ADAAA Amendment Broader ADA “Disability” Definition Not Retroactive, Employer Action Needed To Manage Post 1/1/2009 Risks

August 25, 2009

Provisions of the ADA Amendments Act (ADAAA) that expand the definition of “disability” under the Americans with Disabilities Act (ADA) “in favor of broad coverage of individuals” do not apply to actions taken before effective date of the ADAAA, January 1, 2009, according to a recent decision of the U.S. Circuit Court of Appeals for the District of Columbia. While the holding provides some comfort for employers in relation to pre-January 1, 2009 actions, employers need to take appropriate steps to mitigate disability claim risks for actions on or after the January 1, 2009 effective date of the ADAAA.

As signed into law on September 25, 2008, the ADAAA amended the definition of “disability” for purposes of the disability discrimination prohibitions of the ADA to make it easier for an individual seeking protection under the ADA to establish that that has a disability within the meaning of the ADA.  The ADAAA retains the ADA’s basic definition of “disability” as an impairment that substantially limits one or more major life activities, a record of such an impairment, or being regarded as having such an impairment. However, provisions of the ADAAA that took effect January 1, 2009 change the way that these statutory terms should be interpreted in several ways. Most significantly, the Act:

  • Directs EEOC to revise that portion of its regulations defining the term “substantially limits;”
  • Expands the definition of “major life activities” by including two non-exhaustive lists: (1) The first list includes many activities that the EEOC has recognized (e.g., walking) as well as activities that EEOC has not specifically recognized (e.g., reading, bending, and communicating); and (2) The second list includes major bodily functions (e.g., “functions of the immune system, normal cell growth, digestive, bowel, bladder, neurological, brain, respiratory, circulatory, endocrine, and reproductive functions”);
  • States that mitigating measures other than “ordinary eyeglasses or contact lenses” shall not be considered in assessing whether an individual has a disability;
  • Clarifies that an impairment that is episodic or in remission is a disability if it would substantially limit a major life activity when active;
  • Changes the definition of “regarded as” so that it no longer requires a showing that the employer perceived the individual to be substantially limited in a major life activity, and instead says that an applicant or employee is “regarded as” disabled if he or she is subject to an action prohibited by the ADA (e.g., failure to hire or termination) based on an impairment that is not transitory and minor; and
  • Provides that individuals covered only under the “regarded as” prong are not entitled to reasonable accommodation.

The ADAAA also emphasizes that the definition of disability should be construed in favor of broad coverage of individuals to the maximum extent permitted by the terms of the ADA and generally shall not require extensive analysis.

In Lytes v. DC Water and Sewer Authority, D.C. Cir. No. 08-7002 (July 21, 2009), the D.C. Court of Appeals considered and rejected the retroactivity argument made by Lytes in his appeal from a trial court’s finding that he was not disabled under the ADA.  As the ADAAA took effect while his action was pending, Lytes sought to convince the Appeals Court to apply the ADAAA amended definition retroactively.  Contending that the ADAAA amendment merely clarified the existing law under the ADA, Lytes argued that the Court should apply the broader definition of disability when considering the legality of his termination from employment in 2004.

Rejecting Lytes’ retroactivity argument, the Court of Appeals ruled that the ADAAA amendment of the definition of “disability” under the ADA applies only on a prospective basis based on its finding that Congress had clearly provided that the ADAAA amendments only would apply to post-December 31, 2008 actions. Accordingly, the Court of Appeals affirmed the District Court’s finding that Lytes termination in 2004 did not violate the ADA as then effective as his lack of disabled status under the then-applicable definition of disability meant he was not entitled to accommodation.

In adopting these changes, Congress expressly sought to overrule existing employer-friendly judicial precedent construing the current provisions of the ADA and to require the Equal Employment Opportunity Commission (EEOC) to update its existing guidance to confirm with the ADAAA Amendments.

Violations of the ADA can expose businesses to substantial liability. Violations of the ADA may be prosecuted by the EEOC or by private lawsuits.  Employees or applicants that can prove they were subjected to prohibited disability discrimination under the ADA generally can recover actual damages, attorneys’ fees, and up to $300,000 of exemplary damages (depending on the size of the employer).   

While the Lytes decision indicates that businesses will not be required to defend pre-2009 actions under the amended disability standards enacted by the ADAAA, businesses should prepare to meet new challenges in defending ADA claims arising from actions taken after December 31, 2008.  The ADAAA amendments make it likely that businesses generally will face more disability claims from a broader range of employees and will possess fewer legal shields to defend themselves against these claims. These changes will make it easier for certain employees to qualify as disabled under the ADA.  Consequently, businesses should act strategically to mitigate their ADA exposures in anticipation of these changes.  

To help mitigate the expanded employment liability risks created by the ADAAA amendments, businesses generally should act cautiously when dealing with applicants or employees with actual, perceived, or claimed physical or mental impairments to minimize exposures under the ADA.  Management should exercise caution to carefully and appropriate the potential legal significance of physical or mental impairments or conditions that might be less significant in severity or scope, correctable through the use of eyeglasses, hearing aids, daily medications or other adaptive devices, or that otherwise have been assumed by management to fall outside the ADA’s scope. Employers should no longer assume, for instance, that a visually impaired employee won’t qualify as disabled because eyeglasses can substantially correct the employee’s visual impairment. 

Likewise, businesses should be prepared for the EEOC and the courts to treat a broader range of disabilities, including those much more limited in severity and life activity restriction, to qualify as disabling for purposes of the Act. Businesses should assume that a greater number of employees with such conditions are likely to seek to use the ADA as a basis for challenging hiring, promotion and other employment decisions.  For this reason, businesses generally should tighten job performance and other employment recordkeeping to enhance their ability to demonstrate nondiscriminatory business justifications for the employment decisions made by the businesses.

Businesses also should consider tightening their documentation regarding their procedures and processes governing the  collection and handling records and communications that may contain information regarding an applicant’s physical or mental impairment, such as medical absences, worker’s compensation claims, emergency information, or other records containing health status or condition related information.  The ADA generally requires that these records be maintained in separate confidential files and disclosed only to individuals with a need to know under circumstances allowed by the ADA. 

