Health Care Matters

A Complimentary Newsletter From:

Law Offices Of David S. Barmak, LLC

Partners to Skilled Nursing Facilities

Volume 10, Issue 1                               ADVERTISEMENT                                         2009

In This Issue
CASE STUDY: A Long Term Care Facility Adopts a Comprehensive Risk Management Program and Drastically Reduces Insurance Premiums
Just How Bad Is It To Sell Patient Privacy?
What To Do Before Declaring Medicare "Bad Debt"
Employers Face Unlimited Punitive Damages Plus Expanded Areas Of Liability For Whistleblowers
Joint Ventures and Possible Kickback Concerns
David S. Barmak, Esq. 
David Photo
Licensed to practice law in the States of New Jersey, New York and Connecticut. 
 
Case Study:  A Long Term Care Facility Adopts a Comprehensive Risk Management Program and Drastically Reduces Insurance Premiums.
Overview of the Risk Management Program
 
The Law Offices Of David S. Barmak, LLC, for the past 8 years, provided a formal Risk Management Program for a 100+ bed skilled nursing Facility in New Jersey.  The Risk Management Program covers clinical, operational and legal risk exposures.
 
The law offices has conducted the following clinical and operational risk management services for the Facility:
  • Quarterly clinical and billing audits, including review of medical records to ensure documentation matches the services actually provided and review of UB-92 billing claim forms to ensure that the billing is supported by appropriate documentation.  Facility policies and procedures are reviewed and enhanced as findings indicate. Quality of care, compliance with state and federal regulations, and clinical standards of practice are the primary focal points for the quarterly audits.
  • The quarterly review generates a dynamic work plan that specifically details the findings and recommendations for remedy and/or improvement.
  • Review of the incident reports for the quarter.
  • Quarterly Risk Management Committee meetings that coincide with the quarterly Facility's Quality Assurance Committee meetings.
  • Training for appropriate staff on documentation and coding (nursing, therapy and billing).
  • Quarterly audits and training for department heads and staff in the following areas:
    • Quality Assurance / Fraud and Abuse
    • HIPAA Privacy and Data Security
    • Employment (discrimination, harassment)
    • Disaster Recovery Planning
    • Miscellaneous additional regulatory issues

Enter a New Insuror

CNA Insurance was asked to review the professional and general liability insurance policies of the Facility with an eye towards reflecting the existing Risk Management Program on the insurance premiums.  To everyone's pleasure, the Risk Management Program substantially reduced a number of risks that everyone agreed was of most interest to the underwriting insurance carrier brought in for a competitive bid.
 
By working with a proactive insurance company that understood the nursing home industry, the new team was able to find important gaps in the existing insurance coverage.  Those gaps were subsequently erased when the Facility switched to the new insurance company for comprehensive coverage.
 
The first problem addressed was a lack of coverage on residents and staff who traveled in the van.  The van had regular state required insurance, but the liability umbrella covering the Facility did not extend to trips with residents outside of the Facility.  Another area of weakness was within the wind coverage area of the policy.  If the Facility were to sustain a loss based on a hurricane, there would have been a deduction of 1% of the applicable limit, or $25,000, whichever was greater.  The new coverage's wind deductible is a flat $15,000, with no additional deductibles.  The business interruption insurance limit was raised by over four times in the new policy, which should enable the Facility to endure and survive any major catastrophe.
 
There were other areas of weakness due to the fact that the policy had been in place for over five years, and the fact that the company writing it, although a great insurance company, no longer writes new coverage for nursing homes.  As a result, certain areas of coverage included on new polices were not available on the old, for example, the way the policy covered medical equipment and home care if needed.
 
Other significant cost savings originated in suggestions made during the first visit:
  • A minor change in the type of fire extinguishers used in the kitchen resulted in a substantial savings of insurance premium.
  • An infrared scan of the building's electric system verified a problem free system, and a five year certificate yielding a savings in the first year of 1 and ½ times the cost of the scan and in all four subsequent years.

A Pleasant Conclusion

The final result of implementing the Risk Management Program is a 30% reduction in annual insurance premiums coupled with a substantial increase in coverage while making the Facility safer for all clients and employees.
 
The key message from all of this is an important reminder:  Overall insurance premiums are based on risk!  If a facility can reduce the risk it poses to an insurance company, the facility will receive a reduced premium.  However, the facility must be able to communicate effective risk management strategies to the insurance company in a meaningful way while providing proof that such strategies will be maintained over time.  All facility managers and ancillary employees need to recognize that they have an essential role in managing risk for the facility and themselves.
 
If you would like more information on implementing a Risk Management Program that may lower your professional liability premium, please call David Barmak at (609) 688-0055.
Readers Ask: Just How Bad Is It To Sell Patient Privacy?
Dear Editor,
 
I understand that the Health Insurance Portability and Accountability Act (HIPAA) can impose criminal penalties if we violate a patient's privacy.  Is this true and how likely is it that this will happen?
 
