Protected Health Information |

Stamer Speaks 9/14 On Coping With Health Care Reform: What’s New, What Lies Ahead & What To Do

July 29, 2011

Cynthia Marcotte Stamer will speak to the Houston Chapter of WEB at 11:30 a.m on September 14, 2011 on “Coping With Health Care Reform: What’s New, What Lies Ahead & What To Do.” Get details and register online at www.webnetwork.org/houston.

As the debate over the validity and future of the sweeping health care reforms enacted under the Patient Protection and Affordable Care Act (ACA) rages in Congress and the federal courts, employer and other health plan sponsors, insurers, fiduciaries and administrators face the daunting challenge of keeping their health plans compliant, affordable and relevant in the face of the steady rollout of the deluge of new mandates imposed by the Affordable Care Act and other evolving health plan mandates and planning for changes yet to come.

A former national WEB member nationally and internationally known for her knowledge and work on health and other employee benefit matters and engaging and informative presentations, attorney, author and policy advocate Cynthia Marcotte Stamer will help you prepare your plan and organization to cope with these and other challenges of understanding and coping with health care reform.

Chair of the American Bar Association (ABA) RPPT Employee Benefits & Other Compensation Arrangements, an ABA Joint Committee on Employee Benefits Council Representative, incoming ABA TIPS Employee Benefit Plan Committee Vice Chair, former ABA Health Law Section Managed Care & Insurance Interest Group Chair, past Southwest Benefits Association Board Member, Employee Benefit News Editorial Advisory Board Member, and a widely published speaker and author, Ms. Stamer has more than 24 years experience advising businesses, plans, fiduciaries, insurers and governments on health care, retirement, employment, insurance, :and tax program design, administration, defense and policy. Her experience includes extensive involvement in advising and representing these and other clients on ACA and other health care legislation, regulation, enforcement and administration. Widely published on health benefit and other related matters, Ms. Stamer’s insights and articles have been published by the Bureau of National Affairs, Aspen Publishers, Business Insurance, Employee Benefit News, the Wall Street Journal, the American Bar Association, Aspen Publishers, World At Work, Spencer Publications, SHRM, the International Foundation, Solutions Law Press and many others.

Ms. Stamer’s presentation will focus on key health care reform information that can help employers and other plan sponsors, insurers, fiduciaries, insurers, administrators and advisors understand and cope with the effects and responsibilities of health care reform including:

Updating you on the status of litigation challenging the ACA health care reforms in the courts;
Updating you on the key developments affecting health care regulatory reforms likely to impact your health plan;
Sharing an updated roadmap of the currently scheduled implementation of key future health benefit reforms enacted under ACA;
Sharing selected tips and strategies for managing compliance and other risks and deal with uncertainties arising as health care reform continues to evolve; and
Audience questions and discussion of questions and ideas.

For additional information about Ms. Stamer and her experience, see www.CynthiaStamer.com.

Comments Off on Stamer Speaks 9/14 On Coping With Health Care Reform: What’s New, What Lies Ahead & What To Do | 105(h), Affordable Care Act, CHIP, COBRA, Employee Benefits, Employers, Employment Tax, ERISA, Excise Tax, Fiduciary Responsibility, FMLA, Health Care Reform, Health Plans, HIPAA, Human Resources, Income Tax, Insurance, Malpractice, Medicare Part D, Mental Health, Mental Health Parity, Patient Empowerment, Patient Protection and Affordable Care Act, Payroll Tax, Preemption, Prescription Drugs, Protected Health Information, Reporting & Disclosure, Tax Credit, Wellness Programs | Tagged: benefits, Employee Benefits, employee benefits policy, Health Care Reform, Health Insurance, Health Plans, health policy, Insurance, Speeches, Training, WEB | Permalink
Posted by Cynthia Marcotte Stamer

Spectrum Healthcare NLRB Charge Settlement Highlights Need To Defend Against Possible Unfair Labor Practices & Other Union Exposures

May 20, 2011

The National Labor Regulations Board (NLRB)’s announcement of a settlement against a Connecticut nursing home operator this week in conjunction with a series of other enforcement actions highlight the need for businesses to tighten defenses and exercise other caution to minimize their organization’s exposure to potential NLRB charges or investigation. As reflected by many of these enforcement acts, the exposures arise both from active efforts by businesses to suppress union organizing or contracting activities, as well as the failure to identify and manage hidden labor law exposures in the design and administration of more ordinary human resources, compliance, business operations and other policies and practices.

On May 17, 2011, the NLRB announced here that Connecticut nursing home operator Spectrum Healthcare has agreed to settle a NLRB case involving multiple allegations of unlawful suspensions, discharges and unilateral changes in violation of the National Labor Relations Act and other federal labor laws by offering reinstatement and back pay to all discharged and striking workers and signing a new three-year collective bargaining agreement with its employees’ union, New England Health Care Employees Union District 1199, SEIU.

Along with the contract and reinstatement of all employees, the company agreed to pay $545,000 in back pay and pension benefits to employees who were harmed by the unfair labor practices, and to expunge any disciplinary records related to the case. As a result, all NLRB charges against the company have been withdrawn. Spectrum admits to no wrongdoing in the settlement.

The settlement, reached midway through a hearing before an NLRB administrative law judge in Connecticut and approved by the judge yesterday, ends a long-running dispute which grew into a strike by almost 400 employees at four nursing homes in Connecticut operated by Spectrum Healthcare, LLC. Complaints issued by the NLRB Regional Office in Hartford alleged that, beginning in the fall of 2009, several months after the prior collective bargaining agreement expired, Spectrum discharged seven employees and suspended three others to retaliate against their union activities and to discourage other employees from supporting the union. In addition, one employee was discharged and seven others were suspended after the employer unilaterally changed its tardiness discipline policy without first bargaining with the union.

The complaints further alleged that in April 2010, employees at the four nursing homes — in Derby, Ansonia, Winsted, and Hartford — went on strike to protest the unfair labor practices. When the strikers offered unconditionally to return to work in late August, the employer refused to take them back. Under federal labor law, if a strike is called because of an unfair labor practice, employees are entitled to reinstatement after an unconditional offer to return to work.

The reinstated employees are due to return to the facilities this week.

The Spectrum Healthcare settlement is reflective of the growing number of NLRB enforcement orders against employers generally and health care providers specifically under the Obama Administration. The Obama Administration has close ties and has expressed its strong and open support for union and union organizing activities. The adoption of a series of union friendly labor law reforms was one of the key campaign promises of President Obama during his election campaign. While other legislative priorities and the change in the leadership of the House of Representatives appears to have slowed efforts to push through this agenda, it has not slowed the Administration’s efforts to support unions with strong enforcement activities. Empowered by a difficult economic and job situation and an awareness of the Obama Administration’s strong support for union organizing and other activities, unions are stepping up organizing efforts and more aggressively challenging employers actions.

Over the past few months, public awareness of the Obama Administration’s aggressive enforcement agenda on behalf of unions has drawn new attention as a result of the widespread media coverage of NLRB actions challenging Boeings planned relocation of certain manufacturing jobs intervention in a planned relocation of certain manufacturing operations. See, e.g., Acting General Counsel Lafe Solomon releases statement on Boeing complaint; National Labor Relations Board issues complaint against Boeing Company for unlawfully transferring work to a non-union facility. However, the Boeing and Spectrum Healthcare actions represent only the tip of the iceberg of the rising number of NLRB enforcement activities, most of which take place with little media or public attention.

Along side the Spectrum Healthcare and Boeing actions, in recent weeks, the NLRB also has been busy with several other enforcement activities. For instance:

On May 9 2011, the NLRB issued a complaint against Hispanics United of Buffalo (HUB), a nonprofit that provides social services to low-income clients, that alleges that HUB unlawfully discharged five employees after they took to Facebook to criticize working conditions, including work load and staffing issues. The case involves an employee who, in advance of a meeting with management about working conditions, posted to her Facebook ; and
On May 17, the NLRB secured a temporary injunction from a U.S. District Court in San Jose California against San Jose area waste hauling company OS Transport LLC, charged with engaging in unfair labor practices including the termination of a lead organizer and another Union supporter, retaliation against Union efforts in the form of unfavorable assignments, threats to Union supporters, and promises of improved treatment of employees who disavow the Union for the alleged purpose of defeating a union. o offer reinstatement to two drivers and restore full assignments to other drivers who had expressed support for a union during an organizing campaign. More Details here.,

In addition, in recent weeks, the NLRB also has:

Sued the state of Arizona on amendment limiting method for choosing union representation on May 5, 2011;
Secured an order requiring a Milwaukee job training center to pay back pay and reinstate workers fired for complaining about bounced paychecks on May 3, 2011;
Ordered a concrete supplier to rehire employees in Indianapolis on May 2, 2011;
Found a New York egg processing plant of unlawful interference and ordered a third election ohm April 27, 2011; and
Secured a settlement from Build.com of unlawful dischrage charges for firing employee based on Facebook comments on April 20

Amid this difficult enforcement environment, business leaders should exercise special care to prepare to defend their actions against both potential organizing efforts, to understand the types of actions and activities that may help fuel charges, and take steps to manage these and other union organization and other labor risks.

For Help With Labor & Employment, Employee Benefits Or Other Risk Management and Defense

If you need assistance in auditing or assessing, updating or defending your labor and employment, employee benefits, compliance, risk manage or other internal controls practices or actions, please contact the author of this update, attorney Cynthia Marcotte Stamer here or at (469)767-8872.

Board Certified in Labor & Employment Law by the Texas Board of Legal Specialization, management attorney and consultant Ms. Stamer is nationally and internationally recognized for more than 23 years of work helping employers; employee benefit plans and their sponsors, administrators, fiduciaries; employee leasing, recruiting, staffing and other professional employment organizations; and others design, administer and defend innovative workforce, compensation, employee benefit and management policies and practices. Her experience includes extensive work helping employers implement, audit, manage and defend wage and hour and other workforce and internal controls policies, procedures and actions. The Chair of the American Bar Association (ABA) RPTE Employee Benefits & Other Compensation Committee, a Council Representative on the ABA Joint Committee on Employee Benefits, Government Affairs Committee Legislative Chair for the Dallas Human Resources Management Association, and past Chair of the ABA Health Law Section Managed Care & Insurance Interest Group, Ms. Stamer works, publishes and speaks extensively on wage and hour, worker classification and other human resources and workforce, employee benefits, compensation, internal controls and related matters. She also is recognized for her publications, industry leadership, workshops and presentations on these and other human resources concerns and regularly speaks and conducts training on these matters. Her insights on these and other matters appear in the Bureau of National Affairs, Spencer Publications, the Wall Street Journal, the Dallas Business Journal, the Houston Business Journal, and many other national and local publications. For additional information about Ms. Stamer and her experience or to access other publications by Ms. Stamer see here or contact Ms. Stamer directly.

About Solutions Law Press

Comments Off on Spectrum Healthcare NLRB Charge Settlement Highlights Need To Defend Against Possible Unfair Labor Practices & Other Union Exposures | 105(h), Absenteeism, ADA, Affirmative Action, Affordable Care Act, ARRA, Bankruptcy, Cafeteria Plans, Child Labor, CHIP, Claims Administration, COBRA, COBRA Subsidy, Corporate Compliance, Data Security, Defined Benefit Plans, Defined Contribution Plans, Disability, Disability, Disability Plans, Discrimination, Disease Management, Drug & Alcohol, E-Verify, EEOC, Employee Benefits, Employers, Employment Agreement, Employment Tax, ERISA, Excise Tax, Fair Labor Standards Act, family leave, Fiduciary Responsibility, FMLA, GINA, Government Contractors, H.R. 4872, Health Care Reform, Health Plans, HIPAA, Human Resources, I-9, Immigration, Income Tax, Insurance, Internal Controls, Internal Investigations, Labor Management Relations, Leave, Malpractice, medical leave, Medicare Part D, Mental Health, Mental Health Parity, Military Leave, Non-Compete, Non-Competition Agreement, Nonresident aliens, OFCCP, OSHA, Pandemic, Patient Empowerment, Patient Protection and Affordable Care Act, Payroll Tax, Preemption, Prescription Drugs, Privacy, Professional Liability, Protected Health Information, Public Policy, Refunds, Rehabilitation Act, Reporting & Disclosure, Restructuring, Retaliation, Retirement Plans, Risk Management, Safety, Sexual Harassment, Stimulus Bill, Swine Flu, Tax, Tax Credit, Tax Qualification, Telecommuting, Uncategorized, Unemployment Benefits, Unemployment Insurance, Union, USERRA, VEVRRA, Wage & Hour, Wellness, Wellness Programs, Whistleblower | Tagged: ADAAA, Americans With Disabiltiies Act, Employer, employment discrimination, facebook, HR, Human Resources, NLRA, social medial, unfair labor practices, Union | Permalink
Posted by Cynthia Marcotte Stamer

Health Plans & Employers Beware! $4.3 Million Civil Penalty Shows OCR Serious About HIPAA Enforcement

February 23, 2011

A $4.3 million civil monetary penalty (CMP) imposed by the U.S. Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) against Cignet Health of Prince George’s County, Md., (Cignet) signals the growing need for health plans and their sponsors, health care providers, health care clearinghouses and their business associates covered by the Health Insurance Portability & Accountability Act (HIPAA) Privacy Rule to get serious about HIPAA compliance.

