Physician Practices

The CMS Vaccine Mandate: What Providers are Covered and What’s the Timeline to Comply?

January 25, 2022 | Little Health Law

021721125026-e1643150049878 Many of our healthcare and business law firm’s clients have questions about whether CMS’ vaccine mandate (a.k.a. the “federal healthcare worker vaccine mandate”) applies to their workforce. The vaccine mandate landscape is evolving. For instance, the OSHA vaccine mandate applicable to 100+ employee-businesses was overruled by the Supreme Court. The analysis herein is current as of the date this blog is posted and subject to change as agencies and courts release new decisions.

If you have questions regarding this blog post or the applicability of state and federal regulations to you or your medical practice, you may contact us at (404) 685-1662 (Atlanta) or (706) 722-7886 (Augusta), or by email, info@hamillittle.com. You may also learn more about our law firm by visiting www.hamillittle.com.

The CMS Vaccine Mandate

CMS’ vaccine mandate requires all staff at Medicare and Medicaid-certified provider facilities, except for those with approved medical or religious exemptions, to be vaccinated. The mandate is still being tested in court however, the Supreme Court has preliminarily agreed with the federal government that the mandate is valid and has ruled that the mandate is in effect now, pending further litigation. As such, the CMS vaccine mandate is now active.

The Anti-Kickback Statute’s Rules on Per-Use or Per-Click Rental Equipment Leases

January 21, 2022 | Little Health Law

223220955_d39c2ebad0_b-e1642805878743 Many of our healthcare and business law firm’s clients are in the business of renting expensive medical equipment for use by medical practices. Generally, these arrangements raise compliance questions under the Physician Self-Referral Act, referred to as Stark Law, and the Anti-Kickback Statute (“AKS”). Should a regulator find an arrangement violates either law, the consequences are severe. The perhaps unfortunate truth is that rarely can a sincere and analytical attorney tell you with confidence that an arrangement does or does not violate either law. The analysis usually places an arrangement on a scale of low to high risk of noncompliance. To assist in understanding whether an arrangement complies with Stark Law and AKS, the rules provide specific exceptions and safe harbors, respectively. Both Stark Law’s exceptions and AKS’s safe harbors outline ways in which an equipment rental agreement may satisfy the protections. One question that frequently arises with our clients is whether they can structure an equipment rental agreement to have a per-use (often called a “per-click”) payment term, wherein there is no set monthly amount but, rather, the lessee pays the lessor a predetermined amount for each time the equipment is used.

In this blog post, we outline the basic rules for equipment rental agreements under AKS and whether per-click payment terms satisfy AKS’s Equipment Rental safe harbor. Continue reading ›

Stark Law’s Rules on Per-Use or Per-Click Rental Equipment Leases

January 14, 2022 | Little Health Law

iStock_000033418316_Medium-e1626470315777 Many of our healthcare and business law firm’s clients are in the business of renting expensive medical equipment for use by medical practices. Generally, these arrangements raise compliance questions under the Physician Self-Referral Act, referred to as Stark Law, and the Anti-Kickback Statute (“AKS”). Should a regulator find an arrangement violates either law, the consequences are severe. The perhaps unfortunate truth is that rarely can a sincere and analytical attorney tell you with confidence that an arrangement does or does not violate either law. The analysis usually places an arrangement on a scale of low to high risk of noncompliance. To assist in understanding whether an arrangement complies with Stark Law and AKS, the rules provide specific exceptions and safe harbors, respectively. Both Stark Law’s exceptions AKS’s safe harbors outline ways in which an equipment rental agreement may satisfy the protections. One question that frequently arises with our clients is whether they can structure an equipment rental agreement to have a per-use (often called a “per-click”) payment term, wherein there is no set monthly amount but, rather, the lessee pays the lessor a predetermined amount for each time the equipment is used.

In this blog post, we outline the basis rules for equipment rental agreements under Stark Law and whether per-click payment terms may satisfy Stark Law’s Rental of Equipment exception. Our next post will analyze the same question under AKS. If you have questions regarding this blog post or wish to evaluate the risks in your equipment lease arrangement, you may contact us at (404) 685-1662 (Atlanta) or (706) 722-7886 (Augusta), or by email, info@hamillittle.com. You may also learn more about our law firm by visiting www.hamillittle.com.

