Uncategorized

March 20, 2025

Posted on by Courtney Patterson

QUESTION:
We just discovered that a Licensed Practical Nurse was excluded from participation in all federal health programs.  We have never had a problem with this LPN and since she is an LPN, she does not refer patients to the hospital.  Should we do anything?

ANSWER FROM HORTYSPRINGER ATTORNEY HENRY CASALE:
Yes.  First, remove this person from any contact with patients whose care is paid for in whole or in part by a federal health care program such as Medicare or Medicaid.  Next, review your employment-related credentialing process.  All employees should be screened against the OIG’s List of Excluded Individuals/Entities before they are hired.  Find out how and why this did not occur before this person was hired and institute the processes necessary to prevent a similar situation from occurring in the future.

Now for the difficult and painful part.  You need to make a voluntary disclosure to the OIG.  The information described above will help to structure that self‑disclosure.  The fact that the excluded individual was an LPN, and that an LPN does not refer patients to the hospital or other facility, is irrelevant to the OIG.  Their position is that this person should never have provided any care, items, or services to a federal health care program patient.  As a result, the OIG will demand a refund for all federal health care reimbursement received by the hospital for each patient cared for in any way by the excluded person.

As you can imagine, the penalty will add up.  For example, in January 2025, an Ohio Skilled Nursing Facility entered into a $243,000.90 settlement agreement with the OIG in order to resolve allegations that the SNF employed an LPN who was excluded from participating in any federal health care programs and who provided items or services that were billed to federal health care programs.

If you have a quick question about this, e-mail Henry Casale at hcasale@hortyspringer.com.

March 13, 2025

Posted on by Courtney Patterson

QUESTION:
We have a physician who was granted a leave of absence (LOA) last October.  Before she went on leave, there were some concerns raised about her practice, and she signed a performance improvement plan that included extensive CME and simulation training.  When the physician asked to go on leave, she was told that before she would be reinstated, she would have to complete both the CME and the simulation training outlined in her performance improvement plan.

The problem is her current appointment term expires at the end of April.  We don’t want to reappoint her now and give her a stamp of approval especially if she hasn’t completed the CME or training. Is there a way to align the decision on her reappointment with her return from the LOA?

ANSWER FROM HORTYSPRINGER ATTORNEY SUSAN LAPENTA:
We share your concern about reappointing a physician who is on an LOA.  This case is further complicated by the fact that when the physician took the LOA there was an incomplete performance improvement plan.

Additionally, we would be reluctant to reappoint a physician about whom you had clinical concerns at least without first reviewing the most up to date information about her clinical performance.  If you reappoint this physician now, you won’t have any clinical information for at least the last six months.  And then, she won’t return from the LOA for an additional six months, at least potentially.

One suggestion would be to inform the physician that final action on her reappointment application will be held in abeyance until she seeks reinstatement from the LOA.  When she is ready to return from the LOA, she will have to update her reappointment application before any action is taken.  You will also want to make sure that your primary source verifications are current.

Simultaneously, she will have to demonstrate that she has satisfied the elements of the performance improvement plan.  Furthermore, it is not unusual, when a physician has been on an LOA for an extended period of time, for leadership to develop a focused professional practice evaluation plan to confirm competence as part of the physician’s reinstatement.

If you have a quick question about this, e-mail Susan Lapenta at slapenta@hortyspringer.com.

March 6, 2025

Posted on by Courtney Patterson

QUESTION:
Our hospital received a threatening letter from a lawyer, claiming that our website uses Google Analytics and, in doing so, has violated wiretapping laws.  Is this legitimate or a scam? What should we do?

ANSWER FROM HORTYSPRINGER ATTORNEY RACHEL REMALEY:
Some might believe the letter you received is both legitimate and a scam, wrapped up in the same package.  Specifically, as you likely know, the U.S. legal system acknowledges/permits class action lawsuits – essentially, lawsuits filed by one or more “class representatives” who litigate the claim on behalf of all similarly situated class members (the aggrieved individuals).  In concept, class actions permit litigation of claims where the damage to any one litigant may be too small to warrant a single individual shouldering the expenditure of fees/costs on complex litigation.  By grouping the claims of the entire class together, the lawyers who manage class action lawsuits make their money (since they collect their legal fees/costs first, out of any settlement or award), making it possible for these claims – that may otherwise go unaddressed – to be brought.

