C&M Health Law

C&M Health Law

Analysis, commentary, and the latest developments in health care law and policy

Stephanie Willis

Stephanie Willis

Stephanie Willis is an associate in Crowell & Moring’s Washington, D.C. office and a member of the firm’s Health Care Group. Stephanie primarily works with health care clients seeking to comply with state and federal health care anti-fraud and abuse laws, privacy and security laws, and licensing laws.

Stephanie’s work incorporates her Master of Public Health degree as well as her past experiences as an associate counsel in the Office of the Inspector General for the Department of Health and Human Services (HHS-OIG) and as an intern at the Massachusetts Division of Insurance, the Health Care Division of the Massachusetts Attorney General’s Office, and the Massachusetts Health Care Connector, which was the first health care exchange in the nation.

Read Stephanie's bio on Crowell & Moring's website

Subscribe to all posts by Stephanie Willis

New OCR Settlement Targets Safety Net Provider on Security Rule Deficiencies

Posted in Health IT, HIPAA & Privacy
On Wednesday, the U.S. Department of Health and Human Services, Office for Civil Rights announced a $400,000 settlement with Metro Community Provider Network arising from MCPN’s alleged failure to implement adequate security management processes to safeguard electronic protected health information in accordance with the Health Insurance Portability and Accountability Act Security Rule. This settlement followed… Continue Reading

CMS Issues Final Rules on MACRA Quality Payment Program Implementation

Posted in Medicare
On November 2, 2016, the final rule with comment period (the “Final Rule”) implementing provisions of the Medicare Access and CHIP Reauthorization Act (MACRA) relating to the new Merit-Based Incentive Payment System (MIPS) and Alternative Payment Models (APMs) will be published in the Federal Register.  The Center for Medicare and Medicaid Services (CMS) also launched… Continue Reading

Blocking Access to Health Information May Violate HIPAA

Posted in Health IT, HIPAA & Privacy
The HHS Office of Civil Rights published a new FAQ response (OCR FAQ) detailing the agency’s position that generally information blocking will violate the HIPAA Privacy and Security Rules if it affects a covered entity’s access to its own protected health information (PHI) or its ability to respond to requests for access to PHI from… Continue Reading

OCR Announces Major HIPAA Enforcement Initiative

Posted in HIPAA & Privacy
The Department of Health & Human Services Office of Civil Rights (“OCR”) announced on August 18, 2016 that it is stepping up enforcement actions related to small breaches.  Although OCR investigates all reported breaches affecting more than 500 people, this new initiative will increase investigations of breaches affecting fewer than 500 people.  As OCR recognizes,… Continue Reading

Next Generation ACO Model Enters its Second & Final Application Cycle

Posted in Health Care Reform & ACA
This month, the Centers for Medicare & Medicaid Services (CMS) announced the beginning of the second application cycle for its Next Generation ACO Model (Next Gen Model).  We discussed the goals of the Next Gen Model and how it compares to the Medicare Shared Savings Program and Pioneer ACO models in this post from last… Continue Reading

The ONC Proposes the Direct Review of Certified Health IT in Oversight Rule

Posted in Health IT
The Office of the National Coordinator for Health Information Technology (“ONC”) began the month of March and the HIMSS Annual Conference with the announcement of an unexpected proposed rule, the Enhanced Oversight and Accountability Rule (the “Oversight Rule”). The Oversight Rule would expand ONC’s role in the ONC Health IT Certification Program (“Program”). Specifically, the… Continue Reading

C&M Alert on the “Overdue” 60-Day Overpayment Rule for Part A & B Providers

Posted in Fraud, Waste & Abuse
Our Health Care Group attorneys have authored a new alert explaining the implications of the final rule on the reporting and return of overpayments (the “Overpayment Rule”) the Centers for Medicare & Medicaid Services (CMS) issued earlier this month.  CMS promulgated the Overpayment Rule nearly two years after the agency issued its final rules governing… Continue Reading

CMS Announces Substantial Increase in ACO Participants for 2016

Posted in Health Care Reform & ACA
On January 11, 2016, the Centers for Medicare & Medicaid Services (CMS) announced that 100 new Accountable Care Organizations (ACO) began participating in the Medicare Shared Savings Program (MSSP). CMS also announced that 21 new providers and hospitals have signed up to participate in other ACO-focused shared savings programs, including the Pioneer ACO Model, Next… Continue Reading