The first CMP ever assessed by OCR under the HIPAA Privacy Rule, the Cignet CMP assessment announced February 22, 2011, the $4.3 million CMP against Cignet announced February 22, 2011 applies the expanded HIPAA violation categories and increased HIPAA civil monetary penalty amounts authorized as part of the expansion of HIPAA obligations and penalties enacted as part of the Health Information Technology for Economic and Clinical Health (HITECH) Act in 2009.

The Cignet penalty announcement is the latest in a series of developments documenting the rising risks that health care providers, health plans, health care clearinghouses and their business associates (“covered entities”) face for violations of HIPAA.

Even before the announcement of the Cignet CMP, the HIPAA Privacy exposures of covered entities for failing to comply with HIPAA already had risen significantly. While OCR had not assessed any civil monetary penalties against any covered entity for violation of HIPAA before Cignet, OCR’s collection of $1 Million from Rite Aid in a 2010 Resolution Agreement, $2.25 million from CVS Pharmacy, Inc. under a 2009 Resolution Agreement and $100,000 from Providence Health & Services under a 2008 Resolution Agreement demonstrated that covered entities could face significant civil liability for willful violations of the Privacy Rules. In addition, the Department of Justice has secured several criminal convictions or pleas under HIPAA’s criminal provisions. OCR data confirms that the covered entities involved in these actions included health care providers, health plans, and others.

Health plans and other covered entities as well as their business associates should tighten privacy policies, breach and other monitoring, training and other practices to mitigate against exposures in light of recently tightened requirements and new enforcement risks. To minimize the potential that the health plan’s sharing of information with the employer will create or spread HIPAA or other privacy risks to the employer or members of its workforce, employers and other plan sponsors and members of their workforce also should take steps to ensure not only that their health plan documents, policies and procedures, as well as those policies and practices applicable to employer, its human resources, and benefits advisors when accessing or handling health plan or other medical information on behalf of the employer, rather than the plan, are appropriately designed and administered.

Read more details and get tips here.

For Help With Investigations, Policy Review & Updates Or Other Needs

If you need assistance in auditing or assessing, updating or defending your HIPAA or other health plan, or other labor and employment, employee benefit, compensation, privacy and data security, or other internal controls and practices, please contact the author of this update, attorney Cynthia Marcotte Stamer here or at (469)767-8872.

Ms. Stamer, a noted Texas-based employee benefits and employment lawyer Board Certified in Labor & Employment Law by the Texas Board of Legal Specialization, will discuss HIPAA and other privacy risks and risk management strategies for employers, health and employee benefit plan sponsors and their administrators at the Southwest Benefits Association/IRS Plan Administrator Skills Workshops to be held February 25 in Dallas and March 4 in Houston.

For more than 23 years, Ms. Stamer has counseled, represented and trained employers and other employee benefit plan sponsors, plan administrators and fiduciaries, insurers and financial services providers, third party administrators, human resources and employee benefit information technology vendors and others privacy and data security, fiduciary responsibility, plan design and administration and other compliance, risk management and operations matters. She also is recognized for her publications, industry leadership, workshops and presentations on privacy and data security and other human resources, employee benefits and health care concerns. Her many highly regarded publications on privacy and data security concerns include “Privacy Invasions of Medical Care-An Emerging Perspective.” ERISA Litigation Manual. BNA, 2003-2009; “Privacy & Securities Standards-A Brief Nutshell.” BNA Tax Management and Compliance Journal. February 4, 2005; “Cybercrime and Identity Theft: Health Information Security beyond HIPAA.” ABA Health eSource. May, 2005 and many others. She also regularly conducts training on HIPAA and other privacy and data security compliance and other risk management matters for a broad range of organizations including the Association of State and Territorial Healthcare Organizations (ASTHO), the Los Angeles County Health Department, a multitude of health plans and their sponsors, health care providers, the American Bar Association, SHRM, the Society for Professional Benefits Administrators and many others.t Her insights on these and other matters appear in the Bureau of National Affairs, Spencer Publications, the Wall Street Journal, the Dallas Business Journal, the Houston Business Journal, and many other national and local publications. For additional information about Ms. Stamer and her experience or to access other publications by Ms. Stamer see here or contact Ms. Stamer directly.

About Solutions Law Press

Comments Off on Health Plans & Employers Beware! $4.3 Million Civil Penalty Shows OCR Serious About HIPAA Enforcement | ARRA, Employee Benefits, Employers, ERISA, Health Plans, HIPAA, Human Resources, Insurance, Internal Controls, Internal Investigations, Privacy, Protected Health Information, Stimulus Bill, Tax | Tagged: Employer, Health Plans, HIPAA, OCR, Privacy | Permalink
Posted by Cynthia Marcotte Stamer

Register Now For 8/24 2010 Health Plan Update Briefing

July 30, 2010

Learn If Your Plan Will Be Grandfathered Plan & What You Must Do Now To Meet Key 2010/2011 Affordable Care Act & Other Federal Health Plan Compliance Deadlines

A Solutions Law Press Live Internet Broadcast Briefing

August 24, 2010

10:00 A.M.-12:30 P.M. Eastern

11:00 A.M.- 1:30 P.M. Central

9:00 A.M-11:30 A.M. Pacific

Solutions Law Press invites you to catch up on the latest guidance about the new group health plan mandates imposed under the Patient Protection and Affordable Care Act (Affordable Care Act) and other federal health plan regulations by participating in a live “2010 Health Plan Update” internet[*] broadcast briefing on Tuesday, August 24 2010. The briefing will be conducted via live video broadcast from 11:00 A.M.-1:30 P.M. Central Time. Register here for a registration fee of $150.00[†] per participant.

Affordable Care Act Requires Prompt Action By Group Health Plans, Sponsors, Fiduciaries & Administrators

The Affordable Care Act and other impending federal health plan changes will require employment-based group health plans, their employer and other plan sponsors, plan fiduciaries, plan administrators and other service providers and insurers to make quick decisions and to act quickly to meet impending federal compliance deadlines while preserving flexibility. All employer and other group health plan sponsors, fiduciaries, insurers and administrators must act quickly to update their health plan documents, communications, insurance and vendor agreements and other practices to comply with new federal requirements that become effective under the Affordable Care Act on the first day of the plan year beginning after September 22, 2010 and various other changes in federal health plan rules effective or scheduled to take effect during 2010 or 2011 plan years. Many plan sponsors also may need to act quickly to cancel or revise plan design or vendor changes planned or already implemented since March 23, 2010 to position their health plan to qualify for grandfather status. Quick action also may be needed to claim small employer tax credits, retiree medical subsidies or other benefits.

Register Now To Get Key Information In August 24 Internet Briefing

The August 24, 2010 “2010 Health Plan Update” briefing will cover the latest guidance on Affordable Care Act and other federal health plan regulatory changes impacting employment-based group health plans and their sponsors for plan years beginning between September 23, 2010 and September 22, 2011 and other key information to help employers, group health plans, insurers, plan administrators, fiduciaries, broker and others working with these plans to understand and respond to these new requirements including:

How to qualify your health plan as a grandfathered plan under Affordable Care act
How to decide if maintaining grandfathered plan status is worthwhile
Claims & appeals requirements for grandfathered & non-grandfathered plans
Preventive care coverage mandates & wellness program requirements & rules under Affordable Care Act & other federal regulations
Updated dependent child eligibility, pre-existing condition & other requirements for grandfathered & non-grandfathered plans
Special enrollment, preexisting condition & other eligibility mandates for grandfathered & non-grandfathered plans under new Affordable Care Act, new FMLA, COBRA, Michelle’s Law, HIPAA & other federal regulations
Mental health & substance abuse, provider choice & other benefit mandates under Affordable Care Act, Mental Health Parity & other federal rules
Update on other recent & pending Affordable Care Act group health plan rule guidance
Tips to review & update your plans, vendor agreements & processes to meet Affordable Care Act & other federal group health plan dictates
Expected future Affordable Care Act & other federal rule changes & tips for preparing
Practical strategies for responding to new requirements & changing rules
Participant questions

About The Presenter

The program will be conducted by attorney Cynthia Marcotte Stamer. With more than 23 years of experience advising employers, group health plans, plan fiduciaries, plan administrators and vendors, insurers and others about health plan and managed care matters, Ms. Stamer is nationally known for her work, publications and presentations on health plan and other employee benefit, health care and insurance matters.

Current Chair of the American Bar Association (ABA) RPTE Employee Benefit & Other Compensation Committee, a Council Member of the ABA Joint Committee on Employee Benefits and Past Chair of the ABA Health Law Section Managed Care & Insurance Interest Group, Ms. Stamer continuously advises employers, health plans, plan sponsors, fiduciaries, plan administrators, plan vendors, insurers and others about health program related legal, operational, documentation, public policy, enforcement, privacy, technology, litigation and risk management and other concerns. Ms. Stamer also publishes and speaks extensively on these and other health and managed care program concerns and practices. Her insights on these and related topics have appeared in Atlantic Information Service, Bureau of National Affairs, World At Work, The Wall Street Journal, Business Insurance, Managed Healthcare, Health Leaders, various ABA publications and a many other national and local publications. To contact Ms. Stamer or for additional information about Ms. Stamer, her experience, involvements, programs or publications, contact Ms. Stamer at (469) 767-8872 or via e-mail here, or see here.

About Solutions Law Press

Solutions Law Press™ provides business risk management, legal compliance, management effectiveness and other resources, training and education on human resources, employee benefits, compensation, data security and privacy, health care, insurance, and other key compliance, risk management, internal controls and other key operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press resources available for review here. If you or someone else you know would like to receive future updates and notices about other upcoming Solutions Law Press events, please be sure that we have your current contact information – including your preferred e-mail- by creating or updating your profile at here. For important information concerning this communication click here. If you do not wish to receive these updates in the future, send an e-mail with the word ©2010 Solutions Law Press. All rights reserved.

[*] A limited number of participants on a space available basis will have the opportunity to participate in the briefing as a member of the live studio audio audience in Plano, Texas. Interested persons should e-mail support@solutionslawyer.net.

[†] Discounts available for groups registering three or more participants. Sponsorship opportunities also available. For information, E-mail support@solutionslawyer.net.

Comments Off on Register Now For 8/24 2010 Health Plan Update Briefing | ADA, Affordable Care Act, COBRA, Disease Management, Employee Benefits, Employers, ERISA, Excise Tax, family leave, Fiduciary Responsibility, FMLA, GINA, HIPAA, Human Resources, Insurance, Internal Controls, Leave, medical leave, Mental Health, Patient Protection and Affordable Care Act, Payroll Tax, Privacy, Protected Health Information, Risk Management, Tax, Wellness | Tagged: Affordable Care Act, COBRA, FLSA, GINA, grandfathered plan, Health Plan, HIPAA, Mental Health Parity, Michelle's Law | Permalink
Posted by Cynthia Marcotte Stamer

New Affordable Care Act Health Plan Appeals Regulations Require Health Plan Updates

July 23, 2010

Register For August 24^th 2010 Health Plan Update To Catch Up On Latest Federal Health Plan Regulations

Employer and other plan sponsors, administrators, and fiduciaries of non-grandfathered group health plans must move quickly to update their plan documents, administrative procedures and agreements, claims and other communications and other processes and procedures to comply with new regulations (Appeals Rules) implementing tightened health plan claims and appeals rules enacted under the Patient Protection & Affordable Care Act (Affordable Care Act) jointly published by the U.S. Departments of Health & Human Services (HHS), Labor (DOL) and Treasury yesterday (July 23, 2010). The new Appeals Rules are the latest in a wave of new Affordable Care Act and other federal regulations that require quick action by employment based health plans, their employer and other sponsors, fiduciaries, administrators and insurers. Regulations issued in previous weeks by the Departments define when health plans and health insurance policies qualify as “grandfathered” under the Affordable Care Act and interpret and implement many other federal health plan rule changes enacted by the Affordable Care Act. In addition to responding to these Affordable Care Act changes, most group health plans also will require updates in response to other federal health plan rule changes beyond those enacted under the Affordable Care Act. To assist concerned business leaders, plan fiduciaries and plan administrators to understand and cope with these new rules, Solutions Law Press invites you to participate in the live “2010 Health Plan Update,” internet workshop on August 24, 2010 from 11:00 a.m.-1:30 p.m. Central Time. To register or for other details, see here.