With that said, many of the class action lawsuits threatened/brought in recent years seem to originate with lawyers looking for a hook to justify a claim.  Often these firms run advertisements looking for individuals willing to serve as a “class representative” plaintiff, giving assurances that those volunteers won’t have to pay any upfront fees and, for their time, will be awarded a greater share of any settlement/award that results from the suit.  One begins to wonder if, for many of these suits, anyone was ever “aggrieved” to begin with.  Some of these firms even sell an interest in the lawsuits to private equity investors.  If the suit eventually results in a settlement or award, the firms/investors win big.  Class members usually receive paltry payouts.  Sometimes, they are a few cents or dollars.  Sometimes, there is no payout for the class members, just promises by a company to do better in the future.  Either way, the law firm walks away with its fees/costs recouped.

So, the letter you received is probably a legitimate letter from a lawyer or law firm.  If it alleges that some class of individuals is aggrieved, it remains to be seen whether any individual actually believed they were aggrieved or knew anything about the alleged wiretapping violation described in the letter.  A quick search of the internet will reveal for you that these types of letters/claims are rampant, and not just with respect to health care organizations.  They are just one of the many ways that firms/plaintiffs have been pursuing class action claims in recent years.  Remember several years ago, when a spate of lawsuits alleged that health care entities were violating HIPAA and state healthcare privacy laws through tracking that occurred on their websites?  We have also seen some firms/plaintiffs taking a new angle, alleging that websites that show videos and track users are violating the federal Video Privacy Protection Act (VPPA).

The good news for you is that (1) you are not alone in being targeted in this way, and (2) a number of courts around the country have already rejected these types of claims under various state’s wiretapping laws.  But, that doesn’t mean that you should simply throw the letter in the trash and ignore it.  Any time you receive any correspondence alleging a legal violation or threatening to sue, you should notify risk management and legal counsel, so that they can help the organization decide the most appropriate response.  In most cases, the next step will be to promptly notify your insurance carrier (who may decide whether to appoint specific counsel to manage the response, put a litigation hold in place, etc.).

Finally, receipt of a letter like this can be a good time for the organization to review its current practices to ensure that there are not gaps in compliance/areas of risk.  The Department of Health and Human Services put out a guidance document, “Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates” that may be helpful to review, if website tracking concerns are new to you.  As the HHS website makes clear, some of the guidance has been limited by court action.  But, if you are looking for more information about why website tracking is of concern and some steps that might be taken to address privacy concerns, it is a good place to get started.

If you have a quick question about this, e-mail Rachel Remaley at rremaley@hortyspringer.com.

February 27, 2025

Posted on by Courtney Patterson

QUESTION:
We perform delegated credentialing/payer enrollment for our employed practitioners and have been receiving correspondence from health insurers with which we have delegated agreements that we need to make changes to our policies and procedures because of revisions to the NCQA Standards.  Is this correct and, if so, can you provide us with more information on the changes that we need to make?

ANSWER FROM HORTYSPRINGER ATTORNEY CHARLES CHULACK:
It is indeed correct.  The NCQA Credentialing and Recredentialing Standards that go into effect on July 1, 2025 include significant changes that will require, at a minimum, updating your policies that apply to delegated credentialing/payer enrollment.  The most significant NCQA amendment is the elimination of the much maligned and close to incomprehensible “Credentialing System Controls” Standard.  When we first heard of this decision by the NCQA, we were relieved (and our relief was shared by those on the frontlines of delegated credentialing).

Unfortunately, the Credentialing System Controls requirements have been replaced with a new “Credentialing Information Integrity” Standard.  On its face, the new Standard is a little bit easier to understand, but it is process heavy and will require revisions to your documents.  Without going too far into the weeds of the Standard, the NCQA is targeting “inappropriate documentation and updates” to credentialing information.  Per the Standard, those performing delegated credentialing must have, among other things, policy language and corresponding processes for: (1) the credentialing information that falls under the integrity requirements, (2) the process for documenting updates to credentialing information, (3) a description of inappropriate documentation and updates, and (4) the auditing process for identifying inappropriate documentation and updates to credentialing information.  This is scratching the surface of what is required under the Credentialing Information Integrity Standard, but it gives you an idea of what changes need to be made to address this topic.

