New York City financial restructuring and bankruptcy partner Robert Christmas authored this column that discusses the importance of proper planning
for health care entities to navigate the legal «shoals» of Bayou Shores and similar cases to arrive at a successful restructuring.
Not exact matches
True
Health's plans
for the next few years are to modernize the hospital laboratory into an
entity that can coordinate and improve patient
care for other hospital departments.
Regardless of whether a private sector
for profit company or a future government
entity such as Medicare controls our
health care needs there will be coverage limits and treatment conflicts that will need our personal intervention.
Subtitle F: Public Institutions -(Sec. 261) Expands the list of institutional
entities eligible
for energy sustainability and efficiency grants and loans to include Indian tribes, not -
for profit hospitals, or not -
for - profit inpatient
health care facilities.
The most recent HIPAA requirements
for certain
health care administrative transactions, such as claims, remittance, eligibility, and claims status requests and responses are identified in American National Standards Institute (ANSI) 5010 Accredited Standards Committee (ASC) X12 version, which went into effect January 1, 2012
for all covered
entities.
Draft or review data sharing, system access and IT services agreements
for hospitals, CCACs, LHINs, prescribed persons (registries), prescribed
entities and
health care associations, among others.
Health care professionals and
entities face complex and constantly changing regulatory oversight that must be complied with in every aspect of professional practice, creating a real need
for experienced legal representation.
Except
for refill reminders and similar communications, treatment and
health care operations communications
for which a covered
entity or business associate receives remuneration is considered marketing.
The authorization
for electronic disclosure of protected
health information described above is not required if the disclosure is made: to another covered
entity, as that term is defined by Section 181.001, or to a covered
entity, as that term is defined by Section 602.001, Insurance Code,
for the purpose of: treatment; payment;
health care operations; performing an insurance or
health maintenance organization function described by Section 602.053, Insurance Code; or as otherwise authorized or required by state or federal law.
Financial institutions and regulated
health -
care custodians will require a different kind of cloud vendor rather than some smaller not -
for - profit
entities.
Helped conduct internal investigations
for health care, financial services, and educational organizations arising from misuse of the
entities» technology by employees, including to access potentially illegal or contraband content or to misappropriate confidential, proprietary information or trade secrets.
Under the Privacy Rule, a covered
entity may «share [PHI] with an individual's family member, other relative, close personal friend, or any other person identified by the individual, [which is] directly relevant to the involvement of that person in the patient's
care or payment
for health care.»
[I] f a state grants legally married spouses
health care decision - making authority
for each other, such that legally married spouses are personal representatives under the HIPAA Privacy Rule, the legally married spouse is the patient's personal representative and a covered
entity must provide the spouse access to the patient's records.
We will stand up to any insurance company,
health care provider, corporation or other powerful
entity to hold them accountable
for the compensation you deserve.
Managing Partner; represents individuals with disabilities; advocate
for special education
for children; represents non-profit /
for - profit
entities that provide services to individuals with disabilities and the elderly; defends
health care providers in licensure and regulatory compliance actions; listed in Best Lawyers in Health Care Law; Top 50 Women Maryland Super Lawyers 2014; selected to Super Lawyers 2013 - pr
health care providers in licensure and regulatory compliance actions; listed in Best Lawyers in Health Care Law; Top 50 Women Maryland Super Lawyers 2014; selected to Super Lawyers 2013 - pres
care providers in licensure and regulatory compliance actions; listed in Best Lawyers in
Health Care Law; Top 50 Women Maryland Super Lawyers 2014; selected to Super Lawyers 2013 - pr
Health Care Law; Top 50 Women Maryland Super Lawyers 2014; selected to Super Lawyers 2013 - pres
Care Law; Top 50 Women Maryland Super Lawyers 2014; selected to Super Lawyers 2013 - present.
Albany
health care partner Laurie Cohen and Chicago
health care partner Valerie Breslin Montague are quoted throughout this feature article discussing the HHS Office
for Civil Rights» increased efforts sanctioning healthcare covered
entities with corrective action plans and financial fines
for major violations of the HIPAA privacy and security rules.
