HHS

Subscribe to HHS

In order to move health care organizations towards consistency in mitigating important cybersecurity threats to the health care sector, the Department of Health & Human Services (HHS) published multiple guidance documents on best practices for health care organizations to reduce cybersecurity risks (“HHS Cyber Guidance”). The HHS Cyber Guidance is the result of HHS’ public-private partnership with more than 150 cybersecurity and health care experts. While compliance is voluntary, this guidance serves as direction to health care entities on important practices that should be considered and implemented to reduce risk.

Why HHS has published this guidance

Continue Reading HHS Releases Voluntary Cybersecurity Practices Guidance

The Health Care Group’s newest partners, William S.W. Chang and Laura M. Kidd Cordova, along with Counsel Stephanie D. Willis, have authored an Alert about the 21st Health Care Fraud and Abuse Control Program (HCFAC) annual report released last Friday.  The HCFAC report is a joint effort of the U.S. Department of Justice (DOJ) and the U.S. Department of Health and Human Services (HHS) that describes the expenditures, results, and enforcement actions of the previous fiscal year.  The authors note that compared to FY 2016, other than expanded efforts to combat the opioid crisis, enforcement remained more or less consistent with prior trends.  In monetary terms, HCFAC spending slightly increased, while overall monetary recovery and returns on investment in fraud prevention efforts significantly decreased.  Interestingly, however, the proportion of overall recoveries resulting from HHS auditing activities considerably increased.

Read the rest of the Alert’s analysis of the HCFAC report and register for our webinar next Tuesday, April 17th.  During the webinar, listeners will hear Will and Stephanie, who were attorneys employed by DOJ and the HHS Office of the Inspector General (HHS-OIG), respectively, give their insights about the significance of the report for health care companies and the health care industry.

 

The U.S. Department of Health and Human Services (“HHS”) announced a proposed rule to modernize the federal substance abuse confidentiality rules set forth in 42 C.F.R. Part 2.  The proposed updates seek to address longstanding complaints from providers and Health Information Exchanges (“HIE”) that the highly stringent confidentiality rules often stymie patient care by limiting information sharing.  In addition to updating definitions, the changes would lessen some of the burdens associated with obtaining patient consent and disclosing data for research purposes, though would also provide patients with new rights to an accounting of disclosures.   The rules will likely make it easier for providers with direct treatment relationships to better engage in integrated care efforts, though the rules do little to address how other “lawful holders” of substance abuse information, such as health plans or HIEs, can use or disclose it. 

Comments on the proposed changes will be accepted until April 11, 2016.

 

Every year, the Department of Justice (DOJ) and the Department of Health and Human Services Office of the Inspector General (OIG) report the results of their fraud prevention and recovery efforts to Congress.  As recounted in the recently released Health Care Fraud and Abuse Control Program (HCFAC) report, the overall amount recovered in FY 2014 was $1 billion less than what the agencies reported in 2013 ($4.3 billion).  Nevertheless, the report touted the $2 increase in the return on investment from DOJ and OIG’s fraud and abuse investigations overall (from $5.70 to $7.70).  The HCFAC report shows that, despite losing $62.1 million in funding beginning in FY 2013 due to sequestration, both DOJ’s and OIG’s antifraud work remains potent  and is growing more sophisticated.

Here is an overall comparison of the FY 2014 and FY 2013 reports:

DOJ Activities FY 2013 FY 2014
New Criminal Investigations 1,013 924
New Civil Investigations 1,083 782
Health Care Fraud Convictions 718 734
Total Allocation $573,667,581 $571,702,217

 

OIG Activities FY 2013 FY 2014
New Criminal Actions 849 924
New Civil Actions 458 529
Individuals Excluded from Federal Health Care Programs 3,214 4,017
Total Allocation $487,381,848 $485,824,633

Continue Reading FY 2014 HCFAC Report Shows Increasing DOJ and OIG Fraud-Fighting Efficiency

On February 13, the Departments of Health and Human Services (“HHS”), Labor (“DOL”) and Treasury (collectively, the “Departments”) issued Part XXIII of their FAQs about Affordable Care Act implementation. This latest FAQ provides additional guidance regarding “excepted benefits,” i.e., benefits that are exempt from the portability rules under HIPAA as well as various requirements under ERISA (including MHPAEA) and the ACA, including the ACA’s market reforms (such as the prohibition on lifetime and annual limits, etc.). Specifically, the FAQ focuses on a subcategory of excepted benefits known as “supplemental excepted benefits,” which generally are benefits provided under a separate policy, certificate or contract of insurance which are designed to “fill gaps” in primary coverage.

The FAQ notes that, in determining whether insurance coverage sold as a supplement to group health coverage can be considered “similar supplemental coverage” (and hence an excepted benefit), they will continue to apply four criteria previously set forth by the Departments in subregulatory guidance issued in 2007 and 2008:

  1. The policy, certificate, or contract of insurance must be issued by an entity that does not provide the primary coverage under the plan;
  2. The supplemental policy, certificate, or contract of insurance must be specifically designed to fill gaps in primary coverage, such as coinsurance or deductibles;
  3. The cost of the supplemental coverage may not exceed 15 percent of the cost of the primary coverage; and
  4. Supplemental coverage sold in the group insurance market must not differentiate among individuals in eligibility, benefit or premiums based upon any health factor of the individual (or any dependents of the individual)

Continue Reading DOL, HHS & Treasury Issue Additional Guidance Regarding Excepted Benefits

Insurers in U.S. Territories will soon be exempt from popular market-reform and non-discrimination provisions of the Affordable Care Act (ACA). In a July 16 letter, the Department of Health and Human Services (HHS) clarified that the ACA provisions on guaranteed availability, community rating, single risk pool, medical loss ratio, and essential health benefits only apply to “states” as defined by Title 1 of the Public Health Services Act, which would not include U.S. territories.

HHS’ new interpretation comes after sharp criticism from insurers, territory representatives, and even the Federal Circuit. See Halbig v. Burwell, No. 14-5018, slip op. at 37 (Fed. Cir. July 22, 2014). Each had argued that applying these provisions to the territories threatened the stability of the local insurance market because the Affordable Care Act did not simultaneously require territorial residents to purchase insurance coverage nor did it provide the territories with any federal subsidies. Without the individual mandate and federal subsidies, insurers in the territories have struggled to secure a broad base of healthy customers that would stabilize costs and prices that result from the market reform and non-discrimination provisions.

But the territories are not wholly exempt from the Affordable Care Act. The letter explains that provisions of the PHS Act, ERISA, and Code requirements applicable to “group plans” continue to apply because these requirements are not only applicable to “states.”