Affordable Care Act Appeals Rules & Other Federal Claims & Appeals Regulations Make Prompt Plan Review & Update Advisable

Currently, all group health plans covered by the Employee Retirement Income Security Act (ERISA) must prudently process and administer claims and appeals using reasonable claims and appeals procedures that comply with detailed Labor Department regulations. Recent Supreme Court and other decisions send a strong signal that many group health plans, their insurers, and administrators need to tighten their existing documentation and practices to promote the defensibility of claims and appeal decision making under the existing requirements of ERISA and the existing Labor Department regulations implementing these requirements. These existing claims and appeals requirements generally will continue to apply to all ERISA-covered group health plans without regard to whether the group health plan qualifies as grandfathered or non-grandfathered for purposes of the affordable care act.

The new requirements generally will apply to claims denials and coverage rescissions made by non-grandfathered health plans beginning with the first plan year beginning after September 22, 2010. Furthermore, non-grandfathered group and individual health policies subject to the Appeals Rules also may continue to be required to comply with state-mandated external and/or independent review and other state-imposed claims and appeals procedures.

In addition to complying with existing claims and appeals requirements, the new Appeals Rules also will require that non-grandfathered health plans modify existing claims and appeals procedures to comply with new federal appeals protections mandated under the Affordable Care Act. The Appeals Rules requirements for internal claims and appeals processes generally will apply to any denial, reduction, or termination of, or failure to provide or make a payment (in whole or in part) for a benefit, including any:

Rescission of coverage as defined in the regulations restricting rescissions
Determination of an individual’s eligibility to participate in a plan or health insurance coverage
Determination that a benefit is not a covered benefit
Imposition of a preexisting condition exclusion, source-of-injury exclusion, network exclusion, or other limitation on otherwise covered benefits
Determination that a benefit is experimental, investigational, or not medically necessary or appropriate
Other denial, reduction, or termination of, or a failure to provide or make a payment (in whole or in part) for a benefit can include both pre-service claims (for example, a claim resulting from the application of any utilization review), as well as post-service claims and
Any other instance where a plan pays less than the total amount of expenses submitted with regard to a claim, including a denial of part of the claim due to the terms of a plan or health insurance coverage regarding co-payments, deductibles, or other cost-sharing requirements.

When applicable, the new Appeals Rules among other things will require that non-grandfathered group health plans and insurers issuing non-grandfathered health insurance plans and policies:

Implement specified internal and external review procedures
Must continue to provide continued coverage pending the outcome of an internal appeal
Comply with the Appeals Rules’ additional criteria for ensuring that a claimant receives a full and fair review in addition to complying with the requirements of existing Labor Department claims and appeals procedures.

Highlights of some of these fair review requirements include:

Timely allowing a claimant to review the claim file and to present evidence and testimony as part of the internal claims and appeals process
Before issuing a final internal adverse benefit determination based on a new or additional rationale, timely proving the claimant free of charge, with the rationale
Complying with the Appeals Rules’ requirements for ensuring that all claims and appeals are adjudicated in a manner designed to ensure the independence and impartiality of the persons involved in making the decision
Providing certain notifications regarding appeals and other rights as required by the Appeals Rules

The Appeals Rules also state that if a plan or issuer that fails to strictly adhere to all of its requirements with respect to a claim, the claimant may initiate an external review and pursue any available remedies under applicable law, such as judicial review regardless of whether the plan or issuer asserts that it substantially complied with these requirements or that any error it committed was de minimis.

Both Grandfathered & Non-Grandfathered Plans Should Review Existing Claims & Appeals Procedures For Compliance With Existing Labor Department Regulations

Grandfathered health plans will not be required to comply with the new Appeals Rules. Like non-grandfathered plans, however, grandfathered plans will remain covered by the current claims and appeals requirements of ERISA and the existing Labor Department regulations. Along the Labor Department updated its existing claims and appeals regulations a decade ago, many plan fiduciaries, administrators and insurers have failed to fully update their plan documentation, processes and notifications to comply with these highly specific and detailed requirements. Furthermore, most grandfathered health plan sponsors and administrators also will want to consider whether any tightening of their health plan’s claims and appeals processes is warranted by language contained in the preamble to the Appeals Rules that that clarifies the Labor Department’s interpretation of existing claims and appeals procedures.

Other Affordable Care Act & Other Health Plan Rule Changes Require Prompt Action By Group Health Plans, Sponsors, Fiduciaries & Administrators

The Appeals Rules are the latest in a series of recently-issued guidance implementing various health coverage requirements of the Affordable Care Act. It follows closely the publication by the Agencies of regulations about when group health plans and insurance qualify as “grandfathered plans” for purposes of determining deadlines for complying with certain health care reform requirements imposed under the Affordable Care Act and a series of other regulations construing and implementing various other Affordable Care Act requirements. For additional information about these other Affordable Care Act requirements, see here.

These Affordable Care Act and other impending federal health plan changes will require employment-based group health plans, their employer and other plan sponsors, plan fiduciaries, plan administrators and other service providers and insurers to make quick decisions and to act quickly to meet impending federal compliance deadlines while preserving flexibility.

All employer and other group health plan sponsors, fiduciaries, insurers and administrators should be prepared to act quickly to update their health plan documents, communications, insurance and vendor agreements and other practices to comply with new federal requirements that become effective under the Affordable Care Act on the first day of the plan year beginning after September 22, 2010 and various other changes in federal health plan rules effective or scheduled to take effect during 2010 or 2011 plan years. Many plan sponsors also may need to act quickly to cancel or revise certain design or vendor changes planned or already implemented since March 23, 2010 to position their health plan to qualify for grandfather status. Quick action also may be needed to preserve options to claim small employer tax credits, retiree medical subsidies or other opportunities.

August 24 “2010 Health Plan Update” Internet Workshop Provides Key Information

How to qualify your health plan as a grandfathered plan under Affordable Care act
How to decide if maintaining grandfathered plan status is worthwhile
Claims & appeals requirements for grandfathered & non-grandfathered plans
Preventive care coverage mandates & wellness program requirements & rules under Affordable Care Act & other federal regulations
Updated dependent child eligibility, pre-existing condition & other requirements for grandfathered & non-grandfathered plans
Special enrollment, preexisting condition & other eligibility mandates for grandfathered & non-grandfathered plans under new Affordable Care Act, new FMLA, COBRA, Michelle’s Law, HIPAA & other federal regulations
Mental health & substance abuse, provider choice & other benefit mandates under Affordable Care Act, Mental Health Parity & other federal rules
Update on other recent & pending Affordable Care Act group health plan rule guidance
Tips to review & update your plans, vendor agreements & processes to meet Affordable Care Act & other federal group health plan dictates
Expected future Affordable Care Act & other federal rule changes & tips for preparing
Practical strategies for responding to new requirements & changing rules
Participant questions

To register or get additional information, see here.

About The Author

Board Certified in Labor & Employment Law by the Texas Board of Legal Specialization, management attorney and consultant Ms. Stamer is nationally and internationally recognized for more than 23 years of work helping employer and other plan sponsors, insurers, administrators, fiduciaries, governments and others design, administer and defend innovative health and other employee benefit programs and other human resources, compensation and management policies and practices. Chair of the American Bar Association (ABA) RPTE Employee Benefits & Other Compensation Committee, a Council Representative on the ABA Joint Committee on Employee Benefits, Government Affairs Committee Legislative Chair for the Dallas Human Resources Management Association, past Chair of the ABA Health Law Section Managed Care & Insurance Interest Group, Ms. Stamer also is recognized for her publications, industry leadership, workshops and presentations on these and other health industry and human resources concerns. You can review other highlights of Ms. Stamer’s experience here. If you need help with human resources or other management, concerns, wish to ask about compliance, risk management or training, or need legal representation on other matters please contact Cynthia Marcotte Stamer here or (469)767-8872.

Solutions Law Press & Other Solutions Law Press Resources

If you found this information of interest, you also may be interested in reviewing other recent Solutions Law Press updates including:

If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information – including your preferred e-mail – by creating or updating your profile here or e-mailing this information here or registering to receive our Solutions Law Press distributions here. For important information about this communication click here. If you do not wish to receive these updates in the future, send an e-mail with the word “Remove” in the Subject to here.

Comments Off on New Affordable Care Act Health Plan Appeals Regulations Require Health Plan Updates | Affordable Care Act, COBRA, COBRA Subsidy, Employee Benefits, Employers, ERISA, family leave, Fiduciary Responsibility, FMLA, H.R. 4872, Health Care Reform, Health Plans, Human Resources, Insurance, Leave, medical leave, Mental Health, Mental Health Parity, Patient Protection and Affordable Care Act, Protected Health Information, Tax, Wellness, Wellness Programs | Tagged: Affordable Care Act, Appeals, Claims, Claims Procedures, ERISA, Health Care Reform. Health Plans, Health Insurance, Health Plans | Permalink
Posted by Cynthia Marcotte Stamer

CMS & ONC To Co-Host 7/22 ONC Certification & Medicare/Medicaid EHR Incentive Program Audio Training

July 19, 2010

The Centers for Medicare & Medicaid Services (CMS) and the Office of the National Coordinator for Health Information Technology (ONC) will co-host an Audio Training on the Final Rules for ONC Certification and Medicare and Medicaid EHR Incentive Programs on July 22, 2010 from 2:00-3:30 pm EST.

During the training, the Agencies plan to discuss:

Benefits of HIT
Summary of the final rules
ONC temporary certification process
ONC initial set of standards and implementation specifications
Medicare and Medicaid EHR Incentives Programs including the initial definition of meaningful Use

To join the audio training, dial 1-877-251-0301 and enter the Conference ID pass code: 87841621

Materials will be made available prior to the training at the following web address here.

For more information about CMS EMR incentives, see here.

About The Author

The author of numerous highly regarding publications on HIPAA and other health care IT related matters, Ms. Stamer works extensively with employer and other health plan sponsors, fiduciaries, administrative and other service providers, insurers, and other clients on health benefit program and product design, documentation, administration, compliance, risk management, and public policy matters. The publisher of Solutions Law Press, Ms. Stamer also publishes, conducts training and speaks extensively on these and related concerns for the ABA, the Bureau of National Affairs and many other organizations.

The Chair of the American Bar Association (ABA) RPTE Employee Benefits & Other Compensation Committee, a Council Representative on the ABA Joint Committee on Employee Benefits, Government Affairs Committee Legislative Chair for the Dallas Human Resources Management Association, past Chair of the ABA Health Law Section Managed Care & Insurance Interest Group, and the editor and publisher of Solutions Law Press HR & Benefits Update and other Solutions Law Press Publications, Ms. Stamer also is recognized for her publications, industry leadership, workshops and presentations on these and other HIPAA, EMR and other health technology, health industry and human resources concerns. She regularly speaks and conducts training for the ABA, Institute of Internal Auditors, Society for Professional Benefits Administrators, Southwest Benefits Association and many other organizations. Publishers of her many highly regarded writings on health industry and human resources matters include the Bureau of National Affairs, Aspen Publishers, ABA, AHLA, Aspen Publishers, Schneider Publications, Spencer Publications, World At Work, SHRM, HCCA, State Bar of Texas, Business Insurance, James Publishing and many others. You can review other highlights of Ms. Stamer’s experience here. Her insights on these and other matters appear in Managed Care Executive, Modern Health Care, the Wall Street Journal, the Dallas Business Journal, the Houston Business Journal, MDNews, Kentucky Physician, and many other national and local publications.

If you need help with human resources or other management, concerns, wish to ask about compliance, risk management or training, or need legal representation on other matters please contact Cynthia Marcotte Stamer here or (469)767-8872.

Other Resources

If you found this information of interest, you also may be interested in reviewing other recent Solutions Law Press updates including:

Comments Off on CMS & ONC To Co-Host 7/22 ONC Certification & Medicare/Medicaid EHR Incentive Program Audio Training | Affordable Care Act, Data Security, Employee Benefits, Employers, ERISA, Health Plans, HIPAA, Human Resources, Insurance, Internal Controls, Medicare Part D, Patient Protection and Affordable Care Act, Protected Health Information, Public Policy | Tagged: ARRA, EHR, electronic health records, Electronic Medical Records, EMR, Health IT, Health Plans, HIPAA, HITECH Act | Permalink
Posted by Cynthia Marcotte Stamer

Stamer Speaks June 9 On “Health Care Reform’s Implications For Employers, Health Plans & Employee Benefits Practitioners” In Houston

May 19, 2010

Cynthia Marcotte Stamer will discuss “Health Care Reform’s Implications for Employers, Health Plans and Employee Benefits Practitioners” at the June 9, 2010 meeting of Houston WEB. The program is scheduled for Wednesday, June 9, 2010 at the DoubleTree Guest Suites, 5353 Westheimer, Houston, Texas from 11:30 a.m. to 1:30 pm.