Since the
Health Information Portability and Accountability Act of 1996 (HIPAA) was implemented in 2003, the Office of Civil Rights (OCR) of the U.S. Department of Health and Human Services (HHS) has not conducted a formalized plan for auditing health care providers, insurance plans and other covered entities... unti
Health Information Portability and Accountability Act of 1996 (HIPAA) was implemented in 2003, the Office of Civil Rights (OCR) of the U.S. Department of
Health and Human Services (HHS) has not conducted a formalized plan for auditing health care providers, insurance plans and other covered entities... unti
Health and Human Services (HHS) has not conducted a formalized plan
for auditing
health care providers, insurance plans and other covered entities... unti
health care providers, insurance plans and other covered
entities... until now.
TAANA members practice in a variety of situations, including private law practice, academia, as litigators and defense attorneys, as legal counsel
for healthcare
entities, and in
health care compliance.
Laura Davison covers Internal Revenue Service and Treasury Department regulatory developments related to
health care and businesses organized as passthrough
entities, such as partnerships,
for the...
Covered
entities seeking authorization to use or disclose protected
health information they create
for the purpose of research that includes treatment of individuals, including clinical trials, must include in the authorization (in addition to the applicable elements required above) a description of the extent to which some or all of the protected
health information created
for the research will also be used or disclosed
for purposes of treatment, payment, and
health care operations.
Rather than creating a single definition of «research information,» we allow covered
entities the flexibility to define that subset of protected
health information they create during clinical research that is not necessary
for treatment, payment, or
health care operations and that the covered
entity will use or disclose under more limited circumstances than it uses or discloses other protected
health information.
To avoid this unintended result, the final rule permits covered
health care providers and
health plans to use or disclose protected
health information
for research if the covered
entity obtains from the researcher representations that: (1) Use or disclosure is sought solely to review protected
health information as necessary to prepare a research protocol or
for similar purposes preparatory to research; (2) no protected
health information is to be removed from the covered
entity by the researcher in the course of the review; and (3) the protected
health information
for which use or access is sought is necessary
for the research purposes.
This change recognizes that where covered
entities participate in certain joint arrangements
for the financing or delivery of
health care, they often contract with persons to perform functions or to provide services
for the joint arrangement.
While including all disclosures within the accounting would provide more information to individuals about to whom their information has been disclosed, we believe that documenting all disclosures made
for treatment, payment, and
health care operations purposes would be unduly burdensome on
entities and would result in accountings so voluminous as to be of questionable value.
Therefore, the final rule includes new language, in § 164.510 (b)(4), which allows covered
entities to use or disclose protected
health information to a public or private
entity authorized by law or its charter to assist in disaster relief efforts,
for the purpose of coordinating with such
entities to notify, or assist in the notification of (including identifying or locating) a family member, an individual's personal representative, or another person responsible
for the individual's
care regarding the individual's location, general condition, or death.
(iv) If restricted protected
health information is disclosed to a
health care provider
for emergency treatment under paragraph (a)(1)(iii) of this section, the covered
entity must request that such
health care provider not further use or disclose the information.
Therefore, clergy or other religious practitioners that provide solely religious healing services are not
health care providers within the meaning of this rule, and consequently not covered
entities for the purposes of this rule.
Similarly, we recognize that a covered
entity may wish to rely upon a consent, authorization, or other express legal permission obtained from an individual prior to the applicable compliance date of this regulation that specifically permits the covered
entity to use or disclose individually identifiable
health information
for activities other than to carry out treatment, payment, or
health care operations.
A department or component of a
health plan or
health care provider that transforms nonstandard information into standard data elements or standard transactions (or vice versa) is not a clearinghouse
for purposes of this rule, unless it also performs these functions
for another
entity.
The commenter stated that the clarifying language is needed given the «catchall» category of
entities defined as «any other individual plan or group
health plan, or combination thereof, that Start Printed Page 82578provides or pays
for the cost of medical
care,» and asserted that absent clarification there could be serious confusion as to whether property and casualty benefit providers are «
health plans» under the rule.
Response: A covered
entity may disclose protected
health information
for transcription of dictation under the definition of
health care operations, which allows disclosure
for «general administrative» functions.
Data aggregation, as discussed below, is where a business associate in its capacity as the business associate of one covered
entity combines the protected
health information of such covered
entity with protected
health information received by the business associate in its capacity as a business associate of another covered
entity in order to permit the creation of data
for analyses that relate to the
health care operations of the respective covered
entities.