Georgia Medical Board July Monthly Meeting Minutes Review

January 6, 2022 | Little Health Law

images Welcome to the third installment of our business and healthcare law firm’s monthly medical board meeting review, focusing on the Georgia Composite Medical Board (“Medical Board” or “GCMB”). As a healthcare law firm with physician clients, it is our duty to stay up to date with the Medical Board’s positions and changes so as to better inform our clients. If you have licensing or other GCMB questions or would like to discuss this blog post, you may contact our healthcare and business law firm at (404) 685-1662 (Atlanta) or (706) 722-7886 (Augusta), or by email, info@hamillittle.com. You may also learn more about our law firm by visiting www.hamillittle.com.

The Medical Board met on July 1, 2021 via video teleconference. The July monthly meeting minutes are available here. The Medical Board also publicly releases public orders and agreements each month.

Meeting Minutes

The Rules Committee reported the following rules for comments:

Rule 360-5-.02 “Qualifications for Physician Assistant Licensure”

Rule 360-5-.06 “Renewal of Physician Assistant License”

Rule 360-35-.01 “Definitions” (Lasers)

Rule 360-35-.05 “Practice”

Direct Primary Care Practices in Georgia: History, Rules, and Other Considerations

December 9, 2021 | Little Health Law

Direct primary care practices have become popular alternatives to the traditional insurance medical practice model. Direct primary care practices cut out insurance companies from the provider-patient relationship. This post intends to outline the recent history of direct primary care in Georgia and the relevant rules that practices must comply with to establish a direct primary care practice. If you have questions regarding this blog post or migrating to a direct primary care practice, you may contact us at (404) 685-1662 (Atlanta) or (706) 722-7886 (Augusta), or by email, info@hamillittle.com. You may also learn more about our law firm by visiting www.hamillittle.com.

History: Senate Bill 18 in 2019

In 2019, Georgia became the 26th state to designate in its insurance code that Direct Primary Care practices are “not insurance” by passing Senate Bill 18. At the time, 3.2 million Georgians were living in areas facing a severe physician shortage. Dubois & Mesa, SB 18 – Direct Primary Care, Ga. St. Univ. L. Rev., Vol. 36:1, p. 136 (2019). In supporting the bill, Senator Kay Kirkpatrick said:

It is a way for people who can’t afford high dollar plans to get the majority of their care handled for a reasonable and predictable amount of money and is also a way for people to keep their primary care doctor if they change plans or if their doctor is not in their insurance network.

Dubois, SB 18 – DIRECT PRIMARY CARE, p. 136. Continue reading ›

3 Considerations Before Opening a Ketamine Clinic in Georgia

November 24, 2021 | Little Health Law

pills-2-300x225 Ketamine is a substance growing in popularity as a treatment for, among other things, depression and pain management. Ketamine clinics are quickly increasing in popularity. Why Ketamine-Assisted Therapy Has Gone Mainstream, Forbes (Oct. 18, 2021). Our healthcare and business law firm assists clients in understanding the rules and requirements around opening and operating Ketamine clinics, understanding the unique issues that face innovative clinics where no clear guidance or oversight has yet been established. With this post, Total Health Law intends to present three considerations for a provider thinking about opening a Ketamine clinic in Georgia. If you have questions regarding this blog post, opening a Ketamine clinic, or operating your existing Ketamine clinic, you may contact us at (404) 685-1662 (Atlanta) or (706) 722-7886 (Augusta), or by email, info@hamillittle.com. You may also learn more about our law firm by visiting www.hamillittle.com.

HIPAA Breach Primer: Part 3—Reporting to HHS

October 27, 2021 | Little Health Law

freestock_1383571985-scaled-e1635348607461 Welcome to the third and final post in our three-part HIPAA Breach series! In the first post, HIPAA Breach Primer: Part 1—The Risk Assessment, we provided an overview of HIPAA requirements and how to conduct a Risk Assessment to determine the risk that a HIPAA violation occurred. In the second post, HIPAA Breach Primer: Part 2—Patient Notification, we outlined requirements and considerations when the rules require patient notification.

This post explores the last step—reporting the breach to the U.S. Department of Health and Human Services (HHS). Note, this post and series do not address state privacy laws or attendant state notification or reporting requirements upon a breach. If you have questions regarding this blog post, conducting a HIPAA risk analysis, your reporting and notification requirements under HIPAA, or other privacy-related matters, you may contact us at (404) 685-1662 (Atlanta) or (706) 722-7886 (Augusta), or by email, info@hamillittle.com. You may also learn more about our law firm by visiting www.hamillittle.com.

