Health Law Blog - Healthcare Legal Issues

Archive for July, 2012

OCR HIPAA Audit Resources For Healthcare Providers

Monday, July 30th, 2012

 HIPAA Audit Resources for OCR Audit of Health Care Providers

 HIPAA Information For Covered Entities

 HIPAA Audit Protocol

 Office of Civil Rights (OCR) HIPAA Notification Page

HIPAA New Archives

Patient Safety Confidentiality (PSQIA)

Sample Business Associates Contract

 Things To Do Before a HIPAA Audit is announced

Before you even have notice that you may be the subject of a HIPAA audits, you should be certain that your HIPAA “ducks” are in a row.  Taking last minute action when an audit is announced will not be nearly as effective as demonstrating that you have had a long term committment to HIPAA compliance.  Here are a few things that you should do now, before you are the subject of an audit.  This list is not meant to me all inclusive.

  • Review all policies and procedures that are required in order to comply with HIPAA. Consider an external review by an independent party.
  • Document a plan of correction if deficiencies are identified and document the correction process.
  • Designate departmental individuals who are responsible for HIPAA issues and prepare them to address the process of implementation in their area of responsibility.
  • Conduct a thourough risk analysis in accordance with OCR risk assessment guidance (referenced below).
  • Assure that your compliance training program is up to date and that employees have signed off on receiving required training.  Corret any discovered deficiencies in training.
  • Audit every outside vendor and contracting party and make certain that there is an appropriate Business Associates Agreement in place.

Major Issues Arising In First Round of HIPAA Audits

  • Patient record request review process, specifically denial process;
  • Providers failing to provide patients with access to their records;
  • Insufficient or non-existant policies and procedures;
  • Inproper use of information relating to decedents;
  • Disclosure of intformation to personal representatives;
  • Risk Assessment process; and
  • Difficulties with Business Associate Agreements.

HIPAA’s Security Rule requires that covered entities periodically conduct a risk analysis.  The OCR has issued guidance on conducting such an analysis.  In the event of an audit, the results of your audit are likely to be requested. A review of your HIPAA policies should be conducted on an annual basis.  Any deficiencies should be identified and addressed in a corrective action plan.  Carefully document your review and the process you use to correct any identified deficiencies.  OCR Audist Guidelines

DME Diabetes Supply Company – Corporate Integrity Agreement

Wednesday, July 25th, 2012

Office of Inspector General Comes Down Hard on Compliance Failure

On July 20, 2012, the Office of Inspector General (“OIG”) added Pinnacle Medical Solutions, LLC (“Pinnacle”), a durable medical equipment company specializing in providing product solutions to people with diabetes, on the Corporate Integrity Agreement List due to its failure to comply with Medicare payment guidelines.


During an audit period (January 2006 through June 2009), 675 of the 870 selected line items for which Pinnacle made Medicare payments to providers for outpatient services were incorrect.  The overpayments totaled approximately $2.2 million and were a result of:

  • Incorrect units of service,
  • Healthcare Common Procedure Coding system codes not reflecting the procedures actually performed,
  • Lack of supporting documentation, and
  • Billing for unallowable service


Providers attributed the incorrect payments to clerical errors or to billing systems that could not prevent or detect the incorrect billing of units of service and other types of billing errors.  Pinnacle made the incorrect payment because neither the Fiscal Intermediary Standard System nor the CWF had sufficient edits in place to place to prevent or detect the overpayments.  The OIG did not accept these excuses.


As a result of their compliance failure, Pinnacle has agreed to do the following:

  • Recover the $2,159,595 in identified overpayments,
  • Implement a system edits that identify payments that exceed billed charges by a prescribed amount, and
  • Educate employees.

Furthermore, OIG has included Pinnacle on the Corporate Integrity Agreement List.  This means that Pinnacle will  have the OIG looking over its shoulder to ensure compliance for the next five years.

Action Piece

In order to meet the standards of the OIG, a provider should maintain a compliance program with a system to identify the specific risk areas that pertain to its operations.  Based upon an identified risk area, a sufficient audit program should be in place to detect potential errors that could lead to overpayments.  This case is reflective of the fact that the OIG will not accept excuses when obvious risk areas are overlooked during the self-audit process.