As part of this process, businesses also should carefully review their employment records, group health plan, family leave, disability accommodation, and other existing policies and practices to comply with, and manage exposure under the new genetic information nondiscrimination and privacy rules enacted as part of the Genetic Information and Nondiscrimination Act (GINA) signed into law by President Bush on May 21, 2008.  Effective November 21, 2009, Title VII of GINA amends the Civil Rights Act to prohibit employment discrimination based on genetic information and restricts the ability of employers and their health plans to require, collect or retain certain genetic information. Under GINA, employers, employment agencies, labor organizations and joint labor-management committees face significant liability for violating the sweeping nondiscrimination and confidentiality requirements of GINA concerning their use, maintenance and disclosure of genetic information. Employees can sue for damages and other relief like currently available under Title VII of the Civil Rights Act of 1964 and other nondiscrimination laws.  For instance, GINA’s employment related provisions include rules that will:

  • Prohibit employers and employment agencies from discriminating based on genetic information in hiring, termination or referral decisions or in other decisions regarding compensation, terms, conditions or privileges of employment;
  • Prohibit employers and employment agencies from limiting, segregating or classifying employees so as to deny employment opportunities to an employee based on genetic information;
  • Bar labor organizations from excluding, expelling or otherwise discriminating against individuals based on genetic information;
  • Prohibit employers, employment agencies and labor organizations from requesting, requiring or purchasing genetic information of an employee or an employee’s family member except as allowed by GINA to satisfy certification requirements of family and medical leave laws, to monitor the biological effects of toxic substances in the workplace or other conditions specifically allowed by GINA;
  • Prohibit employers, labor organizations and joint labor-management committees from discriminating in any decisions related to admission or employment in training or retraining programs, including apprenticeships based on genetic information;
  • Mandate that in the narrow situations where limited cases where genetic information is obtained by a covered entity, it maintain the information on separate forms in separate medical files, treat the information as a confidential medical record, and not disclosure the genetic information except in those situations specifically allowed by GINA;
  • Prohibit any person from retaliating against an individual for opposing an act or practice made unlawful by GINA; and
  • Regulate the collection, use, access and disclosure of genetic information by employer sponsored and certain other health plans.

These employment provisions of GINA are in addition to amendments to the Health Insurance Portability and Accountability Act of 1996 (HIPAA), the Employee Retirement Income Security Act of 1974 (ERISA), the Public Health Service Act, the Internal Revenue Code of 1986, and Title XVIII (Medicare) of the Social Security Act that are effective for group health plan for plan years beginning after May 20, 2009.

If you have any questions or need help reviewing and updating your organization’s employment and/or employee practices in response to the ADAAA, GINA or other applicable laws, or if we may be of assistance with regard to any other workforce management, employee benefits or compensation matters, please do not hesitate to contact the author of this update, Curran Tomko Tarksi LLP Labor & Employment Practice Chair Cynthia Marcotte Stamer at 214.270.2402.

About The Author

Management attorney and consultant Cynthia Marcotte Stamer helps businesses, governments and associations solve problems, develop and implement strategies to manage people, processes, and regulatory exposures to achieve their business and operational objectives and manage legal, operational and other risks. Board certified in labor and employment law by the Texas Board of Legal Specialization, with more than 20 years human resource and employee benefits experience, Ms. Stamer helps businesses manage their people-related risks and the performance of their internal and external workforce though appropriate human resources, employee benefit, worker’s compensation, insurance, outsourcing and risk management strategies domestically and internationally. Recognized in the International Who’s Who of Professionals and bearing the Martindale Hubble AV-Rating, Ms. Stamer also is a highly regarded author and speaker, who regularly conducts management and other training on a wide range of labor and employment, employee benefit, human resources, internal controls and other related risk management matters.  Her writings frequently are published by the American Bar Association (ABA), Aspen Publishers, Bureau of National Affairs, the American Health Lawyers Association, SHRM, World At Work, Government Institutes, Inc., Atlantic Information Services, Employee Benefit News, and many others. For a listing of some of these publications and programs, see here. Her insights on human resources risk management matters also have been quoted in The Wall Street Journal, various publications of The Bureau of National Affairs and Aspen Publishing, the Dallas Morning News, Spencer Publications, Health Leaders, Business Insurance, the Dallas and Houston Business Journals and a host of other publications. Chair of the ABA RPTE Employee Benefit and Other Compensation Committee, a council member of the ABA Joint Committee on Employee Benefits, and the Legislative Chair of the Dallas Human Resources Management Association Government Affairs Committee, she also serves in leadership positions in numerous human resources, corporate compliance, and other professional and civic organizations. For more details about Ms. Stamer’s experience and other credentials, contact Ms. Stamer, information about workshops and other training, selected publications and other human resources related information, see here or contact Ms. Stamer via telephone at 214.270.2402 or via e-mail here.

Other Helpful Resources & Other Information

If you found these updates of interest, you also be interested in one or more of the following other recent articles published in this electronic Solutions Law publication available for review here. If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information – including your preferred e-mail- by creating or updating your profile at here.

For important information concerning this communication click here.  If you do not wish to receive these updates in the future, send an e-mail with the word “Remove” in the Subject to support@solutionslawyer.net.

©2009 Cynthia Marcotte Stamer.   All rights reserved. 


