News / Resources

Welcome to this week's edition of the Health Law Update. Topics covered today include:

• A Sign of the Times: The CMS Bundled Payments for Care Improvement Initiative 
• NLRB Announces New Posting Requirement 
• Health Reform: Agencies Publish Guidance on Summary of Benefits and Coverage and Uniform Glossary Disclosure Requirement 
• HHS to Update Common Rule for Human Research Subjects 
• Medicare Enrollment Happenings 
• Cloud Computing in Healthcare: HIPAA, HITECH and Contracting Considerations 
• Events Calendar

A SIGN OF THE TIMES: THE CMS BUNDLED PAYMENTS FOR CARE IMPROVEMENT INITIATIVE

The Bundled Payments for Care Improvement Initiative (Bundled Payment Initiative) was launched by the Center for Medicare & Medicaid Innovation (CMMI) on August 23 as a separate and new initiative from one that may otherwise be undertaken pursuant to Section 3023 of the Patient Protection and Affordable Care Act (PPACA) -- The National Pilot Program on Payment Bundling. This new initiative underscores the role that CMMI will play, using its own authority, to incentivize innovations in care delivery models in healthcare.

The Bundled Payment Initiative appears ready for rapid movement, at least as to one of the four models that providers may select to proceed. A key component of the Bundled Payment Initiative is the flexibility with which providers appear to be able to structure their proposal, both in choosing the model they wish to pursue and the manner in which they wish to structure the payment, episodes of care and care delivery models.

Providers may choose among one of four broadly defined models of care:

Model 1: Retrospective Acute Care Hospital Stay Only

If Model 1 is chosen, the episode of care is focused on the acute care inpatient hospitalization. Under this model, hospitals may share gains beyond the predetermined MS-DRG payment discount that accrues due to higher quality, more efficient care delivery and more care coordination between and among physicians and other key healthcare personnel that treat patients during a hospital stay. In this model, physicians will be paid separately under the Medicare Physician Fee Schedule. See discount and additional detail relating to the model. CMMI is accepting a nonbinding letter of intent from providers due on September 22, 2011, by 5 p.m., with full application for the model due October 21, 2011.

Model 2: Retrospective Acute Care Hospital Stay Plus Post-Acute Care

Model 2 would include the inpatient stay and post-acute care and would end, at the applicant's option, either 30 or 90 days after discharge. Bundled payments would include physician services, as well as post-acute provider services, related readmissions and other services proposed in the episode definition including clinical laboratory services, durable medical equipment services, prosthetics, orthotics and supplies (DMEPOS) and Part B drugs. Payments are made at the usual fee-for-service payment rates, after which the aggregate Medicare payment for the episode will be reconciled against a target price. The applicable discounts are detailed in the application, but range from 2-3 percent. At the end of the episode of care, the participating providers will be allowed to share in the amount by which total payments were less than the target price. CMMI will be accepting a nonbinding letter of intent from providers due on November 4, 2011, with full application due by March 15, 2012.

Model 3: Retrospective Acute Care Only

In Model 3, the episode of care would begin on the date of discharge from the inpatient stay and extend through 30 days after discharge. In other respects, the bundled payment is structured as in Model 2; however, a minimum discount rate is not specified as it is in the other models.

Model 4: Prospective Acute Care Hospital Stay Only

Model 4 contemplates a single prospective payment to the hospital, encompassing all services furnished during the inpatient hospital stay by the hospital, physicians and other practitioners. Physicians and other practitioners would submit "no pay" claims to Medicare and would be paid by the hospital out of the bundled payment.

The Bundled Payment Initiative contemplates a gainsharing component to the proposed models and outlines the gainsharing design and quality components for consideration in the proposed application. Additionally, it is clear that providers may pursue more than one care coordination initiative and also be considered for this Bundled Payment Initiative.

CMS invites organizations that submit proposals to demonstrate care improvement processes and enhancements such as reegineered care pathways, evidence-based methods, standardization of care using checklists and other care coordination initiatives.

