Find out what’s happening in the world of federal healthcare regulations by reviewing some recent head-lines from across the country.
Hospital pays to resolve Stark Law allegations
To resolve allegations that it maintained improper financial arrangements with physicians, Lexington Medical Center (LMC) in West Columbia, South Carolina, has agreed to pay $ 17 million.
According to the U.S. Department of Justice, LMC allegedly entered into purchase agreements to acquire physician practices and employment agreements with 28 physicians that violated the Stark Law. The law prohibits hospitals from billing Medicare for certain services if they referred from physicians with which they have
a financial relationship. The purchase and employment agreements between LMC and the physicians allegedly took the volume and value of physician referrals into account, provided compensation above fair market value, or were not commercially reasonable.
LMC will also enter into a corporate integrity agree-ment with the Department of Health and Human Services Office of Inspector General that will require it to institute measures to avoid similar conduct in the future.
Estate of patient forcibly removed from hospital sues for wrongful death
The estate of Barbara Dawson has named Calhoun Liberty Hospital in Blountstown, Florida, as a defendant in a wrongful death lawsuit. Dawson died at the hospital in December from a blood clot in her lung after she was arrested for failing to leave after being discharged.
During the early hours of December 21, Dawson arrived by ambulance to the hospital complaining of tomach pain, according to the Tallahassee Democrat. Although she was treated, cleared to leave, and dis-charged, Dawson complained of difficulty breathing and refused to leave the hospital.
Dawson argued for more than an hour with medical staff and a Blountstown police officer called to the scene before she was placed in handcuffs and arrested for disorderly conduct and trespassing. As Dawson was being escorted out of the hospital to a police cruiser, she continued to complain of breathing difficulty and pleaded for her oxygen machine. She then collapsed and was taken back into the hospital. She died an hour later.
The Agency for Health Care Administration (AHCA) subsequently launched an investigation and found 10 deficiencies related to Dawson’s death. The AHCA fined Calhoun Liberty $ 45,000 and ordered it to undertake a corrective action plan to address the deficiencies, which included staff training on the federal requirements of the Emergency Medical Treatment and Active Labor Act
(EMTALA). EMTALA aims to prevent the practice of “patient dumping”—discharging or transferring a patient to another hospital before stabilizing treatment is provided for emergency medical conditions—by requiring hospital emergency departments that accept payments from Medicare to provide medical screening examinations (MSE) to patients seeking treatment regardless of their ability to pay, citizenship, or legal status. Among the deficiencies identified by the AHCA investigation, the hospital failed to provide Dawson an appropriate MSE when she made her complaint and discharged her without stabilizing her emergency medical condition.
Three hospital employees—two nurses and a paramedic—were also fired following Dawson’s death. The paramedic and one of the nurses have also been named as defendants in the lawsuit, along with the city of Blountstown and the arresting officer. The lawsuit alleges counts of battery, civil rights violations, and false imprisonment.
Advocate Health Care pays to settle HIPAA violations
Advocate Health Care has agreed to pay $ 5.5 million to the U.S. Department of Health and Human Services Office for Civil Rights (OCR) to settle multiple potential data protection violations of HIPAA since 2013. Advocate will also adopt a corrective action plan.
The OCR began investigating Advocate, an Illinois-based health system with more than 250 treatment
locations and 10 hospitals, three years ago after the health system submitted three breach notification reports that, combined, affected the electronic protected health information (ePHI) of about 4 million patients. The ePHI included patient names, birthdates, addresses, credit card numbers, and clinical information.
The investigation found several failures by Advocate to secure ePHI, including failure to conduct an accurate and exhaustive assessment of potential risks and vulnerabilities and implementing policies and procedures, as well as a lack of facility access controls to limit physical access to electronic information systems housed within its data support center.
Tenet Healthcare pays to settle kickback allegations
To resolve a whistleblower lawsuit that alleged it paid illegal kickbacks in exchange for maternity referrals to four of its hospitals, Tenet Healthcare has agreed to pay the U.S. government $ 514 million.
The lawsuit alleged that four hospitals—Atlanta Medical Center; North Fulton Regional Hospital in Roswell, Georgia; Spalding Regional Hospital in Griffin, Georgia; and Hilton Head Hospital in Hilton Head Island, South Carolina—paid kickbacks to Clinica de la Mama for Medicaid patient referrals in violation of the federal anti-kick-back statute. The kickbacks were disguised as payments for services provided by Clinica de la Mama, which operated medical clinics that provided prenatal care to primarily undocumented Hispanic women. In return, Clinica de la Mama would refer pregnant women to the hospitals for their deliveries. Tenet has since sold Atlanta Medical Center, North Fulton Hospital, and Spalding Regional Hospital.
As part of the settlement, two of Tenet’s subsidiaries that had operated Atlanta Medical Center and North Fulton Hospital will also plead guilty to one count of conspiracy to violate the federal anti-kickback statute and defraud the United States. Tenet will also appoint a corporate monitor for three years as a condition of the settlement.
A related lawsuit was also recently settled when Health Management Associates (HMA) and Clearview Regional Medical Center in Monroe, Georgia, agreed to pay nearly $ 600,000. The lawsuit alleged that from 2008 to 2009, Clearview—then known as Walton Regional Medical Center—also paid kickbacks to Clinica de la Mama in exchange for patient referrals.
In announcing the settlement, Derrick L. Jackson, special agent in charge from the U.S. Department of Health and Human Services’ Office of Inspector General’s Atlanta Regional Office said, “Hospitals that pay kickbacks to clinics for referrals of undocumented pregnant patients are taking advantage of both these vulnerable women and the taxpayer-funded Medicaid program … Our agency is dedicated to investigating such corrosive kickback schemes, which undermine the public’s trust in medical institutions and the financial health of government health care programs.”
Stolen laptop triggers HIPAA breach notification, investigation
The University of Mississippi Medical Center (UMMC) will pay $ 2.75 million to settle alleged HIPAA violations uncovered by an OCR investigation. UMMC will also be required to adopt a corrective action plan to help avoid future violations.
In March 2013, UMMC notified OCR of a breach after a visitor stole a password-protected laptop from its medical ICU. OCR investigation found ePHI on UMMC’s network drive could be accessed without authorization through its wireless network, exposing a directory of 67,000 files; 328 of those files contained ePHI of approximately 10,000 patients. The investigation found that UMMC was aware of its system’s vulnerabilities eight years before the breach but did not undertake any significant risk management activities. Organizational deficiencies and insufficient institutional oversight were to blame.
The OCR investigation found that UMMC failed to secure ePHI by not implementing policies and procedures that would prevent, identify, contain, or correct security violations; restrict unauthorized access to ePHI by safe-guarding workstations; and notify the individuals whose ePHI was believed to have been accessed by the breach.