Physician Specialty Group Affiliations and ACO Involvement

Wednesday, July 18th, 2012

Specialty Affiliations and Mergers – Consider How You Fit Into An Accountable Care Organization

Merging Physician Specialty PracticesOne result of health care reform is a resurgence in affiliations and mergers of specialty practices throughout the country.  The structures of various physician specialty consolidations take a variety of forms, from IPAs, to divisional model groups, through completely integrated group practices.  Each structure raises its own legal considerations and challenges.  Regardless of what structure is used to consolidate specialty practices, the end result must be to create a facility to assure optimal participation under a reformed health care system.  This necessarily will include assuring participation in an Accountable Care Organization.

Specialty groups need to create a structure that does not exclude them from participation in an ACO.  One thing to consider when structuring a specialty group affiliation is the size and market share of the group in relation to the ACO antitrust safety zone that was issued by the Federal Trade Commission and the Department of Justice.  The ACO safety zone provides that an organization that meets the requirements to be an Accountable Care Organization will be considered to be “clinically integrated” under the antitrust laws. The DOJ and FTC state that they will not challenge ACOs that fall within the safety zone, absent extraordinary circumstances.

Normally, an organization that consists of independent competing physicians and other providers cannot jointly contract because an agreement on pricing issues amounts to a per se violation of the antitrust laws.  The goal in structuring such an organization is to provide for clinical and/or financial integration that is sufficient to take the organization out of the per se analysis into what is called the “rule of reason” analysis.  The per se rule means that the organization is automatically deemed to violate the antitrust laws.  On the other hand, the rule of reason involves a weighing of the pro-competitive affects of the organization against the anti-competitive affects.  The ACO Safety Zone amounts to a proclamation by the agencies that groups that meet the requirements to be an ACO will be judged under the more lenient “rule of reason.”

The ACO Safety Zone does not stop there.  It goes on to define when an organization will receive favorable analysis under the rule of reason.  For an ACO to fall within the safety zone, independent ACO participants that provide the same service (a “common service”) must have a combined share of 30 percent or less of each common service in each participant’s service area (“PSA”) wherever two or more ACO participants provide that service to patients from that PSA. The PSA for each participant is defined as the lowest number of postal zip codes from which the participant draws at least 75 percent of its patients, separately for all physician, inpatient, or outpatient services. Thus, for purposes of determining whether the ACO is eligible for the safety zone, each independent physician solo practice, each fully integrated physician group practice, each inpatient facility, and each outpatient facility will have its own PSA.

The Safety Zone adds some elements of certainty that did not exist under the usual “rule of reason” analysis.  For example, the Safety Zone contains a definition of the “market” to be used for purposes of safety zone analysis.  Normally the definition of “market” is a factual issue which makes an antitrust analysis difficult.  For ACO Safety Zone purposes we know that the market is considered to be the lowest number of postal zip codes from which the participant draws at least 75 percent of its patients.

Specialty organizations should keep these numbers in mind when determining the breadth of participation in their organizations.  Less integrated groups such as IPA and divisional model groups should perform this analysis and structure their groups to fall within the ACO Safety Zone.  Larger groups will have troubles plugging into an ACO that wishes to take advantage of the ACO Safety Zone.

These requirements only apply to independent groups.  A fully integrated physician group is considered to be a “single actor” for purposes of the antitrust and is therefore unable to conspire with itself on pricing issues.  This begs the question of what constitutes a “fully integrated” group for purposes of the antitrust laws.  Certainly a group that results from the merger of various practices, all who become employees of the new organization, without the creation of a divisional structure, would be considered to be a “fully integrated group.”  On the other hand, an IPA of individual practices or smaller groups would not be considered to be a “fully integrated” group.  Structures that fall between these two extremes constitute a “gray area.”  A Divisional Model Group or a Group Practice Without Walls, that has very little centralization of governance or activities and maintains most of its structure at the division or practice site level, could potentially raise questions as to whether sufficient levels of integration have been achieved to create a “fully integrated” group.

Because of the sensitivity of IPAs and divisional model structures, it is important that groups consult with competent health care or antitrust counsel who has sufficient sensitivity to these issues.  Failure to properly design a group can lead to future questions about the group’s ACO participation.  For example, if a divisional model contains more than 30% of the providers in the relevant PSA and is “collapsed” for antitrust purposes, the group’s participation in the ACO may be questioned by the ACO organizers.  Divisional models are being used frequently as a method to consolidate physicians because of the relative ease of implementing the structure.  Recently, there have been rumors that the FTC may be examining divisional groups to determine whether they are integrated enough to support them being considered a “fully integrated” group.

