Health Law Advisor

On April 8, 2021, the U.S. Department of Justice (“DOJ”) announced the first charges brought in connection with alleged fraud on the Accelerated and Advance Payment Program, administered by the Centers for Medicare & Medicaid Services (“CMS”).[1]  According to the indictment, Francis Joseph, M.D., a Colorado physician, has been charged with misappropriating nearly $300,000 from three different COVID-19 relief programs: the Accelerated and Advance Payment Program, the Provider Relief Fund, and the Paycheck Protection Program.[2]

Accelerated and Advance Payment Program

The Accelerated and Advance Payment Program is intended to provide emergency funds by way of expedited payments to health care providers and suppliers when there is a disruption in claims submission or claims processing.  While CMS has historically utilized this program to provide targeted relief in response to national emergencies or natural disasters affecting certain portions of the country, the program was expanded in March 2020 to apply to a broader group of Medicare Part A providers and Part B suppliers nationwide due to the financial impact of COVID-19.[3]

According to the indictment, Dr. Joseph allegedly submitted an Advance Payment Request Form for a medical practice of which he had relinquished control, and then transferred approximately $92,000 from the medical practice’s operating account to a personal bank account (approximately $87,000 of that amount was paid by the Medicare Administrative Contractor as an advance payment the previous day).

Provider Relief Fund

The Provider Relief Fund is a $178 billion measure appropriated under the Coronavirus Aid, Relief, and Economic Security (“CARES”) Act that offers aid to providers who were financially impacted by COVID-19 and treatment and other assistance to individuals suffering from COVID-19.

The indictment marks the second time that DOJ has brought charges related to misuse of Provider Relief Fund distributions (DOJ announced the first charges in February 2021 against a home health provider).  According to the indictment, Dr. Joseph’s former medical practice met the criteria for a Provider Relief Fund distribution of $31,782, but Dr. Joseph allegedly transferred those funds from the medical practice’s operating account to a personal bank account.

Cyber threats and cybersecurity controls have evolved significantly over the past two decades since the HIPAA Security Rule were originally promulgated. During this same time, healthcare entities have increasingly become a prime target of hackers seeking to extort payment using ransomware, exfiltrate patient data to commit fraud, or disrupt operations in other nefarious ways.  Recognizing these challenges, some security professionals have sought further clarity on the HIPAA Security Rule that they deem to be “long in the tooth”. Yet, regulators have not made any ...

In this episode of the Diagnosing Health Care Podcast:  Since the start of the COVID-19 pandemic, many jurisdictions have enacted protections from COVID-19-related liability claims through legislation and executive orders. These liability shields, however, may give health care businesses a false sense of security and offer little protection when it comes to employment claims.

Epstein Becker Green attorneys Denise Merna Dadika, Gregory Keating, and Elena Quattrone discuss the unintended liability consequences health care employers must consider as they ...

In this episode of the Diagnosing Health Care Podcast: Since the start of the COVID-19 pandemic, many jurisdictions have enacted protections from COVID-19-related liability claims through legislation and executive orders. These liability shields, however, may give health care businesses a false sense of security and offer little protection when it comes to employment claims.

Epstein Becker Green attorneys Denise Merna Dadika, Gregory Keating, and Elena Quattrone discuss the unintended liability consequences health care employers must consider as they ...

On April 19, 2021, the Office of Inspector General’s (OIG) Office of Audit Services (OAS) released the results of an audit conducted on the accuracy of diagnosis codes submitted to CMS by Humana, Inc. for 2015 dates of service. Based on the audit results, the OIG recommended Humana return a whopping $197.7 million in alleged overpayments and enhance its policies and procedures to prevent, detect and correct noncompliance with Federal requirements for diagnosis codes that are used to calculate risk-adjusted payments.

Under the Medicare Advantage (MA) program, the Centers for ...

On April 29, 2021, the Federal Communications Commission (FCC) will begin accepting applications for the second round of its COVID-19 Telehealth Program (the “Program”). However, the application filing window will only be open for a very short seven day period and will close on May 6, 2021. To give all applicants an equal opportunity to have their applications reviewed, the FCC announced that all applications filed during this period will be reviewed once the application filing window has closed.

Initially, in March 2020, Congress appropriated $200 million for the first round of the COVID-19 Telehealth Program funding under the CARES Act. An additional $249.95 million was provided to the FCC in December 2020, under the Consolidated Appropriations Act (CAA), to helping address inequities in access to health care service. The COVID-19 Telehealth Program was designed to help health care providers purchase telecommunications equipment, broadband connectivity, and other devices necessary for providing telehealth services to rural, low-income and underserved populations.

The Program is limited to nonprofit and public health care providers (47 U.S.C. § 254(h)(7)(B)) that fall within the following categories:

1. Post-secondary educational institutions offering health care instruction, teaching hospitals, and medical schools;
2. Community health centers or health centers providing health care to migrants;
3. Local health departments or agencies;
4. Community mental health centers;
5. Not-for-profit hospitals;
6. Rural health clinics;
7. Skilled nursing facilities; or
8. Consortia of health care providers consisting of one or more entities falling into one of the first seven categories.