Narrowly passed by Congress in March after a year of contentious debate, the comprehensive health care reform legislation imposes a complex array of reforms impacting employment based health plans, employers, and the insurers and other vendors and administrators of these programs. Ms. Stamer will explore key elements of these reforms impacting employers and employment based health coverage and their implications for employers, employment based health plans, and employee benefits and other attorneys providing advice about these arrangements.

To register or for more information about this event, see here. If you need assistance reviewing or responding to these or other employee benefit, compensation or labor and employment concerns, contact the author of this update, Cynthia Marcotte Stamer, for assistance at (469) 767-8872 or here.

About Ms. Stamer

Board Certified in Labor & Employment Law by the Texas Board of Legal Specialization, management attorney and consultant Ms. Stamer is nationally and internationally recognized for more than 23 years of work helping businesses manage labor and employment, employee benefits, performance management and discipline, compliance and internal controls, risk management, and public policy matters including significant, cutting edge experience advising employer and other health plan sponsors, fiduciaries, insurers, administrators and others design, administer, and defend defensible, cost-effective health and other employee benefit programs.

As a core focus of her practice, Ms. Stamer works extensively with employer and other health plan sponsors, fiduciaries, administrative and other service providers, insurers, and other clients on health benefit program and product design, documentation, administration, compliance, risk management, and public policy matters. The publisher of Solutions Law Press, Ms. Stamer also publishes, conducts training and speaks extensively on these and related concerns for the ABA, the Bureau of National Affairs and many other organizations. Please join us for what promises to be a most interesting discussion

The Chair of the American Bar Association (ABA) RPTE Employee Benefits & Other Compensation Committee, a Council Representative on the ABA Joint Committee on Employee Benefits, Government Affairs Committee Legislative Chair for the Dallas Human Resources Management Association, past Chair of the ABA Health Law Section Managed Care & Insurance Interest Group, and the editor and publisher of Solutions Law Press HR & Benefits Update and other Solutions Law Press Publications, Ms. Stamer also is recognized for her publications, industry leadership, workshops and presentations on these and other health industry and human resources concerns. She regularly speaks and conducts training for the ABA, Institute of Internal Auditors, Society for Professional Benefits Administrators, Southwest Benefits Association and many other organizations. Publishers of her many highly regarded writings on health industry and human resources matters include the Bureau of National Affairs, Aspen Publishers, ABA, AHLA, Aspen Publishers, Schneider Publications, Spencer Publications, World At Work, SHRM, HCCA, State Bar of Texas, Business Insurance, James Publishing and many others. You can review other highlights of Ms. Stamer’s experience here. Her insights on these and other matters appear in Managed Care Executive, Modern Health Care, the Wall Street Journal, the Dallas Business Journal, the Houston Business Journal, MDNews, Kentucky Physician, and many other national and local publications.

Other Resources

If you found this information of interest, you also may be interested in reviewing other updates and publications by Ms. Stamer including:

Comments Off on Stamer Speaks June 9 On “Health Care Reform’s Implications For Employers, Health Plans & Employee Benefits Practitioners” In Houston | Affordable Care Act, CHIP, COBRA, COBRA Subsidy, Corporate Compliance, Employee Benefits, Employers, Employment Tax, ERISA, Fiduciary Responsibility, FMLA, HIPAA, Human Resources, Insurance, Internal Controls, Medicare Part D, Mental Health, Mental Health Parity, Payroll Tax, Prescription Drugs, Privacy, Protected Health Information, Public Policy, Risk Management, Tax, Uncategorized, Wellness, Wellness Programs | Tagged: Affordable Care Act, Employee Benefits, Employers, ERISA, Fiduciary, Health Care Reform, Health Insurance, Health Plan, Health Plans, Insurer | Permalink
Posted by Cynthia Marcotte Stamer

CBO Raises Estimated Cost of Health Care Reforms As Employers, Health Plans Brace Costs Of Newly Effective & Impending Mandates

May 15, 2010

By Cynthia Marcotte Stamer

New analysis released Tuesday, May 11 by the non-partisan Congressional Budget Office shows H.R. 3590, the Patient Protection and Affordable Care Act, Public Law 111-148 (Health Care Reform Law) passed in March will cost $115 Billion more than originally estimated in the CBO’s March 15, 2010 discretionary spending analysis. News of the cost estimate increase comes as U.S. employer and other health plan sponsors, insurers and others are bracing for the first wave of new federal health plan mandates enacted as part of the Health Care Reform Law to take effect in September and a host of other federal mandates previously enacted that take effect in the 2009 and 2010 plan years.

Projected Cost of Health Care Reform Increased

According to CBO, additional information about the potential effects of the Health Care Reform Law on spending funded through the annual appropriation process (discretionary spending). By their nature all such potential effects on discretionary spending are subject to future appropriation actions, which could result in greater or smaller costs than the sums authorized by the legislation. While still limited in certain respects, the updated CBO analysis provides information on the major components of such costs in three general categories:

The costs that will be incurred by federal agencies to implement the new policies established by the Health Care Reform Law, such as administrative expenses for the Department of Health and Human Services and the Internal Revenue Service for carrying out key requirements of the legislation.
Explicit authorizations for future appropriations for a variety of grant and other program spending for which the act identifies the specific funding levels it envisions for one or more years. (Such cases include provisions where a specified funding level is authorized for an initial year along with the authorization of such sums as may be necessary for continued funding in subsequent years.)
Explicit authorizations for future appropriations for a variety of grant and other program spending for which no specific funding levels are identified in the legislation. That type of provision generally includes legislative language that authorizes the appropriation of “such sums as may be necessary,” often for a particular period of time.

According to the updated analysis, CBO estimates that total authorized costs in the first two categories probably exceed $115 billion over the 2010-2019 period. CBO still does not have an estimate of the potential costs of authorizations in the third category.

CBO previously issued an estimate of the Health Care Reform Law’s direct spending and revenue effects in combination with the Reconciliation Act of 2010 (Public Law 111-152), which amended it. (Direct spending effects are those that do not require subsequent appropriation action.) CBO estimated that those two laws, in combination, would produce a net reduction in federal deficits of $143 billion over the 2010-2019 period as a result of changes in direct spending and revenues.

Impending Federal Health Plan Mandate Changes Bring New Costs, Risks Now

CBO’s adjustment to its cost projections comes as U.S. employers and insurers already are bracing to cope with a host of new federally imposed health plan mandates and accompanying costs that already have or will in the next 12-months impact their existing health benefit programs. Examples of these new mandates include:

COBRA Stimulus Bill Premium Subsidy and Other Mandates
New FMLA and USERRA Coverage Continuation Mandates
Dependent Care Coverage Extension Mandates For Students Requiring Medical Leave Effective
Genetic and Other Disability Discrimination Mandates under GINA, ADA Amendments Act of 2008, HIPAA Portability and Other Federal Mandates
Expanded Mental Health Parity Mandates
HIPAA Data Breach and Other Protected Health Information Privacy and Data Security Mandates
New IRS Excise Tax Self-Assessment & Reporting Mandates For Plans Violating COBRA, Mental Health Parity and Wide Range of Other Federal Mandates
Changes To Retiree Medical Subsidy Rules
Early Retiree Medical Reinsurance Program For Employers Providing Qualifying Retiree Coverage
New Small Employer Tax Credit Rules
Mandated extension of dependent coverage to age 26
Prohibition of Pre-Existing Condition Limits on Dependent Coverage
New restrictions on annual and lifetime benefit limitations
Mandate to cover 100% of preventative care
Prohibition against coverage rescissions
Primary Care Physician choice mandates
Restrictions on coverage limitations for emergency and obstetrical care
Extension of Internal Revenue Code Section 105(h) nondiscrimination mandates to certain insured health plans
Many others

Employer and other health plan sponsors, their insurers, administrators and others responsible for updating and administering group and other health plans must move immediately to meet these evolving mandates while bracing for anticipated increased costs and other obligations expected to result as the Health Care Reform Law takes effect over the next few years. Employers, administrators and insurers needing additional information about these changes can review the resources and training materials available here and/or contact the author of this update, attorney and consultant Cynthia Marcotte Stamer, for assistance at (469) 767-8872 or here

Responsible & Prompt Action Needed

Employer and other health plan sponsors, administrators, fiduciaries and insurers both should act quickly to update their programs, plan documents, communications and practices to comply with federal mandates that have and are scheduled to take effect and stay involved with regulators and Congress as the regulatory rules and processes to implement the Health Care Reform Law are developing. Ultimately, the cost and other implications of the Health Care Reform Law will depend largely upon how its provisions are construed and implemented by federal and state regulators, along with any subsequent adjustments, if any that Congress may elect to enact. With federal officials hard at work preparing implementing regulations and other guidance and procedures, health industry leaders and other concerned Americans should stay informed and continue to share their input on these critical issues as these decisions are shaped. Join the discussion by participating in the Coalition For Responsible Health Care Policy linked in group and/or its subgroup, Project COPE: Coalition for Patient Empowerment and/or register to receive updates Coalition for Responsible Heath Care Policy by RSS Feed.Coalition for Responsible Health Care Policy Coalition for Responsible Health Care Policy Coalition for Responsible Health Care Policy

The author of this update, Cynthia Marcotte Stamer, recently has conducted briefings on the implications of the Affordable Care Act and other regulatory changes impacting health plans and their employer and other sponsors, insurers, administrators and others for the Society of Professional Benefits Administrators, the Dallas Bar Association and others. Several other presentations and update are scheduled in the upcoming months. For information about these programs or to register to receive information about these programs, see here.

About Ms. Stamer

Board Certified in Labor & Employment Law by the Texas Board of Legal Specialization, management attorney and consultant Ms. Stamer is nationally and internationally recognized for more than 22 years of work helping businesses manage labor and employment, employee benefits, performance management and discipline, compliance and internal controls, risk management, and public policy matters including significant, cutting edge experience advising employer and other health plan sponsors, fiduciaries, insurers, administrators and others design, administer, and defend defensible, cost-effective health and other employee benefit programs.

The Chair of the American Bar Association (ABA) RPTE Employee Benefits & Other Compensation Committee, a Council Representative on the ABA Joint Committee on Employee Benefits, Government Affairs Committee Legislative Chair for the Dallas Human Resources Management Association, Vice President of the North Texas Health Care Compliance Professionals Association, past Chair of the ABA Health Law Section Managed Care & Insurance Interest Group, and the editor and publisher of Solutions Law Press HR & Benefits Update and other Solutions Law Press Publications Ms. Stamer also is recognized for her publications, industry leadership, workshops and presentations on these and other health industry and human resources concerns. She regularly speaks and conducts training for the ABA, American Health Lawyers Association (AHLA), Health Care Compliance Association, Institute of Internal Auditors, Harris County Medical Society, the Medical Group Management Association, Society for Professional Benefits Administrators, Southwest Benefits Association, Harris County Medical Society, Medical Group Management Association, Society of Human Resources Management, and many other organizations. Publishers of her many highly regarded writings on health industry and human resources matters include the Bureau of National Affairs, Aspen Publishers, ABA, AHLA, Aspen Publishers, Schneider Publications, Spencer Publications, World At Work, SHRM, HCCA, State Bar of Texas, Business Insurance, James Publishing and many others. You can review other highlights of Ms. Stamer’s experience here. Her insights on these and other matters appear in Managed Care Executive, Modern Health Care, the Wall Street Journal, the Dallas Business Journal, the Houston Business Journal, MDNews, Kentucky Physician, and many other national and local publications.

Other Resources

If you found this information of interest, you also may be interested in reviewing other updates and publications by Ms. Stamer including:

Comments Off on CBO Raises Estimated Cost of Health Care Reforms As Employers, Health Plans Brace Costs Of Newly Effective & Impending Mandates | Affordable Care Act, ARRA, CHIP, COBRA, COBRA Subsidy, Disease Management, Employee Benefits, Employers, Employment Tax, ERISA, Excise Tax, family leave, Fiduciary Responsibility, FMLA, GINA, H.R. 4872, Health Plans, HIPAA, Human Resources, Income Tax, Leave, medical leave, Medicare Part D, Mental Health, Mental Health Parity, Military Leave, Payroll Tax, Prescription Drugs, Privacy, Protected Health Information, Public Policy, Risk Management, Stimulus Bill, Tax, Uncategorized, Wellness | Tagged: Affordable Care Act, dependent coverage, Employer, Health Care Reform, Health Plans, Insurer, Mental Health Parity, preexisting condition | Permalink
Posted by Cynthia Marcotte Stamer

Health Plans & Business Associates Face 2/17 Deadline To Update Policies, Contracts & Procedures For HIPAA Privacy Rule Changes

February 15, 2010

Connecticut AG Lawsuit Highlights Expanding Civil Damage Exposure Risks Of Noncompliance

By Cynthia Marcotte Stamer

By Wednesday, February 17, 2010, employer and other health plans and health insurers (“covered entities”) and service providers performing functions on behalf of these entities (“business associates”) must begin complying with tighter federal requirements for the use, access, protection and disclosure of protected health information under Privacy & Security Standards of the Health Insurance Portability & Accountability Act (HIPAA), as amended by the Health Information Technology for Economic and Clinical Health Act (HITECH Act). The changes scheduled to take effect February 17, 2010 are likely to require that health plans and their business associates update their written policies, operational procedures, privacy notices and business associate agreements in several respects.

