iStock_000033418316_Medium-e1626470315777Many of our healthcare and business law firm’s clients are in the business of renting expensive medical equipment for use by medical practices.  Generally, these arrangements raise compliance questions under the Physician Self-Referral Act, referred to as Stark Law, and the Anti-Kickback Statute (“AKS”).  Should a regulator find an arrangement violates either law, the consequences are severe.  The perhaps unfortunate truth is that rarely can a sincere and analytical attorney tell you with confidence that an arrangement does or does not violate either law.  The analysis usually places an arrangement on a scale of low to high risk of noncompliance.  To assist in understanding whether an arrangement complies with Stark Law and AKS, the rules provide specific exceptions and safe harbors, respectively.  Both Stark Law’s exceptions AKS’s safe harbors outline ways in which an equipment rental agreement may satisfy the protections.  One question that frequently arises with our clients is whether they can structure an equipment rental agreement to have a per-use (often called a “per-click”) payment term, wherein there is no set monthly amount but, rather, the lessee pays the lessor a predetermined amount for each time the equipment is used.

In this blog post, we outline the basis rules for equipment rental agreements under Stark Law and whether per-click payment terms may satisfy Stark Law’s Rental of Equipment exception.  Our next post will analyze the same question under AKS.  If you have questions regarding this blog post or wish to evaluate the risks in your equipment lease arrangement, you may contact us at (404) 685-1662 (Atlanta) or (706) 722-7886 (Augusta), or by email, info@hamillittle.com. You may also learn more about our law firm by visiting www.hamillittle.com.

Continue reading ›

imagesWelcome to the third installment of our business and healthcare law firm’s monthly medical board meeting review, focusing on the Georgia Composite Medical Board (“Medical Board” or “GCMB”).  As a healthcare law firm with physician clients, it is our duty to stay up to date with the Medical Board’s positions and changes so as to better inform our clients. If you have licensing or other GCMB questions or would like to discuss this blog post, you may contact our healthcare and business law firm at (404) 685-1662 (Atlanta) or (706) 722-7886 (Augusta), or by email, info@hamillittle.com. You may also learn more about our law firm by visiting www.hamillittle.com.

The Medical Board met on July 1, 2021 via video teleconference.  The July monthly meeting minutes are available here.  The Medical Board also publicly releases public orders and agreements each month.

Meeting Minutes

The Rules Committee reported the following rules for comments:

Rule 360-5-.02 “Qualifications for Physician Assistant Licensure”

Rule 360-5-.06 “Renewal of Physician Assistant License”

Rule 360-35-.01 “Definitions” (Lasers)

Rule 360-35-.05 “Practice”

Continue reading ›

iStock_000033418316_Medium-e1626470315777Direct primary care practices (a.k.a. concierge medical practices) have become popular alternatives to the traditional insurance medical practice model.  Direct primary care practices cut out insurance companies from the provider-patient relationship.  This post intends to outline the recent history of direct primary care in Georgia and the relevant rules that practices must comply with to establish a direct primary care practice.  If you have questions regarding this blog post or migrating to a direct primary care or concierge practice, you may contact us at (404) 685-1662 (Atlanta) or (706) 722-7886 (Augusta), or by email, info@hamillittle.com. You may also learn more about our law firm by visiting www.hamillittle.com.

History: Senate Bill 18 in 2019

In 2019, Georgia became the 26th state to designate in its insurance code that Direct Primary Care practices are “not insurance” by passing Senate Bill 18.  At the time, 3.2 million Georgians were living in areas facing a severe physician shortage.  Dubois & Mesa, SB 18 – Direct Primary Care, Ga. St. Univ. L. Rev., Vol. 36:1, p. 136 (2019).  In supporting the bill, Senator Kay Kirkpatrick said:

It is a way for people who can’t afford high dollar plans to get the majority of their care handled for a reasonable and predictable amount of money and is also a way for people to keep their primary care doctor if they change plans or if their doctor is not in their insurance network.