New Study Shares Data On Migrant Health Care Challenges Along The Border

August 24, 2009

Health care costs, care concerns and other health care utilization and risk patterns are a common issue of discussion in the continuing health care reform discussion. Meanwhile, employers, health care providers and policy leaders in Border States or elsewhere who employ a significant number of migrant workers frequently express interest in more information about the health care and disability care and benefit needs, understanding and utilization patterns of migrant families for purposes of planning benefit and human resources practices. A new report published by the Texas Department of State Health Services may shed some light on these issues. The Texas Department of State Health Services 2007 Health Risk Factors in the Texas-Mexico Border report presents a summary of health-related risk factors and trends among residents of fifteen Texas counties along the US-Mexico border. Its findings are based on data collected through the 2007 Behavioral Risk Factor Surveillance System (BRFSS), a nation-wide telephone-based survey of randomly-selected adults that gathers information on many conditions and behaviors known to influence personal health. Data from the fifteen counties were clustered into five areas: the Lower Rio Grande Valley – commonly known as ‘The Valley’ – (Hidalgo, Starr, and Cameron Counties), Webb and Zapata Counties, Val Verde and Maverick Counties, the Big Bend area (Brewster, Culberson, Hudspeth, Jeff Davis, Pecos, Presidio, and Terrell Counties), and El Paso County. For the purposes of this analysis, “the border” refers to these five areas. Interested persons can review this report here.

About The Author

Past Chair of the ABA Health Law Section Managed Care & Insurance Section and currently the Chair of the American Bar Association (ABA) RPTE Employee Benefits & Other Compensation Section and a Council Representative of the ABA Joint Committee On Employee Benefits, Ms. Stamer has more than 20 years experience advising health industry and other clients about labor and employment, health and other employee benefits, public policy and other health care and workforce matters. A primary drafter of the Bolivian Social Security Privatization law, Ms. Stamer also frequently provides input domestically and internationally on workforce, health care, migration and other policies. A popular lecturer and widely published author on these and other matters, she frequently writes and speaks about health and workforce issues of special populations including migrant workers, ex pats, and others.  Her insights on health care, health insurance, human resources and related matters appear in the Atlantic Information Service, Bureau of National Affairs, World At Work, The Wall Street Journal, Business Insurance, the Dallas Morning News, Managed Healthcare, Health Leaders, and a many other national and local publications.  For additional information about Ms. Stamer, her experience, involvements, programs or publications, see here.  

Other Helpful Resources & Other Information

If you found these updates of interest, you also be interested in one or more of the following other recent articles published on our electronic Curran Tomko Tarski LLP publications available for review here. If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information – including your preferred e-mail- by creating or updating your profile at here. You can access other recent updates and other informative publications and resources provided by Curran Tomko Tarski LLP attorneys and get information about its attorneys’ experience, briefings, speeches and other credentials here. For important information concerning this communication click here. If you do not wish to receive these updates in the future, send an e-mail with the word “Remove” in the Subject to support@cttlegal.net.

©2009 Cynthia Marcotte Stamer. All rights reserved.


Employer & Other Health Plans & Other HIPAA-Covered Entities & Their Business Associates Must Comply With New HHS Health Information Data Breach Rules By September 23

August 24, 2009

Employer and other health plans, health care providers, health clearinghouses and their business associates must start complying with new federal data breach notification rules on September 23, 2009.   

The new “Breach Notification For Unsecured Protected Health Information” regulation (Breach Regulation) published here  in today’s Federal Register requires health plans, health care providers, health care clearinghouses and their business associates (Covered Entities) covered under the personal health information privacy and security rules of the Health Insurance Portability & Accountability Act (HIPAA) to notify affected individuals following a “breach” of “unsecured” protected health information.The Breach Regulation is part of a series of guidance that HHS is issuing to implement new and stricter personal health information privacy and data security requirements for Covered Entities added to HIPAA under the Health Information Technology for Economic and Clinical Health (HITECH) Act signed into law on February 17, 2009 as part of American Recovery and Reinvestment Act of 2009 (ARRA). 

You are invited to catch up on what these new rules mean for your organization and how it must respond by participating in the “HITECH Act Health Data Security & Breach Update” on Wednesday, September 9 2009 from Noon to 1:30 P.M. Central Time.  

HITECH Act Data Breach and Unsecured PHI Rules 

Published in the August 24, 2009 Federal Register, the new Breach Regulation implements the HITECH Act requirement that Covered Entities and their business associates notify affected individuals, the Secretary of HHS, and in some cases, the media, when a breach of “unsecured protected health information” happens and the form, manner, and timing of that notification. Covered Entities must begin complying with the new Breach Regulation on September 23, 2009.

Part of a series of new HHS rules implementing recent changes to HIPAA enacted under the HITECH Act to strengthen existing federally mandates requiring Covered Entities to safeguard protected health information, the Breach Regulation will obligate Covered Entities and business associates to provide certain notifications following a breach of “protected health information” that not secured at the time of the breach through the use of a technology or methodology meeting minimum standards issued by HHS pursuant to other provisions of the HITECH Act.

Under the HITECH Act, the breach notification obligations contained in the Breach Notification only apply to a breach of “unsecured protected health information.” The Breach Regulation exempts breaches of protected health information that qualify as “secured” under separately issued HHS and Federal Trade Commission (FTC) standards for encryption and destruction of protected health information from its breach notification requirements.  

 For purposes of the HITECH Act, electronic protected health information is considered “unsecured” unless the Covered Entity has satisfied certain minimum standards for the protection of that data established pursuant to the HITECH Act.  Earlier this year, HHS and the FTC issued interim rules defining the minimum encryption and destruction technologies and methodologies that Covered Entities must use to render protected health information unusable, unreadable, or indecipherable to unauthorized individuals for purposes of determining when protected health information is “unsecured” for purposes of the HITECH Act.  Concurrent with its publication of the Breach Regulation, HHS also released guidance updating and clarifying this previously issued guidance. 

Read the Breach Regulation here .  To review the HITECH Act Breach Notification Guidance and Request for Information, see here .

Register For September 9, 2009  “HITECH Act Health Data Security & Breach Update”

Interested persons are invited to register here now  to learn what these new rules mean for your organization and how it must respond by participating in the “HITECH Act Health Data Security & Breach Update” on Wednesday, September 9, 2009 from Noon to 1:30 P.M. Central Time. For a registration fee of $45.00, registrants will have the option to participate via teleconference or in person at the offices of Curran Tomko Tarski LLP, 2001 Bryan Street, Suite 2050, Dallas Texas 75201.  For questions or other information about this program, e-mail here.

