The U. S. Department of Health and Human Services (HHS), Office of Inspector General (OIG) recently published an Early Alert report regarding the preliminary results of an ongoing study of potential abuse or neglect in Medicare-certified Skilled Nursing Facilities (SNFs). In the report dated August 24, 2017, the OIG determined that the Centers for Medicare & Medicaid Services (CMS) has inadequate procedures to ensure that incidents of potential abuse or neglect of Medicare beneficiaries residing in SNFs are properly identified and reported. The OIG audit is continuing, but the preliminary results were issued because of the importance of detecting and combating elder abuse. Continue reading
According to a report released by the U.S. Department of Health and Human Services’ Office of Inspector General (OIG) on June 12, 2017, the Centers for Medicare and Medicaid Services (CMS) overpaid an estimated $729 million in Medicare electronic health record (EHR) incentive payments to participating providers. (The full report is available at https://oig.hhs.gov/oas/reports/region5/51400047.asp). The OIG reviewed whether CMS’ oversight of the Medicare EHR incentive program was sufficient and whether eligible professionals (EPs) nationwide met Medicare incentive payment program requirements and received appropriate incentive payments. Alarmingly, the OIG urged CMS to recoup and audit these incentive payments based on its findings. Participating EPs and hospitals should be cognizant of the ramifications of CMS’ recommendations, including the potential for an audit and recoupment. Continue reading
The U.S. Department of Health and Human Services, Office for Civil Rights (OCR), recently entered a $400,000 Health Insurance Portability and Accountability Act of 1996 (HIPAA) settlement with Metro Community Provider Network (MCPN), a federally-qualified health center (FQHC). The settlement serves as a stark reminder that all covered entities, including FQHCs, must meet the HIPAA Security Rule requirements and that OCR is continuing to step up enforcement efforts in this area. Continue reading
A delay in timely breach notification may now cost you. The U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) recently entered a settlement with Presence Health for untimely reporting a breach of unsecured protected health information (PHI). Presence discovered that its operating room schedules containing PHI for 836 individuals were missing on October 22, 2013. Under the HIPAA Breach Notification Rule, breaches like this which involve >500 individuals are required to be reported to the individuals, prominent media outlets and OCR without unreasonable delay and in no case later than 60 days. Presence did not report the breach to OCR until January 31, 2014, approximately 100 days after discovering the breach. OCR’s investigation concluded that Presence failed to notify, without unreasonable delay and within 60 days of discovering the breach, each of the 836 individuals, the media and OCR. Presence agreed to pay $475,000 to settle the potential violations.
The Press Release and Resolution Agreement are available on the OCR website.
Written by: Jacob Simpson
The U.S. Department of Health and Human Services Office of Inspector General (OIG) released today, August 24, 2016, an updated guidance on the OIG’s views on the applicable independence and objectivity standards for Independent Review Organizations (IROs) that perform reviews required under Corporate Integrity Agreements (CIAs), such as claims reviews and cost report reviews. The OIG has previously issued guidance in 2004 and 2010 to reflect updated standards and the additional types of IRO reviews included in CIAs. This OIG guidance released today is to reflect the 2011 revisions to the GAO accounting standards. Continue reading