Moving the HME Industry Forward

General Healthcare

HIPAA Privacy Rule and Marketing

July 31, 2017

AMARILLO, TX – An important element of the success of a DME supplier is a vibrant marketing program. In implementing a marketing program, the supplier needs to avoid pitfalls pertaining to the Medicare anti-kickback statute (“AKS”), the federal beneficiary inducement statute, the federal telephone solicitation statute, the Stark physician self-referral statute, federal and state telephone consumer protection laws, and federal and state do-not-call registries.

Equally important, suppliers need to be aware of the restrictions set out in HIPAA. HIPAA has a number of “rules” that must be followed, including the “Privacy Rule.” This rule addresses the “use and disclosure” of confidential information pertaining to patients. HIPAA refers to this info as “protected health information” or “PHI.” Unless an exception is met, the Privacy Rule requires a DME supplier to obtain authorization from a patient before the supplier can “use” or “disclose” the patient’s PHI.

Covered Entities and Business Associates
HIPAA applies to “covered entities” and their “business associates.” The term “covered entities” includes an entity that “furnishes, bills, or is paid for health care.” A “business associate” is a person or entity, other than an employee of the covered entity, that “creates, receives, maintains, or transmits [PHI] on behalf of the covered entity”…in our case, a DME supplier. Examples of services provided by business associates include claims processing, data analysis, data processing, utilization review, and billing. For example, an outside marketing company would be a business associate of a DME supplier if, when performing services, the marketing company uses PHI provided by the supplier.

On the other hand, if the marketing company does not contact the DME supplier’s patients (on behalf of the supplier) and the marketing company does not utilize PHI provided by the supplier, then the marketing company would not be considered the supplier’s “business associate.” In this case, HIPAA would not apply to the marketing company’s arrangement with the DME supplier.

Patient Authorization
A DME supplier must obtain a patient’s “blue ink” or electronic authorization for use or disclosure of PHI that is not for “treatment, payment, or healthcare operations” or otherwise permitted under the Privacy Rule. Communications, for the purpose of marketing, require written authorization under HIPAA. If communications meet the HIPAA definition of “marketing” then the DME supplier will have to obtain the patient’s written (”blue ink” or electronic) authorization for the “use” or “disclosure” before the supplier uses the PHI for marketing purposes.

Marketing
HIPAA defines “marketing” as “a communication about a product or service that encourages recipients of the communication to purchase or use the product or service.” The Privacy Rule generally requires suppliers to obtain a prior authorization for use or disclosure of PHI for marketing purposes unless the communication is in the form of (i) a face-to-face communication made by the supplier to the patient, or (ii) a promotional gift of nominal value provided by the DME supplier.

When Authorization is Not Required
The Privacy Rule sets out two exceptions to the definition of “marketing.” If one of these two exceptions is met, then the patient’s prior authorization is not required prior to the supplier “using” or “disclosing” the patient’s PHI. The first exception allows the DME supplier to provide refill reminders to its patients. The second exception allows the supplier to make communications for certain treatment and health care operations purposes, except where the supplier receives remuneration in exchange for the communication. Communications made for treatment and health care operations that are not considered marketing include “communications to describe a health-related product or service…that is provided by…the covered entity making the communication.” This exception allows the supplier to communicate to its patients about the supplier’s own health-related products and services.  

Jeff Baird will be presenting the following webinar:

Webinar Sponsored by ResMed
Avoiding Legal Landmines While Navigating the DME Cash-Pay Landscape
Presented by: Jeffrey S. Baird, Esq., Brown & Fortunato, P.C.

Wednesday, August 2, 2017
Time Option 1:  10-11 a.m. PT
Time Option 2:  1-2 p.m. PT

In the face of a challenging reimbursement environment, DME suppliers are exploring new business models. With consumers taking an increasingly active role in their healthcare decisions and patients paying more out of pocket for valued products, the cash-pay market is growing.

Federal and state laws – along with health insurers’ contractual obligations – may restrict cash-payment transactions, but by being aware of these laws, terms and conditions, DME suppliers can employ processes to maintain compliance.

Are you prepared to navigate the cash-payment landscape?
This webinar will explore:
• Federal laws and regulations that may impact cash-pay transactions
• Terms and conditions in health insurer-supplier contracts that may impact cash-pay transactions
• Legal business entity structures to consider
• Products that may be eligible for cash-pay
• When ABNs and financial liability waivers should be used
• Pricing policies
• The importance of finding an experienced advisor to help you navigate this landscape

Register now for this free webinar on Wednesday, August 2, 2017, with Jeffrey S. Baird, Esq. of  Brown & Fortunato, PC.

Jeff Baird and Andrea Stark will be presenting the following webinar:
AAHOMECARE’S EDUCATIONAL WEBINAR
The Next 12 Months: “Hot Button” Issues for DME Suppliers

Presented by: Jeffrey S. Baird, Esq., Brown & Fortunato, P.C. & Andrea Stark, Reimbursement Consultant, Mira Vista, LLC
Monday, August 14, 2017
2:30-4:00 p.m. EASTERN TIME
The DME industry is young and it grew up unregulated. However, over the past 10 years it is as if CMS and Capitol Hill are making up for lost time. The industry is now caught in a “perfect storm” of competitive bidding, lower reimbursement, out-of-control audits, and stringent documentation requirements. In short, there are many “hot button” issues facing suppliers. This program will address these issues, including (i) the upcoming Competitive Bidding 2019; (ii) the national RAC rollout; (iii) nonassigned claims and the use of ABNs; (iv) dos and don’ts of marketing; (v) how to properly build a referral network; (vi) assisting hospitals in preventing readmissions; (vii) selling Medicare-covered items at a discount off the Medicare allowable; (viii) selling at retail; and (ix) providing DME on a nonassigned basis.

Register for The Next 12 Months:  “Hot Button” Issues for DME Suppliers on Monday, August 14, 2017, 2:30-4:00 pm ET, with Jeffrey S. Baird, Esq., Brown & Fortunato, P.C. and Andrea Stark, Reimbursement Consultant, Mira Vista, LLC.

Please contact Ika Sukh at ikas@aahomecare.org if you experience any difficulties registering.

FEES   
Member: $99.00    
Non-Member: $129.00

Jeffrey S. Baird, JD, is chairman of the Health Care Group at Brown & Fortunato, PC, a law firm based in Amarillo, Tex. He represents pharmacies, infusion companies, HME companies and other health care providers throughout the United States. Mr. Baird is Board Certified in Health Law by the Texas Board of Legal Specialization, and can be reached at (806) 345-6320 or jbaird@bf-law.com.

Elizabeth H. Jepson, JD, is an attorney with the Health Care Group at Brown & Fortunato PC, a law firm based in Amarillo, Tex. She represents pharmacies, HME companies, hospitals, and other health care providers throughout the United States. Ms. Jepson is Board Certified in Health Law by the Texas Board of Legal Specialization, and can be reached at (806) 345-6312 or ejepson@bf-law.com.