The same analysis applies to an IPA which is not financially integrated and includes over 30% of the providers in the local market.  In the end, you do not want to have your purposes of forming the group frustrated because these issues were not properly considered when structuring the organization.

Mandatory Compliance Programs for Nursing Facilities and Skilled Nursing Facilities

Wednesday, July 18th, 2012

Mandatory Compliance Programs for Nursing Facilities and Skilled Nursing Facilities


  • (a) Definition of Facility- In this section, the term `facility’ means–
    • (1) a skilled nursing facility (as defined in section 1819(a)); or
    • (2) a nursing facility (as defined in section 1919(a)).
  • (b) Effective Compliance and Ethics Programs-
    • (1) REQUIREMENT- On or after the date that is 36 months after the date of the enactment of this section, a facility shall, with respect to the entity that operates the facility (in this subparagraph referred to as the `operating organization’ or `organization’), have in operation a compliance and ethics program that is effective in preventing and detecting criminal, civil, and administrative violations under this Act and in promoting quality of care consistent with regulations developed under paragraph (2).
      • (A) IN GENERAL- Not later than the date that is 2 years after such date of the enactment, the Secretary, working jointly with the Inspector General of the Department of Health and Human Services, shall promulgate regulations for an effective compliance and ethics program for operating organizations, which may include a model compliance program.
      • (B) DESIGN OF REGULATIONS- Such regulations with respect to specific elements or formality of a program shall, in the case of an organization that operates 5 or more facilities, vary with the size of the organization, such that larger organizations should have a more formal program and include established written policies defining the standards and procedures to be followed by its employees. Such requirements may specifically apply to the corporate level management of multi unit nursing home chains.
      • (C) EVALUATION- Not later than 3 years after the date of the promulgation of regulations under this paragraph, the Secretary shall complete an evaluation of the compliance and ethics programs required to be established under this subsection. Such evaluation shall determine if such programs led to changes in deficiency citations, changes in quality performance, or changes in other metrics of patient quality of care. The Secretary shall submit to Congress a report on such evaluation and shall include in such report such recommendations regarding changes in the requirements for such programs as the Secretary determines appropriate.
    • (3) REQUIREMENTS FOR COMPLIANCE AND ETHICS PROGRAMS- In this subsection, the term `compliance and ethics program’ means, with respect to a facility, a program of the operating organization that–
      • (A) has been reasonably designed, implemented, and enforced so that it generally will be effective in preventing and detecting criminal, civil, and administrative violations under this Act and in promoting quality of care; and
      • (B) includes at least the required components specified in paragraph (4).
    • (4) REQUIRED COMPONENTS OF PROGRAM- The required components of a compliance and ethics program of an operating organization are the following:
      • (A) The organization must have established compliance standards and procedures to be followed by its employees and other agents that are reasonably capable of reducing the prospect of criminal, civil, and administrative violations under this Act.
      • (B) Specific individuals within high-level personnel of the organization must have been assigned overall responsibility to oversee compliance with such standards and procedures and have sufficient resources and authority to assure such compliance.
      • (C) The organization must have used due care not to delegate substantial discretionary authority to individuals whom the organization knew, or should have known through the exercise of due diligence, had a propensity to engage in criminal, civil, and administrative violations under this Act.
      • (D) The organization must have taken steps to communicate effectively its standards and procedures to all employees and other agents, such as by requiring participation in training programs or by disseminating publications that explain in a practical manner what is required.
      • (E) The organization must have taken reasonable steps to achieve compliance with its standards, such as by utilizing monitoring and auditing systems reasonably designed to detect criminal, civil, and administrative violations under this Act by its employees and other agents and by having in place and publicizing a reporting system whereby employees and other agents could report violations by others within the organization without fear of retribution.
      • (F) The standards must have been consistently enforced through appropriate disciplinary mechanisms, including, as appropriate, discipline of individuals responsible for the failure to detect an offense.
      • (G) After an offense has been detected, the organization must have taken all reasonable steps to respond appropriately to the offense and to prevent further similar offenses, including any necessary modification to its program to prevent and detect criminal, civil, and administrative violations under this Act.
      • (H) The organization must periodically undertake reassessment of its compliance program to identify changes necessary to reflect changes within the organization and its facilities.
  • (c) Quality Assurance and Performance Improvement Program-
    • (1) IN GENERAL- Not later than December 31, 2011, the Secretary shall establish and implement a quality assurance and performance improvement program (in this subparagraph referred to as the `QAPI program’) for facilities, including multi unit chains of facilities. Under the QAPI program, the Secretary shall establish standards relating to quality assurance and performance improvement with respect to facilities and provide technical assistance to facilities on the development of best practices in order to meet such standards. Not later than 1 year after the date on which the regulations are promulgated under paragraph (2), a facility must submit to the Secretary a plan for the facility to meet such standards and implement such best practices, including how to coordinate the implementation of such plan with quality assessment and assurance activities conducted under sections 1819(b)(1)(B) and 1919(b)(1)(B), as applicable.
    • (2) REGULATIONS- The Secretary shall promulgate regulations to carry out this subsection.’.