We add to the definition of
health care operations disclosure of protected
health information
for due diligence to a covered
entity that is a potential successor in interest.
A covered
entity, including a covered
health care provider, may disclose protected
health information to OSHA under § 164.512 (a), if the disclosure is required by law, or if the disclosure is a discretionary one
for public
health activities, under § 164.512 (b).
Similarly, private
entities, such as coding committees, that help government agencies that are
health plans make coding and payment decisions are performing
health care payment functions on behalf the government agencies and, therefore, must enter into business associate agreements in order to receive protected
health information from the covered
entity (absent individuals» authorization
for such disclosure).
Because we consider both of these activities to be critical national priorities, we do not require covered
entities to obtain authorization
for disclosure of protected
health information to law enforcement or
health oversight agencies — including those oversight activities related to
health care fraud.
(2) A covered
entity participating in an organized
health care arrangement that performs a function or activity as described by paragraph (1)(i) of this definition
for or on behalf of such organized
health care arrangement, or that provides a service as described in paragraph (1)(ii) of this definition to or
for such organized
health care arrangement, does not, simply through the performance of such function or activity or the provision of such service, Start Printed Page 82799become a business associate of other covered
entities participating in such organized
health care arrangement.
We note that the consents that covered
entities are permitted to obtain relate to their own uses and disclosures of protected
health information
for treatment, payment, and
health care operations and not to the practices of others.
(i)
For the purpose of describing the entities participating in a health care provider network or health plan network, or for the purpose of describing if and the extent to which a product or service (or payment for such product or service) is provided by a covered entity or included in a plan of benefits;
For the purpose of describing the
entities participating in a
health care provider network or
health plan network, or
for the purpose of describing if and the extent to which a product or service (or payment for such product or service) is provided by a covered entity or included in a plan of benefits;
for the purpose of describing if and the extent to which a product or service (or payment
for such product or service) is provided by a covered entity or included in a plan of benefits;
for such product or service) is provided by a covered
entity or included in a plan of benefits; or
We expect authorizations that permit another covered
entity to use and disclose protected
health information
for treatment, payment, and
health care operations purposes will rarely be necessary, because we expect covered
entities that maintain protected
health information to obtain consents that permit them to make anticipated uses and disclosures
for these purposes.
In the final rule, data aggregation is defined, with respect to protected
health information received by a business associate in its capacity as the business associate of a covered
entity, as the combining of such protected
health information by the business associate with protected
health information received by the business associate in its capacity as a business associate of another covered
entity, to permit the creation of data
for analyses that relate to the
health care operations of the respective covered
entities.
We do not consider a financial institution to be acting on behalf of a covered
entity, and therefore no business associate contract is required, when it processes consumer - conducted financial transactions by debit, credit or other payment card, clears checks, initiates or processes electronic funds transfers, or conducts any other activity that directly facilitates or effects the transfer of funds
for compensation
for health care.
An issue that arises in the hybrid
entity situation is what records are covered in the case of an office of the hybrid
entity that performs support functions
for both the
health care component of the
entity and
for the rest of the
entity.
For larger
health care entities such as hospitals and
health plans, the Department assumed that the complexity of their operations would require them to seek more customized assistance from outside council or consultants.
A consent provides the individual's permission only
for the covered
entity that obtains the consent to use or disclose protected
health information
for treatment, payment, and
health care operations.
The provisions at § § 164.504 (a)- (c) provide that
for a hybrid
entity, the rules apply only to the part of the
entity that is the
health care component.
The final regulatory flexibility analysis below is based on the best data available (much of it from the Small Business Administration) and represents a reliable estimate
for the effects on small
entities in various segments of the
health care industry.
The
health care component rules are designed
for the situation in which the
health care functions of the legal
entity are not its dominant mission.
Consistent with the other titles of HIPAA, our proposed definition did not include certain types of insurance
entities, such as workers» compensation and automobile insurance carriers, other property and casualty insurers, and certain forms of limited benefits coverage, even when such arrangements provide coverage
for health care services.
For example, a business associate performing a function under
health care operations on behalf of an organized
health care arrangement would be permitted to combine or aggregate the protected
health information obtained from covered
entities participating in the arrangement to the extent necessary to carry out the authorized activity and in conformance with its business associate contracts.