<?xml version="1.0" encoding="utf-8"?>
	<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom">
	<channel>
	<title>An RSS Feed from melniklegal.com</title>
<description>melniklegal.com Blog</description>
<link>http://melniklegal.com/programs/weblog.cgi</link>
<category>e-commerce</category>
<copyright>Copyright melniklegal.com </copyright>
<language>en-us</language>
<lastBuildDate>Sun, 05 Jul 2026 17:02:02 EST</lastBuildDate>
<managingEditor>tatiana@melniklegal.com (Web Master)</managingEditor>
<pubDate>Sun, 05 Jul 2026 17:02:02 EST</pubDate>
<webMaster>tatiana@melniklegal.com (Tatiana)</webMaster>
<generator>e-commerce-inc.com sitebuilder blog press</generator>
<atom:link href="http://melniklegal.com/programs/blogrss.cgi" rel="self" type="application/rss+xml" />

			
<item>
<title><![CDATA[Florida Telemedicine - Status Update on SB 1646]]></title>
<description><![CDATA[
 
 
 
 
     <div align="left"><font face="Arial">The push for 
 telemedicine in Florida continues. The bill to create the Telemedicine 
 Act, SB 1646, is in appropriations as of April 11, 
 2014.<br><br>The bill would permit and thereby expand the 
 provision of healthcare services in Florida using telemedicine. 
 According to the bill summary, the bill 
 also:<br></font><ul><li><font face="Arial">creates s. s. 456.4503, F.S.; 
 <br></font></li></ul><blockquote><ul><li><font face="Arial">requiring specified practitioners providing 
 telemedicine services to patients in this state to be licensed in this 
 state; </font></li><li><font face="Arial">providing certain exceptions for emergency services and 
 consultations; authorizing non-Florida licensed physicians to meet 
 alternative requirements; </font></li><li><font face="Arial">requiring pertinent records to be made available upon 
 request; </font></li><li><font face="Arial">requiring other health care providers to be supervised 
 by a telemedicine provider; </font></li><li><font face="Arial">providing continuing education requirements for 
 telemedicine providers; </font></li><li><font face="Arial">establishing venue; providing applicability; 
 </font></li><li><font face="Arial">authorizing 
 the licensing boards to adopt rules; 
 </font></li></ul></blockquote><ul><li><font face="Arial"><font face="Arial">creates </font>s. 
 456.4504, F.S.; 
 <br></font></li></ul><blockquote><ul><li><font face="Arial">providing standards and prohibitions for the provision 
 of telemedicine services; 
 <br></font></li><li><font face="Arial">prohibiting nonemergency prescribing of a legend drug 
 without a physical 
 examination;</font></li><li><font face="Arial">prohibiting the prescription of a controlled substance 
 for chronic nonmalignant pain using telemedicine; 
 <br></font></li></ul></blockquote><ul><li><font face="Arial"><font face="Arial">creates </font>s. 
 456.4505, F.S.; 
 <br></font></li></ul><blockquote><ul><li><font face="Arial">authorizing the use of telemedicine services in the 
 diagnosis and treatment of the human eye; 
 <br></font></li><li><font face="Arial">providing requirements for the use of automated 
 equipment; <br></font></li><li><font face="Arial">requiring the owner or lessee of the automated equipment
  to maintain specified liability insurance under certain circumstances; 
 <br></font></li><li><font face="Arial">prohibiting prescriptions for spectacles or contact lens
  based solely on the use of an autorefractor; 
 <br></font></li></ul></blockquote><ul><li><font face="Arial"><font face="Arial">creates </font>s. 
 456.4506, F.S.; 
 <br></font></li></ul><blockquote><ul><li><font face="Arial"><b>providing requirements for reimbursement of 
 telemedicine services under the Medicaid program</b>; 
 </font></li><li><font face="Arial">requiring a 
 report to the Legislature on the usage and costs of telemedicine in 
 Medicaid by a certain date; </font></li><li><font face="Arial">providing for future repeal; 
 </font></li></ul></blockquote><ul><li><font face="Arial">amends s. 409.967, F.S.; 
 <br></font></li></ul><blockquote><ul><li><font face="Arial"><b>prohibiting a managed care plan under Medicaid
  from using telemedicine providers that are not physicians</b>; 
 </font></li></ul></blockquote><ul><li><font face="Arial">amends ss. 627.645 and 641.185, F.S.; 
 <br></font></li></ul><blockquote><ul><li><font face="Arial"><b>prohibiting the denial of a claim for payment 
 for medical services based on a medical necessity determination 
 conducted via telemedicine unless the determination is made by a 
 physician</b>; </font></li><li><font face="Arial">providing an effective 
 date.</font></li></ul></blockquote><div align="center"><font face="Arial"><img src="https://melniklegal.com/images/1398052667.jpg" height="420" width="623"></font><br></div><font face="Arial"><br>The full text of the bill is available here - 
 <a href="https://www.flsenate.gov/Session/Bill/2014/1646">https://www.flsenate.gov/Session/Bill/2014/1646</a>.<br><br><br><br><br><br><font size="2">Posted by Tatiana Melnik April 21, 
 2014.</font><br></font></div>    
 
 
   
 
 
 
 