Medical Practice Sale Retirement Issues

Tuesday, July 17th, 2012

Planning Your Practice Exit Strategy – Maintaining Value for Possible Sale

I often get calls from independent practicing health care providers looking for advice on what to do when they retire from practice.  Most of the issues are the same whether they involve a physician, optometrist, dentist, chiropractor or any other independent practitioner.  My first and best advice is to begin the retirement planning process early, preferably 5-10 years  in advance, so that you can prepare for a smooth transition out of practice.  Most practitioners aim at going into some sort of transitional phase during the last couple of years where they gradually cut back their hours.  This requires a lot of planning especially in a single practitioner practice because it is difficult to reduce many fixed overhead items. 

A sale of the practice is the best retirement strategy because it enables you to cash out on the value of your practice.  A sale relieves the practitioner of some of the practice obligations that remain after retirement, such as the need to maintain medical records, collect accounts receivable and other activities.  There may also be contractual responsibilities on property leases, equipment leases and other practice obligations that may not coincide with your desired retirement.  Selling your practice prior to retirement will normally relieve you of these obligations if the sale is structured appropriately. 

Too often solo practitioners wait too long to consider the practice sales option.  You want to consider a sale while you are still practicing a 100% and the value if your practice is at its highest.  Reduction in revenues during a phase out period will necessarily reduce the sales value.  As you approach retirement, you will also lose leverage at the negotiating table because a potential purchaser will know that your option is to simply shut the doors and be left with some continuing obligations.

If a practice sale is not an option, you should make certain that you have budgeted adequate resources to meet post-retirement obligations.  Depending on the type of professional liability insurance you have, you may need to factor in the cost of maintaining tail coverage.  You will also need to provide for record storage and obligations to provide records to patients upon request.

Third party payors and governmental health programs can also seek repayment of amounts that they consider to have been overpaid to you.  Identified overpayments must be made within 60 days or severe penalties are imposed.  Proposed regulations would allow the government to look back as far as ten years when assessing repayment obligations and penalties.  Mechanisms need to be put in place and budgeted to address overpayment issues that could be raised by governmental payors following retirement..

In short, it pays for all providers to address retirement issues early.  This helps you develop a plan that maximizes your ability to reap the fruits of your years of hard work and avoid or at least mitigate some of the potential post termination obligations.

2013 Ambulatory Surgery Center Rates Proposes By CMS

Tuesday, July 17th, 2012

CMS Increases Ambulatory Surgery Center Rates, Adds 16 New Procedures for 2013

Ambulatory surgery centers will receive an across-the-board 1.3% rate increase under the 2013 propose Medicare ASC rates. The proposed rate adjustments were released by the Center for Medicare and Medicaid services on July 12, 2012.

CMS has also proposed the addition of 16 new procedures to the list of procedures that are payable in an ambulatory surgery center beginning January 1, 2013.

