Health and Human Services (HHS) – Page 2

Notice of Data Breach Update

Texas physician practices and other health care facilities soon will be required to give more timely and public notice of any breaches of computerized data, including electronic health records (EHRs) and billing information.

During the 2023 regular legislative session, state lawmakers passed Senate Bill 768 by Sen. Tan Parker (R-Flower Mound), which takes effect Sept. 1. The law requires anyone doing business in Texas to notify the state attorney general of computer security breaches involving the sensitive, personal information of at least 250 individuals as soon as possible, and not later than 30 days after discovery, down from 60 days.

HHS Announces End of PHE

According to HHS.Gov Fact Sheet: COVID-19 Public Health Emergency Transition Road Map

The Public Health Emergency (PHE) for COVID-19 is scheduled to expire at the end of the day on May 22, 2023.

Feds Clarify HIPAA Enforcement When PHE Ends

New federal guidance clarifies that relaxed HIPAA enforcement will end at the conclusion of the COVID-19 public health emergency (PHE), while offering instruction on how physicians and others covered by HIPAA can continue to use remote communication technologies to provide audio-only telehealth services.

Back at the start of the pandemic, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) said it would not “impose penalties for noncompliance with the regulatory requirements under the HIPAA Rules against covered health care providers in connection with the good faith provision of telehealth during the COVID-19 nationwide public health emergency.”

In the new guidance, OCR reiterated that this discretion remains in effect only until the HHS secretary determines the PHE no longer exists or when it expires, whichever occurs first. Congress previously granted a five-month extension for other COVID-related waivers following the conclusion of the PHE..

OCR issued the guidance in direct response to a December 2021 presidential executive order intended to help ensure patients can continue to benefit from audio-only telemedicine and telehealth services with protection of their personal health information.

The new guidance elaborates on types of technologies, business associate agreements with vendors, and ensuring HIPAA compliance when using audio-only technologies.

The Texas Medical Association has numerous resources designed to help physicians adopt and effectively use telemedicine. Visit TMA’s telemedicine page for more information.

Click on the blue highlighted text within the article for more information.

OR

Head to the Business End File and view articles on Telemedicine, and Telemedicine Policy, Procedure, and Form Templates

Federal Judge Ruled in favor of TMA

Published 2/25/2022, Written by Kelsey Hagg, Associate Director Government Affairs MGMA

“In late 2021, the Texas Medical Association filed a lawsuit against the U.S. Department of Health and Human Services (HHS) alleging that the interim final rule establishing the qualifying payment amount (QPA) as the assumed out-of-network rate went against congressional intent and stating that all criteria (including the QPA) considered by the independent dispute resolution (IDR) entity should be weighted equally.

This morning a federal judge in Texas issued a motion for summary judgement ruling in favor of the Texas Medical Association.

The court determined that HHS violated the Administrative Procedures Act (APA) when issuing rulemaking establishing the QPA as the assumed out-of-network rate in the federal IDR process. This ruling means that if the higher courts don’t overturn or pause implementation pending appeals, we expect the IDR process to begin without the portions of the rule that were vacated.

Specifically, we expect the IDR process to begin without the QPA as the established out-of-network amount. Under this ruling, IDR entities do not have to select the payment amount that is closest to the QPA, nor do IDR entities have to describe the credible information that determined the QPA was materially different from the chosen out-of-network rate.

Additionally, we wanted to share information we received from CMS. In a call with the agency, a CMS spokesperson stated that they intend to open the federal IDR portal on Monday, February 28, 2022. However, this information is subject to change and we will keep you posted on any additional information we receive from the agency. Questions for CMS about the federal IDR process can be directed to: [email protected].

Please let us know if you have any additional questions.

The PHE Has Been Extended

The Public Health Emergency (PHE) has been extended for the eight time.

The federal Department of Health and Human Services (HHS) has extended the COVID-19 public health emergency (PHE) for another 90 days, which means many payer flexibilities are likely to continue as well. HHS Secretary Xavier Becerra issued the extension on Jan. 14, two days before the PHE was set to expire. The new extension runs through April 16. It is the eighth extension of the PHE since HHS originally declared the emergency in late January 2020.

HIPAA: Back to the Basics with the BAA, Physician Practice, 2021.08.12

[embeddoc url=”https://community.poetllc.org/wp-content/uploads/2021/08/HIPAA-Back-to-basics-with-the-BAA-2021.08.12.pdf” download=”all” viewer=”google”]

HIPAA: Back to Basics with the BAA

With cybersecurity and criminal government actions involving protected health information (PHI), now is a good time to understand the importance of the required Business Associate Agreement (BAA).