The NCQA Standards also tightened up the time limits for verifications and notifying practitioners of credentialing and recredentialing decisions.  By way of example, verifications of licensure, board certification, work history, and malpractice history must be reviewed by your Credentials Committee or Medical Director within 120 days of the verification (as opposed to 180 days which was required by the old standard).  Moreover, practitioners now must be notified of a credentialing decision within 30 calendar days (compared to the previous requirement of 60 days).

Other changes to the Standards include a requirement that your application ask about practitioner race, ethnicity, and language and a statement that you do not discriminate or base credentialing decisions on these items.  However, the application needs to note that providing this information is optional.

While the Q&A section of the Health Law Express doesn’t have the space to detail all the amendments for the 2025 NCQA Standards, we wanted to give you notice that changes will need to be made.  We have walked many of our clients through the required changes to their policies and procedures and, frankly, the policy changes that are mandated are not difficult to make.  That being said, the Standards are going to necessitate process updates, adjustments, and education for your credentialing staff and implementation may be a rocky road.

If you have a quick question about this, e-mail Charlie Chulack at cchulack@hortyspringer.com.

February 13, 2025

Posted on by Courtney Patterson

QUESTION:
Our team just attended your seminars in Amelia Island.  The one member who attended the Peer Review Clinic came out of the session with a strong belief we should remove “scoring” from our case review forms.  He’s had some trouble convincing the rest of us, so we wanted to hear it right from the horse’s mouth – why do you recommend against scoring cases?

ANSWER FROM HORTYSPRINGER ATTORNEY IAN DONALDSON:
We are happy to back up your colleague on this one!  The reasons we recommend moving away from using scoring as a part of the peer review process are based on the following issues:

  • We have observed that peer review committees spend a lot of energy on assigning the score, which distracts from the more important issues of whether there is a concern with the care provided and, if so, the appropriate intervention.
  • While scoring gives a perception of being objective, we’ve found that numerical scores don’t necessarily capture the complexity of a case in the same way as a detailed description from a case reviewer.
  • We have found that reviewers may be uncomfortable assigning low scores, which often carry labels indicating that the physician’s care was “inappropriate” or “below the standard.” As a result, the reviewers choose higher scores indicating “care appropriate” even if there are concerns.
  • Negative scores may put physicians on the defensive, especially since most scoring systems don’t allow for the provision of nuanced information.

These characteristics of scoring can undermine efforts to make the peer review process educational rather than punitive.  Accordingly, we recommend having a peer review/professional practice evaluation (“PPE”) system that focuses on actions and performance improvements rather than scoring.

If you have a quick question about this, e-mail Ian Donaldson at idonaldson@hortyspringer.com.

Please join Ian Donaldson and Charlie Chulack at an upcoming Peer Review Clinic to learn more about the new approaches Medical Staffs are taking to traditional peer review matters. You can learn more by clicking here.

February 6, 2025

Posted on by Courtney Patterson

QUESTION:
There is a private subreddit discussion group in which only Medical Staff professionals are approved to participate.  Most members of the group seek advice on credentialing, privileging, and peer review issues.  Community guidelines within the group caution against identifying the practitioners involved in their questions.  However, some posts may include specific details about problematic credentialing files or behavior incidents.  In some instances, individuals who post questions may include information such as their name and the hospital at which they work.  A few of our leaders are wondering if joining this group would help to bounce ideas off other Medical Staffs and their leaders.  Is this problematic?

ANSWER FROM HORTYSPRINGER ATTORNEY MARY PATERNI:
While we don’t mean to discourage professional interactions among Medical Staff professionals, there are legal risks to discussing credentialing and peer review issues about individual practitioners on social media.

Let’s be real, it’s social media.  There is never any guarantee that anything posted on platforms like Reddit, Facebook, or Instagram will remain private, even if a group is “closed.”  A member of the group could have a reason for disclosing information outside the group.  All it takes is a screen shot or copy + paste.  Plus, efforts to “de-identify” information do not always work.  Even the smallest bits of supposedly de-identified information can sometimes be pieced together and become identifiable.

There are a variety of legal risks if a post about credentialing or peer review matter gets back to the practitioner who is the subject of the post.  First, the practitioner could claim that the post was defamatory because it disclosed unfavorable information in a public setting.  Also, the practitioner could argue that the post constituted a breach of the confidentiality obligations set forth in the Medical Staff Bylaws, “tortiously interfered” with his employment prospects, or constituted a “breach of contract” under state law.