While the HITECH Act gave covered entities and business associates a year to complete the necessary arrangements to comply with these impending HITECH Act changes, many health plans and business associates have not completed the necessary arrangements despite expanding liability exposures that can result from noncompliance. To mitigate these exposures, covered entities and their business associates should act quickly both to update their services agreements, plans and policies, practices, and procedures, and to implement the training, oversight, and other management procedures necessary to comply with the HITECH Act changes and to mitigate other HIPAA risks.

2/17/10 Deadline To Comply With HITECH Act HIPAA Amendments

On February 17, 2010, health plans and other covered entities and their business associates will become subject to the latest to take effect in a series of amendments to the HIPAA enacted under the HITEC Act. The new rules are part of a broader series of changes to HIPAA made by the HITECH Act that collectively both significantly expand the obligations of covered entities and their business associates to regarding the use, protection and disclosure of protected health information and the liability exposures that can result when covered entities or business associates violate these requirements.

The changes scheduled to take effect February 17, 2010 are likely to require that health plans and their business associates update their written policies, operational procedures, privacy notices and business associate agreements in several respects. For instance, effective February 17, 2010, the HITECH Act generally requires that covered entities and their business associates revise their written privacy policies, privacy notices and operating procedures:

To meet expanded requirements to honor individual’s requests for special restrictions on uses and disclosures of protected health information to health plans for payment purposes
To restrict protected health information disclosures to the minimum necessary required to accomplish otherwise allowable purpose;
To comply with new rules that require that the covered entity and its business associates treat any use, access or disclosure of any protected health information made for purposes of making communications about products or services as made for marketing, rather than operational, purposes which are prohibited by HIPAA except where HIPAA’s requirements are met;
To comply with new restrictions on certain fundraising communications made for operational purposes including expanded obligations to allow recipients to opt out of further fundraising communications;
To prohibit covered entities or business associates from selling protected health information without meeting the amended requirements of HIPAA that a valid HIPAA authorization from the subject of the information and specific reassurances from the purchaser concerning its subsequent use of the protected health information except as otherwise permitted by HIPAA;
To take into account these tightened restrictions on the use, access or disclosure of protected health information for purposes of complying with new HITECH Act breach notification requirements that took effect in September, 2009, which apply when a covered entity or its business associate knows or should know a breach of “unsecured protected health information” has occurred and for purposes of making the necessary changes in written policies and business associate agreements, training and operational procedures necessary to comply with these rules;
To directly require business associates comply with HIPAA’s requirements in the same manner as other covered entities and make it necessary or advisable that that service provider agreements between health plans and business associates be updated to reflect these and other changes to HIPAA; and
To implement the necessary written policy changes, notification updates, business associate agreement amendments, training, management oversight and other procedural changes necessary to demonstrate fulfillment with these requirements.

Noncompliance with these and other HIPAA requirements subjects covered entities and business associates to civil penalties, criminal prosecution, civil damage awards under lawsuits brought by state attorneys general, and other legal remedies. In addition, timely update written policies, procedures, business associate agreements, training and documentation is imperative in order for covered entities and their business associates to fulfill their breach notification obligations under new rules enacted as part of the HITECH Act.

Under the HITECH Act, health plans and other covered entities and their business associates have been obligated since September 23, 2009 to notify individuals who are the subject of protected health information, the Department of Health & Human Services and in some cases the media if and when a breach of “unsecured protected health information occurs. Failing to timely update written policies, procedures and training increases the likelihood that health plans, other covered entities or business associates will be obligated to provide breach notifications under these new rules, in addition to their otherwise applicable exposures under HIPAA.

HIPAA Enforcement & Liability Exposures Real and Rising

Health plans and other covered entities, their business associates and others involved in health plan design and operations generally should resist the temptation to underestimate their potential HIPAA exposure based on the limited enforcement of HIPAA by the Office of Civil Rights between 2003 and 2009 for a variety of reasons.

First, the changes taking effect on February 17, 2010 follow the implementation changes to HIPAA’s civil and criminal sanctions that took effect on February 17, 2009, when President Obama signed the HITECH Act into law and the new breach notification requirements added by the HITECH Act that took effect on September 23, 2009. The HITECH Act amendments to HIPAA’s remedies significantly increase the risk that health plans and other covered entities and their business associates will face civil lawsuits, civil or criminal penalties or other consequences for violating HIPAA.

The expanded risks stem in part from the HITECH Act’s amendments to HIPAA’s remedy provisions. Among other things, the HITECH Act amended HIPAA to:

Allow a State Attorney General to sue health plans or other covered entities, business associates or both that harm state citizens by committing HIPAA violations after February 16, 2009;
Expand the mandate by the Office of Civil Rights to investigate violations and audit compliance with HIPAA;
Require Office of Civil Rights to impose civil sanctions against health plans and other covered entities and their business associates involved in violations of HIPAA in accordance with tightened standards added to HIPAA by the HITECH Act;
Revise the criminal sanctions that the Department of Justice can seek against health plans and other covered entities, their business associates and others for violations of HIPAA;
Amend HIPAA to make clear that HIPAA’s criminal sanctions also can imposed on business associates, workforce members and other persons that improperly use, access and disclose protected health information in violation of HIPAA.

A HIPAA civil lawsuit filed on January 13, 2010 demonstrates the willingness of at least some states to exercise the new authority created by the HITECH Act on February 17, 2009 to sue covered entities and business associates that violate HIPAA for civil damages.

The HITECH Act empowers a state attorney general to sue covered entities or business associates engaging in HIPAA violations that harms citizens of the state for statutory damages equal to the sum of the number of violations multiplied by 100 up to a maximum of $25,000 per calendar year plus attorneys fees and costs

On January 13, 2010 Connecticut Attorney General Richard Blumenthal sued Health Net of Connecticut, Inc. (Health Net) for failing to secure private patient medical records and financial information involving 446,000 Connecticut enrollees and promptly notify consumers endangered by the security breach. The suit also names UnitedHealth Group Inc. and Oxford Health Plans LLC, who have acquired Health Net. The first attorney general enforcement action brought based on amendments made to HIPAA under the HITECH Act, Connecticut charges that Health Net violated HIPAA by failing to safeguard protected medical records and financial information on almost a half million Health Net enrollees in Connecticut then allowing this information to remain exposed for at least six months before notifying authorities and consumers.

Even before the HITECH Act amendments, however, the Office of Civil Rights and Department of Justice already were stepping up HIPAA investigation and enforcement. The Department of Justice has obtained a variety of criminal convictions against violators of HIPAA. See, e.g., 2 New HIPAA Criminal Actions Highlight Risks From Wrongful Use/Access of Health Information. Meanwhile, the Office of Civil Rights in February, 2009 announced that CVS Pharmacies, Inc. would pay $2.25 million to resolve HIPAA charges. This announcement followed the Office of Civil Rights announcement in July, 2008 that Providence Health Care would pay $100,000 to resolve HIPAA violation charges. While not resulting in the significant payments involved in CVS or Providence, the Office of Civil Rights also taken HIPAA enforcement actions against a broad range of other covered entities to redress HIPAA violations or other compliance concerns. To review examples of these other actions, see here.

Along side these governmental actions, state courts also increasingly are willing to allow individual plaintiffs to rely on violations of HIPAA as the basis for bringing state privacy, retaliation or other actions. While prior to the recent HITECH Act amendments, federal courts had ruled that private plaintiffs could not sue under HIPAA for damages they incurred from a covered entity’s violation of HIPAA, state courts have allowed private plaintiff’s to use the obligations imposed by HIPAA as the basis of a covered entity’s duty for purposes of certain state law lawsuits. In Sorensen v. Barbuto, 143 P.3d 295 (Utah Ct. App. 2006), for example, a Utah appeals court ruled a private plaintiff could use HIPAA standards to establish that a physician owed a duty of confidentiality to his patients for purposes of maintaining a state law damages claim. Similarly, the Court in Acosta v. Byrum, 638 S.E. 2d 246 (N.C. Ct. App. 2006) ruled that a plaintiff could use HIPAA to establish the “standard of care” in a negligence lawsuit. Meanwhile, private plaintiffs employed by covered entities also are increasingly pointing to HIPAA as the basis for their retaliation claims. See, e.g., Retaliation For Filing HIPAA Complaint Recognized As Basis For State Retaliatory Discharge Claim. Coupled with the HITECH Act changes, these and other enforcement actions signal growing potential hazards for covered entities and their business associates that fail to properly manage their HIPAA compliance obligations and risks.

Health Plans & Business Associates Should Take Timely Action To Comply & Manage Risks

As a consequence of these collective HITECH Act changes and growing HIPAA-related exposures, both health plans and business associates generally will find it necessary or advisable among other things to:

Conduct well-documented due diligence on each other’s practices and procedures to improve their ability to demonstrate both their commitment to compliance and their realistic efforts to ensure that these commitments are operationalized in performance;
Renegotiate their service provider agreements to detail the specific compliance obligations of each party relating to for auditing compliance, investigating potential breaches; providing required breach notifications; specify leadership and required cooperation in the event of a breach, charge, or other concern; indemnification and other liability allocations; and other related matters; and
Pursue appropriate liability and other protection as appropriate.

As part of these compliance and risk management efforts, most covered entities and their business associates will find it advisable to devote significant attention to the business associate relationship and its associated business associate agreements.

Proper management of the expanded compliance obligations and liability exposures created by the HITECH Act generally will necessitate that health plans and other covered entities and their business associates focus significant attention on the reworking of their operating and contractual relationships.

Even before the impending HIPAA changes scheduled to take effect on February 17, 2010, a strong need for more detailed contracting and planning of these relationships already existed. Since the enactment of HIPAA, the practice of many covered entities and their business associates of appending generic “business associate” representations onto existing services contracts without specific tailoring and planning has created undesirable ambiguities in these agreements.

Further updating and tailoring of these and other provisions of services agreements has become even more important over the past year in light of the new breach notification mandates that took effect under the HITECH Act in September, 2009, changes to HIPAA’s civil and criminal sanctions that took effect on February 17, 2009, and the impending extension by the HITECH Act to business associates of direct liability for compliance with HIPAA scheduled to occur on February 17, 2010.

Given these changes and the associated obligations and risks, both health plans and other covered entities and their business associates generally should act quickly to manage their own compliance and to minimize exposures that may result from the other’s compliance deficiencies. As part of these efforts, both covered entities and their business associates generally should review and tighten business associate and other service agreement provisions to provide for more specific and comprehensive HIPAA-related contractual assurances, as well as improved cooperation, coordination, management and oversight.

Curran Tomko Tarski LLP Can Help

If your organization need advice or assistance in reviewing, updating, administering or defending its HIPAA or other privacy policies, practices, business associate or other agreements, notices or other related activities, consider contacting Curran Tomko Tarski LLP Partner Cynthia Marcotte Stamer.

A widely published author and speaker on HIPAA and other related matter, Ms. Stamer has extensive experience advising health plans, their employer and other sponsors, health insurers, TPAs and other business associates and others about HIPAA and other health plan and privacy matters. Currently serving as both Chair of the American Bar Association (ABA) RPTE Employee Benefits & Other Compensation Group and as an ABA Joint Committee on Employee Benefits Council representative and Former Chair of the ABA Health Law Section Managed Care & Insurance Interest Group, Ms. Stamer has more than 23 years experience assisting employers, insurers, plan administrators and fiduciaries and others to design, implement, draft and administer health and other employee benefit plans and to defend audits, litigation or other disputes by private parties, the IRS, Department of Labor, Office of Civil Rights, Medicare, state insurance regulators and other federal and state regulators. As part of this work, she regularly assists clients to review and update policies, practices, contracts, notices and procedures to comply with HIPAA and other requirements. A nationally recognized author and lecturer, Ms. Stamer also speaks and writes extensively on these and other related matters. For additional information about Ms. Stamer and her experience or to access other publications by Ms. Stamer see here or contact Ms. Stamer directly. For additional information about the experience and services of Ms. Stamer and other members of the Curran Tomko Tarksi LLP team, see here.

Other Information & Resources

We hope that this information is useful to you. If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information – including your preferred e-mail – by creating or updating your profile here or e-mailing this information here or registering to participate in the distribution of our Solutions Law Press HR & Benefits Update distributions here. Examples of other recent updates that may be of interest include:

For important information concerning this communication click here. If you do not wish to receive these updates in the future, send an e-mail with the word “Remove” in the Subject here.

