Transcript Medical-Legal Issues

Medical-Legal Issues
…or what does this mean
so I can pass this section
of the boards…
Objectives
 Familiarize
yourself with “board
question” medical/legal abbreviations
 Definitions and overview of each
 Understanding of how the “alphabet
soup” relates to each other
FIRST THE LATIN…
Respondeat superior
 Vicarious
liability
– Captain of the ship
– physicians responsible for the damages
allegedly caused by the negligence of
those working “underneath” them
 e.g.,
nurses in failing to remove sponges or
devices at the conclusion of surgical
procedures.
Res ipsa loquitur
 “the
thing speaks for itself”
– invoked when it appears self-evident
that since the patient was in the hands
of the medical staff, and something
went wrong which should not have, the
blame follows the people in whose
hands the patient was.
– presumes that the surgeon was
negligent because he had exclusive
control of the operating room
 e.g.,
wrong leg amputated
Abbreviations
 HIPAA
 EMTALA
 COBRA
 ERISA
 FMLA
 JCAHO
 TORT
HIPAA
Health
Insurance
Portability
and
Accountability
Act
– 1996, Public Law 104-191 (104th congress)
HIPAA
 “An
Act…
– To amend the Internal Revenue Code of
1986 to improve portability and
continuity of health insurance coverage
in the group and individual markets, to
combat waste, fraud and abuse in
health insurance and health care
delivery, to promote the use of medical
savings accounts, to improve access to
long-term care services and coverage,
to simplify the administration of health
insurance, and for other purposes”
HIPAA
 Required
Department of Health and
Human Services (HHS) to establish
national standards for electronic
health care transactions and national
identifiers for providers, health plans
and employers
 Addressed security and privacy of
health data
HIPAA definitions
 Health
Information
– Any information, whether oral or
recorded in any form or medium, that
 Is
created or received by a health care
provider, health plan, public health
authority, employer, life insurer, school or
university, or health care clearinghouse
 Relates to past, present or future physical or
mental health or condition of an individual,
the provision of health care to an individual,
or the past, present or future payment for
the provision of health care to an individual.
HIPAA definitions

Individually Identifiable Health
Information
– Any information, including demographic
information collected from an individual that
 Is
created or received by a health care provider,
health plan, employer and
 Relates to the past, present or future physical or
mental health or condition of an individual and
 Identifies the individual or
 With respect to which there is reasonable basis to
believe that the information can be used to identify
the individual
HIPAA
 Title
I – protects health insurance
coverage for workers and their
families when they change or lose
their jobs
 Title II - requires establishment of
National standards for electronic
health care transaction and national
identifiers for providers, health
insurance plans and employers
HIPAA - Title I
 Health
Care Access, Portability and
Renewability
HIPAA Title I
Amends Employee Retirement Income
Security Act (ERISA) and Public health
service act
 Prohibits any group health plan from
creating eligibility rules or assessing
premiums for individuals in the plan based
on health status, medical history, genetic
information or disability

– Does NOT apply to private individual insurance
HIPAA - Title II
 Preventing
health care fraud and
abuse
 Administrative simplification
 Medical liability reform
HIPAA - Title II

Defines numerous offenses relating to
health care
– Sets civil and criminal penalties for them
Creates programs to control fraud and
abuse within the health care system
 Most significant provisions are
Administrative Simplification Rules

– Requires DHHS to draft rules aimed at
increasing the efficiency of the health care
system by creating standards for the use and
dissemination of health care information
HIPAA - Title II
 Five
rules regarding Administrative
Simplification
– Privacy Rule
– Transactions Code Sets Rule
– Security Rule
– Unique Identifiers Rule
– Enforcement Rule
HIPAA Title II
Privacy Rule
HIPAA – Privacy Rule
 Establishes
regulations for the use
and disclosure of Protected Health
Information (PHI)
– PHI – any information about health
status, provision of health care, or
payment for health care that can be
linked to an individual.
HIPAA - Privacy Rules





Requires entities to notify individuals of uses of
their PHI
Requires entities to keep track of disclosures of
PHI and document privacy policies and
procedures
Appoint a Privacy Official and contact person
responsible for receiving complaints
Train all members of workforce in procedures
regarding PHI
An Individual who believes that Privacy Rule is
not being upheld can file a complaint with
Department of Health and Human Services office
for Civil Rights (OCR)
Privacy Rule
 Must
disclose PHI to the individual
within 30 days of request
 Must disclose when required to do
so by law
– e.g., child abuse reporting
Privacy Rule