Social media posts could be problematic even if they are disclosed to individuals other than the practitioner in question.  For example, plaintiffs’ attorneys could use such posts as a reason to look for problems at a hospital.  Also, attorneys representing plaintiffs in malpractice or negligent credentialing cases could argue that the disclosure of peer review information on social media resulted in a waiver of the peer review privilege under state law of any information related to that matter.

So, we want to be careful here.  Again, we don’t mean to discourage professional interactions among Medical Staff professionals.  There are certainly many topics that could be discussed that don’t raise the potential problems discussed above.  However, recognize that there are risks to disclosing practitioner-specific information on social media.

If you have a quick question about this, e-mail Mary Paterni at mpaterni@hortyspringer.com.

January 30, 2025

Posted on by Courtney Patterson

QUESTION:
Our hospital is in the process of refining our Conflict of Interest (“COI”) Policy.  What are some general principles we should stick to/try to avoid?

ANSWER FROM HORTYSPRINGER ATTORNEY HALA MOUZAFFAR:
Every potential COI is unique depending on who is involved, what stage in a process you are in, and the level of participation of the potentially conflicted individual.  So, it is hard to have a lot of hard and fast rules when it comes to evaluating COIs.  That being said, there are some general principles you can follow when defining a process to identify and manage COIs.

(1)        The provider under review should not have the right to compel someone to be disqualified as a COI.
While we can and should allow a provider under review to note potential conflicts with individuals reviewing them, the final say in determining if an individual is truly a COI should remain with someone like a committee chair or other leadership that can make an objective decision.  Also keep in mind that anyone can end up in the hot seat as the provider under review, so we want to make sure that no matter who that individual is – even if it is you one day – we are giving that person fair process and evaluating all potential COIs.

(2)        Committees should have a COI identification process.
Some conflicts are obvious (e.g., family members, competitors, etc.), but some you might be completely oblivious to (e.g., history of animosity, good friends, etc.).  Since it is impossible to know every conflict that might exist, you should have a process that requires committee members to disclose any potential conflicts.  Because if conflicted individuals participate in a process, they may be putting themselves at risk of some legal trouble, so we want to protect those that are volunteering their time to help the hospital by managing those conflicts on the front end.

(3)        Have a COI Policy that maintains the integrity of the process.
Ultimately, our goal in managing COIs is to protect the integrity of the processes we have in place.  By managing conflicts effectively, we build trust in our system processes, so everyone feels like they are being treated fairly and given a fair chance to be heard.

If you have a quick question about this, e-mail Hala Mouzaffar at hmouzaffar@hortyspringer.com.

January 23, 2025

Posted on by jwilbert

QUESTION:
Now that there is a new Presidential administration, we hear a lot about government efficiency and regulations.  What can a new administration do about regulations?

ANSWER FROM HORTYSPRINGER ATTORNEY HENRY M. CASALE:
First, the Executive branch gets to determine whether to issue new regulations.  One of the Executive Orders issued on the first day of the Trump administration was a freeze on new regulations.  Only time can tell whether and for how long that freeze will last.

As for existing regulations, except for regulations that are subject to the “Congressional Review Act” that is described below, current regulations cannot be rescinded without going through the same notice and comment process that caused the regulations to be enacted in the first place.  Any such action will then be subject to judicial review.

But there is an exception to the process needed to rescind a federal regulation that has been created by a little known law called the “Congressional Review Act” (the “CRA”).  The CRA was enacted in 1996.  The provision in the CRA to keep an eye on is the section of the CRA that applies to final federal regulations, interim final regulations, guidance documents, and policy memoranda that are published within 60 legislative days of the end of a presidential term.  In case you were wondering, this law does not apply to judicial appointments

The CRA requires regulatory agencies to submit the applicable rules, regulations, and guidance documents to both houses of Congress and to the Government Accountability Office (“GAO”) before they can officially take effect.  Congress has 60 legislative days to review a rule.  If Congress does nothing, then the rule takes effect.  However, if a simple majority in the House and the Senate (filibuster rules do not apply) do not like the rule/regulation/guidance, they can issue a “resolution of disapproval.”  Once the “resolution of disapproval” has passed, unless it is vetoed by the President, the rule/regulation/guidance document is dead.  While the CRA states that “no determination, finding, action, or omission under this chapter shall be subject to judicial review,” the scope of the CRA’s bar on judicial review continues to be litigated.