 
 ]]></description>
<link>http://melniklegal.com/weblog/1398052813_Telemedicine.html</link>
<guid>http://melniklegal.com/weblog/1398052813_Telemedicine.html</guid>
<pubDate>Mon, 21 Apr 2014 00:00:13 EST</pubDate>
</item>
			
			
			
<item>
<title><![CDATA[Florida Governor Signs New Data Breach Law Requiring All Businesses to Implement Security Controls]]></title>
<description><![CDATA[
 
 
 
 
     <font face="Arial">After being unanimously passed by the Florida legislature on April 30, 2014, on June 20, 2014, Florida's Governor Rick Scott signed the Florida Information Protection Act of 2014 (Act or FIPA). This Act repeals and wholly replaces Florida's existing data breach law (at Flat. Stat. Section 817.5681) with new Section 501.171. <b>FIPA takes effect on July 1, 2014.</b><br></font><br><table style="text-align: left; margin-left: auto; margin-right: auto;" border="0"><tbody><tr><td style="border: 1px solid #edad27; padding:3px;" color="#FFFFFF" size="3" bgcolor="#001c31" valign="top"><font face="Arial"><font face="Arial"><font color="#FFCC00"><b><i>A few preliminary comments....</i> </b></font><font color="#FFFFFF">This statute is a relatively sweeping change for Florida and raises the bar for other states. It applies to <u><i><b>every</b></i></u> business that handles "personal information" of Florida residents and requires these businesses to take proactive "reasonable measures" to secure data. But, like many other data breach and data security statutes, FIPA fails to define what it means to take "reasonable measures." In general, this means that companies need to follow industry best practices. As a starting point, businesses should conduct a risk analysis to better gauge their risks. FIPA also implements a records disposal requirement.<br><br>Given the increased liability brought about by this statute, Florida-based businesses that share data with other entities should review their contracts to ensure that data breach notification requirements are included together with appropriate cyberliability (<i>i.e.</i>, data breach) insurance requirements, damages caps, and indemnification language. Non-Florida based businesses that handle "personal information" of Florida residents should be aware that they too may be subject to the requirements can be pulled into court under the Florida Long-Arm Statute.<font size="2">[1]</font><br></font></font></font></td></tr></tbody></table><br><font face="Arial"><b>What Steps Should Companies Take?<br></b>Companies should consider taking a few proactive steps to gauge their risks and liabilities in light of the proactive requirement to take security measures, shortened deadline to provide data breach notification, and notification requirements for down-stream entities (e.g., business associates, vendors, contractors, etc.).</font><br><ul><li><font face="Arial">Under take a <font color="#993399"><u><b>risk analysis</b></u></font> to better assess potential risks and vulnerabilities to the confidentiality, integrity and availability of all personal information handled by the company</font></li></ul><ul><ul><li><font face="Arial">For a good starting point for a risk analysis, consider looking to the HIPAA materials and the NIST guidance documents</font></li></ul></ul><ul><li><font face="Arial">Review existing <font color="#993399"><u><b>privacy and security policies and procedures</b></u></font> and update as needed</font></li></ul><ul><ul><li><font face="Arial">Policies should reflect what the organization actually does and not what it would do in an ideal world. Policies that are in place but are not followed may demonstrate willful negligence and be the proverbial "smoking gun" in litigation</font></li></ul></ul><ul><li><font face="Arial">Develop an <font color="#993399"><u><b>incident response plan</b></u></font>, which should include a data breach notification plan</font></li></ul><ul><ul><li><font face="Arial" size="3">This plan should be called an "incident response plan" because <u><i>not</i></u> every incident is a breach. By calling something a "breach" your team may be attributing a legal meaning to an event that is merely a potential security incident. Keep in mind that the term "breach" is defined in the statue.</font><font face="Arial" size="3"> </font><br></li></ul></ul><ul><ul><li><font face="Arial">Any security incident is a stressful event. Having a plan in place, that at the very least contains important phone numbers for contacts who can assist you through the process will ease the stress a bit. Your attorney should be the first call because you never know what you are going to find.</font></li></ul></ul><ul><li><font face="Arial"><u><font color="#993399"><b>Encrypt personal information</b></font></u> to the extent possible and <b><i>definitely</i></b> <font color="#CC0000"><u><b>encrypt all mobile devices</b></u></font></font></li></ul><ul><ul><li><font face="Arial">The loss and theft of laptops is one of the leading causes of data breaches. Laptops should have hard drive encryption (as opposed to a separate drive that each employee should use to store personal information). If your company is using a Windows based product, check to see if BitLocker is available on the version you're using because it comes preinstalled in some Windows products and only needs to be enabled.</font></li></ul></ul><ul><ul><li><font face="Arial">Employee owned mobile devices that have access to "personal information" should be enrolled in a mobile device management system and the company should have <i>written authorization</i> from the employee to wipe the device, copy the device, seize it in the event of litigation, etc. <br></font></li></ul></ul><ul><ul><li><font face="Arial"><b>Encryption is particularly important because it pulls the information out of the definition of "personal information" and therefore also pulls it out of the breach notification requirement</b>.