On October 3, 2014 HUD published updated regulations and guidance with respect to financial reporting, .

Commencing December 2, 2014 Operators (or operators that are both an operator/owner) are required to submit quarterly operating statements with HUD within 60 calendar days following the end of the fiscal quarter and 90 calendar days following the end of the fiscal year.

HUD is in the process of developing a web-based portal for Operators to submit their (1) quarterly financial statements and (2) separately report a data subset of their quarterly financial information.

The Office for Civil Rights is looking to audit providers of all sizes and in all parts of the country — so be prepared! HIPAA compliance is something they are taking very seriously.

 
OCR’s senior advisor for health information privacy, Linda Sanches told attendees at the recent HIMSS Media and Healthcare IT News Privacy and Security Forum that her best piece of advice about preparing for audits is to actually be in compliance and to conduct comprehensive risk analysis. “If you don’t do a periodic risk analysis,” Sanches explained, “you won’t know where you stand”.

 
Though it comes across as somewhat obvious, many healthcare organizations are still pondering whether they really need to conduct a risk analysis before an audit, or if it just makes more sense to wait. Sanches acknowledged that it requires heavy-lifting to perform such an analysis but that it’s better to have one in hand than scramble and pull it together come audit time. Sanches added that when deciding whether or not to audit a provider or investigate a reported breach, OCR looks for patterns. If the office receives information about a given provider having several similar breaches and it appears they are not doing anything about them, that manner of evidence suggesting the provider is not in compliance or does not have proper procedures set up would weigh heavily into OCR’s decision.as to who to audit or investigate, and subsequently, how much to fine.

 
“The onus is on you to prove you had the proper systems in place,” Sanches explained. “If you did a comprehensive risk analysis and took the necessary steps, that’s what you need to show us.” Organizations that fail to do the proper analysis are susceptible not only for investigations but also settlement fines, which range from, perhaps $215,000 on the low-end right up into the millions of dollars.

 
Many industry observers are curious as to how the recent Community Health Systems breach, involving some 4.5 million patient records, will play out in terms of a fine. The factors in determining the size of a fine are laid out in OCR’s rule, Sanches said, including how much harm was done and how many provisions were violated.“The sky is not the limit,” Sanches said of fine totals. “It’s basic math. How many people were affected?”

 
How many covered entities and business associates does OCR intend to audit — and when will it all begin? OCR originally planned to conduct 400 desk audits and “a large number of on-site audits,” Sanches said. Now they’re looking at “fewer than 200 desk audits” and she didn’t confirm a specific number of on-site audits for covered entities, but another wave of Business Associate audits will follow those. As for when OCR will kick-off the audits? The announcement should be coming soon….“Stay tuned,” she said.

House Bill 483, the Mid-Biennium Review bill, requires skilled nursing and assisted living centers to screen admissions for sex offenders. This law takes effect September 15. For each new admission, a center must check the online sex offender registry maintained by the Attorney General. The statute specifies that the responsibility of the facility’s administrator. If the individual is listed on the registry and the center decides to admit them anyway (the statute does not require admission), the center must take certain steps: developing a plan of care for the sex offender that protects patients and residents: notify all other center residents and their sponsors that the sex offender has been admitted and the protective measures the center is employing: and direct the sex offenders to update their address in the registry (assisting them if needed). These requirements do not apply to existing patients, only those admitted on or after 9/15/14.

Covered entities must report any breaches of protected health information discovered during 2013 to the Department of Health and Human Services (HHS) by March 1, 2014. Such notice can be submitted to HHS by visiting http://ocrnotifications.hhs.gov. Even if the breach occurred prior to 2013 but was discovered by the covered entity in 2013, it must still be reported to HHS no later than March 1, 2014. For breaches involving the protected health information of 500 or more people, the covered entity must also provide notice of the breach to every affected individual within 60 days of its discovery.

If you are a covered entity with questions or concerns about HIPAA compliance, DLM Legal’s experienced health care attorneys can help. Contact one of them today at info@dlmlegal.com or 216.635.0002.

On January 31, the Department of Health and Human Services Office of the Inspector General (OIG) released its 2014 Work Plan. The plan identifies five areas related to the operation of nursing homes which the OIG intends to monitor closely this fiscal year: 1) Medicare Part A billing practices; 2) Billing patterns for Medicare Part B services; 3) State agency verification of deficiency corrections; 4) Program for national background checks for employees; and 5) Hospitalizations of residents for manageable and preventable conditions.

Of these five areas, Medicare Part A billing practices is the only one that did not appear in OIG’s 2013 Work Plan. Consequently, industry experts are expecting the OIG to place particular importance on the review of this area. The 2014 Work Plan references reports of nursing homes inappropriately increasing codes for therapy and mentions that 25% of nursing homes’ Part A claims in 2009 were erroneous, resulting in $1.5 billion of Medicare over-payments.

On December 3, 2013, in the case of Atlantic Marine Construction Co., Inc. v. United States Dist. Ct. for W.D. Tex., the U.S. Supreme Court revised the standard that federal courts must follow in deciding whether to grant a motion to transfer venue under 28 U.S.C. § 1404(a) when the parties have contractually pre-selected a forum. This new standard involves three considerations which will make forum-selection clauses almost absolutely binding.

In analyzing a party’s motion to transfer venue in a case arising from a contract with a valid forum-selection clause, the federal courts now must 1) not give any weight to the plaintiff’s choice of forum; 2) not consider the parties’ arguments about their private interests; and 3) declare that when the case is transferred to the pre-selected venue, the transferring venue’s choice-of-law rules will not apply in the transferee (pre-selected) venue. The Court’s full opinion is available here.

This decision places added importance on drafting contracts with valid forum selection clauses. In all but the most unusual of cases, such clauses will be honored by federal courts.

The Ohio Department of Commerce requires all businesses operating in the state of Ohio to file an Annual Report of Unclaimed Funds. This year’s report must be filed by today, November 1. To request an automatic extension of up to 120 days for filing, visit: https://www.comapps.ohio.gov/unfd/unfd_apps/extension/

The Department of Commerce’s primary purpose behind this filing requirement is to reunite individuals with any funds which they are owed and which are currently being held by an Ohio business entity. Unclaimed funds that must be reported include all intangible property unclaimed by its owners such as unclaimed wages, dividends, credit balances, or outstanding checks and balances payable. The following types of funds do not have to be reported as unclaimed: wages less than or equal to $50, gift certificates, and business to business transactions. Entities that do not hold any unclaimed funds must still file an Annual Report indicating so.

If you would like assistance in filing your company’s Annual Report of Unclaimed Funds, contact DLM Legal at 216.635.0002 or info@dlmlegal.com.