Worried Health Care Provider
 
Dear Worried Health Care Provider,
 
Yes, HIPAA's Privacy Rule does provide for criminal penalties for egregious breaches of a patient's privacy with respect to his/her protected health information (PHI).  However, the breach really would need to be egregious.
 
There are three levels of criminal provisions in the privacy regulations.  The first level involves misdemeanor violations.  These breaches of privacy are unlikely to result in criminal prosecutions.  These breaches involve the disclosure of PHI without malicious intent.  The next level adds the element of committing the breach of privacy under false pretenses.  This is a felony.  Whoever commits this crime is liable for up to a $100,000 fine as well as five years in prison.  The third level includes breaching a patient's privacy by selling the PHI for commercial gain.  A guilty verdict for this third level carries the maximum penalty available:  a $250,000 fine and ten years in prison.
 
An example of the third level of criminal prosecution is an employee in a long-term care skilled nursing facility who "sells" information about an HIV infected patient to the tabloids.  So far there haven't been any such prosecutions. 
 
What are more likely to be prosecuted in months to come will be health care providers who ignore the HIPAA Privacy Rule and patient after patient complains with no change in the providers' behavior.
 
Editor

 
Note:  We are happy to answer any questions you have regarding health care legal issues.  Of course all requests for information shall remain anonymous.  All letters are published for educational purposes only.  Legal advice and opinion can only be provided for upon individual consultation.
What To Do Before Declaring Medicare "Bad Debt"
 
A healthcare provider must make reasonable efforts to collect Medicare copayments before labeling the copayments "bad debt" and, where appropriate, submitting "bad debt" for reimbursement to the government. A hasty approach to labeling copayments "bad debt" may also run afoul of anti-kickback regulations as enticements to a referring physician, for example, to refer patients to a particular healthcare provider whom the physician knows will not pursue her patients for Medicare co-payments.
 
Before Medicare copayments may be labeled "bad debt", the provider must show that it made reasonable efforts to collect the moneys owed, that the debt was uncollectible when the provider deemed it as worthless, and that there was no likelihood of future recovery. 
 
The provider should have in place and adhere to a written policy and procedure that details the proper and full procedure for collecting Medicare copayments.  (Reminder -Medicare patients are to be treated exactly the same as private pay patients.)  The policy should detail exactly when a debt is deemed uncollectible.  That, along with documented actual collection efforts, should counter the government allegation that the debt was never really determined to be uncollectible and there are unlawful reasons, (e.g., kickbacks to referral sources) for the lack of effort at collecting the "bad debt".  Consult your Centers for Medicare and Medicaid Services for specific time periods regarding bad debt.  Keeping a bad debt log can also be helpful in proving that a full effort was made to collect outstanding debts.

Employers Face Unlimited Punitive Damages Plus Expanded Areas Of Liability For Whistleblowers
 
The New Jersey legislature recently lifted the cap on punitive damages for whistleblowers by amending the Punitive Damages Act.  All employers, owners and managers should be aware of this altered landscape of liability, one which can mean significant financial burdens to lawsuit losers.
 
CEPA Explained
 
Under the New Jersey Conscientious Employee Protection Act ("CEPA"), employers are forbidden to retaliate against an employee who (1) discloses or threatens to disclose a practice of the employer that the employee reasonably believes is in violation of a law or public policy; (2) provides information to a public body conducting an investigation into any violation of law by the employer; or (3) refuses to participate in any activity that the employee reasonably believes is a violation of a law.
 
The New Jersey Punitive Damages Act limits the amount of punitive damages a party is entitled to recover in a lawsuit.  Prior to the amendment, the Act subjected employers in a CEPA action to five times the liability for compensatory damages or $350,000, whichever was greater.  The amendment now allows CEPA actions to award unlimited punitive damages, a burden that can put firms out of business.
 
New Areas of Liability Especially for Health Care
 
The legislature also amended CEPA to increase the liability that employers face by expanding the areas in which the employer is prohibited from retaliating against an employer.  CEPA now protects an employee who reports or threatens to report to a supervisor or a public body an activity, policy or practice of the employer, or another employer, with whom there is a business relationship, that the employee reasonably believes:
  • is in violation of a law, or a rule or regulation promulgated pursuant to law, including any violation involving deception of, or misrepresentation to, any shareholder, investor, client, patient, customer, employee, former employee, retiree or pensioner of the employer or any governmental entity or, in the case of an employee who is a licensed or certified health care professionals who reasonably believe a policy or practice of the employer constitutes improper quality of patient care.  OR
  • is fraudulent or criminal, including any activity, policy or practice of deception or misrepresentation which the employee reasonably believes may defraud any shareholder, investor, client, patient, customer, employee, former employee, retiree or pensioner of the employer or any governmental entity.