Comments Off on Health Plans & Business Associates Face 2/17 Deadline To Update Policies, Contracts & Procedures For HIPAA Privacy Rule Changes | ARRA, Employers, ERISA, Fiduciary Responsibility, GINA, Health Plans, HIPAA, Human Resources, Insurance, Internal Controls, Internal Investigations, Privacy, Protected Health Information, Risk Management, Stimulus Bill | Tagged: Breach Notice, Corporate Compliance, Data Breach, Employee Benefits, Employers, ERISA, GINA, Health Insurance, Health Plans, HIPAA, Human Resources, Insurance, Insurer, Internal Controls, Internal Investigations, Managed Care, Medical Coverage, PHI, Privacy, Privacy Rule, Risk Management, Security Rule | Permalink
Posted by Cynthia Marcotte Stamer

Stamer Speaks To CPAs About “Privacy & Information Security: Managing Your Accounting Practice’s Liabilities & Counseling Your Clients” January 12, 2010

December 28, 2009

Accountants and their clients face increasing regulatory and business pressures to protect the sensitive business and personal information collected and maintained in the course of their operation to minimize their exposure to personal identity theft and other cybercrime scams by employees, business partners and others. Curran Tomko Tarski LLP Partner Cynthia Marcotte Stamer will speak about “Privacy & Information Security: Managing Your Accounting Practice’s Liabilities & Counseling Your Clients” to members of the Dallas CPA Society on January 12, 2010 beginning at 2:00 p.m.

Part of the Dallas CPA Society Member Appreciation CPE Series Meeting, Ms. Stamer’s presentation will be part of four hours of free CPE training to be provided at a program open to members only at the Hilton Lincoln Centre Hotel located at 5410 LBJ Freeway, Dallas TX 75240 from 1 p.m. to 4:50 p.m. Central Time. (Parking at the facility costs $5.00). To register or for additional information, see here.

If you need help responding to these developments or other legislative, regulatory or enforcement concerns, Curran Tomko Tarski LLP can help. Curran Tomko and Tarski LLP and its attorneys have significant experience assisting businesses and business leaders to manage and defend privacy, data security, tax employee benefit, employment, health care, environmental, safety, securities and other compliance and risk management concerns.

Curran Tomko Tarksi LLP Partner Cynthia Marcotte Stamer has more than 22 years experience helping businesses to use the law, process and technology to manage people and processes, and to manage technology, privacy and data security, employment and other legal and operational risks affecting their businesses. Author of “Privacy & Securities Standards-A Brief Nutshell,” “Privacy Invasions of Medical Care-An Emerging Perspective,” and “E-Health Business and Transactional Law Other Liability-Tort and Regulatory;” published by The Bureau of National Affairs, Inc., and many other publications, Ms. Stamer has extensive experience advising a accounting firms, law firms, banks and financial services organizations, insurers, consultants, health plans, health care providers and others about HIPAA, FACTA, and other privacy, trade secret and other information security and data breach risk management and compliance concerns. Ms Stamer also speaks, publishes and provides public policy input extensively on data security, technology and other internal controls and risk management matters. Chair of the American Bar Association RPTE Employee Benefits & Compensation Committee, an ABA Joint Committee on Employee Benefits Council member, and Chair of the Curran Tomko Tarski Labor, Employment & Employee Benefits Practice, Ms. Stamer also is Board Certified in Labor & Employment law. For additional information about Ms. Stamer and her experience or to access other publications by Ms. Stamer see here or contact Ms. Stamer directly. For additional information about the experience and services of Ms. Stamer and other members of the Curran Tomko Tarksi LLP team, see here.

If you need assistance with these or other compliance concerns, wish to inquire about federal or state regulatory compliance audits, risk management or training, assistance investigating or responding to a known or suspected compliance or risk management concern, or need legal representation on other matters please contact the author of this update, Cynthia Marcotte Stamer, CTT Labor & Employment Practice Chair at cstamer@cttlegal.com, 214.270.2402; or your other preferred Curran Tomko Tarski LLP attorney.

You can review other recent human resources, employee benefits and internal controls publications and resources and additional information about the employment, employee benefits and other experience of Ms. Stamer here /the Curran Tomko Tarski LLP attorneys here. If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information – including your preferred e-mail – by creating or updating your profile here or e-mailing this information to Cstamer@CTTLegal.com or registering to participate in the distribution of these and other updates on our Solutions Law Press HR & Benefits Update distributions here. For important information concerning this communication click here. If you do not wish to receive these updates in the future, send an e-mail with the word “Remove” in the Subject to here.

Comments Off on Stamer Speaks To CPAs About “Privacy & Information Security: Managing Your Accounting Practice’s Liabilities & Counseling Your Clients” January 12, 2010 | Corporate Compliance, Data Security, EEOC, Employee Benefits, Employers, ERISA, Fiduciary Responsibility, GINA, Health Plans, Human Resources, Internal Controls, Malpractice, Privacy, Professional Liability, Protected Health Information, Risk Management | Tagged: Acountant's Liability, Corporate Compliance, CPA, CPE, Employee Benefits, Employer, GINA, Health Insurance, Health Plans, Human Resources, Internal Controls, Medical Coverage, Privacy, Risk Management, Tax | Permalink
Posted by Cynthia Marcotte Stamer

Rising Enforcement and Changing Rules Require Prompt Review & Update of Health Plan Privacy & Data Security Policies & Procedures

December 25, 2009

Health plans and their business associates should review and update their practices and policies concerning the use access and disclosure of protected health information in response to changing requirements and expanding enforcement exposures under the Health Insurance Portability & Accountability Act of 1996 (HIPAA) Privacy and Security Rules.

A series of Office of Civil Rights (OCR) enforcement action against health plans highlights the need for group health plans and insurers to exercise care to comply with HIPAA’s Privacy & Security Rules. For example, OCR recently required a HMO to take a series of corrective actions based on findings from its investigation of a complaint that the HMO impermissibly disclosed a member’s protected health information by sending her entire medical record to a disability insurance company without her authorization. Based on its investigation, OCR found the HMO violated HIPAA by relying on a form to make the disclosure that failed to meet the Privacy Rule requirements to qualify as a valid authorization under the Privacy Rule. Based on these findings, OCR required the HMO among other things:

To create a new HIPAA-compliant authorization form that specifies what records and/or portions of the files will be disclosed, that the respective authorization will be kept in the patient’s record, together with the disclosed information and otherwise to meet the content requirements of the Privacy Rule for an authorization; and
To implement a new policy that directs staff to obtain patient signatures on these forms before responding to any disclosure requests, even if patients bring in their own “authorization” form.

Another action resulted after a national health maintenance organization sent explanation of benefits (EOB) by mail to a complainant’s unauthorized family member. OCR’s investigation determined that a flaw in the health plan’s computer system put the protected health information of approximately 2,000 families at risk of disclosure in violation of the Privacy Rule. To resolve this case, OCR required among other things that the insurer to correct the flaw in its computer system, review all transactions for a six month period and correct all corrupted patient information.

In yet another case, OCR found an employee of a major health insurer impermissibly disclosed the PHI of one of its members without following the insurer’s authorization and verification procedures. Among other corrective actions to resolve the specific issues in the case, OCR required the health insurer to train its staff on the applicable policies and procedures, to take action to mitigate the harm to the individual and to counsel and give a written warning to an employee who made the disclosure.

While OCR declined to impose any civil penalties in any of these three instances, violations of the Privacy Rules have resulted in both criminal prosecutions by the Department of Justice and the payment of large civil settlements to OCR. See, e.g., 2 New HIPAA Criminal Actions Highlight Risks From Wrongful Use/Access of Health Information HIPAA Risks Soar As CVS Agrees to Pay $2.25 Million To Resolve HIPAA Charges & Stimulus Bill Amends HIPAA. Furthermore, recent amendments to the Privacy Rules increase the likelihood that health plans and other covered entities violating the Privacy Rules will incur civil penalties. The American Recovery and Reinvestment Act of 2009 (ARRA) amended the Privacy Rules effective October, 2009 to increase the civil penalties for Privacy Rule violations and to include new breach notification requirements for covered entities. Additional ARRA amendments to HIPAA scheduled to take effect February 17, 2010 will further tighten the conditions under which covered entities may use, access or disclose PHI under the Privacy Rules, will expand the circumstances under which health plans and other covered entities will be required to account for dealings with PHI under HIPAA, and will extend the duty to comply with and liability for violations of the Privacy Rules to business associates. In the meanwhile, employees increasingly are alleging Privacy Rule violations as part of their whistleblower or other wrongful discharge claims. See, e.g. Retaliation For Filing HIPAA Complaint Recognized As Basis For State Retaliatory Discharge Claim.

In light of these changing rules and expanding liabilities, health plans and their business associates need to review and update their Privacy and Security practices, business associate agreements and privacy notices for compliance in light of the expanding enforcement activities of OCR and these evolving Privacy and Security Rules. These and other developments make it imperative that health plans and other covered entities and their business associates immediately review and update their HIPAA and other data security and privacy practices to guard against growing liability exposures under HIPAA and other federal and state laws.

If your organization needs assistance reviewing, updating, administering or defending privacy and data security practices under HIPAA, state data breach or other laws, Curran Tomko Tarski LLP can help. The author of this update, Curran Tomko Tarski LLP Partner Cynthia Marcotte Stamer has extensive experience advising and assisting health plans, health insurers, and other covered entities and business associates to review, update, document, enforce and defend their HIPAA and other privacy and data security policies and practices. The author of numerous publications on HIPAA and other privacy and data security rules, she also speaks and conducts training extensively on these concerns.

Ms. Stamer is experienced with assisting employers, insurers, administrators, and others to design and administer group health plans cost-effectively in accordance with HIPAA and other applicable federal regulations as well as well as advising and defending employers, health plans, insurers and others against privacy, tax, employment discrimination and other labor and employment, and other related audits, investigations and litigation, charges, audits, claims and investigations by the OCR, DOJ,IRS, Department of Labor and other federal and state regulators.. Chair of the American Bar Association RPTE Employee Benefits & Other Compensation Group, a representative to the ABA Joint Committee on Employee Benefits Council, past Chair of the ABA Health Law Section Managed Care & Insurance Interest Group and Board Certified in Labor & Employment Law by the Texas Board of Legal Specialization, Ms. Stamer has advised and represented employers on these and other labor and employment, compensation, employee benefit and other personnel and staffing matters for more than 22 years. Ms. Stamer also speaks and writes extensively on these and other related matters. For additional information about Ms. Stamer and her experience or to access other publications by Ms. Stamer see here or contact Ms. Stamer directly. For additional information about the experience and services of Ms. Stamer and other members of the Curran Tomko Tarksi LLP team, see here.

Other Information & Resources

We hope that this information is useful to you. If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information – including your preferred e-mail – by creating or updating your profile here or e-mailing this information here or registering to participate in the distribution of our Solutions Law Press HR & Benefits Update distributions here. Some other recent updates that may be of interested include the following, which you can access by clicking on the article title:

For important information concerning this communication click here. If you do not wish to receive these updates in the future, send an e-mail with the word “Remove” in the Subject here.

Comments Off on Rising Enforcement and Changing Rules Require Prompt Review & Update of Health Plan Privacy & Data Security Policies & Procedures | Corporate Compliance, Data Security, Employee Benefits, Employers, ERISA, Health Plans, HIPAA, Human Resources, Insurance, Internal Controls, Privacy, Protected Health Information, Risk Management | Tagged: ARRA, Health Plans, HIPAA, OCR, PHI, Privacy | Permalink
Posted by Cynthia Marcotte Stamer

Employer H1N1 Virus Risk Management Requires Employer Care To Manage Virus Risks Without Violating Employment Discrimination or Other Laws

November 30, 2009

As the Centers for Disease Control (CDC) continues cautioning Americans to expect a resurgence of the H1N1 virus, employers should continue to take prudent steps to defend their organization and their workers against a widespread H1N1 outbreak and the attendant lost time, health and disability costs, OSHA and other liability exposures and other personal and financial consequences likely to result from an outbreak.

Employers wishing to deter the spread of the disease in their workplace should educate workers about these recommendations and consider taking steps to encourage workers to comply with these recommendations. When planning or taking steps to protect their workplaces from the H1N1 virus pandemic or other outbreaks of communicable diseases, however, employers must use care to avoid violating the Americans With Disabilities Act or other employment laws.

Preventing, Recognizing & Mitigating Risks of H1N1

Although the number of reported cases of H1N1 virus cases has declined in many states in recent weeks, CDC officials are warning American’s that the crisis is not over yet. CDC officials last week warned Americans to expect H1N1 infection to rise as the holiday approaches and the winter progresses. With flu activity already higher than what is seen during the peak of many regular flu seasons and the H1NA virus accounting for almost all of the flu viruses identified so for this season, Accordingly, the CDC continues to encourage Americans to be alert for symptoms of H1N1 or other flu and to take other precautions including to get vaccinated.