Conducted by Curran Tomko and Tarski LLP Partner Cynthia Marcotte Stamer, the briefing will cover: 

  • Who must comply
  • What your organization must do
  • How to qualify protected health information as exempt from the breach regulations as “secure” protected health information
  • What is considered a breach of unsecured protected health information
  • What steps must a covered entity take if a breach of unsecured protected information happens
  • What liabilities do covered entities face for non-compliance
  • What new contractual requirements, policies and procedures Covered Entities and Business Associates will need
  • How the Breach Regulation, the Privacy Regulation, impending FTC red flag rules and state data breach and privacy rules interrelate
  •  Other recent developments
  • Practical tips for assessing, planning, moving to and defending compliance
  • Participant questions
  • More

About The Presenter

The program will be presented by Curran Tomko Tarski LLP Partner Cynthia Marcotte Stamer.  Ms. Stamer is nationally known for her work, publications and presentations on privacy and security of health and other sensitive information in health and managed care, employment, employee benefits, financial services, education and other contexts. 

 Past Chair of the ABA Health Law Section Managed Care & Insurance Section and currently the Chair of the American Bar Association (ABA) RPTE Employee Benefits & Other Compensation Section and a Council Representative of the ABA Joint Committee On Employee Benefits, Ms. Stamer has more than 20 years experience advising clients about health and other privacy and security matters.  A popular lecturer and widely published author on privacy and data security and other related health care and health plan matters, Ms. Stamer is the Editor in Chief of the forthcoming 2010 edition of the Information Security Guide to be published by the American Bar Association Information Security Committee in 2010, as well as the author of “Protecting & Using Patient Data In Disease Management: Opportunities, Liabilities And Prescriptions,” “Privacy Invasions of Medical Care-An Emerging Perspective,” “Cybercrime and Identity Theft: Health Information Security Beyond HIPAA,” and a host of other highly regarded publications. She has continuously advises employers, health care providers, health insurers and administrators, health plan sponsors, employee benefit plan fiduciaries, schools, financial services providers, governments and others about privacy and data security, health care, insurance, human resources, technology, and other legal and operational concerns. Ms. Stamer also publishes and speaks extensively on health and managed care industry privacy, data security and other technology, regulatory and operational risk management matters.  Her insights on health care, health insurance, human resources and related matters appear in the Atlantic Information Service, Bureau of National Affairs, World At Work, The Wall Street Journal, Business Insurance, the Dallas Morning News, Managed Healthcare, Health Leaders, and a many other national and local publications.  For additional information about Ms. Stamer, her experience, involvements, programs or publications, see here.  

We hope that this information is useful to you.  If you need assistance monitoring, evaluating or responding to these or other compliance, risk management, transaction or operation concerns, please contact the author of this update, Cynthia Marcotte Stamer, at (214) 270-2402, cstamer@cttlegal.com or another Curran Tomko Tarski LLP Partner of your choice.

Other Helpful Resources & Other Information

If you found these updates of interest, you also be interested in one or more of the following other recent articles published on our electronic Curran Tomko Tarski LLP publications available for review here. If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information – including your preferred e-mail- by creating or updating your profile at here. You can access other recent updates and other informative publications and resources provided by Curran Tomko Tarski LLP attorneys and get information about its attorneys’ experience, briefings, speeches and other credentials here.

For important information concerning this communication click here.  If you do not wish to receive these updates in the future, send an e-mail with the word “Remove” in the Subject to support@cttlegal.com.

©2009 Cynthia Marcotte Stamer.   All rights reserved. 


Health Plans Must Comply with New HHS Interim Final Data Breach Rules Beginning September 24; Register to Participate In September 10th Briefing on New Rules In Person or Via Telephone

August 20, 2009

Employers and other health plan sponsors, fiduciaries, insurers and service providers need to move quickly to prepare to comply with  “breach notification” regulations issued by the U.S. Department of Health and Human Services (HHS) yesterday (August 19, 2009).  The new data breach regulations will require health plans, as well as  health care providers, business associates and other covered entities (Covered Entities) under the personal health information privacy and security rules of the Health Insurance Portability & Accountability  (HIPAA) to notify affected individuals following a “breach” of “unsecured” protected health information. Scheduled for publication in the Federal Register on August 24, 2009, the new breach notification regulations are part of a series of new rules that implement new electronic personal health information data security and data breach notification requirements for Covered Entities added to HIPAA under the Health Information Technology for Economic and Clinical Health (HITECH) Act signed into law on February 17, 2009 as part of American Recovery and Reinvestment Act of 2009 (ARRA).  Covered entities must begin complying with the new rules no later than September 24, 2009.

Curran Tomko Tarski, LLP Health Practice leader Cynthia Marcotte Stamer will conduct a briefing on these new protected health information data security and data breach rules on Thursday, September 10, 2009 from Noon to 1:30 P.M. Central Time. For a registration fee of $45.00, registrants will have the option to participate via teleconference or in person at the offices of Curran Tomko Tarski LLP, 2001 Bryan Street, Suite 2050, Dallas Texas 75201.  For more information, e-mail here.

 HITECH Act Data Breach and Unsecured PHI Rules

The new data breach notification rules are part of a series of recent HIPAA enacted under the HITECH Act to strengthen the federal rules requiring HIPAA covered entities to safeguard electronic and certain other protected health information. Enhanced data security and data breach rules added as part of these HITECH Act amendments obligate  covered entities and business associates to provide certain notifications following a breach of “unsecured”  “protected health information” within the meaning of HIPAA, as amended.  “Unsecured protected health information” is defined as protected health information that is not secured through the use of a technology or methodology specified by the HHS Secretary.

The new data breach regulations implement the HITECH Act requirement that Covered Entities and their business associates notify affected individuals, the Secretary of HHS, and in some cases, the media, of a breach and the form, manner, and timing of that notification.  For purposes of the HITECH Act, electronic protected health information is considered “unsecured” unless the covered entity has satisfied certain minimum standards for the protection of that data established pursuant to the HITECH Act.  HHS and the Federal Trade Commission previously issued certain initial guidance concerning the HITECH Act standards for determining when electronic personal health information qualifies as secure.  To help further define when electronic health information is treated as “unsecured” and therefore subject to the breach notification requirements, the data breach rules also update and clarify the previously issued existing HHS guidance specifying encryption and destruction as the technologies and methodologies that render protected health information unusable, unreadable, or indecipherable to unauthorized individuals published earlier this year by HHS to for purposes of determining when protected health information will be considered “unsecured” for purposes of the HITECH Act data breach rules.  Entities subject to the HHS and FTC regulations that secure health information as specified by the guidance through encryption or destruction are relieved from having to notify in the event of a breach of such information.  

