THE LIABILITY IMPACTS OF HEALTHCARE REFORM. March 2014. Sponsored by:

Similar documents
The Changing Role of the Healthcare Risk Manager. December Sponsored by:

The Liability Implications of Healthcare Reform An Advisen Special Report Sponsored by OneBeacon Professional Insurance. February 2013.

Somansa Data Security and Regulatory Compliance for Healthcare

January 14, Dear Chairman Issa:

MUSINGS ON PROFESSIONAL LIABILITY IMPLICATIONS OF ACOS

By Ross C. D Emanuele, John T. Soshnik, and Kari Bomash, Dorsey & Whitney LLP Minneapolis, MN

Additional Information About Accountable Care Organizations

Meaningful Use and Security Risk Analysis

Data Security Breaches: Learn more about two new regulations and how to help reduce your risks

HIPAA Secure Now! How MSPs Can Profit From Selling HIPAA security services

Accountable Care Organizations

ACCOUNTABLE CARE ANALYTICS: DEVELOPING A TRUSTED 360 DEGREE VIEW OF THE PATIENT

Amy K. Fehn. I. Overview of Accountable Care Organizations and the Medicare Shared Savings Program

Data Breach and Senior Living Communities May 29, 2015

9/13/2011. Miscellaneous Current Topics in Healthcare Professional Liability. Antitrust Notice. Table of Contents. Cyber Liability.

Look Before You Leap: Legal and Practical Obstacles with ACOs

Information Protection Framework: Data Security Compliance and Today s Healthcare Industry

Accountable Care Organizations and Provider Integration Under Health Care Reform. Sarah Swank

2013 PLUS Medical PL Symposium Credentialing in the World of ACOs

Adopting Electronic Medical Records: What Do the New Federal Incentives Mean to Your Individual Physician Practice?

Securing Patient Portals. What You Need to Know to Comply With HIPAA Omnibus and Meaningful Use

Hot Topics in Healthcare Management Liability

Presented by: Leslie Bender, CIPP General Counsel/CPO The ROI Companies

3/13/2015 HIPAA/HITECH WHAT S YOUR COMPLIANCE STATUS? Daniel B. Mills Pretzel & Stouffer, Chartered WHAT IS HIPAA?

Mar. 31, 2011 (202) Summary of proposed rule provisions for Accountable Care Organizations under the Medicare Shared Savings Program

Selected highlights from a May 2014 Best s Review webinar: What Insurance Professionals Should Know About Patient Safety and Ambulatory Care

White Paper #6. Privacy and Security

Medical Billing and Agreements For Health Care - A Primer

Accountable Care Organizations: Reality or Myth?

The HITECH Act: Implications to HIPAA Covered Entities and Business Associates. Linn F. Freedman, Esq.

Easing the Burden of Healthcare Compliance

Network Security and Data Privacy Insurance for Physician Groups

NATIONAL ASSOCIATION OF COMMUNITY HEALTH CENTERS. Briefing Paper on the Proposed Medicare Shared Savings Program

How To Understand And Understand The Benefits Of A Health Insurance Risk Assessment

Implementing Electronic Medical Records (EMR): Mitigate Security Risks and Create Peace of Mind

Provider Participation in ACOs May Hinge on HHS Regulations

The Accountable Care Organization

Cybersecurity for Meaningful Use FRHA Annual Summit "Setting the Health Care Table: Politics, Economics, Health" November 20-22, 2013

NATIONAL ASSOCIATION OF COMMUNITY HEALTH CENTERS. Briefing Paper on the Proposed Medicare Shared Savings Program

KATHLEEN L. DEBRUHL & ASSOCIATES, L.L.C. 614 TCHOUPITOULAS STREET NEW ORLEANS, LOUISIANA (OFFICE) (FAX)

Data Privacy and Security: A Primer for Law Firms

Medical Malpractice, the Affordable Care Act and State Provider Shield Laws: More Myth than Necessity?

