By Robert Ayers

On June 10, OSHA announced two significant developments in the ongoing saga of COVID-19 restrictions in the workplace. First, OSHA issued an emergency temporary standard (ETS) applicable to healthcare settings. Second, OSHA updated its COVID-19 guidance for all other non-healthcare settings. Continue reading →

By Kim Stanger

Idaho has joined several other states in revamping requirements for physician assistants (aka physician associates) effective July 1, 2021. The new law removes the requirement for individually identified supervising physicians and delegation of services agreements in favor of general oversight and/or collaborative practice agreements. Continue reading →

by Kim Stanger

This week, the Office for Civil Rights (“OCR”) announced a $3,000,000 HIPAA settlement arising from a medical center’s loss of an unencrypted laptop and flash drive. (https://www.hhs.gov/hipaa/for-professionals/compliance-enforcement/agreements/urmc/index.html). This is simply the latest of many HIPAA settlements based on the failure to encrypt mobile devices. Similar settlements have arisen from lost or stolen smartphones, computers, hard drives, or other electronic media that were not properly encrypted.

Encryption is an addressable standard under the HIPAA Security Rule, which generally requires covered entities and business associates to “[i]mplement a mechanism to encrypt and decrypt electronic protected health information” and, for such data transmitted over a network, to “[i]mplement a mechanism to encrypt electronic protected health information whenever deemed appropriate.” (45 CFR § 164.312(a)(2)(iv) and (e)(2)(ii)). The OCR explained the standard in a FAQ:

Continue reading →

By Kim Stanger

Healthcare providers sometimes mistakenly assume that they cannot contact a patient’s spouse, parents, or other third parties to obtain payment without the patient’s consent. However, HIPAA generally allows healthcare providers to use or disclose protected health information for purposes of obtaining payment without the patient’s consent or authorization unless the provider has agreed otherwise with the patient. (45 CFR §§164.506(a), (c) and 164.524(a)). The Office for Civil Rights (“OCR”) published the following FAQ discussing this rule:

Does the HIPAA Privacy Rule permit a covered entity or its collection agency to communicate with parties other than the patient (e.g., spouses or guardians) regarding payment of a bill?

Continue reading →

By Kim Stanger

Hospitals—especially rural hospitals—may want to divert inbound ambulances to other facilities, especially when the patient requires services that the hospital may be unable to provide. However, improper diversions may violate the Emergency Medical Treatment and Active Labor Act (“EMTALA”), 42 USC § 1395dd. EMTALA violations may result in penalties of $53,484 to $106,965, depending on the number of beds at the hospital. (42 CFR § 1003.510 and 45 CFR § 102).

EMTALA generally applies to individuals who come to the hospital’s emergency department. In addition to those persons who actually arrive at the hospital, “comes to the emergency department” is defined to include an individual who:

(3) Is in a ground or air ambulance owned and operated by the hospital for purposes of examination and treatment for a medical condition at a hospital’s dedicated emergency department, even if the ambulance is not on hospital grounds¹ … [or]
(4) Is in a ground or air nonhospital-owned ambulance on hospital property for presentation for examination and treatment for a medical condition at a hospital’s dedicated emergency department. However, an individual in a nonhospital-owned ambulance off hospital property is not considered to have come to the hospital’s emergency department, even if a member of the ambulance staff contacts the hospital by telephone or telemetry communications and informs the hospital that they want to transport the individual to the hospital for examination and treatment. The hospital may direct the ambulance to another facility if it is in “diversionary status,” that is, it does not have the staff or facilities to accept any additional emergency patients. If, however, the ambulance staff disregards the hospital’s diversion instructions and transports the individual onto hospital property, the individual is considered to have come to the emergency department.

Continue reading →

by Chris Esseltine, Holland & Hart LLP

Colorado recently enacted a bill that will significantly affect Durable Medical Equipment (DME) suppliers in the state. The bill requires a DME supplier that currently bills or plans to bill the Medicare program for services or products to have a license with the Secretary of State. The licensee must be physically located within the state or within 50 miles of the state, have sufficient inventory and staff to do business, and be accredited by an organization recognized and accepted by the centers for Medicare and Medicaid services.

According to a representative at the Secretary of State’s office, the law will go into effect January 1, 2015. However the office is still working out details about how to procure the license, enforcement and penalties for non-compliance, and a possible grace period past the January 1 deadline.

For more information on this or any other legal issues relating to DME, please contact Chris Esseltine at Holland & Hart.

This publication is designed to provide general information on pertinent legal topics. The statements made are provided for educational purposes only. They do not constitute legal or financial advice nor do they necessarily reflect the views of Holland & Hart LLP or any of its attorneys other than the author. This publication is not intended to create an attorney-client relationship between you and Holland & Hart LLP. Substantive changes in the law subsequent to the date of this publication might affect the analysis or commentary. Similarly, the analysis may differ depending on the jurisdiction or circumstances. If you have specific questions as to the application of the law to your activities, you should seek the advice of your legal counsel.

by Kirk S. Cheney

Idaho’s Medical Indigency Act (the “Act”)¹ offers significant benefits to medical providers. Idaho’s legislature enacted it in 1974 with the express intent “to allow hospitals to obtain compensation for services rendered to indigents.”² The Act requires counties to reimburse medical providers for services provided to indigent patients, provided certain conditions are met. By carefully complying with the Act, a medical provider can effectively shift collection risk to the indigent patient’s county of residence.

Not surprisingly, there is significant overlap between patients who are medically indigent and those who seek protection under the Bankruptcy Code. Accordingly, it is important for medical providers to understand how a patient’s bankruptcy may affect the provider’s rights under the Act. This article sets forth two simple rules medical providers should follow to preserve the protections of the Act in their favor, notwithstanding a patient’s subsequent bankruptcy filing. Continue reading →