The HHS interim final regulations are effective September 24, 2009, which is the date 30 days after the date they will be published on the Federal Register and include a 60-day public comment period. To review the interim final data breach regulations, see here.  To review the HITECH Act Breach Notification Guidance and Request for Information, see here.

For More Information

The author of this article, Curran Tomko and Tarski LLP Labor and Employment and Health Care Practice Chair Cynthia Marcotte Stamer has extensive experience advising and assisting employer and other health plan sponsors, insurers, managed care providers and other health and insurance industry clients about HIPAA and other privacy and data security matters, as well as a diverse range of health care, employment, and emplyee benefit policy, regulatory, compliance, risk management and operational concerns. 

Current Chair of the American Bar Association (ABA) Real Property, Trusts & Estates Employee Benefit & Other Compensation Committee, an ABA Joint Committee on Employee Benefits Council member, past chair of the American Bar Association Health Law Section Managed Care & Insurance Section, Martindale Hubble AV-rated and recognized in International Who’s Who of Professionals, Ms. Stamer continuously advises health care providers, health care payers and administrators, employers, governments and others about health care, insurance, human resources, privacy and data security, technology, and other legal and operational concerns.  A popular lecturer and widely published author on privacy and data security and other related health care and health plan matters, Ms. Stamer also writes and speaks extensively on health and managed care industry privacy, data security and other technology, regulatory and operational risk management matters.  She currently serves as the Editor in Chief of the forthcoming 2010 edition of the Information Security Guide to be published by the American Bar Association Information Security Committee in 2010.  Examples of her other works include “Protecting & Using Patient Data In Disease Management: Opportunities, Liabilities And Prescriptions,” “Privacy Invasions of Medical Care-An Emerging Perspective,” “Cybercrime and Identity Theft: Health Information Security Beyond HIPAA,” and a host of others.  Her insights on health care, health insurance, human resources and related matters appear in the Atlantic Information Service Privacy Report, The Wall Street Journal, Business Insurance, the Dallas Morning News, Managed Healthcare, Health Leaders, and a various other national and local publications.  For additional information about Ms. Stamer, her experience, involvements, programs or publications, see here.  

We hope that this information is useful to you.  If you need assistance monitoring, evaluating or responding to these or other proposed health care or other regulatory reforms or with other health care compliance, risk management, transaction or operation concerns, please contact the author of this update, Curran Tomko Tarski LLP Health Practice Group Chair, Cynthia Marcotte Stamer, at (214) 270-2402, cstamer@cttlegal.com or your other favorite Curran Tomko Tarski LLP Partner.

We also encourage you and others to join the discussion about these and other health care reform proposals and concerns by joining the Coalition for Responsible Health Care Reform Group on Linkedin, registering to receive these updates here.

Other Helpful Resources & Other Information

We hope that this information is useful to you.   If you found these updates of interest, you also be interested in one or more of the following other recent articles published on our electronic Solutions Law Press Health Care Update publication available here. If you or someone else you know would like to receive future updates about developments on these and other concerns, please register to receive this Solutions Law Press Health Care Update here and be sure that we have your current contact information – including your preferred e-mail- by creating or updating your profile at here. You can access other recent updates and other informative publications and resources provided by Curran Tomko Tarski LLP attorneys and get information about its attorneys’ experience, briefings, speeches and other credentials here.

For important information concerning this communication click here.  If you do not wish to receive these updates in the future, send an e-mail with the word “Remove” in the Subject to support@SolutionsLawyer.net.

©2009 Cynthia Marcotte Stamer.  All rights reserved. 


House Democratic Majority Hopes To Iron Out Differences In Key Health Care Reform Legislation During August Recess

August 4, 2009

Democratic Leaders in the House of Representatives plan to hammer out differences three versions of the America’s Affordable Health Choices Act (H.R. 3200) as separately passed by three key House Committees in July before House members return from their August recess in hopes of bringing the agreed to version of H.R. 3200 to the full house in September.   Each version of H.R. 3200 would impose significant new obligations, regulations and costs on employers, health insurers and health plans, and employees.

After negotiating a last minute pre-August recess deal with certain Blue Dog Democrat Committee members, the House Energy and Commerce Committee on July 31, 2009 passed its version of H.R. 3200, the America’s Affordable Health Choices Act (H.R. 3200). The version of H.R. 3200 passed by the House Energy and Commerce Committee incorporates a series of amendments to the language of H.R. 3200 as originally introduced.  For instance, this version of H.R. 3200 provides incentives for states to adopt certain tort reforms, provides for a public plan option that would reimburse physicians based on negotiated rates rather Medicare rates, and would allow states to offer both state-based heath insurance exchanges and health insurance co-ops. To review H.R. 3200 as amended by the House Energy and Commerce Committee, see here.

The approval by the Energy and Commerce Committee of its version of H.R. 3200 follows the July 17, 2009 approval by the House Ways and Means Committee and Education and Labor Committee of their own versions of H.R. 3200.  For details on the version of H.R. 3200 approved by the House Ways and Means Committee, see here.  For details on the version of H.R. 3200 approved by the House Education and Labor Committee, see here

Leading House Democrats have announced their intention to work to resolve differences between these three versions of H.R. 3200 as passed by these Committees during August recess in hopes of  bringing the agreed to version of H.R. 3200 to a vote  of the full House of Representatives in September.

Meanwhile, House members from both parties also generally are using the August recess as an opportunity to reconnect with local constituents on health care reform and other core issues.