Cyber and Privacy Risk What Are the Trends? Is Insurance the Answer?

The Impact of Accountable Care Organizations (ACOs) on Credentialing and Privileging

Increasing Security Defenses in Cost-Sensitive Healthcare IT Environments

Health & Life Sciences

Kickbacks and Contradictions: The Anti-Kickback Statute and Electronic Health Records

Statement of the Association of American Medical Colleges on Legal Issues Related to Accountable Care Organizations and Healthcare Innovation Zones

Healthcare Practice. Breach Notification Requirements Under HIPAA/HITECH Act and Oregon Consumer Identity Theft Protection Act. Oregon.

Webinar: Next Generation ACO Implications: Impact of the New CMS ACO Model

Health Information Technology (IT) Simplified

Data Breach, Electronic Health Records and Healthcare Reform

REGULATORY CHANGES DEMAND AN ENTERPRISE-WIDE APPROACH TO DISCLOSURE MANAGEMENT OF PHI

The Changing Face of Employer-Sponsored Retiree Prescription Benefits. Long-term strategies for a rapidly evolving market

The Road to Meaningful Use EHR Stimulus Payments. By Amy S. Leopard, Walter & Haverfield LLP

Bracing for change Medical Professional Liability (MPL) insurance costs at a crossroads

How Health Reform Will Affect Health Care Quality and the Delivery of Services

Details for: CMS PROPOSES DEFINITION OF MEANINGFUL USE OF CERTIFIED ELECTRONIC HEALTH RECORDS (EHR) TECHNOLOGY. Wednesday, December 30, 2009

HIPPA Goes HITECH. Data Protection for Agents

Newsroom. The quality measures are organized into four domains:

Accountable Care Organizations and Health Reform

U.S. House of Representatives Committee on Energy and Commerce Subcommittee on Health. A Permanent Solution to the SGR: The Time Is Now

Summary of Final Rule Provisions for Accountable Care Organizations under the Medicare Shared Savings Program

Health Information Technology (HIT) and the Public Mental Health System

RE: CMS 1461-P; Medicare Shared Savings Program: Accountable Care Organizations

Fraud Prevention in an Increasingly Digitized World

Less than zero: The effect on clinics of raising MICRA s $250,000 cap

2015 health care providers outlook United States

How to use the Alertsec Service to Achieve HIPAA Compliance for Your Organization

CHAPTER Committee Substitute for Committee Substitute for Committee Substitute for Committee Substitute for House Bill No.

CMS ACO Proposed Regulations

Reforming and restructuring the health care delivery system

HIPAA Privacy and Security Changes in the American Recovery and Reinvestment Act

New HIPAA regulations require action. Are you in compliance?

How To Protect Your Health Care From Being Stolen From Your Computer Or Cell Phone

Healthcare Reform Update Conference Call VI

Compliance and Program Integrity Melanie Bicigo, CHC, CEBS

HIT Audit Workshop. Jeffrey W. Short.

ACOs: Fraud & Abuse Waivers and Analysis

Ross D. Seymour, MTPM

Health Care Reform *

MedGuard. Peace of Mind for Maryland Doctors. Coverage for the Legal Expenses of Defending Against Administrative Proceedings

Health Information Technology

Healthcare Practice. HIPAA/HITECH Act vs. the Washington Data Breach Notification Act. November 2009

Cms Finally speaks: organization (ACO) proposed regulations and WhaT They mean For anesthesiologists

Cyber Liability. AlaHA Annual Meeting 2013

COMMENTARY HHS OIG Work Plan Focuses on Payment Accuracy, Privacy Concerns, and Insurance Marketplaces. Reviews Related to Hospitals

Accountable Care Organizations A Primer for Orthopaedic Surgeons. 1st Edition

Why Lawyers? Why Now?

