New York’s Stop Hacks and Improve Electronic Data Security Act, or SHIELD Act, which makes significant changes to the state’s data breach notification requirements, impacts healthcare organizations that hold computerized data with private information from New York residents. In this LawFlash, our privacy and cybersecurity team analyzes the law’s expanded definition of “private information” and offers key business takeaways for assessing compliance with the SHIELD Act, which becomes effective October 23, 2019.
Two OIG inspection reports detailing the results of onsite hospice surveys during a five-year period ending three years ago in 2016 build on the body of hospice industry evaluations conducted by the OIG, garnering significant negative press attention. Many in the hospice industry believe the OIG reports lack balance and focus excessively on the negative findings associated with a small minority of hospices. In light of CMS’s concurrent initiative to put “patients over paperwork” and reduce regulatory burdens on providers, OIG’s call for enhanced regulatory oversight and expanded reporting requirements for hospice may strike some industry watchers as out of step with the administration’s efforts to reduce unnecessary red tape, but OIG sticks to its watchdog role.
Read the LawFlash
We had a really fun and insightful edition of our Fast Break webinar series in June. If you didn’t get a chance to join in, the session featured Jonelle Saunders and Jake Harper discussing recent compliance guidance issued by the US Department of Justice (DOJ). Jonelle explained the reasons why the DOJ issued the guidance, how the guidance works, and some practical tips for healthcare providers in assessing their own compliance programs. The guidance can have a major impact on settlement dynamics for defendants in False Claims Act (FCA) cases and other matters, so it is important to understand the DOJ’s thinking on compliance.
We finally got to appear on camera for this Fast Break, which was an interesting experience (although a little more nerve-wracking than usual). It gave us the chance to better interact with our attendees, who asked some great questions on the topic.
The CMS draft guidance for state survey agency directors on hospital co-location arrangements offers insight into how CMS will evaluate hospitals that partner with other providers under the Medicare conditions of participation, or CoPs. Co-location occurs when two hospitals or a hospital and another healthcare entity are located on the same campus or in the same building and share space, staff, or services. Areas that CMS will review when surveying co-located facilities include staffing, contracted services, distinct and shared spaces, and emergency services.
In an unanticipated but welcome move, CMS is soliciting comments on the draft guidance by July 2. Stakeholders should be sure to use this opportunity to raise their compliance concerns associated with the proposed rules governing shared space and staffing arrangements under the Medicare program.
Read the full LawFlash for more details on the draft guidance.
Two Texas cities—Dallas and San Antonio—will soon require employers to offer paid sick leave effective August 1, 2019. While it appeared almost certain the 86th Texas legislature would act to stop the local ordinances, the legislation failed to pass by the end of the regular session on May 27, 2019. A similar ordinance adopted by Austin, Texas, and enjoined by the state’s Third Court of Appeals remains in litigation. A ruling on the Austin ordinance, which will likely also impact Dallas and San Antonio, may not come until the end of the year. Given this current state of affairs, what are employers in Dallas and San Antonio to do? Prepare to comply with the ordinances’ requirements by August 1, 2019.
Healthcare partners Al Shay and Howard Young and associate Jake Harper recently contributed to the Health Care Compliance Legal Issues Manual, a publication by the American Health Lawyers Association (AHLA).
The latest edition of AHLA’s Health Care Compliance Legal Issues Manual gives readers an up-to-date look at issues critical to healthcare compliance, including tips for conducting internal investigations; audit basics; overviews of the False Claims Act, Stark Law, and Anti-Kickback Statute; healthcare privacy; and more.
In its updated guidance issued on Tuesday, the US Department of Justice Criminal Division places effectiveness at the epicenter of its factors to be utilized when evaluating a company’s compliance program in the context of a criminal investigation.
The US Department of Justice (DOJ) published updated guidance on April 30 on factors prosecutors should consider when analyzing the effectiveness of a corporate compliance program to prevent or detect fraud and other misconduct. The “Evaluation of Corporate Compliance Programs” updates guidance previously released on February 8, 2017, and provides companies with increased clarity on the government’s evaluation of corporate compliance programs.
This is the first formal guidance issued by the DOJ’s Fraud Section since the confirmation of the new US Attorney General.
In recent remarks, Assistant US Attorney General Brian A. Benczkowski emphasized that the US Department of Justice remains serious about fighting corporate fraud and corruption, and noted that transparency in its criteria for prosecution is a key tool for both DOJ and private sector companies. Stressing the importance of effective compliance programs, he noted that companies are more likely to implement such programs when it is clear what conduct DOJ will credit or penalize.