Dubois, SB 18 – DIRECT PRIMARY CARE, p. 136. Continue reading ›

pills-2-300x225Ketamine is a substance growing in popularity as a treatment for, among other things, depression and pain management.  Ketamine clinics are quickly increasing in popularity.  Why Ketamine-Assisted Therapy Has Gone Mainstream, Forbes (Oct. 18, 2021).  Our healthcare and business law firm assists clients in understanding the rules and requirements around opening and operating Ketamine clinics, understanding the unique issues that face innovative clinics where no clear guidance or oversight has yet been established.  With this post, Total Health Law intends to present three considerations for a provider thinking about opening a Ketamine clinic in Georgia.  If you have questions regarding this blog post, opening a Ketamine clinic, or operating your existing Ketamine clinic, you may contact us at (404) 685-1662 (Atlanta) or (706) 722-7886 (Augusta), or by email, info@hamillittle.com. You may also learn more about our law firm by visiting www.hamillittle.com.

Continue reading ›

freestock_1383571985-scaled-e1635348607461Welcome to the third and final post in our three-part HIPAA Breach series! In the first post, HIPAA Breach Primer: Part 1—The Risk Assessment, we provided an overview of HIPAA requirements and how to conduct a Risk Assessment to determine the risk that a HIPAA violation occurred. In the second post, HIPAA Breach Primer: Part 2—Patient Notification, we outlined requirements and considerations when the rules require patient notification.

This post explores the last step—reporting the breach to the U.S. Department of Health and Human Services (HHS).  Note, this post and series do not address state privacy laws or attendant state notification or reporting requirements upon a breach.  If you have questions regarding this blog post, conducting a HIPAA risk analysis, your reporting and notification requirements under HIPAA, or other privacy-related matters, you may contact us at (404) 685-1662 (Atlanta) or (706) 722-7886 (Augusta), or by email, info@hamillittle.com. You may also learn more about our law firm by visiting www.hamillittle.com.

Timing of Report

If the Risk Assessment revealed that a HIPAA breach likely occurred, the next step is to think about what notice is required.  In addition to notifying impacted patients, the Covered Entity (or, in some circumstances, Business Associate) must report the breach to the Secretary of HHS.  If a breach affects 500 or more individuals, the timing for reporting to HHS is the same as for notifying patients—without unreasonable delay and in no case later than 60 days following a breach.

Continue reading ›

ehrsiner_770-e1634851226990Welcome to the second post in our three-part HIPAA Breach series! In the first post, HIPAA Breach Primer: Part 1—The Risk Assessment, we provided an overview of HIPAA requirements and how to conduct a Risk Assessment to determine the risk that a HIPAA violation occurred. To recap, there are generally three initial steps a practice takes in the face of a potential HIPAA breach.  First, performing a risk assessment to determine whether a breach, in fact, occurred.  Second, if the risk assessment reveals a probability that personal health information (PHI) was likely compromised, then the patients involved must be notified.  Third, the breach must be reported to HHS’s Office of Civil Rights (OCR).

This post explores the second step—notifying patients.  Future posts will discuss the third step required if the risk assessment reveals a breach occurred.  Note, this post and series do not address state privacy laws or attendant state notification or reporting requirements upon a breach.  If you have questions regarding this blog post, conducting a HIPAA risk analysis, your reporting and notification requirements under HIPAA, or other privacy-related matters, you may contact us at (404) 685-1662 (Atlanta) or (706) 722-7886 (Augusta), or by email, info@hamillittle.com. You may also learn more about our law firm by visiting www.hamillittle.com.

Continue reading ›

data-storage-1-1155466-mWelcome to the first post in our three-part HIPAA Breach series! Our healthcare and business law firm often works with medical practices to determine whether an act involving patient privacy constitutes a violation of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) requiring notification and reporting of any breach.  By law, a patient’s health information can only be used and disclosed for specific reasons.  When there is a risk that patient information has been accessed, used, or disclosed in a way that is not permitted, there may be a HIPAA violation.  More information about the HIPAA rules can be found on our website here and the U.S. Department of Health and Human Services’ (HHS) website here.  There are generally three initial steps a practice takes in the face of a potential HIPAA breach.  First, performing a risk assessment to determine whether a breach, in fact, occurred.  Second, if the risk assessment reveals a probability that personal health information (PHI) was likely compromised, then the patients involved must be notified.  Third, the breach must be reported to HHS’s Office of Civil Rights (OCR).