The Affordable Care Act - Separating Politics From Politicians

An Internist s Practical Guide to Understanding Health System Reform

New From Kalorama Information: EMR 2012: The Market for Electronic Medical Record Systems KLI Current Physician Usage of EMR

RSA SECURE WEB ACCESS FOR HEALTHCARE ENVIRONMENTS

CHAPTER 7 NURSING LIABILITY INSURANCE

Analysing the US HIPAA legacy and future changes on the horizon

HIPAA: AN OVERVIEW September 2013

Medical Transportation Compliance. Mandated Compliance Guidance

2010 MHA Governance Leadership Forum: Accountable Care Organizations. Chris Rossman, Esq. Foley & Lardner LLP Detroit, Michigan

USC Office of Compliance

POLICY AND STANDARDS. False Claims Laws and Whistleblower Protections

Transcription:

THE LIABILITY IMPACTS OF HEALTHCARE REFORM March 2014

The Liability Impacts of Healthcare Reform An Advisen Special Report sponsored by OneBeacon Professional Insurance The Liability Impacts of Healthcare Reform For years, health care costs in America skyrocketed, with brutal consequences for our country, according to a White House report. The Affordable Care Act, for the first time in decades, has helped to stop that trend. Despite the technical problems plaguing healthcare.gov and slower Despite the technical problems plaguing healthcare.gov and slower than expected enrollments in Obamacare, the Patient Protection and Affordable Care Act (ACA) has had an impact on healthcare delivery, and may indeed be contributing to a reduction in the rate of medical inflation. than expected enrollments in Obamacare, the Patient Protection and Affordable Care Act (ACA) has had an impact on healthcare delivery, and may indeed be contributing to a reduction in the rate of medical inflation. One significant feature of the ACA, incentives to form Medicare Accountable Care Organizations (ACO), is intended to improve patient care while containing costs. The Centers for Medicare and Medicaid Services (CMS), recently announced that providers participating in its Medicare ACO programs saved a total of $380 million in the first year. 1 The ACA, however, is only one aspect of broad reforms in how healthcare is delivered and paid for that has swept across America over the past decade. Hospitals and other healthcare organizations have long recognized the need to reel in costs and improve outcomes. Even without the ACA, healthcare delivery models almost certainly would be much different today as compared to only a few years ago. Patients seemingly are benefitting from healthcare reform, but changes to delivery and payment models are not without risks to healthcare organizations. The more expansive continuum of care now provided by many organizations has altered their risk profiles, presenting risk managers with new challenges in identifying and addressing new and altered 2 March 2014 Advisen Ltd.

The healthcare sector is undergoing broad and rapid transformation, driven by changing demographics, new technologies, economic demands and legislated reforms. exposures. These changes in risk profiles principally are in the professional liability realm, but also encompass other liability risks including network security risks and the exposures of directors and officers, as well as various types of operational risks. Healthcare reform and the ACA The healthcare sector is undergoing broad and rapid transformation, driven by changing demographics, new technologies, economic demands and legislated reforms. The ACA, signed into law by President Obama in 2010, is a significant driver of change, but many of the innovations incentivized by the act already were underway. These changes have been motivated substantially by the seemingly conflicting priorities of reining in skyrocketing costs while improving care. Healthcare delivery models are evolving to achieve these objectives. A key objective of the Medicare Shared Savings Program (MSSP) section of the ACA is encouraging investment in infrastructure and redesigned care processes for high quality and efficient service delivery. The Medicare ACO is the principal mechanism for achieving this objective. An ACO is an organization of health care providers that agrees to be accountable for the quality, cost, and overall care of Medicare beneficiaries who are enrolled in the traditional fee-for-service program who are assigned to it, according to CMS 2 Those ACOs which meet quality and performance standards are eligible to receive payments for shared savings. But even without these incentives, momentum has been building for new healthcare delivery models. Hospitals, for example, have for a number of years attempted to address the negative consequences of a fragmented healthcare delivery system by providing coordinated healthcare services. For many hospitals, the continuum of care now extends well beyond the primary care facility and into the various communities they serve. Many hospitals are now locating a range of facilities such as clinics and ambulatory surgery centers within the communities, as well as deploying community outreach programs and providing home health services. This broader concept of a hospital not only is increasingly recognized as important to effective patient care and population health management, it also is a critical component of many hospitals revenue model in markets dominated by fee-forservice reimbursements, outpatient services provide the majority of operating margin for most health systems. 3 3 March 2014 Advisen Ltd.