May disclose to facilitate treatment,
payment or health care operations or if
have obtained authorization from the
individual
– Minimum necessary to achieve purpose
Gives individuals right to request
correction of inaccurate PHI
 Requires taking reasonable steps to
ensure confidentiality of communications
with individuals

HIPAA Title II
Transactions and Code
Sets Rule
HIPAA - Transactions and Code
Sets Rule
 Most
medical providers that file
electronically will have to file their
electronic claims using the HIPAA
standards in order to be paid.
– Exceptions for doctors that meet certain
criteria
HIPAA Title II
Security Rule
HIPAA – Security Rule
 Complements
the Privacy Rule.
 It lays out three types of security
safeguards required for compliance
– Administrative
– Physical
– Technical
HIPAA – Security Rule

For each safeguard, the Rule identifies
various security standards, and for each
standard, it names both required and
addressable implementation specifications.
– Required specifications must be adopted and
administered as dictated by the Rule.
– Addressable specifications are more flexible.
Individual covered entities can evaluate their
own situation and determine the best way to
implement addressable specifications.
Security Rule
Administrative Safeguards
Security Rule – Administrative
Safeguards




Policies and procedures designed to clearly show
how comply with the act
Must adopt a written set of privacy procedures
and designate a privacy officer to be responsible
for developing and implementing them.
Policies and procedures must reference
management oversight and organizational buy-in.
Procedures should clearly identify employees or
classes of employees who will have access to
protected health information (PHI).
– Access to PHI in all forms must be restricted to only
those employees who have a need for it to complete
their job function.
Security Rule – Administrative
Safeguards




The procedures must address access
authorization, establishment, modification, and
termination.
Must show that appropriate ongoing training
program regarding the handling PHI is provided.
Entities that out-source some of their business
processes to a third party must ensure that their
vendors also comply.
A contingency plan should be in place for
responding to emergencies.
– Backing up their data and having disaster recovery
procedures in place.

Internal audits play a key role in compliance
Security Rule – Physical
Safeguards


Controlling physical access to protect against
inappropriate access to protected data
Controls must govern the introduction and
removal of hardware and software from the
network.
– When equipment is retired it must be disposed of
properly to ensure that PHI is not compromised.


Required access controls consist of facility
security plans, maintenance records, and visitor
sign-in and escorts.
Policies are required to address proper
workstation use.
– Workstations should be removed from high traffic areas
– Monitor screens should not be in direct view of the
public.
Security Rule
Technical Safeguards
Security Rule – Technical
Safeguards


Controlling access to computer systems and enabling
covered entities to protect communications containing PHI
transmitted electronically over open networks from being
intercepted.
Information systems housing PHI must be protected from
intrusion.
– If open networks, encryption must be utilized.
– If closed systems/networks are utilized, encryption is optional.


Each covered entity is responsible for ensuring that the
data within its systems has not been changed or erased in
an unauthorized manner.
Must authenticate entities communicates with.
– Corroborating that an entity is who it claims to be.

Examples-password systems, two or three-way handshakes,
telephone callback, and token systems.
HIPAA Title II
Unique Identifiers Rule
HIPAA – Unique Identifiers Rule
The National Provider Identifier
 Effective May 2006
 All covered entities using electronic
communications must use a single new
National Provider Identifier (NPI).
 Replaces all other identifiers used by
health plans, Medicare, Medicaid, and
other government programs.

Unique Identifier Rule
Does not replace a provider's DEA
number, state license number or tax
identification number.
 10 digits.
 Cannot contain any imbedded intelligence
 Does not have any additional meaning.