</font></li></ul></ul><ul><li><font face="Arial"><font color="#993399"><u><b>Identify all vendor and business relationship that impact "personal information" and review the existing contracts</b></u></font> to ensure that your business will receive timely notification in the event of an incident as well as cooperation during the investigation<br></font></li></ul><div align="left"><font face="Arial"><b>A Few Highlights from the New Law</b></font><br><ul><li><font face="Arial">Arguably, every organization is covered under the law because the definition of "covered entity" is quite broad: <br></font></li></ul><blockquote><blockquote><font face="Arial">“Covered entity” means a sole proprietorship, partnership, corporation, trust, estate, cooperative, association, or other commercial entity that <i><b>acquires</b></i>, <b><i>maintains</i></b>, <i><b>stores</b></i>, or <i><b>uses</b></i> personal information. For purposes of the notice requirements . . ., the term includes a governmental entity.</font><font face="Arial"><br></font></blockquote><font face="Arial">Those in the healthcare space will be familiar with the term "covered entity" but note that this provision covers every organization that </font><font face="Arial"><i><b>acquires</b></i>, <b><i>maintains</i></b>, <i><b>stores</b></i>, or <i><b>uses</b></i> personal information.</font></blockquote><ul><li><font face="Arial">The definition of personal information is quite broad and includes social security numbers, healthcare information, health insurance policy number, credit card numbers, and "a user name or e-mail address, in combination with a password or security question and answer that would permit access to an online account."</font></li></ul><ul><li><font face="Arial">There is a shorter timeline to notify affected Florida individuals - Under Florida's previous law, organizations were required to notify within 45 days. Now, it is "no later than 30 days after the determination of a breach or reason to believe a breach occurred" unless there is a law enforcement delay or "if, after an appropriate investigation and consultation with relevant federal, state, or local law enforcement agencies, the covered entity reasonably determines that the breach has not and will not likely result in identity theft or any other financial harm to the individuals whose personal information has been accessed.</font></li></ul><ul><li><font face="Arial">As noted above, covered entities must take proactive measures to protect the personal information. "Each covered entity, governmental entity, or third-party agent shall take reasonable measures to protect and secure data in electronic form containing personal information."</font></li></ul></div><ul><li><font face="Arial">There is no private right of action. But, a "violation of this section shall be treated as an unfair or deceptive trade practice in any action brought by the [Department of Legal Affairs (i.e., the Florida Attorney General)] under s. 501.207 against a covered entity or third-party agent." Civil penalties are not to exceed $500,000 and will go into the General Revenue Fund.</font></li></ul><ul><li><font face="Arial">FIPA includes a data records disposal provision. "Each covered entity or third-party agent shall take all reasonable measures to dispose, or arrange for the disposal, of customer records containing personal information within its custody or control when the records are no longer to be retained. Such disposal shall involve shredding, erasing, or otherwise modifying the personal information in the records to make it unreadable or undecipherable through any means." <br></font></li></ul><p><font face="Arial">The text of the new law is available here - <a href="https://laws.flrules.org/2014/189">https://laws.flrules.org/2014/189.</a></font></p><font face="Arial"><font size="2">---------------------<br>[1] Interestingly, the Florida legislature addressed the possibility of this in the "Bill Analysis and Fiscal Impact Statement" as follows:<br></font></font><blockquote><font face="Arial"><font size="2">Although the bill does not specifically provide that the covered entity must be conducting business in this state, the Florida Long-Arm statute may provide courts with the authority to assert personal jurisdiction over a nonresident covered entity. The statute enumerates a number of actions that a person or his or her representative may take that would submit that person to the jurisdiction of Florida courts. Those actions include, among other things, operating, conducting, engaging in, or carrying on a business venture in this state or having an office or agency in this state; committing a tortious act within this state; or breaching a contract in this state by failing to perform acts required by the contract to be performed in this state. A person may also become subject to the jurisdiction of a Florida court if the person is engaged in substantial and not isolated activity within Florida.</font></font><br></blockquote><font face="Arial"><font size="2">Florida Senate, </font></font><font face="Arial"><font size="2"><font face="Arial"><font size="2">Bill Analysis and Fiscal Impact Statement</font></font>: CS/SB 1524, April 1, 2014, <a href="https://www.flsenate.gov/Session/Bill/2014/1524/Analyses/2014s1524.pre.rc.PDF">https://www.flsenate.gov/Session/Bill/2014/1524/Analyses/2014s1524.pre.rc.PDF</a>.<br></font></font><font face="Arial"><font size="2"><br></font></font><font face="Arial"><font size="2"><font face="Arial"><font size="2">---------------------<br></font></font></font></font><br><font face="Arial"><font size="2"><font face="Arial"><font size="2"><font face="Arial"><font size="2">Posted by: Tatiana Melnik on June 27, 2014</font></font><br></font></font></font> </font>    
 