View the proposed rate changes on the CMS site.  Ambulatory Surgery Center Rates 2013

89 New Accountable Care Organizations Announced By CMS

Tuesday, July 17th, 2012

CMS Announces 89 New Accountable Care Organizations

The Centers for Medicare & Medicaid Services (CMS) has announced 89 new organizations that qualify to participate as Accountable Care Organizations (ACOs) under the Medicare Shared Saving Program.  The organizations were announced on July 9, 2012 and include the following organizations:

  • Arizona Health Advantage, Inc, Chandler, Arizona
  • John C. Lincoln Accountable Care Organization, LLC, Phoenix, Arizona
  • Fort Smith Physicians Alliance ACO, LLC, Smith, Arkansas
  • ApolloMed Accountable Care Organization Inc., Glendale, California
  • Golden Life Healthcare LLC, Sacramento, California
  • John Muir Physician Network, Walnut Creek, California
  • Meridian Holdings, Inc., Hawthorne, California
  • North Coast Medical ACO, Inc., Oceanside, California
  • Torrance Memorial Integrated Physicians, LLC, Torrance, California
  • MPS ACO Physicians, LLC, Middletown, Connecticut
  • PriMed, LLC, Shelton, Connecticut
  • Accountable Care Coalition of Northwest Florida, LLC, Pensacola, Florida
  • Accountable Care Partners, LLC,  Jacksonville, FloridaAllcare Options, LLC, located in Parrish, Florida
  • Florida Medical Clinic ACO, LLC,  Zephyrhills, Florida
  • FPG Healthcare, LLC, Orlando, Florida
  • HealthNet LLC, Boynton Beach, Florida
  • Integrated Care Alliance, LLC, Gainesville, Florida
  • Medical Practitioners for Affordable Care, LLC, Melbourne, Florida
  • Palm Beach Accountable Care Organization, LLC, West Palm Beach, Florida
  • Reliance Healthcare Management Solutions, LLC, Tampa, Florida
  • WellStar Health Network, LLC, Marietta, Georgia
  • Advocate Health Partners, Rolling Meadows, Illinois
  • Chicago Health System ACO, LLC, Westmont, Illinois
  • Deaconess Care Integration, LLC, Evansville, Indiana
  • Franciscan AHN ACO, LLC, Mishawaka, Indiana
  • Indiana University Health ACO, Inc., Indianapolis, Indiana
  • Genesis Accountable Care Organization, LLC, Davenport, Iowa
  • Iowa Health Accountable Care, L.C., Des Moines, Iowa
  • One Care LLC, Des Moines, Iowa
  • University of Iowa Affiliated Health Providers, LC, Iowa City, Iowa
  • Owensboro ACO, Owensboro, Kentucky
  • Quality Independent Physicians, Louisville, Kentucky
  • Southern Kentucky Health Care Alliance
  • TP-ACO LLC, Baton Rouge, Louisiana
  • Central Maine ACO, Lewiston, Maine
  • Maine Community Accountable Care Organization, LLC
  • MaineHealth Accountable Care Organization, Portland, Maine
  • Accountable Care Coalition of Maryland, LLC, Hollywood, Maryland
  • Greater Baltimore Health Alliance Physicians, LLC, Baltimore, Maryland
  • Maryland Accountable Care Organization of Eastern Shore LLC, National Harbor, Maryland
  • Circle Health Alliance, LLC, Lowell, Massachusetts
  • Harbor Medical Associates, PC, South Weymouth, Massachusetts
  • Accountable Healthcare Alliance, PC, East Lansing, Michigan
  • Oakwood Accountable Care Organization, LLC, Dearborn, Michigan
  • Southeast Michigan Accountable Care, Inc., Dearborn, Michigan,
  • Essential Health, Duluth, Minnesota
  • Medical Mall Services of Mississippi, Jackson, Mississippi,
  • BJC HealthCare ACO, LLC, St. Louis, Missouri
  • Heartland Regional Medical Center, St. Joseph, Missouri
  • Nevada Primary Care Network ACO, LLC, Las Vegas, Nevada
  • Concord Elliot ACO LLC, Manchester, New Hampshire
  • Barnabas Health ACO-North, LLC, West Orange, New Jersey
  • Accountable Care Coalition of Syracuse, LLC, Syracuse, New York
  • Asian American Accountable Care Organization, New York City
  • Balance Accountable Care Network, New York City
  • Beacon Health Partners, LLP, Manhasset, New York
  • Chautauqua Region Associated Medical Partners, LLC, Jamestown, New York
  • Healthcare Provider ACO, Inc., Garden City, New York
  • Mount Sinai Care, LLC, New York City
  • ProHEALTH Accountable Care Medical Group, PLLC, Lake Success, New York
  • WESTMED Medical Group, PC, Purchase, New York
  • Cornerstone Health Care, PA, High Point, North Carolina
  • Triad Healthcare Network, LLC, Greensboro, North Carolina
  • Mercy Health Select, LLC, Cincinnati, Ohio
  • ProMedica Physician Group, Inc., Toledo, Ohio
  • Summa Accountable Care Organization, Akron, Ohio
  • University Hospitals Coordinated Care, Shaker Heights, Ohio
  • North Bend Medical Center, Inc., Coos Bay, Oregon
  • Coastal Medical, Inc., Providence, Rhode Island
  • Accountable Care Coalition of The Tri-Counties, LLC, Charleston, South Carolina
  • AnewCare LLC, Johnson City, Tennessee
  • Cumberland Center for Healthcare Innovation, LLC, Nashville, Tennessee
  • MissionPoint Health Partners,  Nashville, Tennessee
  • St. Thomas Medical Group PLLC, Nashville, Tennessee
  • Summit Health Solutions, Knoxville, Tennessee
  • BHS Accountable Care, LLC, San Antonio, Texas
  • Memorial Hermann Accountable Care Organization, Houston, Texas
  • Methodist Patient Centered ACO, Dallas, Texas
  • Essential Care Partners, LLC, Austin, Texas,
  • Physicians ACO, LLC, Houston, Texas
  • Texoma ACO, LLC, Wichita Falls, Texas
  • Central Utah Clinic, P.C., Provo, Utah
  • Accountable Care Coalition of Green Mountains, LLC, South Burlington, Vermont
  • Polyclinic Management Services Company, Seattle, Washington,
  • Aurora Accountable Care Organization LLC, Milwaukee, Wisconsin
  • Dean Clinic and St. Mary’s Hospital Accountable Care Organization, LLC,  Madison, Wisconsin
  • ProHealth Solutions, LLC, Waukesha, Wisconsin