According to the CDC, in 2013 78 percent of U.S. office-based physicians used some form of electronic record, with 48 percent having systems that met the criteria for a basic New healthcare delivery models, including the ACO, relies on a team approach to interdisciplinary care. The success of these new healthcare delivery models relies in large measure on healthcare practitioners efficiently coordinating their activities. As a result, the ACA offers incentives for converting paper records to electronic health records (EHRs) that can be shared across various healthcare settings. According to the U.S. Department of Health and Human Services, using electronic health records will reduce paperwork and administrative burdens, cut costs, reduce medical errors and most importantly, improve the quality of care. 4 According to the CDC, in 2013 78 percent of U.S. office-based physicians used some form of electronic record, with 48 percent having systems that met the criteria for a basic system. 5 system. The changing risk profiles of healthcare organizations The proliferation of ACO-style healthcare delivery models and the move to EHRs are only two of a vast numbers of changes to the American healthcare system affected by the ACA and related private healthcare reform initiatives. They are, however, two aspects that have significant implications for the liability risks of healthcare organizations and individual healthcare providers, and which pose an array of new challenges to risk managers. Healthcare reform does not necessarily create new liability exposures, but it does change the likelihood that healthcare organizations will experience certain types of liability events. For example, hospitals are now employing many more physicians, making it more likely that the hospital will be named in malpractice suits without having some of the defenses that were previously available. Medical professional liability exposures New healthcare delivery models are expected to improve outcomes, and therefore have an overall positive effect on malpractice and other medical professional liability risks. Nonetheless, certain aspects of ACOs in particular, and of collaborative care models in general, may increase the likelihood of medical professional liability claims. Factors include potential conflicts between delivering quality care and reducing costs, more employed physicians, greater use of nurse practitioners, heightened patient expectations, potential new standards of care and the need to produce new types of information that can be used against a healthcare provider in court. 4 March 2014 Advisen Ltd.

Some legal experts are concerned that coordinated health care may result in additional discoverable documentation that can be used against healthcare organizations in a malpractice case. Cost savings are a key objective of ACOs, but some experts note an apparent conflict between cost containment and providing the highest standards of medical care. They point to the experience of Managed Care Organizations (MCOs) in the 1990s, when many were subject to member lawsuits alleging that financial success was prioritized over the health of the members. An often-cited analysis of this exposure published in the Journal of the American Medical Association concludes: Allegations of institutional malfeasance related to cost saving efforts could increase liability costs and create a chilling effect on ACOs. 6 In 2004 the Supreme Court ruled that MCOs were immune from some types of state law tort claims, but ACOs may not enjoy the same immunities. Another source of heightened liability for hospitals is the trend towards more employed physicians. Many hospitals have accelerated the acquisition of physician practices in order to provide the full continuum of care to ACO beneficiaries. Around 70 percent of doctors had independent practices in 2006; now, less than 50 percent do, 7 with most doctors today working in offices owned and operated by hospitals. With employed physicians, more risk is potentially shifted from the physician to the hospital (or to the ACO itself). A hospital may be seen as vicariously liable for the actions of employed physicians, whereas it may have been dismissed from the lawsuit if the physician were considered an independent contractor. Additionally, with employed physicians, healthcare organizations are more likely to be sued under direct negligence theories. Some new healthcare delivery models expand the responsibilities of nurse practitioners. As nurse practitioners assume a larger role, legal and regulatory issues almost certainly will intensify. Malpractice litigation involving nurse practitioners has often focused on the regulatory authority of a nurse practitioner to render certain types of patient care. Under new healthcare delivery models, those issues are likely to arise more often and to become more significant. Some legal experts are concerned that coordinated health care may result in additional discoverable documentation that can be used against healthcare organizations in a malpractice case. For example, a group s initial ACO application may outline aspirations for a standard of care the ACO may find difficult to achieve and maintain in practice. Additionally, since an ACO must issue public reports on certain aspects of its performance and operations, it may inadvertently provide plaintiff attorneys with a roadmap to problem areas of the organization. 5 March 2014 Advisen Ltd.