This post is the first of a three-part series on HIPAA breaches.  This post explains the first step—conducting the risk assessment.  Future posts will discuss the second and third steps required if the risk assessment reveals a breach occurred.  Note, this post and series do not address state privacy laws or attendant state notification or reporting requirements upon a breach.  If you have questions regarding this blog post, conducting a HIPAA risk analysis, your reporting and notification requirements under HIPAA, or other privacy-related matters, you may contact us at (404) 685-1662 (Atlanta) or (706) 722-7886 (Augusta), or by email, info@hamillittle.com. You may also learn more about our law firm by visiting www.hamillittle.com.

Continue reading ›

medical_malpractice_legal_terms-e1632925373696As a healthcare and business law firm, we work with many physicians employed by Federally Qualified Health Centers, or “FQHCs.”  Working at an FQHC offers certain benefits and protections to providers.  One such benefit is that individual providers are generally protected from civil malpractice lawsuits.  Although our firm does not litigate medical malpractice actions, we work with physicians who are accused of malpractice within an action involving FQHCs to minimize damage to the physician’s reputation and record, particularly regarding reporting to the National Practitioner Data Bank (“NPDB”).  This post intends to outline what a physician working at an FQHC needs to know if an individual brings a malpractice action. If you have questions regarding this blog post, the NPDB, or FQHC-related matters, you may contact us at (404) 685-1662 (Atlanta) or (706) 722-7886 (Augusta), or by email, info@hamillittle.com. You may also learn more about our law firm by visiting www.hamillittle.com.

Suit Against the United States Not Individual Doctors or Practices

The first thing to note is that if you are a physician for most FQHCs and a patient wishes to sue alleging medical malpractice, you—as the physician—and the health center are generally protected from being named in a lawsuit.

Why is that? Continue reading ›

image_4-e1631547014743Last week, our blog post discussed the general rules permitting telemedicine in Georgia.  Often, our healthcare and business law firm’s provider clients who conduct telemedicine also need to understand the requirements around prescribing controlled substances based on telemedicine visits.  This post intends to outline some of the relevant prescribing rules in Georgia and the exceptions due to the Public Health Emergency (PHE) created by COVID-19.  This post intends to outline some relevant Georgia rules and regulations relating to telemedicine.  If you have questions about telemedicine or prescribing rules or would like to discuss this blog post, you may contact our healthcare and business law firm at (404) 685-1662 (Atlanta) or (706) 722-7886 (Augusta), or by email, info@hamillittle.com. You may also learn more about our law firm by visiting www.hamillittle.com.

Georgia Rules on Prescribing Controlled Substances via Telemedicine

As discussed in our prior blog post on the general telemedicine rules, we look to the Medical Board’s rules on Unprofessional Conduct, among other rules, to decipher what is allowed in Georgia.  Rule 360-3-.02 defines Unprofessional Conduct to include subsection (5), which provides that Unprofessional Conduct could include: “Prescribing controlled substances . . . and/or dangerous drugs . . . for a patient based solely on a consultation via electronic means with the patient, patient’s guardian or patient’s agent.”  As such, the general rule prohibits prescribing controlled substances via a telemedicine consult.  However, the rule does “not prohibit a licensee from prescribing a dangerous drug for a patient pursuant to a valid physician patient relationship in accordance with O.C.G.A. § 33-24-56.4 or a licensee who is on-call or covering for another licensee from prescribing up to a 30-day supply of medications for a patient of such other licensee nor shall it prohibit a licensee from prescribing medications when documented emergency circumstances exist.”  Rule 360-3-.02(5).  There are other exceptions related to specific Schedule II controlled substances.

Continue reading ›

MM-0220-Telemedicine-iStock-e1581381176331-1024x814-1-e1631301250783Our healthcare and business law firm frequently receives questions asking about telemedicine rules in Georgia.  This post intends to outline some relevant Georgia rules and regulations relating to telemedicine.  Our next post will consider the rules around prescribing based on a telemedicine consult and how COVID-19’s Public Health Emergency impacts those rules.  If you have questions about telemedicine rules and regulations or would like to discuss this blog post, you may contact our healthcare and business law firm at (404) 685-1662 (Atlanta) or (706) 722-7886 (Augusta), or by email, info@hamillittle.com. You may also learn more about our law firm by visiting www.hamillittle.com.

General Telemedicine Rules and Definitions

The Georgia Composite Medical Board (“Medical Board”) generally requires an in-person exam, but the Medical Board Rules allow telemedicine in certain situations.  To begin, the relevant definition of “telemedicine” is found in Georgia’s insurance code and defines “telemedicine” as:

Continue reading ›

Contact Information