Health Law Practice Across State Lines – Ethical Considerations For Health Lawyers

Friday, July 13th, 2012

Multijurisdictional Practice in the Health Law Practice

 Health Care Law Practice EthicsTechnology has expanded the reach of lawyers and law firms.  Though the use of telecommunications, video conferencing, e-mail, “the cloud” and other technological advances, it is now possible for a lawyer sitting in California to address the needs of a client sitting in New York.  We have the resources to serve clients throughout the country, and in fact, internationally.  This is one of the forces behind much of the law firm consolidation that has taken place in recent years.  Law firms are trying to expand their physical reach to match their technological reach.  Sometimes a firm may be trying to clear its back yard and make a new competitor an ally.

Historically, State Supreme Courts have jurisdiction over the practice of law in the states.  In that regard, the practice of law has remained local.  In most circumstances, it is necessary to have a license to practice law in a specific state in order to provide legal services to clients in that state.  The Bar Associations of many states have made some adjustments to these rules over recent years in order to accommodate some of the changes in how law is practiced.  In spite of these changes, in most cases, it is still necessary to be licensed to practice law in the state in which you are providing services in order to provide legal services to clients who are based in that state.

Health care attorneys are faced with the multijurisdictional practice rules of various states on a continual basis.  Many health care attorneys have national scope practices and are consulted for their expertise in specific areas of health law.  Unlike other areas of the practice, such as real estate and trust law, many smaller towns do not have an expert on Medicare reimbursement, the intricacies of the Stark law and other state and federal health law issues that affect health care providers.  Much of that expertise is located in larger cities; sometimes in other states.

The other trend we are seeing in health care is for consultants to broaden the scope of the services that they offer into areas that traditionally require the services of attorneys and a license to practice law.  Some very aggressive health care consulting firms are even hiring individuals with legal training and who may be licensed to practice law in one or two states in order to expand the services offered by the consulting firm into areas historically requiring the services of an attorney.  The ethical implications of these relationships are highly questionable.

Because of the breadth of the health law practice, it is useful to outline the general rules regarding the practice of law in states which the health care attorney is not licensed to practice.  Following the rules in your state and the state where you are planning to provide advice will keep you off the radar of state disciplinary authorities.  It is often tempting to place your toe across the line of what is permissible, particularly in the highly specialized area of health care law.

