Life Sciences Legal Update : Life Sciences Lawyers & Attorneys : Reed Smith Law Firm : Healthcare, Food and Drug Law, Biotechnology, Privacy, Product Liability

On Friday, October 30, 2009, the U.S. Department of Health and Human Services ("HHS") published an interim final rule and request for comments that implements certain HIPAA enforcement changes made pursuant to the HITECH Act. Consistent with the provisions of the HITECH Act, the new rule amends the HIPAA enforcement regulations applicable to violations of each of HIPAA's Administrative Simplification Rules (i.e., Privacy Rule, Security Rule, Transactions and Code Sets Rules, Standard Unique Identifier for Employers (EIN Rule), and the Standard Unique identifier for Health Care Providers (NPI Rule)) by instituting the below categories of violations and tiered penalty scheme to HIPAA violations that occur on or after February 18, 2009. 

• Unknown violations (i.e., if a person did not know and by exercising reasonable due diligence would not have known that a violation occurred): The penalty shall be at least $100 for each violation not to exceed $25,000 for all such identical violations during a calendar year, but may be no more than $50,000 for each violation not to exceed $1.5 million for all such violations of an identical requirement or prohibition during a calendar year.
• Violations due to reasonable cause and not to willful neglect: The penalty shall be at least $1,000 for each violation not to exceed $100,000 for all such identical violations during a calendar year, but may be no more than $50,000 for each violation not to exceed $1.5 million for all such violations of an identical requirement or prohibition during a calendar year.
• Violations due to willful neglect (and the violations have been corrected): The penalty shall be at least $10,000 for each violation not to exceed $250,000 for all such identical violations during a calendar year, but may be no more than $50,000 for each violation not to exceed $1.5 million for all such violations of an identical requirement or prohibition during a calendar year.
• Violations due to willful neglect (and the violations have not been corrected): The penalty shall be at least $50,000 for each violation not to exceed $1.5 million for all such violations of an identical requirement or prohibition during a calendar year.

Furthermore, the interim final rule generally amends a covered entity's ability to employ an affirmative defense against an action seeking civil monetary penalties if (i) the covered entity did not have knowledge or constructive knowledge of the violation, and (ii) the violation was not due to reasonable cause and not willful neglect. HHS is also given the authority to waive a civil monetary penalty for violations due to reasonable cause and not willful neglect if the covered entity corrects the violation within 30 days of having knowledge that the violation occurred. 

Comments on this interim final rule will be considered if received by December 29, 2009.

• Email This
• Print
• Comments
• Trackbacks
• Share Link

This post was written by Kevin Madagan and Paul Sheives.

On October 24, 2009, President Obama signed a proclamation declaring the 2009 H1N1 influenza pandemic a National Emergency to facilitate the nations ability to respond to the H1N1 pandemic by enabling – if warranted – the waiver of certain statutory federal requirements for medical treatment facilities.  

This proclamation provided Kathleen Sebelius, the Secretary of the U.S. Department of Health & Human Services, the ability under section 1135 of the Social Security Act [42 U.S.C. § 1320b–5] to waive certain legal requirements that could otherwise limit the ability of the nation’s healthcare system to respond to the surge of patients with the 2009 H1N1 influenza virus. 

Secretary Sebelius recently issued a Section 1135 waiver that becomes effective at 5:00 p.m. today but is retroactive to October 23, 2009.  

Accordingly, healthcare facilities may now petition the Department for 1135 waivers to ensure that sufficient healthcare items and services are available to meet the needs of Medicare, Medicaid, and CHIP beneficiaries. Listed below are a few examples of when 1135 waivers may be necessary:

• Hospitals request to set up an alternative screening location for patients away from the hospital’s main campus (requiring waiver of sanctions for certain directions, relocations or transfers under EMTALA).
• Hospitals request to facilitate transfer of patients from ERs and inpatient wards between hospitals (requiring waiver of sanctions under EMTALA regulations).
• Critical Access Hospitals requesting waiver of 42 C.F.R. § 485.620, which requires a 25-bed limit and average patient stays less than 96 hours.
• Skilled Nursing Facilities requesting a waiver of 42 C.F.R. § 483.5, which requires CMS approval prior to increasing the number of the facility’s certified beds.

• Email This
• Print
• Comments
• Trackbacks
• Share Link