On July 14, 2020 Connecticut Governor Lamont issued Executive Order No. 7HHH, in which the Governor modified state law to enable the Commissioner of the Department of Public Health (DPH) to temporarily suspend licensure, registration and certification requirements for certain DPH-regulated practitioners for the duration of the state public health and civil preparedness emergency. Notably, in that Executive Order, the Governor stated that “healthcare providers from outside Connecticut have greatly enhanced the provision of healthcare services in Connecticut during the COVID-19 pandemic and thereby fundamentally improved the state’s ability to protect public health at critical time.” Continue Reading
It doesn’t matter in which state you are located, how many patients you treat, what kind of medicine you practice or how many employees you have, if you are a health care provider, you are being targeted and hackers are successful in victimizing you.
That’s my take on the recent Becker’s Health IT article that lists 66 healthcare providers around the country that have suffered a cyber-attack in the form of malware, ransomware or a phishing attack in the first six months of 2020. Although we know that health care providers are being targeted, the list of incidents is sobering.
The only thing that the 66 companies have in common is that they are healthcare providers and the attacks were successful. The list confirms the stark reality of the risk healthcare providers face from cyber-attacks.
This post is also being shared on our Data Privacy + Cybersecurity Insider blog. If you’re interested in getting updates on developments affecting data privacy and security, we invite you to subscribe to the blog.
On July 2, 2020, the Centers for Medicare and Medicaid Services (CMS) released guidance documents on the allowance of telehealth encounters for the Eligible Professional and Eligible Clinician electronic clinical quality measures (eCQMs) used in CMS quality reporting programs for the 2020 and 2021 performance periods. The guidance applies to eCQMs used in the:
- Quality Payment Program: The Merit-based Incentive Payment System (MIPS) and Advanced Alternative Payment Models (Advanced APMs)
- APM: Comprehensive Primary Care Plus (CPC+)
- APM: Primary Care First (PCF)
- Medicaid Promoting Interoperability Program for Eligible Professionals
On July 6, 2020, the Centers for Medicare and Medicaid Services (CMS) proposed its calendar year 2021 End-Stage Renal Disease (ESRD) Prospective Payment System (PPS) rule. ESRD PPS rules are promulgated on an annual basis, providing updates to payment policies and rates for renal dialysis services furnished to beneficiaries. The 2021 proposed rule also proposes to update the acute kidney injury (AKI) dialysis payment rate for renal dialysis services furnished by ESRD facilities to individuals with AKI, and proposes changes to the ESRD Quality Incentive Program. In addition to the annual technical updates, the 2021 rule proposes, at a high level:
- Changes to the eligibility criteria and determination process for the transitional add-on payment adjustment for new and innovative equipment and supplies (TPNIES), and defining “new” to be within three years, beginning on the date of the FDA marketing authorization;
- Expansion of the TPNIES to include new and innovative capital-related assets that are home dialysis machines, used in the home for a single patient;
- Updates to the outlier policy and outlier services fixed-dollar loss amounts as well as the Medicare allowable payment amounts;
- An addition to the ESRD PPS base rate to include calcimimetics in the ESRD PPS bundled payment;
- A change to the low-volume payment adjustment eligibility criteria and attestation requirement to account for the COVID-19 public health emergency; and
- An update to the ESRD PPS wage index to adopt the new Office of Management and Budget (OMB) delineations with a transition period.
On June 30, 2020, the Connecticut Office of Health Strategy (OHS) announced in a newsletter that the agency will prepare to resume the Certificate of Need (CON) application review process. This includes transitioning to virtual hearings, as Connecticut’s COVID-19 restrictions still prevent any in-person hearings. While OHS has yet to announce a specific date for resumption of CON hearings, “OHS officials expect the first of these virtual CON public hearings to be held sometime this summer.” Continue Reading
On June 24, 2020 the New York State Department of Health (DOH) published formal notice of its June 5th emergency rule “necessary to clarify and strengthen the Department’s authority and that of the local health departments to take specific actions to control the spread of disease, including actions related to investigation and response to a disease outbreak, as well as the issuance of isolation and quarantine orders.” Though the emergency regulations are issued in the midst of the COVID-19 pandemic, DOH indicates it intends to adopt the emergency rule as a permanent rule and will publish a notice of proposed rulemaking in the State Register at some future date.
