More Provider Relief Funds On the Way: Beware Updated Terms and Conditions

/in ,

By Kim Stanger

On April 22, 2020, HHS announced specifics concerning the next round of the $100 billion Provider Relief Fund payments, some of which should reach provider bank accounts today. https://www.hhs.gov/coronavirus/cares-act-provider-relief-fund/index.html. As with the initial $30 billion, the additional payments come with more strings attached.

Additional Payments.

1. General allocation. An additional $20 billion will go to providers who rendered diagnoses, testing or care of individuals with possible or actual cases of COVID-19 after January 31, 2020, including such providers who were largely left out of the initial $30 billion disbursement. The initial $30 billion was allocated based on the providers’ 2019 Medicare fee for services payments. The next $20 billion will also reach providers who receive only a small amount of Medicare revenue, e.g., children’s hospitals. The $20 billion will be allocated so that the combined $50 billion in payments reflects the providers’ 2018 net patient revenue.

Read more

Disclosing Employee’s COVID-19 Status to Employer

/in ,

by Bradley T. Cave and Kim C. Stanger

Healthcare providers struggle to know if and when they may disclose a patient’s COVID-19 status to an employer. The analysis differs somewhat depending on whether the healthcare provider is acting solely in its capacity as a healthcare provider of the patient, or if the healthcare provider also happens to be the employer of the patient. Read more

CMS Expands Blanket Waivers to Help Hospitals and Other Providers

/in ,

By Kim Stanger

On March 30, 2020, CMS issued numerous additional blanket waivers to give providers greater flexibility in responding to COVID-19. (See https://www.cms.gov/files/document/summary-covid-19-emergency-declaration-waivers.pdf). Highlights include the following, but providers should review the entire list of waivers to confirm their scope and conditions. Many of the waivers only apply to the extent consistent with the state emergency preparedness or pandemic plan and/or state law. Read more

Liability of Business Associates for HIPAA Penalties

/in , ,

The HITECH Act extended certain HIPAA obligations to business associates, including those entities that create, receive, maintain or transmit protected health information (“PHI”) on behalf of covered entities. Business associates who fail to comply with their HIPAA obligations may be directly liable for HIPAA penalties ranging from $114 to $57,0511 per violation.

Read more

Producing Records of Other Providers

/in , , , ,

by Kim Stanger

There is a common misunderstanding that healthcare providers may not or should not produce medical records that were created by another healthcare provider.

Under HIPAA, patients have a right to access all records that a provider maintains in a designated record set, i.e., documents the provider uses to make decisions about a patient’s healthcare or payment for healthcare. (45 CFR 164.524). This would generally include records the provider obtains or receives from other providers relating to the patient’s care. Thus, providers generally must produce such records in response to the patient’s request; failure to do so would violate HIPAA. The OCR published the following FAQ relevant to this issue:

A provider might have a patient’s medical record that contains older portions of a medical record that were created by another previous provider. Will the HIPAA Privacy Rule permit a provider who is a covered entity to disclose a complete medical record even though portions of the record were created by other providers?

Answer: Yes, the Privacy Rule permits a provider who is a covered entity to disclose a complete medical record including portions that were created by another provider, assuming that the disclosure is for a purpose permitted by the Privacy Rule, such as treatment. Read more