Timing of Report

If the Risk Assessment revealed that a HIPAA breach likely occurred, the next step is to think about what notice is required. In addition to notifying impacted patients, the Covered Entity (or, in some circumstances, Business Associate) must report the breach to the Secretary of HHS. If a breach affects 500 or more individuals, the timing for reporting to HHS is the same as for notifying patients—without unreasonable delay and in no case later than 60 days following a breach.

HIPAA Breach Primer: Part 2—Patient Notification

October 21, 2021 | Little Health Law

ehrsiner_770-e1634851226990 Welcome to the second post in our three-part HIPAA Breach series! In the first post, HIPAA Breach Primer: Part 1—The Risk Assessment, we provided an overview of HIPAA requirements and how to conduct a Risk Assessment to determine the risk that a HIPAA violation occurred. To recap, there are generally three initial steps a practice takes in the face of a potential HIPAA breach. First, performing a risk assessment to determine whether a breach, in fact, occurred. Second, if the risk assessment reveals a probability that personal health information (PHI) was likely compromised, then the patients involved must be notified. Third, the breach must be reported to HHS’s Office of Civil Rights (OCR).

This post explores the second step—notifying patients. Future posts will discuss the third step required if the risk assessment reveals a breach occurred. Note, this post and series do not address state privacy laws or attendant state notification or reporting requirements upon a breach. If you have questions regarding this blog post, conducting a HIPAA risk analysis, your reporting and notification requirements under HIPAA, or other privacy-related matters, you may contact us at (404) 685-1662 (Atlanta) or (706) 722-7886 (Augusta), or by email, info@hamillittle.com. You may also learn more about our law firm by visiting www.hamillittle.com.

HIPAA Breach Primer: Part 1—The Risk Assessment

October 8, 2021 | Little Health Law

data-storage-1-1155466-m Welcome to the first post in our three-part HIPAA Breach series! Our healthcare and business law firm often works with medical practices to determine whether an act involving patient privacy constitutes a violation of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) requiring notification and reporting of any breach. By law, a patient’s health information can only be used and disclosed for specific reasons. When there is a risk that patient information has been accessed, used, or disclosed in a way that is not permitted, there may be a HIPAA violation. More information about the HIPAA rules can be found on our website here and the U.S. Department of Health and Human Services’ (HHS) website here. There are generally three initial steps a practice takes in the face of a potential HIPAA breach. First, performing a risk assessment to determine whether a breach, in fact, occurred. Second, if the risk assessment reveals a probability that personal health information (PHI) was likely compromised, then the patients involved must be notified. Third, the breach must be reported to HHS’s Office of Civil Rights (OCR).

This post is the first of a three-part series on HIPAA breaches. This post explains the first step—conducting the risk assessment. Future posts will discuss the second and third steps required if the risk assessment reveals a breach occurred. Note, this post and series do not address state privacy laws or attendant state notification or reporting requirements upon a breach. If you have questions regarding this blog post, conducting a HIPAA risk analysis, your reporting and notification requirements under HIPAA, or other privacy-related matters, you may contact us at (404) 685-1662 (Atlanta) or (706) 722-7886 (Augusta), or by email, info@hamillittle.com. You may also learn more about our law firm by visiting www.hamillittle.com.

What Physicians at FQHC’s Need to Know About Malpractice Actions

September 29, 2021 | Little Health Law

medical_malpractice_legal_terms-e1632925373696 As a healthcare and business law firm, we work with many physicians employed by Federally Qualified Health Centers, or “FQHCs.” Working at an FQHC offers certain benefits and protections to providers. One such benefit is that individual providers are generally protected from civil malpractice lawsuits. Although our firm does not litigate medical malpractice actions, we work with physicians who are accused of malpractice within an action involving FQHCs to minimize damage to the physician’s reputation and record, particularly regarding reporting to the National Practitioner Data Bank (“NPDB”). This post intends to outline what a physician working at an FQHC needs to know if an individual brings a malpractice action. If you have questions regarding this blog post, the NPDB, or FQHC-related matters, you may contact us at (404) 685-1662 (Atlanta) or (706) 722-7886 (Augusta), or by email, info@hamillittle.com. You may also learn more about our law firm by visiting www.hamillittle.com.

Suit Against the United States Not Individual Doctors or Practices

The first thing to note is that if you are a physician for most FQHCs and a patient wishes to sue alleging medical malpractice, you—as the physician—and the health center are generally protected from being named in a lawsuit.

Why is that? Continue reading ›