Georgia's Trusted Healthcare
& Medical Provider Attorneys

Doctors & Medical Professionals: Here’s How To Respond To Search Warrants

Search Warrants Can Be Scary – Here’s How To Respond

Search Warrant Audit Physician Doctor Attorney Lawyer Jeyaram & Associates“Knock. Knock.”

“Who’s there?”

“The Government. And here is a search warrant.”

Sadly, this is no joke and many doctors and healthcare providers will be served with warrants this year.

Warrants can mean anything from audits to criminal activity and have serious consequences including putting your practice out of business.

Step-By-Step Response To Search Warrants

If the government shows up at your door with a search warrant, the following are some important steps to follow:

  • Immediately call your attorney. It is crucial to call an attorney who has experience in both healthcare law and defense.
  • Ask for identification of the people at your door. Review the credentials or business card. Write down the name and contact information.
  • Do NOT destroy, alter or remove any documents.
  • Be polite. Remain calm. Be cooperative. Say please and thank you.
  • Ask for a copy of the search warrant and any affidavits filed in support of the warrant.
  • Ask what crime and conduct is under investigation.
  • Request that no interviews be conducted until your attorney arrives.
  • Immediately advise all supervisory personnel of the search and that they are to wait for the attorney to arrive before answering any questions.
  • Compile an inventory of all the documents being removed and ask if you can copy all the documents being seized – this includes making a back up disk for all computer files.
  • Make a record of everything said by an investigating officer. If you cannot do this during the search, write up your recollection after the search.
  • If possible, videotape or photograph the search.
  • DO NOT speak with the press.

Contact Experienced Legal Help Immediately

It’s imperative to follow these steps. But if nothing else, immediately contact an attorney and he/she will help guide you through the process.

Jeyaram & Associates has helped hundreds of providers successfully handle government investigations. Contact DJ Jeyaram at DJ@JeyLaw.com or 678.325.3872.

Avoid Being A Target Of HIPAA Audits | Here’s How

HIPAA AuditPhase 2 OCR HIPAA Audits Are Here – What Providers Should Do to Prepare

The Office of Civil Rights (OCR) has taken the first step in the next round of HIPAA audits.

OCR has begun to send out surveys in order to collect information from providers, health plans, and clearinghouses in preparation for phase 2 of their HIPAA audits. From the hundreds of entities receiving surveys, OCR will select over 200 providers and over 100 health plans to be audited.

It is more important than ever to make sure that you have complied with the HIPAA Rules. Here are the top 3 areas every provider should address:

1. When was the last time you conducted a Risk Assessment? If it has been more than a year or two, you should conduct a comprehensive Risk Assessment now.

If you are a small to medium sized office you can take advantage of HHS’s security risk assessment tool available on their website: HHS.gov SRA Tool

2. Have you recently reviewed your HIPAA policies and procedures to ensure that they are up to date and are being followed? There are three main areas that need to be addressed in your policies: Security Standards, Privacy Standards and Breach Notification Standards.

    • Security Standards – focus on how you keep Protected Health Information (PHI) secure, whether it is stored and/transmitted electronically or in some other form. Your practice must have appropriate safeguards in place (for example, requiring the use of secure passwords to access electronic health records and encrypting all devices that might contain e-PHI).
    • Privacy Standards – do you conduct periodic trainings for personnel regarding privacy practices? Do you have records that such trainings have been completed by all personnel? Is your Notice of Privacy Practices current and made available to your patients?
    • Breach Notification Standards – do you have a policy in place that outlines the steps for identifying and reporting a breach? Such a policy should address steps to take to investigate and contain the problem, as well as a means for identifying how many people were affected, who those individuals are, and how to send out breach notices. Keep in mind that under the Breach Notification Rule, providers must provide notice of a breach within a certain time frame. Your procedures for responding to a breach should allow for adequate time to meet this deadline.

3. Keeping track of your Business Associates and Business Associate Agreements – During the audit process OCR might ask for a list of business associates and their contact information. All providers should have this readily available. It is also important to have written Business Associate Agreements that are up to date and can be made available to OCR upon request.

If you have any questions about any HIPAA requirements or the approaching OCR audits our attorneys can help. Please contact Danielle Hildebrand at dhildebrand@jeylaw.com.

________________

The information on this site should not be construed as formal legal advice and is not intended to create or constitute a lawyer-client relationship.

 

Physicians Need To Be Prepared For Increased Medicare & Medicaid Fraud Scrutiny

doctor-in-handcuffs-caption-1HHS increases resources to root out and penalize fraud:  Review existing financial arrangements NOW

On June 30th the federal Department of Health and Human Services Office of the Inspector General announced that it has created a specialized unit comprised of attorneys focused on Medicare and Medicaid fraud. This announcement comes on the heels of the OIG Special Fraud Alert reminding physicians of anti-kickback liability for illegal compensation related to arrangements with healthcare institutions.

Physicians should be prepared for increased scrutiny and an uptick in enforcement actions for kickback violations. According to OIG official Lisa Re, the new unit will be targeting kickback cases and will be going after not only the individual or organization paying the kickbacks but also the recipient of the kickbacks, e.g., the physicians.

Physicians who have financial arrangements that violate the Federal Anti-Kickback Statute would not only be subject to fines in the form of Civil Money Penalties, but could also be excluded from the Medicare and Medicaid programs.