The increased use of Privacy and data security the cloud by healthcare organizations could help improve security, but it also potentially exposes them to further risks. HIPAA has been a fact of life for healthcare providers since 1996, but compliance continues to present challenges as technology and healthcare delivery models evolve. The Health Information Technology for Economic and Clinical Health Act (HITECH), part of the American Recovery and Reinvestment Act of 2009 (ARRA), provides financial incentives for electronic health record (EHR) adoption under Medicare and Medicaid. This creates new issues in keeping records secure, especially in collaborative care environments where records are routinely shared among providers. HITECH also significantly ups the ante for HIPAA noncompliance. Health records are highly sought after by data thieves. 8 Despite the sensitivity of the information contained in these records, the healthcare industry has a poor track record for data security. A 2012 survey of 80 U.S. healthcare organizations by the Ponemon Institute found that 75 percent don t secure medical devices containing sensitive patient data, while 94 percent have leaked data in the last two years. 9 The increased use of the cloud by healthcare organizations could help improve security, but it also potentially exposes them to further risks. Low-tech issues such as a lost USB memory stick or a stolen laptop make up the bulk of what healthcare organizations are reporting to the Department of Health and Human Services (HHS). But Dr. Larry Ponemon, chairman and founder of the Ponemon Institute, in an interview, notes that we re seeing the attack surface shifting from the device to unsecure places in the cloud environment. 10 The government is encouraging healthcare organizations to share data more broadly, but at the same time it is imposing larger penalties for improper disclosures. In one often-cited case, in 2012 a Massachusetts healthcare organization agreed to pay $1.5 million to settle potential HIPAA violations. The alleged violations of HIPAA s security rule stemmed from the theft of a laptop computer storing 3,621 patient records. In another example, a managed care company agreed to pay HHS $1.7 million to settle potential HIPAA violations for failing to implement appropriate administrative and technical safeguards as required under the HIPAA Security Rule. Management liability issues Legal compliance has always been a complex task in the heavily-regulated healthcare industry. It grows yet more complex in the current environment. New healthcare delivery models can raise compliance issues as concerns the Stark Law, corporate practice of medicine limitations, anti-kickback statutes and antitrust laws. 6 March 2014 Advisen Ltd.

New healthcare delivery and payment models also pose risks associated with pricing and billing, which could lead to legal actions against the organization and its directors and officers. Since the 2010 passage of the ACA, healthcare organizations have been undergoing rapid consolidation. Mergers are routinely challenged by the Federal Trade Commission (FTC), which is concerned that consolidation can create local monopolies, leading to higher prices for patients and health insurers. Other hospitals may also sue, alleging that a merger will result in unfair competition. The FTC and the DOJ have developed antitrust safe harbors for federally recognized ACOs, but some observers note that the extent of the available protection is untested, particularly as concerns private antitrust litigation. 11 New healthcare delivery and payment models also pose risks associated with pricing and billing, which could lead to legal actions against the organization and its directors and officers. An ACO could mismanage the risks related to the pricing of services in an unfamiliar delivery model and incur medical expenses in excess of agreed capitation levels. It also runs the risk of mismanaging member contracts. Risk management challenges The transformation of healthcare delivery models poses new challenges to risk managers. For many whose responsibilities were largely contained within a single, albeit highly complex, facility, their accountabilities now may extend to locations and programs serving various communities and purposes. They also may be responsible for risk management programs encompassing novel new affiliations of both employed and independent healthcare practitioners, as well as with various service providers. Many risk managers have found they need to develop new processes and strategies for managing risk across an extended organization with a wider array of risk management requirements. Adding to the complexity, the underlying risk landscape is undergoing rapid change. For example, risks such as cybercrime, which weren t even on the risk manager s radar a few years ago, now generate serious concerns. In part driven by these changes, the role of the risk manager is evolving. Accountabilities, incentives and reporting relationships are undergoing change, many risk managers now are functioning within enterprise risk management systems in varying stages of implementation. While an enterprise risk management approach is an effective way to address the varied and complex risks faced by healthcare organizations, many risk managers find they must learn to operate effectively in new roles and to become knowledgeable of a much wider array of risk. 7 March 2014 Advisen Ltd.

