On September 11, 2017, the U.S. Attorneys’ Office for the District of South Carolina announced a settlement with the Family Medicine Centers of South Carolina based in part on allegations that the practice’s internal physician compensation approach violated the Stark Law, and resulted in the submission of false claims to the Medicare and Tricare programs. Family Medicine Centers are a physician-owned chain of family medicine clinics located in and around Columbia, South Carolina.
The allegations in this settlement arose from a lawsuit filed by a physician formerly employed by the Family Medicine Centers of South Carolina under the whistleblower provisions of the Federal False Claims Act. The allegations included the Stark Law was violated by the Family Medicine Center’s (FMC) incentive compensation plan that paid its physicians a percentage of the value of laboratory and other diagnostic tests that they personally ordered through FMC, and then FMC billed the Medicare program. According to the government’s press release, FMC’s physician ceo allegedly reminded FMC’s physicians that they needed to order tests and other services through FMC in order to increase FMC’s profits and to ensure that their take-home pay remained in the upper level nationwide for family practice doctors. Continue reading
The U. S. Department of Health and Human Services (HHS), Office of Inspector General (OIG) recently published an Early Alert report regarding the preliminary results of an ongoing study of potential abuse or neglect in Medicare-certified Skilled Nursing Facilities (SNFs). In the report dated August 24, 2017, the OIG determined that the Centers for Medicare & Medicaid Services (CMS) has inadequate procedures to ensure that incidents of potential abuse or neglect of Medicare beneficiaries residing in SNFs are properly identified and reported. The OIG audit is continuing, but the preliminary results were issued because of the importance of detecting and combating elder abuse. Continue reading
§ 530 (c) of the HIPAA regulations provides, with regard to safeguards, that “a covered entity must have in place appropriate administrative, technical, and physical safeguards to protect the privacy of protected health information.” We typically think of “safeguards” as a security issue, and therefore related mainly to electronic PHI. However, twice in the last three weeks, we’ve had to deal with patients photographing and posting pictures of PHI that was unprotected – once a screenshot and another a paper form. One was meant to embarrass the provider as revenge for making the patient wait. Another was simply meant to illustrate the provider’s laxness. Both incidents were troublesome to resolve.
The lesson from these events is that HIPAA’s requirement to secure PHI is not simply an IT responsibility. Providers should also continually monitor and evaluate their precautions regarding paper records, exposed computer screens, etc.
Written by: Gregory D. Frost