For More Information

The author of this article, Curran Tomko and Tarski LLP Partner  Cynthia Marcotte Stamer has extensive experience advising and assisting employers and other health plan sponsors, insurers and others about health benefit and other benefits, human resources and health care matters.  The current Chair of the American Bar Association Real Propoerty, Probate & Trust Section Employee Benefit Plans and Other Compensation Committee and former Chair of the ABA Health Law Section Managed Care & Insurance Group, she regularly advises these and other clients about the design, administration, defense  and regulation of health benefit, wellness and disease management, managed care, onsight wellness, and other benefit and insurance regulations, legislative and regulatory reforms impacting these and other arrangements, and related matters.  

We hope that this information is useful to you.  If you need assistance monitoring, evaluating or responding to these or other proposed health care or other regulatory reforms or with other health care compliance, risk management, transaction or operation concerns, please contact the author of this update, Curran Tomko Tarski LLP Health Practice Group Chair, Cynthia Marcotte Stamer, at (214) 270-2402, cstamer@cttlegal.com or your other favorite Curran Tomko Tarski LLP Partner.

We also encourage you and others to join the discussion about these and other health care reform proposals and concerns by joining the Coalition for Responsible Health Care Reform Group on Linkedin, registering to receive these updates here.

If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information – including your preferred e-mail – by creating or updating your profile at here or e-mailing this information to cstamer@cttlegal.com.  If you prefer not to receive these updates via e-mail in the future, e-mail your request with “remove” in the subject to support@solutionslawyer.net.


HHS Reassignment Of HIPAA Enforcement Duties Signals Rising Seriousness of Enforcement Commitment

August 3, 2009

The Department of Health & Human Services (HHS) today (August 3, 2009) transferred authority for the administration and enforcement of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security Rule to the Office for Civil Rights (OCR).  Prior to this announcement, responsibility for interpretation and enforcement of the Security Rule rested with the Centers for Medicare & Medicaid Services (CMS).  The change reflects the growing seriousness of HHS and others about enforcing federal privacy and data security mandates for health information.  HHS anticipates the transfer of authority will eliminate duplication and increase efficiencies in how the department ensures that Americans’ health information privacy is protected.

HHS has the authority for administration and enforcement of the federal standards for health information privacy called for in HIPAA. The Privacy Rule provides federal protections for personal health information held by covered entities and gives patients an array of rights with respect to that information. OCR has been responsible for enforcement of the Privacy Rule since 2003. The Security Rule specifies a series of administrative, technical, and physical security procedures for covered entities to use to assure the confidentiality of electronic protected health information. The Health Information Technology for Economic and Clinical Health (HITECH) Act, part of the American Recovery and Reinvestment Act of 2009 (ARRA), mandated improved enforcement of the Privacy Rule and the Security Rule.

Through a separate delegation, CMS continues to have authority for administration and enforcement of the HIPAA Administrative Simplification regulations, other than privacy and security of health information.

The transfer of Security Rule enforcement authority comes as guidance about new data breach rules for electronic protected health information is impending.  This impending guidance relates to  the implementation of new breach notification rules for covered entities and their business associates concerning their obligation to use of technologies and methodologies that render protected health information unusable, unreadable, or indecipherable to unauthorized individuals, as required by amendments to HIPAA enacted under the Health Information Technology for Economic and Clinical Health (HITECH) Act passed as part of the American Recovery and Reinvestment Act of 2009 (ARRA) last February.  OCR officials have stated that they are working to publish the next set of regulations regarding these new breach notifications before the end of August, 2009. 

In addition to adding the breach notification requirements, the HITECH Act also tightened the HIPAA mandates in several other respects.  Among other things, it amended HIPAA to:

  • Broaden the applicability of the HIPAA’s Privacy Rules and penalties to include business associates;
  • Clarify that HIPAA’s criminal sanctions apply to employees or other individuals that wrongfully use or access PHI held by a covered entity;
  • Increase criminal and civil penalties for HIPAA Privacy Rules violators;
  • Allow State Attorneys General to bring civil damages actions on behalf of certain state citizens who are victims of HIPAA Privacy and Security Rule violations;
  • Modify certain HIPAA use and disclosure and accounting requirements and risks;
  • Prohibits sales of PHI without prior consent;
  • Tighten certain other HIPAA restrictions on uses or disclosures;
  • Tighten certain HIPAA accounting for disclosure requirements;
  • Clarify the definition of health care operations to excludes certain promotional communications; and
  • Expand the Business Associates Agreement Requirements.

These and other developments make it imperative HIPAA covered entities and their business associates take prompt action to immediately review and update their data security and privacy practices to guard against growing liability exposures under HIPAA and other federal and state laws. Covered entities must update policies and practices to avoid these growing liabilities. Business associates that have not already done so also must appoint privacy officers and adopt and implement privacy and data security policies and procedures fully compliant with HIPAA and other applicable federal and state rules, including amendments enacted as part of the American Recovery and Reinvestment Act of 2009 signed into law on February 17, 2009.

For more information about today’s announcement, see here.  See here for the initial guidance and request for comments issued by HHS regarding these new security standards.

Chair Elect of the American Bar Association RPTE Employee Benefits & Compensation Committee, an ABA Joint Committee on Employee Benefits  Council member, and Chair of the Curran Tomko Tarski Labor, Employment & Employee Benefits Practice, Cynthia Marcotte Stamer is  nationally and internationally recognized for her work assisting businesses, employee benefit plan fiduciaries and vendors, governments, and other entities to develop administer and defend cost-effective employee benefit other human resources programs, policies and procedures to meet their budgetary, risk management and compliance and other objectives.  Board certified in Labor & Employment law, Ms. Stamer applies her extensive experience regarding employment, employee benefit, tax, privacy and data security and other related laws to assists clients in a wide range of business and litigation contexts.   The co-founder of the Solutions Law Consortium, Ms. Stamer also makes extensive use of cloud computing and other technology in her own practice and provides input to human resources and other clients others about the use of these and other technology tools to manage employee benefit, human resources, internal controls and other operations.  In connection with this work, Ms. Stamer has works, writes and consults extensively with a diverse range of clients about  the development, use technology and other processes to streamline health and other benefit, payroll and other human resources, employee benefits, tax, compliance and other business processes and the management and protection of sensitive personal and other information and data.