Employers should continue to encourage workers and their families to take precautions to avoid catching the virus, to be on the watch for H1N1 virus or other flu infection and to respond appropriately if they, members of their families or others in the workplace exhibit these symptoms. To help promote health habits within their workforce, many businesses may want to download and circulate to employees and families the free resources published by the CDC here. Businesses and other concerned parties also can track governmental reports about the swine flu and other pandemic concerns at here.

For those not already suffering from the virus and particularly for those at higher risk, the CDC continues to recommend vaccination. People recommended by the CDC to receive the vaccine as soon possible include: health care workers; pregnant women; people ages 25 through 64 with chronic medical conditions, such as asthma, heart disease, or diabetes; anyone from 6 months through 24 years of age; and people living with or caring for infants under 6 months old. As the vaccine becomes available, many employers are encouraging workers and their families to get vaccinated by offering vaccination clinics at or near their worksites, arranging for health plan coverage for vaccinations with reduced or no co-payments or deductibles, and/or sharing information about government sponsored or other vaccination clinics.

While the CDC says getting employees and their families to get a flu shot remains the best defense against a flu outbreak, it also says getting employees and family members to consistently practice good health habits like covering a cough and washing hands also is another important key to prevent the spread of germs and prevent the spread of respiratory illnesses like the flu. Employers should encourage employees and their families to take the following steps:

Avoid close contact with people who are sick. When you are sick, keep your distance from others to protect them from getting sick too;
Stay home when you are sick to help prevent others from catching your illness;
Cover your mouth and nose;
Cover your mouth and nose with a tissue when coughing or sneezing. It may prevent those around you from getting sick;
Clean your hands to protect yourself from germs;
Avoid touching your eyes, nose or mouth;
Germs are often spread when a person touches something that is contaminated with germs and then touches his or her eyes, nose, or mouth; and
Practice other good health habits. Get plenty of sleep, be physically active, manage your stress, drink plenty of fluids, and eat nutritious food.

Employers also should encourage workers and their families to be alert to possible signs of H1N1 or other flu symptoms and to respond appropriately to possible infection. According to the CDC, all types of flu including H1NA typically include many common symptoms, including:

Fever
Coughing and/or sore throat
Runny or stuffy nose
Headaches and/or body aches
Chills
Fatigue

Patients suffering from H1N1 flu usually report these same symptoms, but the symptoms often are more severe. In addition to the above symptoms, a number of H1N1 flu cases reported vomiting and diarrhea.

CDC recommends individuals diagnosed with H1N1 flu should:

Stay home and avoid contact with others for at least 24 hours after a fever (100°F or 37.8°C) is gone without the use of fever reducing medicine except to get medical care or for other things that must be done that no one else can do;
Avoid close contact with others, especially those who might easily get the flu, such as people age 65 years and older, people of any age with chronic medical conditions (such as asthma, diabetes, or heart disease), pregnant women, young children, and infants;
Clean hands with soap and water or an alcohol-based hand rub often, especially after using tissues or coughing/sneezing into your hands;
Cover coughs and sneezes;
Wear a facemask when sharing common spaces with other household members to help prevent spreading the virus to others. This is especially important if other household members are at high risk for complications from influenza;
Drink clear fluids such as water, broth, sports drinks, or electrolyte beverages made for infants to prevent becoming dehydrated;
Get plenty of rest;
Follow doctor’s orders; and
Watch for signs for a need for immediate medical attention. Suffers should get medical attention right away if the sufferer has difficulty breathing or chest pain, purple or blue discoloration of the lips, is vomiting and unable to keep liquids down, or shows signs of dehydration, such as feeling dizzy when standing or being unable to urinate.

In seeking to contain the spread of the virus within their workplace, employers also should be sensitive to workplace policies or practices that may pressure employees with a contagious disease to report to work despite an illness and consider whether the employer should adjust these policies temporarily or permanently in light of the ongoing pandemic. For instance, financial pressures and the design and enforcement of policies regarding working from home and/or qualifying for paid or unpaid time off significantly impact the decisions employees make about whether to come to work when first experiencing symptoms of illness. Employers of workers who travel extensively – may wish to delay or restrict travel for some period.

Employers Must Employment Discrimination & Other Legal Compliance Risks

Many employers may want to evaluate and appropriately revise existing policies with an eye to better defending their workforce against a major outbreak. Whether or not the disease afflicts any of its workers, businesses can anticipate the swine flu outbreak will impact their operations – either as a result of occurrences affecting their own or other businesses or from workflow disruptions resulting from safeguards that the business or other businesses implement to minimize swine flu risks for its workforce or its customers. Many businesses also will want to prepare backup staffing and production strategies to prepare for disruptions likely to result if a significant outbreak occurs.

Employers planning for or dealing with an H1N1 or other epidemic in their workplace should exercise care to avoid violating the nondiscrimination and medical records confidentiality provisions of the Americans with Disabilities Act (ADA) and/or the Genetic Information Nondiscrimination Act (GINA), the Family & Medical Leave Act of 1990 (FMLA), the Fair Labor Standards Act (FLSA) and applicable state wage and hour laws, and other employment and privacy laws.

Improperly designed or administered medical inquiries, testing, vaccination mandates and other policies or practices intended to prevent the spread of disease may expose an employer to disability discrimination liability under the ADA or GINA. For instance, the ADA generally prohibits an employer from making disability-related inquiries and requiring medical examinations of employees, except under limited circumstances permitted by the ADA. Likewise, improperly designed or communicated employer inquiries into family medical status which could be construed as inquiring about family medical history also may raise exposures under genetic information nondiscrimination and privacy mandates of GINA that took effect November 21, 2009.

During employment, the ADA prohibits employee disability-related inquiries or medical examinations unless they are job-related and consistent with business necessity. Generally, a disability-related inquiry or medical examination of an employee is job-related and consistent with business necessity when an employer has a reasonable belief, based on objective evidence, that:

An employee’s ability to perform essential job functions will be impaired by a medical condition; or
An employee will pose a direct threat due to a medical condition.

This reasonable belief “must be based on objective evidence obtained, or reasonably available to the employer, prior to making a disability-related inquiry or requiring a medical examination.”

Additionally, the ADA prohibits employers from making disability-related inquiries and conducting medical examinations of applicants before a conditional offer of employment is made. It permits employers to make disability-related inquiries and conduct medical examinations if all entering employees in the same job category are subject to the same inquiries and examinations. All information about applicants or employees obtained through disability-related inquiries or medical examinations must be kept confidential. Information regarding the medical condition or history of an employee must be collected and maintained on separate forms and in separate medical files and be treated as a confidential medical record. The EEOC Pandemic Preparedness In The Workplace and The Americans With Disabilities Act Guidance makes clear that employer inquiries and other H1N GINA’s inclusion of information about the “manifestation of a disease or disorder in family members” is likely to present a liability trap door for many unsuspecting employers H1N1 and other epidemic planning and response activities should be carefully crafted to avoid violating these proscriptions.

GINA’s inclusion of information about the “manifestation of a disease or disorder in family members” also could present a liability trap door for some employers designing pandemic or other workplace wellness, disease management or other programs. GINA defines “genetic information” broadly as including not only information about genetic tests about an individual or his family member as well as information about the “manifestation of a disease or disorder in family members of such individual, GINA also specifies that any reference to genetic information concerning an individual or family member includes genetic information of a fetus carried by a pregnant woman and an embryo legally held by an individual or family member utilizing an assisted reproductive technology. For more information about the new GINA genetic information employment discrimination rules, see here.

As part of their pandemic planning, employers also generally should review their existing wage and hour and leave of absence practices. Employers should ensure that their existing or planned practices for providing paid or unpaid leave are designed to comply with the FLSA and other wage and hour and federal and state leave of absence laws. Employers also should review and update family and medical leave act and other sick leave policies, group health plan medical coverage continuation rules and notices and other associated policies and plans for compliance with existing regulatory requirements, which have been subject to a range of statutory and regulatory amendments in recent years. If considering allowing or requiring employees to work from home, employers also need to implement appropriate safeguards to monitor and manage employee performance, to protect the employer’s ability to comply with applicable wage and hour, worker’s compensation, OSHA and other safety, privacy and other legal and operational requirements.

Businesses, health care providers, schools, government agencies and others concerned about preparing to cope with pandemic or other infectious disease challenges also may want to review the publication “Planning for the Pandemic” authored by Curran Tomko Tarski LLP partner Cynthia Marcotte Stamer available at here. FLU.gov is a one-stop resource with the latest updates on the H1N1 flu. An additional resource is CDC INFO, 1-800-CDC-INFO (1-800-232-4636), which offers services in English and Spanish, 24 hours a day, 7 days a week. Schools, health care organizations, restaurants and other businesses whose operations involve significant interaction with the public also may need to take special precautions. These and other businesses may want to consult the special resources posted here.

Cynthia Marcotte Stamer and other members of Curran Tomko and Tarski LLP are experienced with advising and assisting employers with these and other labor and employment, employee benefit, compensation, and internal controls matters. If your organization needs assistance with assessing, managing or defending these or other labor and employment, compensation or benefit practices, please contact the author of this article, Curran Tomko Tarski LLP Labor & Employment Practice Group Chair Cynthia Marcotte Stamer. Board Certified in Labor & Employment Law by the Texas Board of Legal Specialization and Chair of the American Bar Association RPTE Employee Benefits & Other Compensation Group and a nationally recognized author and speaker, Ms. Stamer is experienced with assisting employers and others about compliance with federal and state equal employment opportunity, compensation, health and other employee benefit, workplace safety, and other labor and employment laws, as well as advising and defending employers and others against tax, employment discrimination and other labor and employment, and other related audits, investigations and litigation, charges, audits, claims and investigations by the IRS, Department of Labor and other federal and state regulators. Ms. Stamer has advised and represented employers on these and other labor and employment, compensation, health and other employee benefit and other personnel and staffing matters for more than 22 years. Ms. Stamer also speaks and writes extensively on these and other related matters. For additional information about Ms. Stamer and her experience or to access other publications by Ms. Stamer see here or contact Ms. Stamer directly. For additional information about the experience and services of Ms. Stamer and other members of the Curran Tomko Tarksi LLP team, see here.

Other Information & Resources

For important information concerning this communication click here. If you do not wish to receive these updates in the future, send an e-mail with the word “Remove” in the Subject here.

Comments Off on Employer H1N1 Virus Risk Management Requires Employer Care To Manage Virus Risks Without Violating Employment Discrimination or Other Laws | ADA, COBRA, Disease Management, EEOC, Employee Benefits, Employers, family leave, FMLA, GINA, Health Plans, HIPAA, Human Resources, Insurance, Internal Controls, Leave, medical leave, OSHA, Pandemic, Privacy, Protected Health Information, Risk Management, Safety, Swine Flu, Wage & Hour, Wellness | Tagged: ADA, COBRA, Corporate Compliance, Disability Discrimination, Disease Management, Employee Benefits, Employers, Employment, Health Insurance, Health Plans, Human Resources, Internal Controls, Labor, Medical Coverage, Minimum Wage, Pandemic, Privacy, Risk Management, Wellness | Permalink
Posted by Cynthia Marcotte Stamer

Register Now For HITECH Act Health Data Security & Breach Update: Learn What You Must Do This Month To Comply With New Health Data Breach Regulations

September 2, 2009

September 10, 2009 – Noon to 1:30 P.M. Central Time Participate In Person or Via Remote!

Health care providers, health plans, health clearinghouses and their business associates (Covered Entities) must comply with the new “Breach Notification For Unsecured Protected Health Information” regulation (Breach Regulation) by September 23, 2009.