Supreme Court To Take Up Implied Certification Theory of FCA Liability

Posted in Fraud, Waste & Abuse, Health Care Reform & ACA, Litigation
Last week, in a case that will have a significant impact on future False Claims Act (FCA) suits against health care entities, the Supreme Court granted certiorari in Universal Health Services, Inc. v. United States ex rel. Escobar.  By agreeing to hear the case, the Court will resolve the circuit split over the so-called “implied… Continue Reading

Recent OCR Settlements Highlight Continuing HIPAA Enforcement Trends

Posted in HIPAA & Privacy
Last week, the HHS Office of Civil Rights (OCR) announced a settlement that has far-reaching implications on the importance of complying with the HIPAA Security Rule where medical devices create and maintain electronic protected health information (ePHI).  See Data Law Insights for a post authored by Jodi Daniel, Elliot Golding, and Stephanie Willis for more… Continue Reading

Health Care System Receives Favorable Advisory Opinion for Free Transportation Services

Posted in Fraud, Waste & Abuse
HHS-OIG published a new favorable advisory opinion on October 21, 2015 regarding free transportation services offered by an integrated health care system.  Integrated health care systems continually seek ways to provide seamless, connected care to patients who may be using multiple providers for treatment of medical conditions. Free transportation is a potential way to ensure… Continue Reading

DOJ’s Memo on Individual Accountability Tears at the Corporate Veil

Posted in Fraud, Waste & Abuse, Litigation
The Department of Justice (DOJ) has further focused its sights on individual executives as responsible parties for corporate misconduct.  On September 9, 2015, Deputy Attorney General Sally Quillian Yates issued a strongly worded seven-page memorandum to all U.S. Attorneys and the Assistant Attorneys General of DOJ’s various divisions nationwide titled “Individual Accountability for Corporate Wrongdoing”… Continue Reading

Previewing the Final Rule Implementing Changes to Medicare Shared Savings Program

Posted in Health Care Reform & ACA, Medicare
After much anticipation over the past few weeks, the Federal Register from Tuesday, June 9th contains the Final Rule proposing changes to the Medicare Shared Savings Program (MSSP) from the Centers for Medicare & Medicaid Services (CMS). The finalized changes to the MSSP provide additional flexibility and choice to Accountable Care Organizations (ACOs) currently participating… Continue Reading

OIG Teams Up With Private Sector to Provide Guidance to Health Care Governing Boards

Posted in Fraud, Waste & Abuse
The role of a health care entity’s governing board in the implementation and oversight of a compliance program is not always clear. Although board members are not often directly involved in care delivery, the Department of Health and Human Services’ Office of the Inspector General (OIG) views the governing board as integral to setting the… Continue Reading

Crowell’s Long-Term Care Policy Update—Recapping the Discussions and Debates

Posted in Health Care Reform & ACA, Medicaid, Medicare
On April 17th, Crowell & Moring’s Government Affairs and Health Care Groups hosted speakers from Capitol Hill, federal agencies, and national trade groups during a thought-provoking half-day Long Term Care Policy Update forum (“LTC Forum”).  The LTC Forum was spearheaded by James Flood and Scott Douglas, who recently joined the firm from the Government Affairs… Continue Reading

FY 2014 HCFAC Report Shows Increasing DOJ and OIG Fraud-Fighting Efficiency

Posted in Fraud, Waste & Abuse
Every year, the Department of Justice (DOJ) and the Department of Health and Human Services Office of the Inspector General (OIG) report the results of their fraud prevention and recovery efforts to Congress.  As recounted in the recently released Health Care Fraud and Abuse Control Program (HCFAC) report, the overall amount recovered in FY 2014… Continue Reading

Next Generation ACO Model Sets Tone for CMS’s Push Toward Value-Based Payment

Posted in Health Care Reform & ACA
Through the announcement of its new “Next Generation ACO Model” (Next Gen Model) program on March 10, 2015, the Centers for Medicare & Medicaid Services is making good on its recently proclaimed goal to tie half of its fee-for-service Medicare payments to value-based payment methodologies by the end of 2018. The program name aptly describes… Continue Reading

New Jersey Becomes Second State to Require Encrypting Certain Personal Information

Posted in HIPAA & Privacy
New Jersey Senate Bill No. 562 (“SB 562”), signed into law on January 9, 2015, will require health insurance carriers authorized to issue health benefits plans in New Jersey to encrypt personal information. The law applies to personal information maintained in “end user computer systems and computerized records transmitted across public networks” beginning on August… Continue Reading