If your organization or employee benefit plan needs assistance managing or evaluating options or responsibilities associated with the use of technology and data in connection with its health care, employee benefits, tax or other operation or other human resources, employee benefits or and compliance concerns, please contact Ms. Stamer at cstamer@cttlegal.com, (214) 270-2402; or your favorite Curran Tomko Tarski, LLP attorney.  For additional information about the experience and services of Ms. Stamer and other members of the Curran Tomko Tarksi, LLP team, see here.

More Information & Resources

You can review other recent human resources, employee benefits and internal controls publications and resources and additional information about the employment, employee benefits and other experience of Ms. Stamer here /the Curran Tomko Tarski LLP attorneys here. If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information – including your preferred e-mail – by creating or updating your profile here or e-mailing this information to Cstamer@CTTLegal.com or registering to participate in the distribution of these and other updates on our Solutions Law Press HR & Benefits Update distributions here. For important information concerning this communication click here.    If you do not wish to receive these updates in the future, send an e-mail with the word “Remove” in the Subject to support@SolutionsLawyer.net.

©2009 Cynthia Marcotte Stamer. All rights reserved.


Speak Up America: Where & How To Read & Share Your Feedback About The Health Care Reform Legislation

August 1, 2009

As the health care reform policy debate continues, Americans increasingly are asking where to read the text of the health care reform legislation that members of Congress are debating and how to share their input. 

 While numerous alternatives presently are pending before Congress, much of recent discussion and debate has focused around one of the following bills:

  • H.R. 3200: America’s Affordable Health Choices Act of 2009,  introduced in the House by Rep Dingell, John D. on July 14, 2009  the text of which as originally introduced may be reviewed  here.  It has been the focus of significant mark up negotiation through out July before the following House Energy and Commerce, House Ways & Means, and House Education & Labor Committees; and
  • S. __, the Affordable Health Choices Act approved by the Senate Committee on Health, Education, Labor and Pensions, the text of which as approved may be reviewed here.

When reviewing these bills, Americans should keep in mind that members of Congress are engaged in ongoing negotiations about the specific provisions and language of these bills, as well as other legislation.  Official developments generally may be monitored here.

Many American businesses and individuals also are asking about how and where to share their views, how to organize others to do the same and other questions about getting the word out. Here a some quick ideas. We encourage others to share. 

  • The Coalition For Patient Empowerment and the Coalition for Responsible Health Care Reform linkedin group are two one of many resources where individuals are sharing information about these matters. 
  • Concerned individuals should share their views both by faxing, e-mailing or telephoning key decisionmakers in Congress, as well as joining and participating in activities of other individuals and groups that share their concerns.  Contact and get involved with this and other groups that share your concerns.
  • Contact the offices of your Congressional representatives in the House and Senate as well as other members of Congress that support your views and ask them about other groups and ways that you can share your views. They will welcome your input and involvement.
  •  If you are aware of or involved in a group that shares your views, we encourage you to share it on the Coalition for Responsible Health Care Reform linkedin group.  If you or others are planning a town hall or other health care reform meeting, use this or other linked in groups to spread the word.
  • If you are interested in volunteering to plan events in your region, let us know.   

We also encourage you and others to join the discussion about these and other health care reform proposals and concerns by joining the Coalition for Responsible Health Care Reform Group on Linkedin, and registering to receive these updates here.

When communicating, consider targeting your messages to members of Congress whose votes are likely to be impacted by your communications. 

For instance, with both the House and Senate in the majority in Congress, Democrats generally have greater control over what legislation moves forward.  The Democratic Leadership of the House and Sentate generally can get legislation passed by their members as long as they can maintain consensus among the members of their parties.  In connection with the health care reform proposals, however, cost and other considerations have made maintaining a consensus more difficult than on other legislation.  Certain fiscally moderate members of the Democratic Party have expressed concern about the expense and other aspects of their Leadership proposed health care reform proposals.  These Democrats in Congress generally the members of Congress whose votes are most likely to be impacted by public input and feedback generally and from voters in their districts and contributors specifically. 

In the House of Representatives, these members likely are the “Blue Dog Democrats.”  Read about Blue Dog Democrats here.    

The fiscal conservatism of Blue Dog Democrats makes them more likely to listen to concerns about the cost and other concerns relating to the health care reform bills touted by the Democrat Leadership in the House and Senate.  In fact, many Blue Dog Democrats already are speaking out about their concerns about the cost and other aspects of the Bill. 

Contact from voters and contributors in their districts and others could make a major difference in the ability that the House Democrat Leadership needs to pass their Bill.  Immediately contacting these members and getting others – particularly voters and contributors in the districts that elect these members – is one of the most important steps that concerned Americans can do to position their concerns to be heard.   

For most concerned voters, telephone or fax contact is the best means to convey these messages.  To minimize spam, most members only accept e-mail submitted through their website links.  Security concerns can delay receipt of written correspondence for weeks.

For persons interested in making their voices heard and sharing information with others who wish to do the same, the following contact information may be of interest:

The number of the Capital Switchboard is 202-224-3121.

