Recent Regulations Affecting Medical Practices
The Federal Government passes new legislation on a regular basis that impacts the day-to-day operations of a medical practice. In order to help practices stay abreast of changes that have taken place, BSM publishes highlights of recent activity that could affect your business.
The information provided in this section is intended to help medical practices stay informed of recent changes in law and new government regulations in the areas of Human Resources, HIPAA, compliance, tax, Medicare and Medicaid, Federal Trade Commission, and others. BSM has compiled this information in a summary fashion to highlight the specific law or legislation and has provided links to resources which will provide more in-depth information for our users.
For additional information on issues specific to your practice, we recommend you consult with qualified legal and tax advisors.
Effective Date: March 26, 2013
Compliance Date: September 23, 2013
Summary: The much-anticipated update (Omnibus Final Rule or Final Rule) to the Health Insurance Portability and Accountability Act (HIPAA originally established in 1996) strengthening privacy and security protection rules, was released January 25, 2013 by the U.S. Department of Health and Human Services (HHS), is effective March 26, 2013 and expands protections of patients' health information. Compliance is required by September 23, 2013.
The massive 563-page Omnibus rule covers changes required under a number of regulations established since HIPAA was first enacted, including:
- the Health Information Technology for Economic and Clinical Health Act (HITECH);
- final regulations for breach notification requirements; and
- greatly enhances privacy protections required under the Genetic Information Nondiscrimination Act
Much of the new rule as it pertains to physician practices relates to an expanded definition of a “Business Associate” requiring that Business Associates must now enter into Business Associate agreements with their subcontractors. The final rule will require changes to the Notice of Privacy Practices.
HIPAA covered entities, including Physician’s practices and their business associates (and now subcontractors of the Business Associate) must comply with the new privacy and security requirements by September 23, 2013. Penalties of noncompliance are based upon the level of negligence with a maximum penalty of $1.5 million per violation. BSM will continue to provide updates on this topic.
January 2013 HHS Press Release http://www.hhs.gov/news/press/2013pres/01/20130117b.html
American Medical Association (AMA) http://www.ama-assn.org/ama/pub/amawire/2013-january-30/2013-january-30-general_news1.shtml
Federal Register (Vol. 78, No. 18, Friday, January 25, 2013 (Final Rule) http://www.gpo.gov/fdsys/pkg/FR-2013-01-25/pdf/2013-01073.pdf
Effective Date: January 1, 2011
Summary: The IRS has issued new rules concerning the use of flexible spending accounts (FSAs) to pay for over-the-counter, non-prescription medications and drugs, effective January 1, 2011. These new standards were established under the Patient Protection and Affordable Care Act. This act established new uniform standards for FSAs and a similar rule for Health Savings Accounts (HSAs) and Archer Medical Savings Accounts (Archer MSAs). For information regarding this topic see the resources available below.
Summary: This bill was enacted by Congress to provide comprehensive health reform. Some provisions are effective calendar year 2010, with major provisions taking effect in 2014. Provisions in the act impact employers, insurance companies, Medicare, and health care consumers. For more details, see the resources available below.
- Patient Protection and Affordable Care Act- Provides summaries and analysis by both the Democratic Policy Committee (DPC) and the Republican Policy Committee (RPC).
: January 1, 2009, with revisions published in the Federal Register dated September 23, 2009
: Amendments make it easier for an individual seeking protection under the ADA to establish that he or she has a disability within the scope of the ADA.
: January 1, 2009
: This amendment provides new military family leave entitlements, updates the 15 year-old FMLA to improve communication between workers and their employees, and clarifies certification procedures for more efficient administration and for compliance with HIPAA guidelines.
: February 17, 2009
:This law was signed into effect as an effort to jumpstart our economy, create or save jobs, and create an effort to modernize the nation’s infrastructure, enhance energy preserve, improve affordable health care, and provide tax relief. One major impact on health care providers relates to the extension of COBRA benefits, as well as an employer-provided subsidy for employees who involuntarily lose their jobs.
- Department of Labor: Overview of the American Recovery and Reinvestment Act of 2009 (Recovery Act) www.dol.gov/recovery
- Internal Revenue Service: The American Recovery and Reinvestment Information Center www.irs.gov/newsroom/article/0,,id=204335,00.html
- Internal Revenue Service: COBRA Health Insurance Continuation Premium Subsidy www.irs.gov/newsroom/article/0,,id=204505,00.html
- Internal Revenue Service: COBRA – Questions and Answers for Employees and Former Employees www.irs.gov/newsroom/article/0,,id=212637,00.html
- Internal Revenue Service: IRS Releases Information to Help Employers Claim COBRA Medical Coverage Credit on Payroll Tax Form www.irs.gov/newsroom/article/0,,id=204709,00.html
: November 21, 2009
: This act was enacted by Congress in May, 2009 and is under the jurisdiction of the Equal Employment Opportunity Commission (EEOC). The act prohibits the use of genetic information in making employment decisions, restricts the acquisition of genetic information by employers, imposes strict confidentiality requirements, and prohibits retaliation against individuals who oppose actions made unlawful by GINA. “Genetic information” includes information about genetic tests of the individual and family members, as well as information about any disease, disorder, or condition of an individual’s family members, i.e., family medical history. Violation of GINA may result in compensatory and punitive damages. Federal EEOC Posters must now include information on GINA. Resources for EEO posters and the genetics poster addendum are listed below.
Health Information Technology for Economic and Clinical Health Act (HITECH Act) – Title XIII of American Recovery and Reinvestment Act of 2009 (ARRA)
: February 17, 2009
Breach Notification Requirement
: February 22, 2010
This is significant legislation dealing with a number of different issues related to electronic health records. It provides for financial incentives through Medicare and Medicaid programs to encourage physicians and hospitals to adopt and use certified electronic health records. However, there is a delay in implementation because of the lack of guidelines for certification. In addition, the Act establishes a Federal breach notification requirement for health information that is not encrypted or otherwise indecipherable. Physician practices are required to formulate a plan to deal with notification if breaches of PHI occur.
From February 1 through April 30 of each year, all medical facilities are required by OSHA to post an OSHA 300 Log. This log must be posted in a visible location and designates any exposure incident occurring during the previous year. OSHA 300 logs can be downloaded from the OSHA website, www.osha.gov.
Effective Date: January 1, 2011
Update: New Law Clarifies Who is Subject to the Red Flags Rule
On December 18, 2010, President Obama signed into law the "Red Flag Program Clarification Act of 2010" which clarifies the type of "creditor" that must comply with the Red Flags Rule. This Act provides some long awaited clarification concerning the application of the "red flag rules" to providers of professional services, including physicians. The new law provides that physicians (and certain other service providers) are no longer defined within the meaning of the term "creditors." The new definition of "creditor" excludes "service providers" which include those that advance funds on behalf of a person for expenses that are incidental to a service they provide to that person.
: October 1, 2009
: There are several issues addressed in the updates in Stark regulations. The Anti-Markup update by CMS states that the anti-markup payment limitation will apply
in cases where a physician does not share practice with the billing physician or other supplier. This rule does not apply to laboratories, but does relate to "purchased diagnostic tests." New rulings prohibit certain "Under Arrangements" Transactions. Other changes relate to "stand-in-the-shoes" relationships and to "per click and percentage-based compensation".
- Technical Assistance on Waivers in Separation Pay: (particularly as they pertain to the ADA, ADEA, and EPA)
☑Equal Employment Opportunity Commission: "Understanding Waivers of Discrimination Claims in Employee Severance Agreements"
"My staff love taking the eLearning courses. I have also been very impressed with all the great forms I can download and use."