 
 
 
 
 ]]></description>
<link>http://melniklegal.com/weblog/1403923293_Data-Breach.html</link>
<guid>http://melniklegal.com/weblog/1403923293_Data-Breach.html</guid>
<pubDate>Fri, 27 Jun 2014 22:41:33 EST</pubDate>
</item>
			
			
			
<item>
<title><![CDATA[Details on the Meaningful Use Penalties Hardship Exception]]></title>
<description><![CDATA[
 
 
 
 
     <div align="left"><div align="left"><font face="Arial">CMS has recognized that some eligible professionals (EP) and eligible hospitals (EH) are struggling to meet Meaningful Use obligations, which makes them subject to payment adjustments </font><font face="Arial">under the American Recovery and Reinvestment Act of 2009 (ARRA). <b>Payment adjustments are only applicable to the Medicare EHR Incentive Program</b> and would be applied beginning on </font><font face="Arial">January 1, 2015 for Medicare eligible professionals</font><font face="Arial"> and October 1, 2014 for </font><font face="Arial"><font face="Arial">eligible </font>hospitals. But, CMS has advised that EPs (and EHs) may be exempt from payment adjustments if they can show that demonstrating Meaningful Use would result in a significant hardship.</font><br></div><br><table border="0"><tbody><tr><td align="left" valign="top"><font face="Arial"><i><b><img src="https://melniklegal.com/images/EHR_Incentive_Program.jpg" height="145" width="277"></b></i></font></td><td align="left" valign="top"><font face="Arial">On March 10, 2014 CMS issued 2014 CEHRT Hardship Exception Guidance for <a href="https://www.cms.gov/Regulations-and-Guidance/Legislation/EHRIncentivePrograms/Downloads/CEHRT2014_HEGuidance_EPs.pdf">eligible professionals</a>, <a href="https://www.cms.gov/Regulations-and-Guidance/Legislation/EHRIncentivePrograms/Downloads/CEHRT2014_HEGuidance_Hospitals.pdf">eligible hospitals and critical access hospitals</a> that are unable to implement the 2014 Edition of Certified Electronic Health Record technology in time to successfully demonstrate meaningful use for the 2014 reporting year.<br><br></font><font face="Arial">While some information is included for EHs, this post focuses primarily on EPs.</font><font face="Arial"> </font><br></td></tr></tbody></table><table style="border: 0px solid red;"><tbody><tr><td><table border="0"><tbody><tr style="font-family: Arial;" align="center"><td><font size="3"><font size="2"></font></font><table style="text-align: left; margin-left: auto; margin-right: auto;" border="0"><tbody><tr><td valign="top"><div align="left"><font color="#006600" size="4"><u><i><b>What must EPs and EHs do to be considered for a hardship exception? </b></i></u></font><br><br><font size="3"><font size="3">To be considered, an EP or EH must:</font></font><br><ol><li><font size="3"><font size="3">complete a Hardship Exception application; and</font></font></li><li><font size="3"><font size="3">show proof of the hardship.<br></font></font></li></ol><font size="3"><font size="3">Applications for both EPs and EHs are available on the <a href="https://www.cms.gov/Regulations-and-Guidance/Legislation/EHRIncentivePrograms/paymentadj_hardship.html">CMS website here</a>.</font></font><br><br><font color="#993300">Please be sure to review your application carefully because "all documentation is required at the time of submission and additional documentation <b><u>will not be accepted</u></b>."</font><br><br><font color="#006600" size="4"><u><i><b>Is there any liability associated with signing the Hardship Application?</b></i></u></font><br><br>Yes. Care should be taken when completing applications (as well as when making Meaningful Use attestations). Both the signatory and the eligible professional can be held personally liable for the information in the application. When signing the Hardship Application, the signatory attests that: "I understand that both the provider and I can be held personally responsible for all information entered."<br><br><a href="https://melniklegal.com/programs/weblog.cgi?showpage=1392220559_Meaningful-Use">On January 22, 2014, a Texas grand jury indicted a former CFO on allegations of EHR Meaningful Use fraud</a>. The CFO was charged with making false statements to CMS and aggravated identity theft. <font face="Arial">If convicted, the CFO faces up to 5 years in federal prison for making a false statement and up to 2 years in federal prison for aggravated identity theft.</font><br></div><font face="Arial" size="3"><font size="3"></font></font></td><td style="border: 1px solid #edad27; padding:3px;" bgcolor="#001c31" valign="top" width="300px"><font color="#FFFFFF" size="3">Find the Meaningful Use process confusing? Need help navigating the EHR incentive program?<br><br>Now sure what all of the Meaningful Use requirements mean? <br><br>Need help completing the Exception Application? Need help selecting the appropriate hardship reason?</font><font color="#FFFFFF" size="3"><font face="Arial"><i><br><br></i>Has you practice or hospital been overpaid under the Medicare EHR Incentive Program?<i><br><br></i></font></font><div align="center"><font color="#FFFFFF" size="4"><b>We can help! <br>Please <a href="https://melniklegal.com/Contact.html" style="color: #CC0033">contact us</a> today.