SZD Health Law Scan : Health Care Lawyers & Attorneys : Schottenstein Zox & Dunn Law Firm : Strategic Planning, Managed Care, Insurance : Columbus, Cleveland, Cincinnati, Central Ohio

The Centers for Medicare and Medicaid (CMS) released its annual report on national health spending. According to the CMS press release, 2008 had the "the slowest rate of growth since [CMS] started officially tracking expenditures in 1960." The rate slowed to 4.4 percent down from 6.0 percent in 2007.

However, despite the decelerated growth, health spending's share of the gross domestic product increased from 15.9 percent in 2007 to 16.2 percent in 2008.

CMS also reports the following statistics:

• Hospital spending in 2008 grew 4.5 percent to $718.4 billion, compared to 5.9 percent in 2007, the slowest rate of increase since 1998. 
• Physician and clinical services’ spending increased 5.0 percent in 2008, a deceleration from 5.8 percent in 2007. 
• Retail prescription drug spending growth also decelerated to 3.2 percent in 2008 as per capita use of prescription medications declined slightly, mainly due to impacts of the recession, a low number of new product introductions, and safety and efficacy concerns.
• Spending growth for both nursing home and home health services decelerated in 2008.   For nursing homes, spending grew 4.6 percent in 2008 compared to 5.8 percent in 2007. 
• Total health care spending by public programs, such as Medicare and Medicaid, grew 6.5 percent in 2008, the same rate as in 2007. 
• Health care spending by private sources of funds grew only 2.6 percent in 2008 compared to 5.6 percent in 2007. 
• Private health insurance premiums grew 3.1 percent in 2008, a deceleration from 4.4 percent in 2007.

• Email This
• Print
• Comments
• Trackbacks
• Share Link

The American Hospital Association released a helpful Recovery Audit Contractor Program Update dated October 5, 2009. There is a password required.

The report is also available on the Ohio Hospital Asssociation website as well.

A few highlights:

• To date, CMS has approved only automated audits, which rely on software analysis to find technical errors such as coding errors.
• CMS has delayed approval of complex audits, including medical necessity reviews, in order to finalize processes and policies related to requesting and auditing medical records.
• DRG and coding validations are likely to begin in November 2009 at the earliest, with medical necessity reviews delayed until 2010.AHA has made available to all hospitals a free claim-level Excel tool to assist in tracking RAC audits.

• Email This
• Print
• Comments
• Trackbacks
• Share Link

CGI Technologies and Solutions, Inc. is the RAC contractor for Region B, which includes Ohio.  Provider outreach started in September and, according to CGI's website, will be done by the end of September.  CGI is already operational in Indiana, Michigan, and Minnesota, so expect RAC audits to start in Ohio before the end of the year.  CGI's RAC website is located at racb.cgi.com/Default.aspx

• Email This
• Print
• Comments (2)
• Trackbacks
• Share Link

On June 15, 2009, the American Medical Association (AMA) approved new guidelines for physicians on responding to breaches of patients' electronic medical records (EMR).

According to the AMA Council on Ethical and Judicial Affairs (CEJA) in its report, CEJA Report 3-A-09, these guidelines are intended to fill an important gap in the AMA's policy, which, until now, did not "address physicians' ethical responsibilities in the event the security of electronic records is breached and patient data are inappropriately accessed." The CEJA identified the need for the guidelines particularly in light of the newly enacted American Recovery and Reinvestment Act of 2009 (ARRA), which amended the Health Insurance Portability and Accountability Act of 1996 (HIPAA) to mandate that patients be notified in the event of certain breaches of their medical records.

As adopted, the guidelines state:

"When there is reason to believe that patients’ confidentiality has been compromised by a breach of the electronic medical record, physicians should:

1. Ensure that patients are promptly informed about the breach and potential for harm, either by disclosing directly (when the physician has administrative responsibility for the EMR), participating in efforts by the practice or health care institution to disclose, or ensuring that the practice or institution takes appropriate action to disclose.
2. Follow ethically appropriate procedures for disclosure, which should at minimum include: 
   1. carrying out the disclosure in a private setting and within a time frame that provides patients ample opportunity to take steps to minimize potential adverse consequences; and
   2. describing what information was breached; how the breach happened; what the consequences may be; what corrective actions have been taken by the physician, practice, or institution; and what steps patients themselves might take to minimize adverse consequences.
3. Support responses to security breaches that place the interests of patients above those of the physician, medical practice, or institution.
4. To the extent possible, provide information to patients to enable them to mitigate potential adverse consequences of inappropriate disclosure of their personal health information, such as credit monitoring services or identity theft hotline."