Catch up on what the Breach Rule means for your organization and how it must respond by participating in the “HITECH Act Health Data Security & Breach Update” on Thursday, September 10, 2009 from Noon to 1:30 P.M. Central Time for a registration fee of $45.00. Registrants will have the option to participate via teleconference or in person at the offices of Curran Tomko Tarski LLP, 2001 Bryan Street, Suite 2050, Dallas Texas 75201. For information about registering for this program or other questions here,

The Breach Rule requires Covered Entities to notify affected individuals following a “breach” of “unsecured” protected health information. Just published August 24^th, the Breach Regulation is part of a series of guidance that HHS is issuing to implement new and stricter personal health information privacy and data security requirements for Covered Entities added to HIPAA under the Health Information Technology for Economic and Clinical Health (HITECH) Act signed into law on February 17, 2009 as part of American Recovery and Reinvestment Act of 2009 (ARRA). The briefing will cover:

Who must comply, health plans, employers, others?
What your organization must do
How to qualify protected health information as exempt from the breach regulations as “secure” protected health information
What is considered a breach of unsecured protected health information
What steps must a covered entity take if a breach of unsecured protected information happens
What liabilities do covered entities face for non-compliance
What new contractual requirements, policies and procedures Covered Entities and Business Associates will need
How the Breach Regulation, the Privacy Regulation, impending FTC red flag rules and state data breach and privacy rules interrelate
Other recent developments
Practical tips for assessing, planning, moving to and defending compliance
Participant questions
More

About The Presenter

The program will be presented by Curran Tomko and Tarski LLP Health Care & Employee Benefits Practice Leader and Partner Cynthia Marcotte Stamer. Ms. Stamer is nationally known for her work, publications and presentations on privacy and security of health and other sensitive information in health and managed care, employment, employee benefits, financial services, education and other contexts. Chair of the ABA RPTE Employee Benefits & Other Compensation Committee, a ABA Joint Committee on Employee Benefits Council Representative, Vice President of the North Texas Health Care Compliance Professionals Association, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has more than 20 years experience advising clients about health and other privacy and security matters. A popular lecturer and widely published author on privacy and data security and other related health care and health plan matters, Ms. Stamer is the Editor in Chief of the forthcoming 2010 edition of the Information Security Guide to be published by the American Bar Association Information Security Committee in 2010, as well as the author of “Protecting & Using Patient Data In Disease Management: Opportunities, Liabilities And Prescriptions,” “Privacy Invasions of Medical Care-An Emerging Perspective,” “Cybercrime and Identity Theft: Health Information Security Beyond HIPAA,” and a host of other highly regarded publications. She has continuously advises employers, health care providers, health insurers and administrators, health plan sponsors, employee benefit plan fiduciaries, schools, financial services providers, governments and others about privacy and data security, health care, insurance, human resources, technology, and other legal and operational concerns. Ms. Stamer also publishes and speaks extensively on health and managed care industry privacy, data security and other technology, regulatory and operational risk management matters. Her insights on health care, health insurance, human resources and related matters appear in the Atlantic Information Service, Bureau of National Affairs, World At Work, The Wall Street Journal, Business Insurance, the Dallas Morning News, Managed Healthcare, Health Leaders, and a many other national and local publications. For additional information about Ms. Stamer, her experience, involvements, programs or publications, see here.

We hope that this information is useful to you. If you need assistance monitoring, evaluating or responding to these or other compliance, risk management, transaction or operation concerns, please contact the author of this update, Cynthia Marcotte Stamer, at (214) 270-2402, cstamer@cttlegal.com or another Curran Tomko Tarski LLP Partner of your choice.

Other Helpful Resources & Other Information

If you find this of interest, you also be interested in one or more of the following other recent articles published on our electronic Curran Tomko Tarski LLP publications available for review here. If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information – including your preferred e-mail- by creating or updating your profile at here. You can access other recent updates and other informative publications and resources provided by Curran Tomko Tarski LLP attorneys and get information about its attorneys’ experience, briefings, speeches and other credentials here.

For important information concerning this communication click here. If you do not wish to receive these updates in the future, send an e-mail with the word “Remove” in the Subject to support@cttlegal.net.

Comments Off on Register Now For HITECH Act Health Data Security & Breach Update: Learn What You Must Do This Month To Comply With New Health Data Breach Regulations | Corporate Compliance, Data Security, Disease Management, Employers, GINA, Health Plans, HIPAA, Human Resources, Insurance, Internal Controls, Privacy, Protected Health Information | Tagged: Corporate Compliance, Employee Benefits, Employer, Employers, Employment, ERISA, GINA, Health Care Reform, Health Insurance, Health Plans, Human Resources, Insurance, Insurer, Internal Controls, Managed Care, Medical Coverage, Privacy | Permalink
Posted by Cynthia Marcotte Stamer

Employer & Other Health Plans & Other HIPAA-Covered Entities & Their Business Associates Must Comply With New HHS Health Information Data Breach Rules By September 23

August 24, 2009

Employer and other health plans, health care providers, health clearinghouses and their business associates must start complying with new federal data breach notification rules on September 23, 2009.

The new “Breach Notification For Unsecured Protected Health Information” regulation (Breach Regulation) published here in today’s Federal Register requires health plans, health care providers, health care clearinghouses and their business associates (Covered Entities) covered under the personal health information privacy and security rules of the Health Insurance Portability & Accountability Act (HIPAA) to notify affected individuals following a “breach” of “unsecured” protected health information.The Breach Regulation is part of a series of guidance that HHS is issuing to implement new and stricter personal health information privacy and data security requirements for Covered Entities added to HIPAA under the Health Information Technology for Economic and Clinical Health (HITECH) Act signed into law on February 17, 2009 as part of American Recovery and Reinvestment Act of 2009 (ARRA).

You are invited to catch up on what these new rules mean for your organization and how it must respond by participating in the “HITECH Act Health Data Security & Breach Update” on Wednesday, September 9 2009 from Noon to 1:30 P.M. Central Time.

HITECH Act Data Breach and Unsecured PHI Rules

Published in the August 24, 2009 Federal Register, the new Breach Regulation implements the HITECH Act requirement that Covered Entities and their business associates notify affected individuals, the Secretary of HHS, and in some cases, the media, when a breach of “unsecured protected health information” happens and the form, manner, and timing of that notification. Covered Entities must begin complying with the new Breach Regulation on September 23, 2009.

Part of a series of new HHS rules implementing recent changes to HIPAA enacted under the HITECH Act to strengthen existing federally mandates requiring Covered Entities to safeguard protected health information, the Breach Regulation will obligate Covered Entities and business associates to provide certain notifications following a breach of “protected health information” that not secured at the time of the breach through the use of a technology or methodology meeting minimum standards issued by HHS pursuant to other provisions of the HITECH Act.

Under the HITECH Act, the breach notification obligations contained in the Breach Notification only apply to a breach of “unsecured protected health information.” The Breach Regulation exempts breaches of protected health information that qualify as “secured” under separately issued HHS and Federal Trade Commission (FTC) standards for encryption and destruction of protected health information from its breach notification requirements.

For purposes of the HITECH Act, electronic protected health information is considered “unsecured” unless the Covered Entity has satisfied certain minimum standards for the protection of that data established pursuant to the HITECH Act. Earlier this year, HHS and the FTC issued interim rules defining the minimum encryption and destruction technologies and methodologies that Covered Entities must use to render protected health information unusable, unreadable, or indecipherable to unauthorized individuals for purposes of determining when protected health information is “unsecured” for purposes of the HITECH Act. Concurrent with its publication of the Breach Regulation, HHS also released guidance updating and clarifying this previously issued guidance.

Read the Breach Regulation here . To review the HITECH Act Breach Notification Guidance and Request for Information, see here .

Register For September 9, 2009 “HITECH Act Health Data Security & Breach Update”

Interested persons are invited to register here now to learn what these new rules mean for your organization and how it must respond by participating in the “HITECH Act Health Data Security & Breach Update” on Wednesday, September 9, 2009 from Noon to 1:30 P.M. Central Time. For a registration fee of $45.00, registrants will have the option to participate via teleconference or in person at the offices of Curran Tomko Tarski LLP, 2001 Bryan Street, Suite 2050, Dallas Texas 75201. For questions or other information about this program, e-mail here.

Conducted by Curran Tomko and Tarski LLP Partner Cynthia Marcotte Stamer, the briefing will cover:

Who must comply
What your organization must do
How to qualify protected health information as exempt from the breach regulations as “secure” protected health information
What is considered a breach of unsecured protected health information
What steps must a covered entity take if a breach of unsecured protected information happens
What liabilities do covered entities face for non-compliance
What new contractual requirements, policies and procedures Covered Entities and Business Associates will need
How the Breach Regulation, the Privacy Regulation, impending FTC red flag rules and state data breach and privacy rules interrelate
Other recent developments
Practical tips for assessing, planning, moving to and defending compliance
Participant questions
More

About The Presenter

The program will be presented by Curran Tomko Tarski LLP Partner Cynthia Marcotte Stamer. Ms. Stamer is nationally known for her work, publications and presentations on privacy and security of health and other sensitive information in health and managed care, employment, employee benefits, financial services, education and other contexts.

Past Chair of the ABA Health Law Section Managed Care & Insurance Section and currently the Chair of the American Bar Association (ABA) RPTE Employee Benefits & Other Compensation Section and a Council Representative of the ABA Joint Committee On Employee Benefits, Ms. Stamer has more than 20 years experience advising clients about health and other privacy and security matters. A popular lecturer and widely published author on privacy and data security and other related health care and health plan matters, Ms. Stamer is the Editor in Chief of the forthcoming 2010 edition of the Information Security Guide to be published by the American Bar Association Information Security Committee in 2010, as well as the author of “Protecting & Using Patient Data In Disease Management: Opportunities, Liabilities And Prescriptions,” “Privacy Invasions of Medical Care-An Emerging Perspective,” “Cybercrime and Identity Theft: Health Information Security Beyond HIPAA,” and a host of other highly regarded publications. She has continuously advises employers, health care providers, health insurers and administrators, health plan sponsors, employee benefit plan fiduciaries, schools, financial services providers, governments and others about privacy and data security, health care, insurance, human resources, technology, and other legal and operational concerns. Ms. Stamer also publishes and speaks extensively on health and managed care industry privacy, data security and other technology, regulatory and operational risk management matters. Her insights on health care, health insurance, human resources and related matters appear in the Atlantic Information Service, Bureau of National Affairs, World At Work, The Wall Street Journal, Business Insurance, the Dallas Morning News, Managed Healthcare, Health Leaders, and a many other national and local publications. For additional information about Ms. Stamer, her experience, involvements, programs or publications, see here.

We hope that this information is useful to you. If you need assistance monitoring, evaluating or responding to these or other compliance, risk management, transaction or operation concerns, please contact the author of this update, Cynthia Marcotte Stamer, at (214) 270-2402, cstamer@cttlegal.com or another Curran Tomko Tarski LLP Partner of your choice.

Other Helpful Resources & Other Information

If you found these updates of interest, you also be interested in one or more of the following other recent articles published on our electronic Curran Tomko Tarski LLP publications available for review here. If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information – including your preferred e-mail- by creating or updating your profile at here. You can access other recent updates and other informative publications and resources provided by Curran Tomko Tarski LLP attorneys and get information about its attorneys’ experience, briefings, speeches and other credentials here.

Comments Off on Employer & Other Health Plans & Other HIPAA-Covered Entities & Their Business Associates Must Comply With New HHS Health Information Data Breach Rules By September 23 | ARRA, Corporate Compliance, Data Security, Employee Benefits, Employers, ERISA, GINA, Health Plans, HIPAA, Human Resources, Insurance, Internal Controls, Preemption, Privacy, Protected Health Information, Risk Management, Stimulus Bill, Tax | Tagged: Corporate Compliance, Data Security, Employee Benefits, Employer, Employers, Employment, ERISA, GINA, Health Care Reform, Health Insurance, Health Plans, HealthP Plans, Human Resources, Insurance, Insurer, Internal Controls, Internal Investigations, Labor, Managed Care, Medical Coverage, Privacy, Risk Management, Subsidy Bill, Tax | Permalink
Posted by Cynthia Marcotte Stamer

Stamer Speaks 9/14 On Coping With Health Care Reform: What’s New, What Lies Ahead & What To Do

Health Plans & Employers Beware! $4.3 Million Civil Penalty Shows OCR Serious About HIPAA Enforcement

Register Now For 8/24 2010 Health Plan Update Briefing

New Affordable Care Act Health Plan Appeals Regulations Require Health Plan Updates

CMS & ONC To Co-Host 7/22 ONC Certification & Medicare/Medicaid EHR Incentive Program Audio Training

Stamer Speaks June 9 On “Health Care Reform’s Implications For Employers, Health Plans & Employee Benefits Practitioners” In Houston

CBO Raises Estimated Cost of Health Care Reforms As Employers, Health Plans Brace Costs Of Newly Effective & Impending Mandates

Health Plans & Business Associates Face 2/17 Deadline To Update Policies, Contracts & Procedures For HIPAA Privacy Rule Changes

Stamer Speaks To CPAs About “Privacy & Information Security: Managing Your Accounting Practice’s Liabilities & Counseling Your Clients” January 12, 2010

Rising Enforcement and Changing Rules Require Prompt Review & Update of Health Plan Privacy & Data Security Policies & Procedures

Employer H1N1 Virus Risk Management Requires Employer Care To Manage Virus Risks Without Violating Employment Discrimination or Other Laws

Register Now For HITECH Act Health Data Security & Breach Update: Learn What You Must Do This Month To Comply With New Health Data Breach Regulations

Employer & Other Health Plans & Other HIPAA-Covered Entities & Their Business Associates Must Comply With New HHS Health Information Data Breach Rules By September 23

Email Subscription

Pages

Recent Posts

Archives

Share this blog

Solutions Law Press HR & Benefits Update