</b></font><br></div><font color="#FFFFFF" size="3"></font><font color="#FFFFFF" size="3"><br>We can also assist with resolving EHR vendor and other IT vendor disputes. <br></font><br><font color="#FFFFFF" size="3"><font color="#FFFFFF" size="3">You may also want to read our article in the </font><font color="#FFFFFF" size="3"><font face="Arial">Journal of Health Care Compliance entitled, <a href="https://melniklegal.com/av/2014_01_JHCC_Allscripts_EHR_Class_Action.pdf" style="color: #d9d9d9"><i>Doctors, Unhappy with their EHR System, Sue the Vendor in a Class Action: Now May Be the Time to Reassess EHR Solutions and Formulate a Plan to Remedy Deficiencies</i></a>.</font></font><br></font><font color="#FFFFFF" size="3"><br><br><u><b></b></u></font><font color="#FFFFFF"></font></td></tr></tbody></table></td></tr></tbody></table></td></tr></tbody></table><div><div align="left"><br><font face="Arial"><font face="Arial"><font color="#006600" size="4"><u><i><b>When are the applications due?</b></i></u></font><br><br><font size="3"><font size="3">Applications from EPs must be submitted to CMS no later than midnight EDT on July 1, 2014</font></font>.<br><br>Applications from EHs must be submitted to CMS no later than midnight EDT on April 1, 2014.<br><br><font color="#006600" size="4"><u><i><b>How will CMS notify me of its decision?</b></i></u></font><br><br>Notifications will be made to the e-mail address provided to CMS.<br><br><font color="#006600" size="4"><u><i><b>Can CMS's decision on the hardship be appealed?</b></i></u></font><font size="4"><br></font><br>No. According to CMS, "determinations made by CMS or their designee regarding Hardship Exceptions are final and cannot be appealed."</font><u><b><font face="Arial"><u><br></u></font></b><i><b><font face="Arial" size="4"><u><i><br><font color="#006600">Will CMS be flexible in granting hardship exceptions?</font></i></u></font><font face="Arial"><br><br></font></b></i></u></font><div align="left"><font face="Arial">In a speech at the National HIMSS Conference, CMS Administrator Marilyn Tavenner said that, while CMS would not delay the compliance deadline for Meaningful Use Stage 2,<b> the agency would be more flexible in granting hardship exemptions to providers</b>. [1] In a March 6, 2014 letter to Tavenner, Senators John Thune (R-SD), Lamar Alexander (R-TN), Richard Burr (R-NC), Tom Coburn, (R-OK), Mike Enzi (R-WY), and Pat Roberts (R-KS) requested that CMS “immediately clarify how the hardship exceptions will be granted.” [2]<br></font></div><font face="Arial" size="4"><u><i><b><br><font color="#006600">What does it mean to have a "hardship?"</font></b></i></u></font><br><br><font face="Arial">In the application, CMS has advised that "to file a Hardship Exception Application, the circumstance must be beyond the EP's control <u><b><i>and</i></b></u> the EP must <i>explicitly outline</i> how the circumstance significantly impaired the EP's ability to meet Meaningful Use." </font><br><br><font face="Arial">CMS provides the following list of available reasons in the application:</font><br><ul><li><font face="Arial"><u><b>Lack of Infrastructure</b></u> - During any 90 day period from January 1, 2013 to July 1, 2014 (the beginning of the year that is 2 years before the payment adjustment year to July 1 of the year preceding the payment adjustment year), the EP was located in an area without sufficient Internet access to comply with the Meaningful Use objectives requiring Internet connectivity, and faced insurmountable barriers to obtaining such Internet connectivity. <br></font></li></ul><ul><li><font face="Arial"><u><b>Unforeseen and/or Uncontrollable Circumstances</b></u> - During the 1 or 2 calendar years (2013 and 2014) preceding the payment adjustment year (2015), the EP faced extreme and uncontrollable circumstances that prevented the EP from becoming a meaningful EHR user. Some of these circumstances include:</font></li></ul><ul><ul><li><font face="Arial">Weather disaster</font></li><li><font face="Arial">Unable to obtain data necessary to attest to Meaningful Use because the medical practice closed or otherwise went out of business</font></li><li><font face="Arial">Bankruptcy or debt restructuring<br></font></li></ul></ul><ul><li><font face="Arial"><u><b>Lack of control over the availability of Certified EHR Technology</b></u> - EPs who had difficulty in meeting Meaningful Use during the period that begins 2 calendar years before the payment adjustment year through the Application deadline (January 1, 2013 -July 1, 2014) must demonstrate that:</font></li></ul><ul><ul><li><font face="Arial">EP practices at multiple locations, <b><i>and </i></b><br></font></li><li><font face="Arial">is unable to control the availability of Certified EHR Technology at one such practice location or a combination of practice locations, <i><b>and </b></i><br></font></li><li><font face="Arial">where the location or locations constitute more than 50 percent of patient encounters.</font></li></ul></ul><ul><li><font face="Arial"><u><b>Lack of Face-to-Face Interaction</b></u> - EPs who had difficulty in meeting Meaningful Use during the period that begins 2 calendar years before the payment adjustment year through the Application deadline (January 1, 2013 -July 1, 2014).