The pace of change in the U.S. healthcare system is likely to accelerate for the foreseeable future. The influences behind the creation of the ACA will continue to drive experimentation and innovation in payment systems and healthcare delivery models. These changes, combined with ever-newer technologies, inevitable new legislation and regulation, and fundamental shifts in the underlying risk landscape are producing increasingly complex risk profiles for healthcare organizations that will continue to challenge healthcare risk managers. n This document was prepared by Advisen and as such does not represent the views or opinions of OneBeacon Professional Insurance. OneBeacon Professional Insurance makes no claims or representations concerning the completeness or accuracy of the information provided by Advisen Inc. and has no responsibility for its content or for supplementing, updating or correcting any such information. This document is provided for general informational purposes only and does not constitute legal, risk management, or other advice. Readers should consult their own counsel for such advice. 8 March 2014 Advisen Ltd.

NOTES: 1 New care organizations save $380 million in first year, USA Today http://www.usatoday.com/story/news/nation/2014/01/30/half-ofmedicare-acos-achieve-savings/5054433/ 2 Washington Health Care Update, Fulbright & Jaworski - Health Care http://www.fulbright.com/index.cfm?fuseaction=publications. detail&pub_id=4520&site_id=494 3 Melissa McCain, Ambulatory Care of the Future: Optimizing Health, Service and Cost by Transforming the Care Delivery Model, The Chartis Group consultants http://www.chartis.com/files/pdfs/ambulatory_care_of_the_future.pdf 4 Key Features of the Affordable Care Act, By Year, HealthCare.gov http://www.healthcare.gov/law/timeline/full.html. A recent Rand Corporation report, however, notes that EHRs thus far have not lived up to their potential for improving care and reducing costs. 5 Use and Characteristics of Electronic Health Record Systems Among Office-based Physician Practices: United States, 2001 2013, CDC http://www.cdc.gov/nchs/data/databriefs/db143.ht 6 H.Benjamin Harvey and I. Glenn Cohen, The Looming Threat of Liability for Accountable Care Organizations and What to Do About It, JAMA (July 10, 2013) http://jama.jamanetwork.com/article.aspx?articleid=1697985 7 Entity-Employed Physicians and Medical Malpractice Coverage Issues, Parker Smith Feek http://www.psfinc.com/press/entityemployed-physicians-and-medical-malpractice-coverage-issues 8 Breach report 2011, Redspin http://www.redspin.com/docs/redspin_phi_2011_breach_report.pdf 9 Third Annual Benchmark Study and Patient Privacy and Data Security, Ponemon Institute, sponsored by ID Experts http://www2. idexpertscorp.com/ponemon2012/ 10 Larry Ponemon on securing regulated data in healthcare: Q&A, HealthIT Security http://healthitsecurity.com/2013/07/08/larryponemon-on-securing-regulated-data-in-healthcare-qa/ 11 D&O Insurance: Health Care Organizations Face Increasing Rates, Tightening Terms, The D&O Diary http://www.dandodiary. com/2013/12/articles/d-o-insurance/do-insurance-health-care-organizations-face-increasing-rates-tightening-terms/ 9 March 2014 Advisen Ltd.

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information