Certain, Not Discretionary Relief Plus Attorneys' Fees

The CEPA amendments also require Courts to provide certain relief as opposed to the previous discretionary standard for employees who have been found to have experienced retaliation by their employers as outlined above.  Such relief includes injunctions, reinstatement to the same or equivalent position, reinstatement of full fringe benefits and seniority rights, compensation for all lost wages, benefits and other remuneration and the payment by the employer of reasonable costs and attorney's fees.  In addition, the Court may also assess a civil fine of not more than $10,000 for the first violation of the Act and not more than $20,000 for each subsequent violation AND unlimited punitive damages.
 
In awarding possible punitive damages, the Court will take into account not only the amount of compensatory damages awarded to the employee, but also the amount of all damages caused to shareholders, investors, clients, patients, customers, employees, former employees, retirees or pensioners of the employer, or to the public or any governmental entity, by the activities, policies or practices of the employer which the employee disclosed, threatened to disclose, provided testimony regarding, objected to, or refused to participate in.

New Agenda for Employers

Employers need to seriously assess the potential liability that these amendments to both CEPA and the Punitive Damages Act add.  The ideal way to minimize potential risk is to develop and establish an anti-retaliation policy and procedure that clearly prohibits the types of retaliatory behavior prohibited under CEPA.  A hotline or some other type of anonymous reporting system should also be established to provide employees with a "safe" option for reporting possible violations of the prohibited behavior.
 
All of the changes to this law represent a potential bonanza for whistleblowers who "reasonably believe".  Employers should waste little time implementing the procedures discussed earlier, and if you have questions, now is the time to seek counsel before these landmines are triggered.

Joint Ventures and Possible Kickback Concerns
The Office of the Inspector General ("OIG") defines joint venture to be any "common enterprise with mutual economic benefit."  A joint venture may take the form of two or more parties creating an entity in order to provide certain healthcare services; an arrangement between the parties to coordinate the provision of healthcare services between themselves; or any other contractual relationship that binds the two or more parties together. 
 
Potential kickback problems develop when one of the parties provides healthcare items or services and the other party is in a position to refer such healthcare items or services.
 
Case study:  Healthcare provider "A" expands into a related healthcare area by contracting with an existing provider, "B", of items and services in that new healthcare area.  "B" agrees to provide the new items and services to "A's" patients.  What if "B" agrees to manage the new items and services for "A"?  What if "B" actually supplies the personnel, billing and all other operational requirements, basically offering a "turn-key" operation for "A"?  In exchange for the increased business that "B" gets for the new referrals, "A" gets a percentage of the profits from the new items and services as remuneration for its referrals to "B".  Possible kick-back issues?  Yes!   Particularly since "B" would otherwise be considered a competitor of "A" had it not been for the contractual joint venture.  This arrangement potentially violates anti-kickback laws and regulations if only one purpose is to induce referrals. 
 
What if "B" agreed to provide "A" with discounted items and services while "B" acts as manager of the new line of items and services for "A"?  Problematic also!
 
The federal anti-kickback law sets criminal penalties for anyone who knowingly and willfully solicits, receives, offers, or pays remuneration to induce referrals of items or services payable by a federal healthcare program.  Many states have their own version of an anti-kickback law.  Violation of the federal anti-kickback law is a felony and possible consequences involve exclusion from federal healthcare programs as well as monetary penalties.
 
The OIG's latest publicized efforts to carefully scrutinize joint ventures between healthcare providers, one of which provides referrals and the other of which provides items and/or services for those referrals, requires all healthcare providers to reevaluate all of their joint ventures for possible kickback transgressions.  What is the OIG's real concern about illegal joint ventures?  The generation of billing for healthcare items and/or services that are medically unnecessary and overpriced.

 
Law Offices Of David S. Barmak, LLC
David Barmak established his health care law firm in 1984 to deliver legal services, both in transactions and litigation, to organizations and professional practitioners in the health care field.  We call this approach "Enterprise-Wide Risk Management" because it includes three important facets:
  1. Counsel and advisement on all aspects of legal risk, from setting up the entity to corporate governance;
  2. Protection of your practice or business through litigation prosecution or defense in the Courts; as well as regulatory compliance and licensure issues before government agencies; and
  3. Operations improvement through the implementation of enterprise-wise onsite audits, programs and training seminars in the areas of, but not limited to, Fraud and Abuse, HIPAA Privacy and Data Security, Employment, A/R Management, Emergency Preparedness, and Workplace Violence.

David S. Barmak, Esq. received his JD from Cornell University and BA from Duke University.  He is licensed to practice and serves clients in the States of New Jersey, New York and Connecticut.  Before making your choice of attorney, you should give this matter careful thought.  The selection of an attorney is an important decision.  The recipient may, if the newsletter is inaccurate or misleading, report the same to the Committee on Attorney Advertising. 

For more information, please contact us:
Telephone (609) 688-0055
Fax (609) 688-1199
Disclaimer:  The contents of this newsletter are presented as general information.  Legal advice and opinion can only be provided upon individual consultation.
        © 2009.  All Rights Reserved.