The Blue Dog Leadership Team and there telephone and fax numbers are:

Rep. Stephanie Herseth Sandlin (SD), Blue Dog Co-Chair for Administration, Telephone: 202.225.2801 , Fax: 202.225.5823

Rep. Baron Hill (IN-09), Blue Dog Co-Chair for Policy,Telephone: 202-225-4031, Fax: (202) 226-6866

Rep. Charlie Melancon (LA-03), Blue Dog Co-Chair for Communications, Telephone: 202-225-4031, Fax: (202) 226-3944

Rep. Heath Shuler (NC-11), Blue Dog Whip, Telephone:  202-225-6401, Fax: (202) 226-6422

The Blue Dog Members and their telephone numbers are :

  • Altmire, Jason (PA-04),(202)225-2565
  • Arcuri, Mike (NY-24), (202)225-3665
  • Baca, Joe (CA-43),(202)225-6161
  • Barrow, John (GA-12), (202) 225-2823
  • Berry, Marion (AR-01), (202) 225-4076
  • Bishop, Sanford (GA-02), (202) 225-3631
  • Boren, Dan (OK-02), (202) 225-2701
  • Boswell, Leonard (IA-03), (202) 225-3806
  • Boyd, Allen (FL-02), (202) 225-5235
  • Bright, Bobby (AL-02), (202) 225-2901
  • Cardoza, Dennis (CA-18), (202) 225-6131
  • Carney, Christopher (PA-10), (202) 225-3731
  • Chandler, Ben (KY-06), (202) 225-4706
  • Childers, Travis (MS-01), (202) 225-4306
  • Cooper, Jim  (TN 5th), (202) 225-4311
  • Costa, Jim  (CA 20th), (202) 225-3341
  • Cuellar, Henry  (TX 28th), (202)  225-1640
  • Dahlkemper, Kathleen A. (PA 3rd), (202) 225-5406
  • Davis, Lincoln (TN 4th),(202) 225-6831
  • Donnelly, Joe  (IN 2nd), (202) 225-3915
  • Ellsworth, Brad  (IN 8th), (202) 225-4636
  • Giffords, Gabrielle  (AZ 8th), (202) 225-2542
  • Gordon, Bart  (TN 6th), (202) 225-4231
  • Griffith, Parker  (AL 5th), (202) 225-4801
  • Harman, Jane  (CA 36th), (202) 225-8220
  • Herseth Sandlin, Stephanie  (SD At Large), (202) 225-2801
  • Hill, Baron P.  (IN 9th), (202) 225-5315
  • Holden, Tim  (PA 17th), (202) 225-5546
  • Kratovil, Frank Jr. (MD 1st), (202) 225-5311
  • McIntyre, Mike  (NC 7th), (202) 225-2731
  • Marshall, Jim  (GA 8th), (202) 225-6531
  • Matheson, Jim  (UT 2nd), (202) 225-3011
  • Melancon, Charlie  (LA 3rd), (202) 225-4031
  • Michaud, Michael H. (ME 2nd), (202) 225-6306
  • Minnick, Walt  (ID 1st), (202) 225-6611
  • Mitchell, Harry E.  (AZ 5th), (202) 225-2190
  • Moore, Dennis  (KS 3rd), (202) 225-2865
  • Murphy, Patrick J.  (PA 8th), (202) 225-4276
  • Nye, Glenn C.  (VA 2nd), (202) 225-4215
  • Peterson, Collin C.  (MN 7th), (202) 225-2165
  • Pomeroy, Earl  (ND At Large), (202) 225-2611
  • Ross, Mike  (AR 4th), (202)  225-3772
  • Salazar, John T.  (CO 3rd), (202) 225-4761
  • Sanchez, Loretta  (CA 47th), (202) 225-2965
  • Schiff, Adam B.  (CA 29th), (202) 225-4176
  • Scott, David  (GA 13th), (202) 225-2939
  • Shuler, Heath  (NC 11th), (202) 225-6401
  • Space, Zachary T. (OH 18th), (202) 225-6265
  • Tanner, John S.  (TN 8th), (202) 225-4714
  • Taylor, Gene  (MS 4th), (202) 225-5772
  • Thompson, Mike  (CA 1st), (202) 225-3311
  • Wilson, Charles (OH-06), (202) 225-5705

You and others also are invited to join the discussion about these and other health care reform proposals and concerns by:

  • Joining the Coalition for Responsible Health Care Reform Group on Linkedin and registering to receive these updates here; and
  • E-mailing Cstamer@cttlegal.com to participate in the Coalition for Patient Empowerment.

Curran Tomko Tarski LLP Can Help

If your business needs assistance monitoring or providing input on health care reform or other human resources, employee benefit or compensation legislation or regulations, or auditing, updating or defending its health or other employee benefit, human resources, or compensation arrangements, or responding to employee benefits, employment or compensation related charges or suits, please contact Ms. Stamer at cstamer@cttlegal.com, (214) 270-2402; or your favorite Curran Tomko Tarski, LLP attorney.  For additional information about the experience and services of Ms. Stamer and other members of the Curran Tomko Tarksi, LLP team, see here.

The author of this article, Curran Tomko Tarski LLP Labor & Employment Practice Group Chair Cynthia Marcotte Stamer and other members of Curran Tomko and Tarski LLP are experienced with assisting employer and employee benefit plan sponsors, administrators and others about labor and employment, compensation and employee benefit compliance and risk management concerns, as well as advising and defending these and other clients in labor and employment, compensation, and employee benefit related audits, investigations and litigation, charges, audits, claims and investigations.  

Board Certified in Labor & Employment Law by the Texas Board of Legal Specialization, Chair of the ABA RPTE Employee Benefit Plans and Other Compensation Group, a member of the ABA Joint Committee on Employee Benefits, and past Chair of the ABA Health Law Section Managed Care & Insurance Interest Group, Ms. Stamer has extensive experience with health and retirement, work force and other employee benefit and employment matters.  She is nationally and internationally known for her innovative work with employers, associations, churches, insurers and others to develop health benefit, onsight medical, wellness and other employee benefit and employment arrangements, as well as her involvement in health care, pension and other public policy advocacy.

More Information & Resources

You can review other recent human resources, employee benefits and internal controls publications and resources and additional information about the employment, employee benefits and other experience of Ms. Stamer here /the Curran Tomko Tarski LLP attorneys here. If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information – including your preferred e-mail – by creating or updating your profile here or e-mailing this information to Cstamer@CTTLegal.com or registering to participate in the distribution of these and other updates on our Solutions Law Press HR & Benefits Update distributions here. For important information concerning this communication click here.    If you do not wish to receive these updates in the future, send an e-mail with the word “Remove” in the Subject to support@SolutionsLawyer.net.

©2009 Cynthia Marcotte Stamer. All rights reserved.


Follow

Get every new post delivered to your Inbox.

Join 517 other followers