– Unique and national
– Never re-used
– A provider usually can have only one.
HIPAA Title II
Enforcement Rule
Enforcement Rule
 Became
effective March 16, 2006.
 Sets civil money penalties for
violating HIPAA rules
 Establishes procedures for
investigations and hearings for
HIPAA violations
– However deterrent effects seem to be
negligible
 Few
prosecutions for violations.
Enforcement Rule - Penalty
 General
Failure to comply
– $100 for each violation, not to exceed
$25,000 during a calendar year
 Wrongful
Disclosure
– Not more than $50,000, imprisoned not
more than 1 year or both;
 With
gain
intent to sell or get personal
– Not more than $250,000, imprisoned
not more than 10 years or both
EMTALA
 Emergency
 Medical
 Treatment
 Active
 Labor
 Act
and
EMTALA
 Passed
in 1986 as part of the
Consolidated Omnibus Budget
Reconciliation Act (COBRA).
 Requires hospitals and ambulance
services to provide care to anyone
needing emergency treatment
regardless of citizenship, legal status
or ability to pay.
EMTALA
 Contains
no reimbursement
provisions
 As a result of the act
– Patients needing emergency treatment
can be discharged only under their own
informed consent or
– When their condition requires transfer
to a hospital better equipped to
administer the treatment.
COBRA
 Consolidated
 Omnibus
 Budget
 Reconciliation
 Act
COBRA
 Mandates
an insurance program
giving (some) employees the ability
to continue health insurance
coverage after leaving employment.
 Includes amendments to the
Employee Retirement Income
Security Act of 1974 (ERISA).
COBRA
 Allows
both workers and their
immediate family members who had
been covered by a health care plan
to maintain their coverage if a
"qualifying event" causes them to
lose coverage.
COBRA – “Qualifying Events”

Loss of benefits coverage due to
– Death of the covered employee
– Reduction in hours (which can be the result of
resignation, discharge, layoff, strike or lockout,
medical leave or simply a slowdown in
business operations) that causes the worker to
lose eligibility for coverage
– Divorce, which normally terminates the exspouse's eligibility for benefits
– Dependent child reaching the age at which he
or she is no longer covered.
COBRA

Does not require the employer to pay for the cost
of providing continuation coverage
– Allows employees and their dependents to maintain
coverage at their own expense by paying the full cost of
the premium the employer previously paid, plus a 2%
administrative charge.

Can also opt for a lesser form of coverage
– Continuation coverage under a plan that only covers the
employee, but not his or her dependents.
– Only provides medical and hospitalization coverage and
does not pay for dental work.

Employees and dependents lose coverage if they
fail to make timely payments of premiums.
ERISA
 Employee
 Retirement
 Income
 Security
 Act
ERISA
Statute which sets minimum standards for
pension plans in private industry
 Provides for extensive rules on Federal
income tax effects of dealings in
connection with various employee benefit
plans.
 Enacted to protect interstate commerce
and the interests of participants in
employee benefit plans and their
beneficiaries
 Interpretation and enforcement of ERISA

– US Department of Labor
– Internal Revenue Service.
ERISA
Requires pension plans to provide for
vesting of employees' pension rights after
a specified minimum number of years and
to meet certain funding requirements.
 Establishes the Pension Benefit Guaranty
Corporation (PBGC),

– Provide some minimal benefits coverage in the
event that a plan does not, on termination,
have sufficient assets to provide all the
benefits employees and retirees have earned.
ERISA

Does not require employers to establish
pension plans
– Only applies to those plans that an employer
has established.
– Regulates the manner in which an employee
can obtain vested rights to a pension if plan
exists
– Regulates the manner in which pension
benefits can be reduced because of events
such as early retirement or return to work in
the industry after retirement.
ERISA

Amendments
– COBRA
 Provides
some workers and their families with the
right to continue their health coverage for a limited
time after certain events
– HIPAA
 Allows
employees to obtain continued coverage for
preexisting medical conditions in some circumstances
when they move from one plan to another
 Prohibits some forms of discrimination in health
coverage based on factors that relate to an
individual's health
 Requires stringent privacy protections for certain
types of health information.
FMLA
FMLA
 Family
 Medical
 Leave
 Act
FMLA
 Public
Law 103-3
 Enacted February 5, 1993
 United States labor law allowing an
employee to take unpaid leave due
to illness or to care for a sick family
member.
– Recognizes the growing needs of
balancing family and work obligations
and promises numerous protections to
workers.
FMLA

Twelve (12) workweeks of leave per twelve (12)
months for various reasons
–
–
–
–

Caring for a newborn child
Handling adoption or foster care placement issues
Caring for a sick child, spouse or parent
Being physically unable to perform one's job
Restoration to the same position upon return to
work.
– If the same position is unavailable, the employer
must provide the worker with a position that is
substantially equal in pay, benefits, and
responsibility.
FMLA
– Protection of employee benefits even
while on leave.