Now is the time for physicians to review existing or proposed financial arrangements to ensure that they do not pose any risk of violating the Anti-Kickback Statute.

If you have any questions about a particular arrangement our attorneys can help. Please call Danielle Hildebrand or DJ Jeyaram at 678-325-3872 for legal counsel.

Court Finds DCH’s Handling of Mass Reprocessing “Inconsistent and Misleading”

DCHIn a decision last week, the Office of State Administrative Hearings (OSAH) reversed the Department of Community Health’s (DCH) denial of a Request for Administrative Review by a group of Children Intervention Services (“CIS”) providers. The CIS providers had requested a review of recoupment actions that stemmed from two 2014 Mass Reprocessings by the Department, one involving NCCI edits that included claims dating back to 2010.  The Department argued that the providers missed the 30 day deadline to file a Request for Administrative Review.

Attorney Kimberly Sheridan of Jeyaram & Associates represented the group of CIS providers in the administrative hearing and argued that the providers should be granted a review because they followed all the instructions specific to the mass reprocessing posted by the Department in several banner messages and emails, as well as in-person conversations. Through the banner and email message instructions, the Department departed from its standard deadlines in its policy manuals.  The Court found that the Department’s position was “illogical and wholly unfair,” and that its instructions to the providers after the mass reprocessing were “inconsistent and misleading.” The Court also said the providers had justifiably relied on these instructions and could not now be penalized for their reliance.

At this time, the Department has not made it known if it will appeal the decision.

If you are a provider subject to a recoupment and need help, or if you need to appeal DCH’s decisions, Jeyaram & Associates has extensive experience and success with these cases. Contact Kimberly Sheridan at ksheridan@Jeylaw.com or 678.325.3872.

Healthcare Providers Need To Examine Billing Practices To Ensure Compliance

healthcare fraudLast month, the Department of Health and Human Services released its annual report for the Health Care Fraud and Abuse Control Program. According to the report, in 2014 more than 900 new criminal health care fraud investigations were opened by the Department of Justice. There was a slight increase in the number of criminal cases and convictions from last year, with 496 cases and 735 defendants convicted of criminal health care fraud. Civil cases alone resulted in $2.3 Billion in settlements and judgments.

The government’s press release reiterated that detecting and eliminating fraud and abuse continues to be a top priority. The government attributes its high recoveries to a change in strategy which uses real-time data analysis to detect fraud more quickly. The Centers for Medicare and Medicaid currently uses advanced analytics on Medicare fee-for-service claims. The goal of this is to detect aberrant and suspicious billing patterns which would then trigger an investigation or enforcement action by the government.

Now is the time to for Medicare and Medicaid providers to review their billing practices and financial relationships to ensure that they are compliant with federal laws. Charges against providers were made under the False Claims Act, as well as Anti-Kickback Statute, the Stark Law (Physician Self-Referral Law), and other federal laws.

The full annual report is available at www.oig.hhs.gov/publications/hcfac.asp.

If you have any questions about the legality of your billing practices or financial relationships, please contact DJ Jeyaram at DJ@jeylaw.com or Danielle Hildebrand at dhildebrand@jeylaw.com.

 

More Providers Audited for HIPAA Compliance – Are You Ready?

The number of entities audited for HIPAA compliance has increased. Are you prepared if OCR comes knocking on your door?

Under the HITECH Act, the Department of Health and Human Services is required to conduct periodic audits to ensure that entities are complying with HIPAA. Phase 1 audits concluded in 2012. Now OCR has released information on Phase 2 and more audits are set to begin around October of this year.

HIPAA Covered Entities and Business Associates selected for audits will be asked to quickly produce policies and procedures, executed business associate agreements and other HIPAA-related documentation so that it can be reviewed by OCR to determine if any deficiencies exist. OCR has noted that it intends to focus on the deficiencies identified through Phase 1 audits. These include lack of proper policies and procedures, presence of security risks, failing to conduct a security risk assessment, and failing to have business associate agreements on file.

Small providers should also take note—according to OCR, small providers tended to have more deficiencies than larger providers. OCR has also revealed other details regarding the 2nd audits, OCR will be conducting the audits internally. They have also increased the number of entities to be audited to 400 entities, 350 of which will be Covered Entities and the remaining 50 will be Business Associates. Some of the audits will focus on the Privacy Rule, others on the Breach Notification Rule, and the remainder will focus on compliance with the Security Rule.

If your organization is a covered entity or business associate under HIPAA you want to make sure that you are prepared in case you are one of the entities subject to an audit this Fall. Steps you will want to take include:

  • Have all your HIPAA policies and procedure updated and on file
  • Make sure all your Business Associate Agreements reflect the 2013 changes to the HIPAA Rules and have those agreements properly executed and on file
  • Conduct a security risk assessment if you have not already and ensure that security risks are addressed
  • Engage an experienced healthcare law firm to proactively help you review the aforementioned items to help you identify any potential deficiencies

To view OCR’s Presentation on Phase 2 Audits, click here: OCR Audits Phase 2 by Linda Sanches, Senior Advisor for Health Information 

For more information contact DJ Jeyaram at dj@jeylaw.com or Danielle Hildebrand at dhildebrand@jeylaw.com