The emergency rule amends Title 10 of the New York Codes, Rules and Regulations in parts 2, 58, and 405. The emergency changes are effective as of June 5th until September 2nd. Below are some highlights of the changes made by the emergency rule.
Amendments to 10 NYCRR part 2 include:
- Amending existing definitions and adding new defined terms such as “quarantine,” “contact,” and “isolation.”
- Clarifying local health department authority to investigate a case, suspect case, outbreak, or unusual disease, and requires individuals and entities subject to a public health investigation to cooperate with the DOH and local health department.
- Adding new language to make clear that the DOH has the authority to issue isolation and quarantine orders, as do local departments of health, and the process for such orders and penalties for any violation.
- Relocating and updating existing regulations that require the attending physician to report cases and suspected cases to the local health authority, and require physicians to provide instructions concerning how to protect others.
Amendments to 10 NYCRR 58 include:
- Requiring DOH to designate communicable diseases that require prompt action, and to make available a list of such diseases on the DOH website.
- Requiring clinical laboratories to immediately report positive test results for communicable diseases identified as requiring prompt attention.
- Requiring clinical laboratories to report all test results, including negative and indeterminate results, for communicable diseases identified as requiring prompt attention.
Amendments to 10 NYCRR 405 include:
- Mandating hospitals to report syndromic surveillance data during an outbreak of a highly contagious communicable disease.
- Permitting DOH to direct hospitals to take patients during an outbreak of a highly contagious communicable disease.
This post was co-authored by Michael Lisitano, legal intern at Robinson+Cole. Michael is not yet admitted to practice law.
On June 12, 2020, the U.S. Department of Health and Human Services Office for Civil Rights (OCR) issued timely HIPAA guidance (Guidance) regarding solicitations of blood and plasma donations from recovered COVID-19 patients.
In the Guidance, OCR affirms that health care providers can use patient information to identify patients that have recovered from COVID-19 to provide information about how they may donate plasma or blood with COVID-19 antibodies to support treatment of other patients with COVID-19. OCR explains that this use of protected health information would be permissible as part of a provider’s health care operations to enable case management of COVID-19 patient populations. OCR also reminds providers that because the activity is a health care operation and not for treatment purposes, HIPAA’s minimum necessary standard applies to any use or disclosure of protected health information in connection with the solicitation of blood or plasma donations. Continue Reading
On June 9, 2020, the U.S. Department of Health and Human Services (HHS) announced that it would distribute up to $25 billion of CARES Act Provider Relief Funds to safety net hospitals and state Medicaid and Children’s Health Insurance Program (CHIP) providers. Continue Reading
On June 9, 2020 the Health and Human Services Office for Civil Rights (OCR) announced it had reached an Early Case Resolution (ECR) with the State of Connecticut and a separate ECR with Hartford Hospital. Both ECRs involve the rights of patients with disabilities to have reasonable access to support persons in hospital settings during COVID-19. OCR had received complaints that the COVID-19 hospital visitor policies of the State and the hospital violated the Americans with Disabilities Act (ADA) by failing to make exceptions for patients needing support persons for their care. Continue Reading
The Joint Commission (JC) announced yesterday that it will resume its regular surveying and reviews beginning in June. The JC will identify and prioritize low-risk organizations, and organizations due for a survey can expect to be contacted by the JC for an assessment of the impact that COVID-19 has had on the organization. Although surveying will resume, the JC announced there will be changes to the process to maintain social distancing and protect all parties involved. Those changes include:
- Limited number of individuals in meetings and increased use of audio and/or video conferencing.
- Use of masks by all surveyors. The JC expects the organization being surveyed to provide appropriate protective equipment for the JC surveyors.
- Use of technology to avoid extended periods of contact with an organization’s employees or to avoid entering high-risk areas. Examples include using screen-sharing to review electronic medical records and interviewing patients and staff by phone.