CMS clearly views these initiatives as progress toward achieving the triple aim, describing the Bundled Payment Initiative as "one more step" in an effort across the U.S. Department of Health and Human Services (HHS) to move toward more care coordination in our healthcare system.

For more information, please contact Susan Feigin Harris, sharris@bakerlaw.com or 713.646.1307.

top of page

NLRB ANNOUNCES NEW POSTING REQUIREMENT

On August 25, 2011, the National Labor Relations Board (NLRB) published its Final Rule requiring employers covered by the National Labor Relations Act (NLRA or Act) to post a notice in the workplace informing employees of their right to organize, bargain collectively and engage in other concerted and/or protected activity under the Act. The new rule is scheduled to take effect on November 14, 2011.

The Rule will apply to all private sector employers under the jurisdiction of the NLRA which excludes those employers in the airline and rail industries. The notice is required to be posted in conspicuous locations in the workplace. The NLRB will provide copies of the required notice at no cost beginning on or about November 1, 2011. Alternatively, employers may download the notice from the agency's website and print it on 11x17 inch paper. In addition, employers are required to post the notice on their company website or Intranet site if personnel policies are customarily posted electronically. The employer must post the notice in another language if at least 20 percent of the employees are not proficient in English and speak the other language.

Failure to comply with the NLRB's posting requirement will be treated as an unfair labor practice under the NLRA and such non-compliance may be used to justify tolling of the statutory six-month statute of limitations period with regard to other contemporaneous violations.

The NLRB received more than 7,000 comments after publishing its proposed Notice of Rulemaking in the December 2010 Federal Register. Objection to the Rule focused on whether the NLRB had statutory authority to issue a "legislative" rule. The proposed Rule -- as well as the Final Rule -- informs employees they have the right to organize and form a union; bargain collectively; discuss wages, terms of employment or union organizing with their coworkers or a union; raise work related issues with their employer or a government agency; and engage in strikes and/or picketing. In response to public comment, and consistent with the express language of the Act, the NLRB added language to the notice indicating that employees had the right not to engage in any of these activities.

Although the penalty for non-compliance does not include any monetary fine, it is anticipated that an employer's failure to post the required notice may be used as evidence of union animus during the processing of other, unrelated unfair labor practice charges. Accordingly, we recommend that employers take great care to ensure they are in compliance with the NLRB's new posting requirement.

Please contact Mike Asensio, masensio@bakerlaw.com or 614.462.2622 or any member of Baker Hostetler's Labor Relations Team with questions regarding the Rule.

top of page

HEALTH REFORM: AGENCIES PUBLISH GUIDANCE ON SUMMARY OF BENEFITS AND COVERAGE AND UNIFORM GLOSSARY DISCLOSURE REQUIREMENTS

The U.S. Departments of the Treasury (Treasury), Labor (DOL) and HHS published proposed regulations in the Federal Register on August 22, 2011, regarding PPACA's Summary of Benefits and Coverage and Uniform Glossary disclosure requirements. These proposed regulations are effective March 23, 2012.

Under PPACA, group health plans and insurance issuers in the group and individual markets must disseminate a Summary of Benefits and Coverage notice to current and potential participants and insureds at certain times. In addition, PPACA requires the development of a set of standard definitions for plans and issuers to make available to participants and insureds. Both of these requirements are intended to provide individuals with a better understanding of their health coverage and coverage options.

The proposed regulations provide guidance on the content and timing requirements of the Summary of Benefits and Coverage and Uniform Glossary disclosure obligations. Group health plan sponsors and insurance issuers must familiarize themselves with these requirements prior to their March 23, 2012, effective date. In addition, Treasury, DOL and HHS invite comments to the proposed regulations. All comments are due on or before October 21, 2011.