The CRA is relevant now that there is a change in the President and the Republican Party has a majority in the Senate and the House.  History also tells us to expect to hear more about this law.  The CRA was only used once before, and only three times since the end of, the first Trump administration.  However, after President Trump was elected the first time (at which time the Republican Party also had a majority in the House and Senate), the CRA was used 16 times to invalidate Obama/Biden Administration enacted rules.  It will be interesting to see if history repeats itself and, if so, which Biden/Harris Administration rule/regulation/guidance document will become a victim of the CRA.

If you have a quick question about this issue or any of the cases discussed this week, please e-mail Henry Casale at hcasale@hortyspringer.com.

If you want to find more information on the healthcare-related regulations that have been affected by the CRA or the new Administration, the Stark Law, the Anti-Kickback statute, the FCA, the SuperValu decision, the demise of the Chevron Doctrine, and a whole lot more, please join Dan and Henry in Nashville at our Hospital-Physician Contracts and Compliance Clinic, April 24-26.

January 9, 2025

Posted on by Courtney Patterson

QUESTION:
We have an applicant who is refusing to answer one of the questions on our application form because she says that her lawyer told her it could violate a settlement agreement that she has with another hospital. We think that information is relevant to her request for appointment at our hospital. Can we still ask for the information?  Should we ask for a letter from her lawyer? Should the application be held incomplete?

ANSWER FROM HORTYSPRINGER ATTORNEY LEEANNE MITCHELL:
Yes! Credentialers have a duty to review all of the relevant qualifications of each applicant for Medical Staff appointment and clinical privileges and cannot allow the legal interests of an applicant, in an unrelated matter, to interfere with that duty. Accordingly, the Medical Staff Bylaws (or related policies) should state very clearly that every applicant bears the burden of submitting a complete application and of producing information deemed adequate by the hospital for a proper evaluation of current competence, character, ethics, and other qualifications and for resolving any doubts.

A similar issue arose in a 1997 case, Eyring v. East Tennessee Baptist Hospital, 950 S.W.2d 354 (Tenn. Ct. App. 1997), in which a physician applicant refused to sign a release form authorizing a hospital where he had previously practiced to send information to another hospital where he had applied. The physician argued that he received legal advice that signing the release could compromise his lawsuit against the hospital, which had revoked his privileges. The court held that because the physician had not provided the additional information that the hospital requested – irrespective of the fact that a settlement agreement was in place – he had not submitted a complete application and, thus, under its Bylaws, the hospital was not required to process his application further.

If you have a quick question about this, e-mail LeeAnne Mitchell at LMitchell@hortyspringer.com.

December 19, 2024

Posted on by Courtney Patterson

QUESTION:
One of our doctors just received a letter that his Medicare billing privileges have been revoked.  What does this mean and is there anything that can be done about it?

ANSWER FROM HORTYSPRINGER ATTORNEY DAN MULHOLLAND:
Medicare billing privileges can be revoked for a variety of reasons listed in 42 CFR §424.535 but revocation of billing privileges is not the same thing as being excluded from Medicare. So, your hospital and the physician’s employer do not have to terminate any contracts they have with him.  However, it is always a good idea to double-check the OIG exclusion list just to make sure.  Moreover, revocation of Medicare billing privileges does not affect the physician’s ability to submit claims to non-Medicare payers using his NPI, and the physician can still provide locums coverage for other physicians as long as claims are not submitted under the name and NPI of the physician whose billing privileges were revoked.

Revocation of Medicare billing privileges usually is only in effect for a finite period of time, after which the physician can reapply for Medicare enrollment.  In addition, the physician can request that the Medicare Administrative Contractor (“MAC”) reconsider the revocation within 65 days of the date of the revocation and also ask for an extension of time to do so pursuant to 42 CFR §498.22.

Revocation of Medicare billing privileges is a serious matter and can cause a lot of disruption beyond just losing revenue.  But it is far less onerous than getting excluded from Medicare and there are opportunities to get reinstated.  Of course, like other situations dealing with the Government, don’t try this at home without close adult legal supervision.

If you have a quick question about this, e-mail Dan Mulholland at dmulholland@hortyspringer.com.