I will put aside the issue of consultants who reach into providing legal advice as part of their service offering and focus on actively practicing lawyers who are licensed in one state and who provide services to clients who are located in another state.  Most and perhaps all states prohibit a lawyer from representing a client in a state in which he/she is not licensed except in a few very narrow situations.  In my state, the State of Wisconsin, these rules are outlined in SCR 20:5.5 which are complimented by state statutes that make it a crime to practice law in the state without a license.

 SCR 20:5.5 provides that a lawyer who is not licensed in Wisconsin but is licensed in another jurisdiction may provide legal services in Wisconsin but only in the following circumstances:

1.         Legal services can only be provided on an occasional basis.

 2.         The services are provided in association with a lawyer who is admitted to practice in Wisconsin.

 3.         The services are reasonably related to a pending or potential proceeding before a tribunal and the lawyer is authorized by law or ordered to participate.

 4.         The services are reasonably related to a proceeding in another jurisdiction if the services arise out of or are reasonably related to the lawyer’s practice in a jurisdiction where the lawyer is admitted to practice.

 5.         The services do not involve a dispute or proceeding but are reasonably related to the lawyer’s practice in his or her jurisdiction.

 Lawyers who are not licensed to practice in Wisconsin and practice in this state under one of the above exceptions must consent to the appointment of the Clerk of the Wisconsin Supreme Court as an agent for service of process for actions arising out of the provision of services in Wisconsin.

A lawyer who is not licensed to practice in Wisconsin is not permitted to establish an office or a systematic or continuous presence in Wisconsin for the practice of law.  Presence can be considered to be systematic or continuous even if there is no physical presence in the state.

 A lawyer can associate with local counsel to provide services to Wisconsin clients.  In the healthcare context, a general counsel or other Wisconsin licensed attorney can retain a non-Wisconsin attorney to provide special health law expertise.  However, an attorney that is licensed in another state and not in Wisconsin cannot represent a Wisconsin client without association with local counsel.  For example, it is the unauthorized practice of law in this state to represent a Wisconsin medical practice if the lawyer is not licensed to practice in Wisconsin.  Some firms may have members who are licensed in Wisconsin and attempt to justify services in the state on that basis.  In order to permit the representation, the Wisconsin lawyer must be actively involved in the representation of the client.  It is not enough to simply have another attorney in the firm who is licensed to practice in Wisconsin.

 Similar rules apply when a Wisconsin lawyer provides services in other states.  The rules of the state in which services are very being provided must be examined by a Wisconsin attorney who is providing services in another state.  Normally, states will permit services to be performed in other states in the course of representing a client that is based in Wisconsin and the matter is a natural outgrowth of the lawyer’s representation of the Wisconsin client.  Additionally, most states permit services to be performed in association with an attorney who is licensed in the state. 

Often times, a health care attorney will be called upon to represent a hospital or health system in a state where the attorney does not have a license to practice.  This type of representation is often appropriate because the hospital will have a general counsel or outside counsel who is licensed in the applicable state who is actively involved in the matter.  Direct representation without involvement by a state licensed attorney is impermissible. 

The issue also arises in medical group representation.  There is no business that is more local in nature than a medical practice.  A medical practice is organized under state law and provides its services through physicians who are licensed to practice medicine in the state.  Yet, firms permit themselves to represent medical practices in states where they are not licensed.  The practice is unethical unless local licensed counsel is also actively involved. 

Lawyers should pay close attention to these multi-jurisdictional practice rules.  Failure to abide by these rules can result in disciplinary action and possible criminal prosecution for the unauthorized practice of law.

Compliance Program Scale and Scope – Customizing Compliance to Your Organization

Friday, July 13th, 2012

Customization and Scalability of Compliance Programs

Creating a Compliance Program That is Right for Your Organization

An important part of developing an effective compliance program is to make the program scalable and effective for the operations of the specific provider.  In some ways, creating compliance program for a large health system is the easiest because you have the resources and breadth of operations to recommend everything; also known as the “kitchen sink” model.  The real art in my opinion comes when developing programs for smaller hospitals, physician groups and other organizations that do not have the resources to “do it all.”  Taking an overbroad approach to compliance with smaller organizations can actually create additional risk because you are creating a “roadmap” of items that are not being done and which you will never have the resources to complete.

Our job as compliance attorneys is to recommend systems that are workable within the resources and specific risk areas that are relevant to the provider.  This takes a level of judgment that is not necessary where the size and resources of the organization permit the “kitchen sink” approach to be taken.