An employee is entitled to reinstatement to
all benefits that the employee was receiving
before going on leave.
– Protection of the employee to not have
their rights under the Act interfered with
or denied by an employer.
– Protection of the employee from
retaliation by an employer for exercising
rights.
FMLA
 The
leave guaranteed is
– Unpaid
– Available to those working for
employers with 50 or more employees
within a 75 mile radius.
– An employee must have worked for the
company at least 12 months and 1,250
hours in those 12 months.
JCAHO
JCAHO
 Joint
 Commission
on
 Accreditation
 Healthcare
 Organizations
of
JCAHO






The Joint Commission evaluates and accredits nearly
15,000 health care organizations and programs in the
United States.
An independent, not-for-profit organization
Nation’s predominant standards-setting and accrediting
body in health care.
Standards focus on improving the quality and safety of care
provided by health care organizations.
Accreditation process evaluates an organization’s
compliance with these standards and other accreditation
requirements.
To earn and maintain the Joint Commission’s Gold Seal of
Approval™, an organization must undergo an on-site
survey by a Joint Commission survey team at least every
three years. (Laboratories must be surveyed every two
years.)
JCAHO - Mission
 To
continuously improve the safety
and quality of care provided to the
public through the provision of health
care accreditation and related
services that support performance
improvement in health care
organizations.
JCAHO – National Patient Safety
Goals
 Purpose
- promote specific
improvements in patient safety
 Highlight problematic areas in health
care and describe evidence-based
solutions
 Goals focus on system-wide solutions
wherever possible
JCAHO – National Patient Safety
Goals

Patient goals for 2007 for example…
– Improve accuracy of patient identification
– Improve effectiveness of communication
among caregivers
– Improve safety of using medications
– Reduce risk of health care associated infections
– Accurately and completely reconcile
medications across the continuum of care to
prevent medication errors
JCAHO – National Patient Safety
Goals

2007 goals, cont.
– Reduce the risk of patient harm resulting from
falls
– Reduce the risk of influenza and pneumococcal
disease in institutionalized older adults
– Reduce the risk of surgical fires
– Encourage patients’ active involvement in their
own care as a patient safety strategy
– Prevent health care-associated pressure ulcers
TORT
TORT

Legal term that means civil wrong
– vs. a criminal wrong.
Unlike obligations created through a
contract, the duties imposed under tort
law are mandatory for all citizens in that
jurisdiction.
 Somebody behaves 'tortuously' when they
harm other peoples' bodies, property or
legal rights or breach a duty owed under
statutory law.

TORT

Dominant action is negligence
– Used to protect people's bodies and property,
including non tangible economic interests.

Certain torts that specially protect land
– Nuisance
 Strict
liability for neighbors who interfere with
another's enjoyment of their property.
– Trespass
 Allows
owners to sue for intentional incursions by
people on their land.

False imprisonment
TORT
– Defamation
 Someone
makes an unsupportable factual
allegation to damage the reputation of
another.
– Slander
– Liable
– Statutory torts
 Create
product liability
 Sanctions against anti-competitive
companies.
TORT - Negligence
 The
four elements of negligence are:
– Duty of care
– Breach of that duty
– Breach causing harm in fact
– Breach also causing harm in law
TORT – Tort Reform


Term is used by its advocates to describe a
change in United States civil law system that
they believe will improve its efficiency or reduce
litigation's adverse effects on the economy.
The phrase "tort reform"
– Might imply any change in tort law or procedure
– The commonly understood use in political and academic
arenas describes a movement to limit tort litigation and
damages.
– Term is also commonly applied to a political movement
that advocates several such changes.

Tort reform is a controversial subject and
continues to be one of the most debated policy
issues in recent times
“Alphabet Soup”
 Nitty
–
–
–
–
–
–
–
Gritty for the boards
HIPAA – Security and Privacy
EMTALA – Dumping
COBRA – Insurance portability
ERISA – Pension plans
FMLA – Unpaid leave with job guarantee
TORT – Civil wrong
Vicarious Liability/Respondeat Superior –
“captain of the ship”
– Res ipsa loquitur – it speaks for itself