If you have any questions regarding the Summary of Benefits and Coverage and Uniform Glossary proposed regulations or would like any assistance in drafting your comments to these proposed regulations, please call your Baker Hostetler contact or any member of Baker Hostetler's Healthcare Reform Team.

top of page

HHS TO UPDATE COMMON RULE FOR HUMAN RESEARCH SUBJECTS

HHS provided an Advanced Notice of Proposed Rule Making (ANPRM) on July 22, 2011, to enhance protections for medical research subjects. The ANPRM seeks comments on how better to protect human research subjects while facilitating valuable research. The current Common Rule was developed over twenty years ago and does not reflect changes in how medical research is conducted today or the advanced technology used to facilitate the research.

The stated intent of the proposed rule is to modernize and streamline processes and reduce administrative burden. However, research institutions may see an increased burden in complying with the privacy and information security protections and informed consent requirements. The proposed rule also will be designed to harmonize the various regulations, guidance and interpretations from sources that currently govern human subjects. HHS expects to simplify the expedited approval process and eliminate the need for continued review for studies that are considered "minimal risk." However, how this will be accomplished if the study is later deemed to fall outside the minimal risk category is uncertain, as the study already may have been started before Institutional Review Board (IRB) approval. It further seeks to greatly expand the categories of research that may qualify as exempt to include retrospective studies, among others. Further, the ANPRM seeks comments on streamlining the multi-site research review process with multiple IRBs overseeing the studies. However, with only requiring one IRB review, institutions may "forum shop" for the more lenient or less cumbersome IRB to oversee a multi-site study.

A significant change contemplated in the ANPRM is related to informed consent and waiver rules. Specifically, informed consent requirements such as the consent form's content and presentation, the length of the consent form and prohibition of legalese are suggested. While this may streamline the informed consent process, it does not take into account research-specific issues that may need to be included, special settings such as pediatrics and state informed consent requirements.

Focus on Research Privacy

HHS acknowledges concerns with the current Common Rule and the increasing use of genetic information, biospecimens, medical and research records and administrative data. The risks related to these types of research are considered informational risks, such as the unauthorized release of information about the research subject. The HIPAA Privacy Rule addresses some of these risks by imposing restrictions on how protected health information may be used and disclosed, including for research. The HIPAA Security Rule protects subjects by requiring covered entities and their business associates to have physical, administrative and technical safeguards to protect information in electronic form. However, not all research investigators are subject to HIPAA. Too, the Privacy Act of 1974 does not apply to nonfederal researchers. Further, HHS acknowledges the Common Rule and the HIPAA Privacy Rule can be inconsistent, which makes it difficult for researchers to comply with both. Current privacy regulations do not take into account the genetic and information technologies that make complete de-identification of biospecimens impossible and re-identification of sensitive health data easier.

HHS proposes establishing mandatory data security and information protection standards for all research studies that involve identifiable and potentially identifiable data and where data is collected, stored, analyzed or otherwise reused. HHS also anticipates creating rules to protect against the inappropriate re-identification of de-identified information that is collected as part of a research study. The ANPRM advocates for adopting the HIPAA standards around de-identification and pulling in those investigators who are not covered entities or business associates. With these new rules, HHS expects to streamline the IRB process and no longer require the IRB to assess the adequacy of the protections against informational risks. In addition to adopting the HIPAA Privacy Rule, HHS further proposes the following: (1) research involving identifiable data would be required to adhere to the HIPAA Security Rule, including the breach notification standards; (2) data could be considered de-identified or in a limited data set if the investigator sees the identifiers but does not record them in a permanent research file; and (3) retrospective audits and additional enforcement tools.