Our colleagues Brian Cesaratto and Alexander Franchilli of Epstein Becker Green have a new post on Workforce Bulletin that will be of interest to our readers: “NAME:WRECK” Cybersecurity Vulnerability Highlights Importance of Newly Issued IoT Act".

The following is an excerpt:

A recently discovered security vulnerability potentially affecting at least 100 million Internet of Things (“IoT”) devices[1] highlights the importance of the newly enacted IoT Cybersecurity Improvement Act of 2020 (the “IoT Act”). Researchers at the security firms Forescout ...

On April 13, 2021, a New York-based chiropractor, was sentenced to nine years in prison, and ordered to pay close to $20 million, for running what the federal government alleged was a large scale scheme to defraud Medicare and other third party insurers.[1]   The sentencing stems from a case originally filed under seal on August 29, 2018, in which the U.S. Attorney’s Office for the Southern District of New York alleged that two New York chiropractors – James and Jeffery Spina – improperly owned and controlled multiple medical practices and engaged in submission of fraudulent health care claims from 2011 until September 2017.

On March 26, 2021, the U.S. Department of Justice (“DOJ”) reported on the agency’s heightened criminal and civil enforcement activities in connection with COVID-19-related fraud.[1]  As of that date, DOJ had publicly charged 474 defendants with criminal offenses in connection with COVID-19-related schemes across 56 federal districts to recover more than $569 million in U.S. government funds.

The Coronavirus Aid, Relief, and Economic Security (“CARES”) Act is a federal law, enacted on March 29, 2020, designed to provide emergency financial assistance to the millions of Americans who are suffering the economic effects caused by the COVID-19 pandemic.  The CARES Act provides relief through a number of different programs, including the Paycheck Protection Program (“PPP”), Economic Injury Disaster Loans (“EIDL”), the Provider Relief Fund, and Unemployment Insurance (“UI”).[2]  With the promulgation of these programs, DOJ has ramped up efforts in identifying and investigating fraud to protect the integrity of the $2.2 trillion in taxpayer funds appropriated under the CARES Act.

Criminal Enforcement Activities

The majority of fraud cases brought by DOJ have originated in the Criminal Division’s Fraud Section, accounting for at least 120 defendants charged with PPP fraud.[3]  The PPP allows qualifying small businesses and other organizations to receive loans with a maturity of two years and an interest rate of 1 percent.  PPP loan proceeds must be used by businesses for payroll costs, interest on mortgages, rent, and utilities.  Most of these defendants are facing charges for allegedly misappropriating loan payments for prohibited purposes, such as luxury purchases, while another significant portion are charged in connection with allegedly inflating payroll expenses in order to obtain larger PPP loans.[4]

DOJ also announced that it has seized over $580 million in fraudulent application proceeds in connection with the EIDL program, which is designed to provide loans to small businesses and agricultural and nonprofit entities.  DOJ’s primary concerns with respect to this program have related to fraudulent applications for EIDL advances and loans on behalf of shell or nonexistent businesses.

In response to a rise in UI fraud schemes, DOJ has established the National Unemployment Insurance Fraud Task Force to investigate domestic and international organized crime groups targeting unemployment funds through the use of identity theft.  Since the start of the pandemic, over 140 defendants have been publicly charged with federal offenses related to UI fraud.[5]

At the end of March, Florida joined the roster of states that have erected legal shields for health care providers against COVID-19-oriented liability claims. Concerned about uncertainty surrounding the emergency measures taken in response to COVID-19 and the effects that lawsuits could have on the economic recovery and the ability of health care providers to remain focused on serving the needs of their communities, the Florida Legislature passed CS/SB 72 on March 29, 2021.  Governor Ron DeSantis signed CS/SB 72 into law as Laws of Florida 2021-1.  This law creates two new statutory provisions - section 768.38 and section 768.381, Florida Statutes – effective on passage.

What Are the Liability Protections?

Section 768.381, Florida Statutes provides protection for health care providers regarding COVID-19-related claims, as follows:

• Complaints alleging claims subject to the law must be pled with particularity, or will be dismissed. This is a higher pleading standard than typically required for a civil complaint, and requires a greater degree of specificity.
• Plaintiffs must prove gross negligence or intentional misconduct. This is a higher standard than ordinary negligence or professional malpractice.
• Health care providers are provided with several affirmative defenses which, if proven, preclude liability. These defenses primarily relate to a provider’s substantial compliance with government-issued standards regarding COVID-19, infectious disease generally in the absence of standards specifically applicable to COVID-19 or the inability to comply with applicable standards in light of medical supply shortages.
• There is a one-year statute of limitations on COVID-19-related claims against health care providers, which is substantially shorter than that for simple and medical negligence claims. When this statute starts to run depends on whether the claim arises out of the transmission, diagnosis, or treatment of COVID-19, or from other circumstances such as a delayed or canceled procedure. Actions for COVID-19 related claims that accrued before the law’s effective date must commence within one year of the effective date.