pills-2-300x225Ketamine is a substance growing in popularity as a treatment for, among other things, depression and pain management.  Ketamine clinics are quickly increasing in popularity.  Why Ketamine-Assisted Therapy Has Gone Mainstream, Forbes (Oct. 18, 2021).  Our healthcare and business law firm assists clients in understanding the rules and requirements around opening and operating Ketamine clinics, understanding the unique issues that face innovative clinics where no clear guidance or oversight has yet been established.  With this post, Total Health Law intends to present three considerations for a provider thinking about opening a Ketamine clinic in Georgia.  If you have questions regarding this blog post, opening a Ketamine clinic, or operating your existing Ketamine clinic, you may contact us at (404) 685-1662 (Atlanta) or (706) 722-7886 (Augusta), or by email, info@hamillittle.com. You may also learn more about our law firm by visiting www.hamillittle.com.

Continue reading ›

freestock_1383571985-scaled-e1635348607461Welcome to the third and final post in our three-part HIPAA Breach series! In the first post, HIPAA Breach Primer: Part 1—The Risk Assessment, we provided an overview of HIPAA requirements and how to conduct a Risk Assessment to determine the risk that a HIPAA violation occurred. In the second post, HIPAA Breach Primer: Part 2—Patient Notification, we outlined requirements and considerations when the rules require patient notification.

This post explores the last step—reporting the breach to the U.S. Department of Health and Human Services (HHS).  Note, this post and series do not address state privacy laws or attendant state notification or reporting requirements upon a breach.  If you have questions regarding this blog post, conducting a HIPAA risk analysis, your reporting and notification requirements under HIPAA, or other privacy-related matters, you may contact us at (404) 685-1662 (Atlanta) or (706) 722-7886 (Augusta), or by email, info@hamillittle.com. You may also learn more about our law firm by visiting www.hamillittle.com.

Timing of Report

If the Risk Assessment revealed that a HIPAA breach likely occurred, the next step is to think about what notice is required.  In addition to notifying impacted patients, the Covered Entity (or, in some circumstances, Business Associate) must report the breach to the Secretary of HHS.  If a breach affects 500 or more individuals, the timing for reporting to HHS is the same as for notifying patients—without unreasonable delay and in no case later than 60 days following a breach.

Continue reading ›

ehrsiner_770-e1634851226990Welcome to the second post in our three-part HIPAA Breach series! In the first post, HIPAA Breach Primer: Part 1—The Risk Assessment, we provided an overview of HIPAA requirements and how to conduct a Risk Assessment to determine the risk that a HIPAA violation occurred. To recap, there are generally three initial steps a practice takes in the face of a potential HIPAA breach.  First, performing a risk assessment to determine whether a breach, in fact, occurred.  Second, if the risk assessment reveals a probability that personal health information (PHI) was likely compromised, then the patients involved must be notified.  Third, the breach must be reported to HHS’s Office of Civil Rights (OCR).

This post explores the second step—notifying patients.  Future posts will discuss the second and third steps required if the risk assessment reveals a breach occurred.  Note, this post and series do not address state privacy laws or attendant state notification or reporting requirements upon a breach.  If you have questions regarding this blog post, conducting a HIPAA risk analysis, your reporting and notification requirements under HIPAA, or other privacy-related matters, you may contact us at (404) 685-1662 (Atlanta) or (706) 722-7886 (Augusta), or by email, info@hamillittle.com. You may also learn more about our law firm by visiting www.hamillittle.com.