HIPAA: Back to basics with the BAA

Defined: “business associate” is a person or entity, other than a member of the workforce of a covered entity, who performs functions or activities on behalf of, or provides certain services to, a covered entity that involve access by the business associate to protected health information. A “business associate” also is a subcontractor that creates, receives, maintains, or transmits protected health information on behalf of another business associate. (emphasis added).

Business Associates encompasses a wide range of persons, which include, but are not limited to: accountants, attorneys, private equity firms, technology companies, app developers, independent contractors, medical device companies, and pharmaceutical companies. Bottom line—if you or your company “creates, receives, maintains, or transmits” protected health information in an electronic form, a BAA is required. This is not new—the requirement existed long before the HIPAA Final Omnibus Rule was published in the Federal Register on January 25, 2013.

HIPAA compliance is not optional and depending on the facts and circumstances, may lead to significant civil and/or criminal liability.

HIPAA, like the Federal Anti-Kickback Statute (AKS), has criminal penalties available to HHS. The DOJ is responsible for criminal prosecutions, as HHS states on its website.

COVID-19 Coverage Assistance Fund (CAF)

MGMA Washington Connection May 6, 2021

This week, the HHS Health Resources and Services Administration (HRSA) announced the creation of the COVID-19 Coverage Assistance Fund (CAF). This new program will reimburse providers the cost of administering COVID-19 vaccines to patients specifically enrolled in certain short-term, limited duration and benefit health plans that either do not cover vaccinations or cover them with patient cost-sharing. Providers can request claims reimbursement electronically through the CAF Portal and will be reimbursed at the national Medicare rate for vaccine administration, and for patient charges related to COVID-19 vaccination, including co-payments, deductibles, and co-insurance for vaccine administration.

As a reminder to those practices that have received more than $10,000 from the Provider Relief Fund (PRF), registration is now open for the PRF Reporting Portal. According to HRSA, the portal is only open for registration. MGMA will update members once the portal is open for reporting.

New Funding for the Provider Relief Fund

From MGMA

Today, HHS has announced that applications will be accepted beginning on Monday, Oct. 5 for $20 billion in new funding under Phase 3 of the PRF General Distribution allocation. Under this new phase, providers that have already received Provider Relief Fund payments will be invited to apply for additional funding that considers financial losses and changes in operating expenses caused by the coronavirus. Previously ineligible providers, such as those who began practicing in 2020 will also be invited to apply, and an expanded group of behavioral health providers will also be eligible for relief payments.

Deadline: Providers will have from Monday Oct. 5 through Nov. 6 to apply, however HHS is encouraging early application to “expedite [its] review process and payment calculations.”

Eligibility

Providers who previously received, rejected or accepted a General Distribution Provider Relief Fund payment. Providers that have already received payments of approximately 2% of annual revenue from patient care may submit more information to become eligible for an additional payment.
- Importantly, even if you already received payments of approximately 2% of annual revenue from patient care, you may submit more information to become eligible for an additional payment.
Behavioral Health providers, including those that previously received funding and new providers.
Healthcare providers that began practicing January 1, 2020 through March 31, 2020. This includes Medicare, Medicaid, CHIP, dentists, assisted living facilities and behavioral health providers.

Payment Methodology

All provider submissions will be reviewed to confirm they have received a Provider Relief Fund payment equal to approximately 2 percent of patient care revenue from prior general distributions. Applicants that have not yet received Relief Fund payments of 2 percent of patient revenue will receive a payment that, when combined with prior payments (if any), equals 2 percent of patient care revenue.
With the remaining balance of the $20 billion budget, HRSA will then calculate an equitable add-on payment that considers the following:
1. A provider’s change in operating revenues from patient care
2. A provider’s change in operating expenses from patient care, including expenses incurred related to coronavirus
3. Payments already received through prior Provider Relief Fund distributions.

We (MGMA) expect to see more information released by HHS over the coming days which we expect will be posted to the Provider Relief Fund website. We will communicate those details to members as they are made available.

HHS Launches CoVID-19 Uninsured Program Portal

Today, the U.S. Department of Health and Human Services (HHS), through the Health Resources and Services Administration (HRSA), launched a new COVID-19 Uninsured Program Portal, allowing health care providers who have conducted COVID-19 testing or provided treatment for uninsured COVID-19 individuals on or after February 4, 2020 to submit claims for reimbursement. Providers can access the portal at COVIDUninsuredClaim.HRSA.gov.

To View the File in POET InK

Tag: Health and Human Services (HHS)