&nbsp;</font></li></ul><ul><ul><li><font face="Arial"><i><b>This exception is only available if the EP can demonstrate</b></i>: (1) lack of face to face interactions, and (2) lack of need to follow up with patients.</font></li></ul></ul><ul><ul><li><font face="Arial">The EP must demonstrate (a) either a complete lack of face-to-face interactions and follow-up <b><u>or</u></b> (b) that the cases of face-to-face interaction and follow-up are extremely rare and not part of normal scope of practice for that EP.<br></font></li></ul></ul><ul><li><font face="Arial"><u><b>2014 EHR Vendor Issues</b></u> - During the fiscal year (2014) preceding the payment adjustment year (2015), the EP's EHR vendor was unable to obtain 2014 certification or the EP was unable to implement Meaningful Use due to 2014 EHR certification delays.<br></font></li></ul><font face="Arial">The information needed to substantiate the hardship is relatively detailed. So, for example, if the reason for the hardship is lack of infrastructure because the cost of an Internet connection is prohibitive, the EP must provide a copy of the one-time infrastructure build-out cost quote from Internet Service Provider.</font><br><br><font color="#006600" face="Arial" size="4"><u><i><b>How long is the hardship exception valid?</b></i></u></font><br><br><font face="Arial"><font size="3"><font size="3">If approved, the Meaningful Use hardship exception is valid for one (1) payment year only.</font></font></font><br><font size="4"><br><font color="#006600" face="Arial"><i><u><b>What if the hardship exception continues into the next&nbsp; payment year?</b></u></i></font></font><br><br><font face="Arial"><font size="3"><font size="3">CMS will require that the provider or the hospital complete a new application. But, per CMS, "in no case may a provider be granted an exception for more than 5 years."</font></font></font><br><br><font color="#006600" face="Arial" size="4"><u><i><b>Are there any EPs that are excluded from the payment adjustments or otherwise not required to complete the Exception Application?</b></i></u></font><br><br><font face="Arial"><font size="3"><font size="3">Yes. The following EPs do not need to complete an application:</font></font></font><br><font face="Arial"> </font><ul><li><div><font face="Arial" size="3">EPs that <u><i>successfully</i></u> met Meaningful Use in 2013 will be <u><i>excluded</i></u> from the payment adjustment and do not need to submit a Hardship Exception Application for Payment Year 2015.</font></div></li></ul><ul><li><font face="Arial" size="3">Providers that are classified in the Medicare Provider Enrollment, Chain and Ownership System (PECOS) as having one of the following 5 specialty codes as their primary area of practice DO NOT need to submit the application because they <i><u>will be granted a Hardship Exception and are automatically exempt from the 2015 payment adjustment</u></i> based on the data in PECOS:</font></li></ul><ul><ul><li><font face="Arial" size="3">Diagnostic Radiology (30)</font></li><li><font face="Arial" size="3">Nuclear Medicine (36)</font></li><li><font face="Arial" size="3">Interventional Radiology (94)</font></li><li><font face="Arial" size="3">Anesthesiology(05)</font></li><li><font face="Arial" size="3">Pathology (22)&nbsp;</font></li></ul></ul><ul><li><font face="Arial" size="3">New EPs enrolling in the Medicare program, DO NOT need to submit the application because they will be granted a Hardship Exception and are automatically exempt from the 2015 payment adjustment based on the data in PECOS.</font></li></ul><ul><li><font face="Arial" size="3">Hospital-based EPs for 2012 or 2013, DO NOT need to submit the application because they will be granted a Hardship Exception and are automatically exempt from the 2015 payment adjustment based on the data in PECOS.</font></li></ul></div><b><font face="Arial">Related Posts</font></b><br><ul><li><font face="arial" size="3"><a href="https://melniklegal.com/programs/weblog.cgi?showpage=1392220559_Meaningful-Use">Grand Jury Indicts Former CFO on Allegations of EHR Meaningful Use Fraud</a></font></li><li><font face="arial" size="3"><a href="https://melniklegal.com/programs/weblog.cgi?showpage=1387148396_Meaningful-Use">Eligible Professionals May Apply for a Hardship Exception from Meaningful Use Penalties</a></font></li></ul><br><font face="Arial"><font size="2">Posted by: Tatiana Melnik</font></font><br><font face="Arial"><font size="2">Date: March 10, 2014</font></font><br></div><font face="Arial">-----------------<font face="Arial" size="2"><br>[1] </font></font><font face="Arial"><font face="Arial" size="2">Ashley Gold, <a href="https://www.fiercehealthit.com/story/marilyn-tavenner-cms-meaningful-use-stage-2-himss14-hardship-exemptions/2014-02-27">UPDATED: CMS to be More Flexible with Meaningful Use Stage 2 Hardship Exemptions, FierceHealthIT</a>, Feb. 27, 2014.<br></font></font></div><div align="left"><font face="Arial"><br><font size="2">[2] Press Release, <a href="https://www.help.senate.gov/newsroom/press/release/?id=9e83e7af-9b47-48be-b302-f29383957baa&amp;groups=Ranking.">GOP Senators Call For Details on Administration Plan to Grant Exemptions from Electronic Health Records Regulations</a>, March 6, 2014.<br></font></font><font color="#006600"><b><font face="Arial" size="2"></font></b></font></div>    
 
