 42 USC §§ 1320a-7 and 1320c-5). States are required to exclude from Medicaid any person or entity that has been excluded by HHS. (Id.). An excluded individual or entity generally may not do the following: Continue reading

August 12, 2013

Providing Auxiliary Aids to Hearing or Visually Impaired Persons

by Kim Stanger, Holland & Hart LLP

We are often asked whether healthcare providers must provide interpreters or other auxiliary aids to persons who are hearing or visually impaired.  The Americans with Disability Act (“ADA”) prohibits places of public accommodation (including private physician offices and hospitals) from discriminating against persons with disabilities.  Healthcare providers must provide auxiliary aids to patients or companions of the patient (e.g., parents, spouses, or personal representatives) if doing so is necessary to ensure effective communication unless doing so would cause undue hardship or fundamentally alter the nature of the provider’s services—standards that are very difficult to prove.  The fact that an appropriate auxiliary aid costs more than reimbursement for the provider’s service is not “undue hardship.”  Appropriate auxiliary aids may include interpreters, video remote interpreting (“VRI”), written materials, exchange of written notes, assistive listening devices, etc.  The provider should consult with the patient, but the ultimate decision as to what measures to take rests with the provider so long as the measures ensure effective communication.  For simple communications involving hearing impaired persons, lip reading or using a pen and note pad may be sufficient; for communications involving complex information (e.g., discussions about significant medical issues, treatment options, or instructions), the Department of Justice (“DOJ”) has suggested that ASL interpreters may be required. 

ADA regulations confirm that providers may not charge the patient for the cost of the auxiliary aids, nor may providers require the patient to bring their own interpreter or supply other auxiliary aids.  Providers may not rely on adults accompanying the patient to interpret unless it is an emergency and there is no other interpreter available, or the patient requests that the adult interpret and the provider believes reliance on the adult is appropriate.  Providers may not rely on minors to interpret unless it is an emergency and there is no other interpreter available.  Providers may not coerce, threaten, intimidate or retaliate against a patient or their companion for requesting auxiliary aids or exercising their rights.

For more information, see the ADA regulations at 28 CFR part 36; the OCR’s website,; or the DOJ’s ADA website,  Among other things, the DOJ’s website contains information about its ongoing Barrier-Free Health Care Initiative.

Kim Stanger is the Chairman of Holland & Hart LLP’s Health Law Group.  He can be reached at or (208) 383-3913.  To subscribe to Holland & Hart’s free e-newsletter or blog concerning health law issues, please e-mail Mr. Stanger.

April 18, 2013

OIG Issues Revised Self-Disclosure Protocol

by Patricia (Pia) Dean, Holland & Hart LLP

On April 17, 2013, the Department of Health and Human Services Office of Inspector General released a revised provider self-disclosure protocol (SDP) that supersedes and replaces the 1998 Federal Register Notice and the Open Letters to Health Care Providers issued in 2006, 2008, and 2009. The SDP reaffirms the obligation on all members of the health care industry to take measures to detect and prevent fraudulent and abusive activities, and establishes new reporting requirements and guidance on calculating penalty multipliers.

Importance of Voluntary Self-Disclosure

The new SDP reaffirms the importance of self-disclosure, including OIG's position that individual and entities that use the SDP and cooperate with OIG during the SDP process deserve to pay a lower multiplier on single damages than would normally be required. For the first time, the SDP states OIG's general practice of requiring a minimum multiplier of 1.5 times the single damages, although the specific multiplier accepted may vary depending on the facts of each case.

CMS 60-Day Report and Repay Rule

The new protocol addresses CMS's proposed 60-day "report and repay" rule. The Affordable Care Act generally requires that providers report and return Medicare or Medicaid overpayments within 60 days of the date the overpayment is first identified. Failure to report and repay within 60 days may create liability under the Civil Monetary Penalties Law (CMPL) and False Claims Act. CMS issued its proposed rule implementing the 60-day repayment obligation in February 2012. (77 FR 9179). The proposed rule would suspend the obligation to report overpayments when OIG acknowledges receipt of a submission on the SDP, provided the submission is timely made. In return for suspending the 60-day requirement, the new SDP states that OIG expects disclosing parties to disclose with a good-faith willingness to resolve all liability within the CMPL's six-year statute of limitations. OIG has indicated it will provide additional guidance regarding the 60-day obligation and SDP process after CMS releases a final rule.

Eligibility Criteria and Guidance

The SDP provides greater guidance on how to investigate potentially fraudulent conduct, quantify damages, and report the conduct to OIG. According to the SDP, over the past 15 years, it has resolved over 800 disclosures, resulting in recoveries of more than $280 million to Federal health care programs. The SDP states that all health care providers, suppliers, or other individuals or entities that are subject to OIG's civil monetary penalty authority are eligible to use the SDP. Accordingly, the SDP is not limited to any particular industry, medical specialty, or type of service. By way of example, the SDP states that a pharmaceutical or medical device manufacturer may use the SDP to disclose potential violations of the Federal anti-kickback statute (AKS) because such violations trigger CMP liability.

In addition, the new protocol delineates conduct that is not eligible for the SDP, including (1) matters that do not involve potential violations of Federal criminal, civil, or administrative law for which civil monetary penalties are authorized, such as one exclusively involving overpayments or errors, (2) requests for opinions from OIG regarding whether an actual or potential violation has occurred, and (3) disclosure of an arrangement that involves only liability under the physician self-referral law (Stark) without accompanying potential liability under the AKS for the same arrangement. Conduct that only involves Stark violations should be disclosed to CMS through CMS's Self-Referral Disclosure Protocol.

Among other requirements, the SDP requires that the disclosing parties explicitly identify the laws that were potentially violated, and not just refer broadly to federal laws, rules and regulations. The SDP provides details for the content of all submissions as well as the specific requirements for conduct involving false billing, excluded persons, and the anti-kickback statute and physician self referral law.

The revised SDP is available here.