For assistance in providing comments to HHS or for other information, please contact Lynn Sessions, lsessions@bakerlaw.com or 713.646.1352.

top of page

MEDICARE ENROLLMENT HAPPENINGS

Revalidating Enrollment Information

All providers and suppliers enrolled with Medicare prior to the March 25, 2011, implementation date for the new screening enrollment criteria must revalidate their enrollment information under the new screening criteria by March 2013, but only after receiving notification from their Medicare Administrative Contractor (MAC). As required by Section 6401(a) of PPACA and published on February 2, 2011, as a final rule with comment period, the Centers for Medicare & Medicaid Services' (CMS's) new screening criteria will include three levels:

• "Limited risk" providers, including, but not limited to, physicians, nonphysician practitioners and medical groups or clinics, will have enrollment requirements, license and database verifications;
• "Moderate risk" providers/suppliers, including comprehensive outpatient rehabilitation facilities, independent diagnostic testing facilities and currently enrolled home health agencies, will have the above verifications plus unscheduled site visits; and
• "High risk" providers/suppliers, including prospective DMEPOS suppliers and home health agencies, will have verifications, unscheduled site visits, criminal background checks and fingerprinting.

Upon receipt of the MAC notification to revalidate, providers should:

• Update their enrollment through internet-based Provider Enrollment, Chain and Ownership System (PECOS) or complete the paper CMS 855;
• Sign and date the certification statement on the application;
• If applicable, pay the fee ($505 for calendar year 2011) through http://www.pay.gov and print a copy of payment receipt; and
• Mail their supporting documents, receipt of application fee payment, if applicable, and certification statement to the MAC.

Upon receipt of the revalidation request letter, providers and suppliers have 60 days from the date of the letter to submit complete enrollment forms or risk deactivation of Medicare billing privileges.

CMS Revisions to Provider-Supplier Enrollment Applications

CMS has published revised versions of the Medicare Provider-Supplier Enrollment Applications (CMS 855) for all provider and supplier types. Although the new forms provide an effective date of July 1, 2011, the previous versions may be used through October 2011. However, as there was no prior version of the 855O to be used for physician and nonphysician enrollment that is solely for the purpose of ordering/referring patients for Medicare benefits, such providers and suppliers should use the new 855O immediately.

The revisions applicable to the 855A new form for institutional providers contain new requirements regarding reporting ownership and managing control interests, including, for physician-owned hospitals, the completion of a separate attachment to the 855A that requires information to be completed for every organization and individual that has any percentage of ownership or investment interest in the provider. Additionally, the new form CMS 855A requires identification of the existence of a hospital's compliance plan and the supplier as proprietary or nonprofit. The revisions to the CMS 855A regarding reporting of ownership and investment interests are not included in the other new forms.

The revised forms 855B, 855S, and 855I require:

• Identification of the supplier as proprietary or nonprofit;
• Reporting of accreditation for independent diagnostic testing facility suppliers that will bill the Medicare program for advanced diagnostic imaging services; and
• The place and country of birth for individuals that have an ownership or managing control interest in the supplier.

See the new CMS 855A, 855B, 855I, 855S, 855R and 855O forms.

For more information, please contact Summer D. Swallow, sswallow@bakerlaw.com or 713.646.1306.

top of page

CLOUD COMPUTING IN HEALTHCARE: HIPAA, HITECH AND CONTRACTING CONSIDERATIONS

Join us for a Webinar on Wednesday, September 21, 2011

1:00 - 2:00 PM EDT

This webinar will discuss main components of a cloud computing platform and its potential ramifications and risks for healthcare providers, health plans and business associates, under HIPAA, the HITECH Act, and various other laws. Key discussions will focus on the healthcare and business considerations, contracting, negotiation, risk and liability aspects of a cloud computing platform. We will also discuss the common data breach and privacy and security issues that have often occurred.

Look for registration information via email soon.

top of page

EVENTS CALENDAR

October 10

Houston partner Susan Feigin Harris will speak on "ACOs: Fact or Fiction?" at the 2011 Health Law Conference sponsored by the Texas Hospital Association in Austin, Texas.

Houston partner Donna Clark will speak on "Stark/Anti-Kickback Update" at the 2011 Health Law Conference sponsored by the Texas Hospital Association in Austin, Texas.

top of page