Now, physicians and other health care providers who intend to establish policies to address responses to breaches of their patients' EMR must not only take into account the above AMA guidelines and the recent amendments to HIPAA but they also must remember to consult the applicable laws of their own state.

• Email This
• Print
• Comments
• Trackbacks
• Share Link

Extending its string of positive advisory opinions involving gainsharing arrangements, over the past few months the OIG has issued three new, favorable gainsharing opinions. While the three gainsharing arrangements reviewed by the OIG in the recent opinions bear striking similarities to gainsharing arrangements that received favorable treatment in the past, there are some differences that suggest a broadening of the type of gainsharing arrangements that will receive OIG approval.

• Email This
• Print
• Comments (1)
• Trackbacks
• Share Link

The U.S. Department of Health and Human Services, Office for Civil Rights, recently released guides to providers and patients on when health care providers may communicate with a patient's family, friends, or others involved in the patient's care under the HIPAA privacy regulations.  The guides include frequently asked questions on this subject.  The provider's guide also notes that it is intended to clarify HIPAA requirements so that health care providers do not unnecessarily withhold a patient's health information from family, friends, and other health care providers.  

• Email This
• Print
• Comments
• Trackbacks
• Share Link

Recent confirmation of the premise that labeling a document "peer review" does not automatically invoke the peer review privilege came via the Ohio 12th District Court of Appeals, which affirmed a trial court decision ordering the production of hospital EKG discrepancy reports.

Per hospital procedures, cardiologists overread emergency room physician EKG readings.  A discrepancy report was completed whenever the cardiologist's interpretation differed from the emergency room physician.  The defendants argued that the discrepancy reports were peer review documents and non-discoverable, based on Ohio Revised Code Section 2305.253, Incident or risk management report not admissible or discoverable; and Ohio Revised Code Section 2305.252, Confidentiality of proceedings and records within scope of peer review committee of health care entity.

Critical to the Court's finding that the trial court did not abuse its discretion in ordering production of the reports was evidence in the record that the reports were used for patient care.  The Court also cited a lack of evidence that the reports were actually examined by a peer review committee at the hospital.  And, the Court noted that the reports were not "incident or risk management reports" since the purpose of the forms is not to record a patient injury occurring at the hospital.

• Email This
• Print
• Comments
• Trackbacks
• Share Link

The Fourth District Court of Appeals in Ohio recently released an opinion indicating that the trial court erred by refusing to grant a motion to quash a grand jury subpoena requesting medical records from a physician.  The grand jury had issued a subpoena ordering the physician to produce the medical records of over 50 patients.

The case is instructive regarding application of the physician-patient privilege to grand jury subpoenas in Ohio.  Under Federal privacy regulations, a covered entity may disclose protected health information without a "HIPAA-compliant" authorization in compliance with and as limited by the relevant requirements of a grand jury subpoena.  See 45 C.F.R. 164.512(f)(1)(ii)(B).  However, an Ohio court has recognized that the state law physician-patient privilege is more stringent than the Federal privacy regulations.  See Grove v. Northeast Ohio Nephrology Assoc., 2005-Ohio-6914, Paragraphs 18-23.

The Ohio Supreme Court has stated that in the absence of a prior authorization, a physician or hospital is privileged to disclose confidential medical information in those special situations where disclosure is made in accordance with a statutory mandate or common law duty, or where disclosure is necessary to protect or further a countervailing interest that outweighs the patient's interest in confidentiality.  Biddle v. Warren Gen. Hosp., 1999-Ohio-115 (syllabus).

In this case, the Court found no statutory exception to the physician-patient privilege.  In addition, the Court refused to "judicially create a public policy exception to the privilege statute for grand jury subpoenas."  Physicians and hospitals should be aware of this opinion (and its analysis) when responding to grand jury subpoenas requesting medical records.

• Email This
• Print
• Comments
• Trackbacks
• Share Link