The development of compliance programs for smaller organizations take a surgical approach.  Care must be taken to develop systems for identifying the risk areas that are specific to the organization.  Risks should be scored and prioritized and the results of this process should be included into a plan to accomplish audits, reviews or monitoring of the various identified risk areas.  Small organizations cannot hit every risk area during every budgeting cycle.  A longer term approach is called for with the most urgent risks requiring closer and faster review.  This all ties into the budgeting process.  The work plan needs to be adequately budgeted.  The size of the organization will have an effect on the amount that is budgeted for compliance.

The point of a compliance program is not that every problem area will be found.  It is most important that a logical system be developed that prioritizes risk and addresses risk areas in a logical fashion.  The other side of the coin is that a substantial organization should not hide behind lack of resources for not addressing significant risk areas.  A small physician practice is at one end of the spectrum.  A hospital system with several facilities, attached physician network, and an array of ancillary services would have little excuse for not allocating sufficient budget amounts to compliance to enable the organization to meet its compliance needs.

Issues of scalability also come into the general structure of the compliance program.  A small physician practice will not have the resources to hire a chief compliance officer.  Rather, a small practice might designate a partner or administrator as a “compliance responsible individual.”  On the other hand, a substantial hospital system should implement a robust structure including a full-time chief compliance officer, a compliance committee and compliance staff.  The compliance officer should not serve a dual role in positions that create an inherent conflict of interest such as general counsel, chief financial officer or chief operating officer.

Issues of scope and scalability are at the center of most compliance efforts.  These issues require careful and judiciously made decisions.  These decisions are important and must be faced by providers of all size, from the smallest medical practice through the largest health system as mandatory affective compliance programs become a requirement.

Compliance Program Best Practices Tips

Friday, July 13th, 2012

Tips For Best Practices In Compliance Program Operation

Here are a few tips to help you attempt to meet the “best practices” standard:

1.         Act as if you are under a Corporate Integrity Agreement.  Always assume that the government is looking over your shoulder and that you will be called upon at some point to justify the effectiveness of your compliance program.

2.         Follow the government guidelines to the tee.  Familiarize yourself with the Federal Sentencing Guidelines and OIG Industry Guidance and integrate these requirements into your compliance plan.

3.         Keep up with government releases, speeches, regulations, comments, advisory opinions, and all other communication that help to define your obligations.

4.         Make your compliance plan a “living and breathing” documents that is continually up for revision based on specific things that you learn about your specific organizations.

5.         Make sure your compliance officer focuses on compliance and does not wear other hats that compete for time, attention or perspective.

6.         Make certain that sufficient resources are devoted to compliance.  Adopt the view that it is better to spend money on compliance that to pay for mistakes down the road.

If there is any area where you are not able to achieve “best practices” for financial or other reasons, be prepared to justify your shortcomings.  Key to all of this is to operate as if you will someday be required to defend the effectiveness of your compliance program.  In all likelihood you will someday be in exactly that position given the current state of the health care industry and mentality of the governmental agencies that are charged with enforcement.

These are just a few tips to get you thinking about your compliance approach.  Health care reform has made compliance programs mandatory for the first time.  There are also multiple indications that the government wants organizations to devote more to compliance as a way to save health care costs.  It is clearly time for organizations of all types and sizes to re-focus their efforts on compliance within their organizations.

John H. Fisher

Health Care Counsel
Ruder Ware, L.L.S.C.
500 First Street, Suite 8000
P.O. Box 8050
Wausau, WI 54402-8050

Tel 715.845.4336
Fax 715.845.2718

Ruder Ware is a member of Meritas Law Firms Worldwide

The Health Care Law Blog is made available by Ruder Ware for educational purposes and to provide a general understanding of some of the legal issues relating to the health care industry. This site does not provide specific legal advice and you should not use the information contained on this site to address your specific situation without consulting with legal counsel that is well versed in health care law and regulation. By using the Health Care Law Blog site you understand that there is no attorney client relationship between you and Ruder Ware or any individual attorney. Postings on this site do not represent the views of our clients. This site links to other information resources on the Internet; these sites are not endorsed or supported by Ruder Ware, and Ruder Ware does not vouch for the accuracy or reliability of any information provided therein. For further information regarding the articles on this blog, contact Ruder Ware through our primary website.