 
 
 
 
 ]]></description>
<link>http://melniklegal.com/weblog/1394427020_Meaningful-Use.html</link>
<guid>http://melniklegal.com/weblog/1394427020_Meaningful-Use.html</guid>
<pubDate>Mon, 10 Mar 2014 00:50:20 EST</pubDate>
</item>
			
			
			
<item>
<title><![CDATA[Wyoming Legislature Rejects Bill Limiting Employer Access to Social Media Accounts]]></title>
<description><![CDATA[
 
 
 
 <div align="left"><div align="left"><div align="left"><font face="Arial">On February 27, 2014, the Wyoming House failed to pass (on a 16-36 vote in the House) a bill that would have restricted an employer's ability to request or require access to a social media account of an employee or prospective employee. The Senate approved the bill on February 18, on a 28-2 vote.</font><br><br><font face="Arial">With the growth of social media and peoples desire to share everything with the world, even news that is subject to an <a href="https://melniklegal.com/weblog/1393990952_Social-Media.html">explicit confidentiality provision</a>, many employers have used these same tools to evaluate prospective employees as well as monitor current employees.</font><br><br><font face="Arial">Several states have already passed <a href="https://melniklegal.com/states_regulate_social_media.html">laws restricting employer access to employee's or prospective employee's social media accounts</a>. As of this writing, Wyoming would have been the thirteenth state.</font><br><br><font face="Arial">Proposed Bill S.F. 81 provided that it was a "discriminatory or unfair employment practice [f]or an employer or employment agency, itself or through its agent, to request or require any employee or prospective employee to disclose any username, password or other means for viewing or accessing the information contained on an employee's or prospective employee's personal social media account." [1] The proposed Bill further defined "social media account" as "an electronic service or account, or electronic content, including but not limited to, videos, still photographs, blogs, video blogs, podcasts, instant and text messages, email, online services or accounts, or internet website profiles or locations." [2]</font><br><br><font face="Arial">But, the proposed Bill did not prohibit employers and their agents from engaging in a number of activities, including, for example, "[r]equesting an employee or prospective 3employee to divulge personal social media reasonably believed to be relevant to an investigation of allegations of employee misconduct or employee violation of applicable laws and regulations, provided that the social media is used solely for purposes of that investigation or a related proceeding[.]" [3]</font><br><br><font face="Arial">The proposed language would have been incorporated into the <a href="https://legisweb.state.wy.us/statutes/statutes.aspx?file=titles/Title27/T27CH9.htm">Wyoming Fair Employment Practices Act of 1965</a> (Title 27, Chapter 9), which provides that, aggrieved parties may bring their cases to the Wyoming Department of Workforce Services. [4]</font><br><br><font face="Arial">According to a report by BNA, "House bill sponsor Ruth Ann Petroff (R) [said] that the bill failed 'because there were a perfect number of people who didn't think the bill went far enough combined with a perfect number who thought it went too far.'"</font><br><br></div><div align="left"><div align="left"><font face="Arial">Employers should continue to pay attention to passed and pending legislation regarding social media access as well as on-going activities at the National Labor Relations Board. Employers should also be aware that reviewing the social media accounts of prospective employees may put them at risk to claims that decisions not to hire were unlawful discrimination or retaliation for activity that is protected by law. Existing laws prohibit employers from basing their hiring decisions on a number of factors, including a person’s age, race, national origin, religion and marital status. The Constitutions and laws of a number of states prohibit additional factors.<br><br></font></div><br><div align="left"><font color="#000099"><b><font face="Arial">NOTE: Tatiana Melnik is not licensed to practice law in</font></b></font><font color="#000099"><b><font face="Arial"><font face="Arial"> Wyoming</font>. <u>Please contact counsel licensed in </u></font></b></font><font color="#000099"><b><font face="Arial"><u><font face="Arial">Wyoming </font>with questions related to Wyoming </u></font></b></font><font color="#000099"><b><font face="Arial"><u>law</u>. For referrals, please check with the Wyoming Bar Association at <a href="https://www.wyomingbar.org/">https://www.wyomingbar.org/</a>.</font></b></font><br></div></div></div><font face="Arial"></font><br><div align="left"><font face="Arial"><font size="2">--------------------------------------<br></font></font><div align="left"><font face="Arial"><font size="2">[1] State of Wyoming, Employer Access to Social Media Accounts, Senate File No. SF0081, 27-9-105(a)(v) (Feb. 2014), <i>available at</i> <a href="https://legisweb.state.wy.us/2014/Introduced/SF0081.pdf">https://legisweb.state.wy.us/2014/Introduced/SF0081.pdf</a>.</font></font><br><br><font face="Arial"><font size="2">[2] Id.</font></font><br><br><font face="Arial"><font size="2">[3] Id. at </font></font><font face="Arial"><font size="2">27-9-105(a)(v)(B).</font></font><br><br><font face="Arial"><font size="2">[4] See sec. 27-9-106(a). ("Any person claiming to be aggrieved by a discriminatory or unfair employment practice may, personally or through his attorney, make, sign and file with the department within six (6) months of the alleged violation a verified, written complaint in duplicate which shall state the name and address of the person, employer, employment agency or labor organization alleged to have committed the discriminatory or unfair employment practice, and which shall set forth the particulars of the claim and contain other information as shall be required by the department. The department shall investigate to determine the validity of the charges and issue a determination thereupon."</font></font><br><br><font face="Arial"><font size="2"><font face="Arial">------------------<br><br><i>Posted on: March 26, 2014</i></font></font></font><br><i><font face="Arial"><font size="2">By: Tatiana Melnik</font></font></i><br></div></div></div><font face="Arial"><br></font>
 
 
 
 ]]></description>
<link>http://melniklegal.com/weblog/1394947465_Social-Media.html</link>
<guid>http://melniklegal.com/weblog/1394947465_Social-Media.html</guid>
<pubDate>Sun, 16 Mar 2014 01:24:25 EST</pubDate>
</item>
			