Continue reading ›

data-storage-1-1155466-mWelcome to the first post in our three-part HIPAA Breach series! Our healthcare and business law firm often works with medical practices to determine whether an act involving patient privacy constitutes a violation of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) requiring notification and reporting of any breach.  By law, a patient’s health information can only be used and disclosed for specific reasons.  When there is a risk that patient information has been accessed, used, or disclosed in a way that is not permitted, there may be a HIPAA violation.  More information about the HIPAA rules can be found on our website here and the U.S. Department of Health and Human Services’ (HHS) website here.  There are generally three initial steps a practice takes in the face of a potential HIPAA breach.  First, performing a risk assessment to determine whether a breach, in fact, occurred.  Second, if the risk assessment reveals a probability that personal health information (PHI) was likely compromised, then the patients involved must be notified.  Third, the breach must be reported to HHS’s Office of Civil Rights (OCR).

This post is the first of a three-part series on HIPAA breaches.  This post explains the first step—conducting the risk assessment.  Future posts will discuss the second and third steps required if the risk assessment reveals a breach occurred.  Note, this post and series do not address state privacy laws or attendant state notification or reporting requirements upon a breach.  If you have questions regarding this blog post, conducting a HIPAA risk analysis, your reporting and notification requirements under HIPAA, or other privacy-related matters, you may contact us at (404) 685-1662 (Atlanta) or (706) 722-7886 (Augusta), or by email, info@hamillittle.com. You may also learn more about our law firm by visiting www.hamillittle.com.

Continue reading ›

medical_malpractice_legal_terms-e1632925373696As a healthcare and business law firm, we work with many physicians employed by Federally Qualified Health Centers, or “FQHCs.”  Working at an FQHC offers certain benefits and protections to providers.  One such benefit is that individual providers are generally protected from civil malpractice lawsuits.  Although our firm does not litigate medical malpractice actions, we work with physicians who are accused of malpractice within an action involving FQHCs to minimize damage to the physician’s reputation and record, particularly regarding reporting to the National Practitioner Data Bank (“NPDB”).  This post intends to outline what a physician working at an FQHC needs to know if an individual brings a malpractice action. If you have questions regarding this blog post, the NPDB, or FQHC-related matters, you may contact us at (404) 685-1662 (Atlanta) or (706) 722-7886 (Augusta), or by email, info@hamillittle.com. You may also learn more about our law firm by visiting www.hamillittle.com.

Suit Against the United States Not Individual Doctors or Practices

The first thing to note is that if you are a physician for most FQHCs and a patient wishes to sue alleging medical malpractice, you—as the physician—and the health center are generally protected from being named in a lawsuit.

Why is that? Continue reading ›

image_4-e1631547014743Last week, our blog post discussed the general rules permitting telemedicine in Georgia.  Often, our healthcare and business law firm’s provider clients who conduct telemedicine also need to understand the requirements around prescribing controlled substances based on telemedicine visits.  This post intends to outline some of the relevant prescribing rules in Georgia and the exceptions due to the Public Health Emergency (PHE) created by COVID-19.  This post intends to outline some relevant Georgia rules and regulations relating to telemedicine.  If you have questions about telemedicine or prescribing rules or would like to discuss this blog post, you may contact our healthcare and business law firm at (404) 685-1662 (Atlanta) or (706) 722-7886 (Augusta), or by email, info@hamillittle.com. You may also learn more about our law firm by visiting www.hamillittle.com.

Georgia Rules on Prescribing Controlled Substances via Telemedicine

As discussed in our prior blog post on the general telemedicine rules, we look to the Medical Board’s rules on Unprofessional Conduct, among other rules, to decipher what is allowed in Georgia.  Rule 360-3-.02 defines Unprofessional Conduct to include subsection (5), which provides that Unprofessional Conduct could include: “Prescribing controlled substances . . . and/or dangerous drugs . . . for a patient based solely on a consultation via electronic means with the patient, patient’s guardian or patient’s agent.”  As such, the general rule prohibits prescribing controlled substances via a telemedicine consult.  However, the rule does “not prohibit a licensee from prescribing a dangerous drug for a patient pursuant to a valid physician patient relationship in accordance with O.C.G.A. § 33-24-56.4 or a licensee who is on-call or covering for another licensee from prescribing up to a 30-day supply of medications for a patient of such other licensee nor shall it prohibit a licensee from prescribing medications when documented emergency circumstances exist.”  Rule 360-3-.02(5).  There are other exceptions related to specific Schedule II controlled substances.

Continue reading ›

MM-0220-Telemedicine-iStock-e1581381176331-1024x814-1-e1631301250783Our healthcare and business law firm frequently receives questions asking about telemedicine rules in Georgia.  This post intends to outline some relevant Georgia rules and regulations relating to telemedicine.  Our next post will consider the rules around prescribing based on a telemedicine consult and how COVID-19’s Public Health Emergency impacts those rules.  If you have questions about telemedicine rules and regulations or would like to discuss this blog post, you may contact our healthcare and business law firm at (404) 685-1662 (Atlanta) or (706) 722-7886 (Augusta), or by email, info@hamillittle.com. You may also learn more about our law firm by visiting www.hamillittle.com.

General Telemedicine Rules and Definitions

The Georgia Composite Medical Board (“Medical Board”) generally requires an in-person exam, but the Medical Board Rules allow telemedicine in certain situations.  To begin, the relevant definition of “telemedicine” is found in Georgia’s insurance code and defines “telemedicine” as:

Continue reading ›

By: Brian Field

6E9A1516-lower-res-e1630337874585

With the ever-changing climate of technology, the Health Insurance Portability and Accountability Act (HIPAA) continues to make patient-centered modifications intended to protect personal health records. Key components to the most recent updates to HIPAA include prohibition of records withholding.

The inspiration for the recent changes come from the Office of Civil Rights (OCR) within the U.S. Department of Health and Human Services (HHS).  A goal of both entities is to protect the health of all Americans and ensure essential human services. The OCR continues to reinforce a focus on patients regarding health and health records by aiming to eliminate technical barriers and reducing or eliminating cost to patients.

Following HIPAA law changes can be daunting, but if there is one thing to keep in mind, it is that HIPAA prioritizes patients. The information below is a snapshot of what you should know as you navigate health records storage for your patients before, during, and after their care with you has ended:

Continue reading ›

Employment-Agreement-scaled-600x400-1-e1628799705812All individuals and industries have been impacted by COVID-19. As relevant to most of our clients, the medical industry has been heavily impacted. In June 2021, the Physicians Advocacy Institute (“PAI”) released the results of a study entitled: “COVID-19’s Impact on Acquisitions of Physician Practices and Physician Employment 2019-2020.” If you have questions about selling or purchasing a practice or physician employment questions, or would like to discuss this blog post, you may contact our healthcare and business law firm at (404) 685-1662 (Atlanta) or (706) 722-7886 (Augusta), or by email, info@hamillittle.com. You may also learn more about our law firm by visiting www.hamillittle.com.

A main takeaway from the study is that between January 1, 2019, and January 1, 2021, “48,400 additional physicians left independent practice and became employees of hospitals or other corporate entities – 22,700 of that shift occurred after the onset of COVID-19.” This is a 12% increase in the percentage of hospital-employed physicians over the two-year study period. Furthermore, during the two-year study period, there was a 25% increase in corporate-owned practices nationally.

Continue reading ›

medical-doctor-1314902-mIn our previous post reviewing the Georgia Composite Medical Board’s (“Medical Board” or “GCMB”) June Monthly Meeting Minutes, we touched on the Medical Board’s acknowledgment of House Bill 458. Herein, our healthcare and business law firm analyzes more thoroughly the new law and its impact on Georgia physicians and the Medical Board. If you have licensing or other GCMB questions or would like to discuss this blog post, you may contact our healthcare and business law firm at (404) 685-1662 (Atlanta) or (706) 722-7886 (Augusta), or by email, info@hamillittle.com. You may also learn more about our law firm by visiting www.hamillittle.com.

HB 458 amends Title 43 of the Official Code of Georgia in varied ways to accomplish the following goals:

Continue reading ›

Contact Information