			
			
<item>
<title><![CDATA[HMA to Repay $31 Million for Improper EHR Claims]]></title>
<description><![CDATA[
 
 
 
 
   <div align="left"><font face="Arial">In a Form 8-K filed with the SEC on November 5, 2013 <a href="#one">[1]</a>, Health Management Associates, Inc. (HMA) announced that it will restate financial statements to address a repayment of $31 million the company received in EHR Incentive Payments for demonstrating "Meaningful Use" of certified EHR technology.&nbsp; HMA notified CMS and the relevant state programs and is in the process of repaying the funds received from both Medicare and Medicaid.<a href="#two">[2]</a></font><br><br><font face="Arial">HMA explained that, "[i]n October 2013, based on the results of an internal review, the Company determined that it had made an error in applying the requirements for certifying its EHR technology under these programs and, as a result, that 11 of the hospitals it had enrolled in the [federal Medicare and various state Medicaid Healthcare Information Technology (HCIT)] programs did not meet the 'meaningful use' criteria necessary to qualify for HCIT payments." As a result, HMA will be restating financial statements for the years ended December 31, 2010, 2011 and 2012 and the quarters ended March 31 and June 30, 2013 to correct the accounting treatment of the payments:</font><br><ul><li><font face="Arial">2011 - recognized as income approximately $8.3 million</font></li><li><font face="Arial">2012 - recognized as income approximately $17.3 million </font></li><li><font face="Arial">2013 (first six months) - recognized as income approximately $5.4 million</font></li></ul><font face="Arial">HMA also advised that the following filings and reports "should no longer be relied upon" given the errors:</font><br><ul><li><font face="Arial">consolidated financial statements contained in</font></li><ul><li><font face="Arial">HMA's Annual Report on Form 10-K for the fiscal year ended December 31, 2012</font></li><li><font face="Arial">the Quarterly Reports on Form 10-Q for the fiscal quarters ended March 31, 2013 and June 30, 2013 </font></li></ul><li><font face="Arial">all releases issued by HMA discussing its financial results for December 31, 2012, March 31, 2013, and June 30, 2013</font></li><li><font face="Arial">HMA's guidance for fiscal year 2013 issued on July 30, 2013</font></li><li><font face="Arial">Ernst &amp; Young LLP reports dated February 27, 2013 on HMA's consolidated financial statements and the effectiveness of HMA's internal control over financial reporting</font></li></ul><font face="Arial">HMA's story is a good reminder that Meaningful Use payment recipients, particularly those with multiple offices, must take the appropriate steps to audit use to ensure that incentives are not being claimed erroneously. CMS hired Figliozzi and Company to undertake audits on Medicare eligible professionals and eligible hospitals, as well as on hospitals that are eligible for both the Medicare and Medicaid EHR Incentive Programs. CMS made clear in an announcement in February 2013 that it expects eligible professionals, eligible hospitals, and critical access hospitals to "retain ALL relevant supporting documentation (in either paper or electronic format) used in the completion of the Attestation Module responses." <a href="#three">[3]</a></font><br><br><b><font face="Arial">How long the documentation must be retained depends on the type of documents:</font></b><br><ul><li><font face="Arial">Documents that support attestation data for meaningful use objectives and clinical quality measures - <b>retained for six years post-attestation</b></font></li><li><font face="Arial">Documents that support payment calculations (e.g., cost report data) - retention period should follow the current document retention processes.</font></li></ul><p><font face="Arial">Companies should review their document retention policies to ensure that the policies are consistent with requirements. If no retention policy is currently in place, now may be the appropriate time to develop such a policy.</font></p> <align="left"><font face="Arial" size="2"><a name="one">[1]</a> <a href="https://www.sec.gov/Archives/edgar/data/792985/000090951813000221/mm11-0513_8k.htm">Health Management Associates, Inc., Securities and Exchange Commission Form 8-K</a>, Nov. 5, 2013.</font><p></p><div align="left"><font face="Arial" size="2"> </font></div><p class="MsoNormal" align="left"><font face="Arial" size="2"><a name="two">[2]</a> <a href="https://www.sec.gov/Archives/edgar/data/792985/000090951813000221/mm11-0513_8ke991.htm">Press Release, Health Management Associates, Inc.</a>, Nov. 5, 2013<span style="mso-spacerun:yes"></span>.</font></p><div align="left"><font face="Arial" size="2"> </font></div><p class="MsoNormal" align="left"><font face="Arial" size="2"><a name="three">[3]</a> CMS, <a href="https://melniklegal.com/av/2013_CMS_Supporting_Docs_EHR_Audits.pdf">EHR Incentive Program, Supporting Documentation for Audits</a>, Updated Feb. 2013.</font><a href="null"><font face="Arial" size="2"></font></a></p> </align="left"></div>   
 
 
 
 
 
 ]]></description>
<link>http://melniklegal.com/weblog/1384221786_EHR.html</link>
<guid>http://melniklegal.com/weblog/1384221786_EHR.html</guid>
<pubDate>Mon, 11 Nov 2013 21:03:06 EST</pubDate>
</item>
			
			
</channel>
</rss>