Key Takeaways in Recent HIPAA Settlements

Over the past several months, a steady stream of security breaches, coupled with a number of settlements recently announced by the U.S. Department of Health and Human Services – Office for Civil Rights (“OCR”), have put healthcare providers on high alert.  Several OCR decisions, including a $5.5 million settlement with Memorial Healthcare System last month—have highlighted the legal implications of security breaches in the wake of a record-setting year of hackers targeting the healthcare industry. The costs associated with a breach will likely far exceed any settlement with OCR because the significant majority of corrective action plans require providers to hire independent, third-party investigators to assess HIPAA compliance.

In reviewing some of the more significant settlements during the past several months, four (4) distinct themes seem to be evolving regarding the nature and scope of these breaches, which ca be summarized as follows:

  • business associate agreements between providers (as covered entities) and vendors (as business associates) are an important target for OCR enforcement actions;
  • failure to conduct or implement the findings from a risk assessment required by HIPAA can lead to significant fines and penalties over and above standard amounts of $1.5 million;
  • “cloud service” providers are liable for failing to protect PHI; and
  • OCR will take an organization’s failure to report a breach very seriously.


The healthcare industry has received substantial criticism over the past year for cybersecurity failures.  Therefore, it is critical for security concerns to be handled on a timely basis at the executive level and with the full involvement of the organization’s board.

Continue Reading

Pennsylvania Department of Health to Issue Medical Marijuana Permits in June 2017

On March 31, 2017, Dr. Karen Murphy, Secretary of the Pennsylvania Department of Health (the “Department”) announced an important new development in the implementation of the Pennsylvania Medical Marijuana Act (the “MMA”).  Secretary Murphy stated that the Department will, in the very near term, begin the application review process for growers/processors and dispensaries, the key business entities in the production and sale of medical marijuana under the MMA.  She also stated that the Department anticipates being able to release information about who applied, and for which region or county, after the permits are issued in late June 2017.

The Department will issue permits to no more than 25 grower/processors, which are entities that are permitted under the MMA to grow and possess medical marijuana. The Department will also issue no more than fifty (50) permits for dispensaries, which are entities that are permitted to dispense medical marijuana to qualified patients and caregivers, and no more than five (5) dispensary permits to any one person or entity.  All permits are valid for one (1) year.  All applicants will be subject to criminal background checks.

Continue Reading

Health-Related Highlights of Trump Budget Proposal

President Trump recently submitted his first formal budget proposal to Congress.  It is viewed by many to be one of the most ambitious ever proposed, and seeks to “redefine the proper role” of the federal government by dramatically reducing its involvement in many domestic areas, including health spending.  while boosting investments in security and defense.  This post focuses on the health-related highlights of this budget proposal (the “Proposal”):

  • Under the Proposal, the annual budget of the Department of Health and Human Services (“HHS”) would be reduced by more than $15 billion (or 17.9 percent) in 2018.  The Proposal seeks to increase funding for fraud and abuse detection by $70 million, and the Substance Abuse and Mental Health Services Administration would get $500 million to expand opioid addiction treatment efforts.
  • The most significant decrease in spending is directed toward the National Institutes of Health (“NIH”), which would see a $5.8 billion (or 18.3 percent) reduction in funding, bringing NIH’s annual budget to $25.9 billion. The proposal includes a major reorganization of NIH’s institutes and centers, including the closure of the Fogarty International Center, which focuses on global health research and the consolidation of the Agency for Healthcare Quality and Research.
  • The Proposal also looks to cut $4.2 billion by eliminating two programs under the Office of Community Services that help low-income families heat their homes in the winter. The Proposal indicated that the Low Income Home Energy Assistance Program is “unable to demonstrate strong performance outcomes” and the Community Services Block Grant “funds services that are duplicative of other Federal programs.”
  • The Proposal would also double medical product user fees for companies applying for FDA approval and eliminate more than $400 million in funding for dedicated professional training programs for healthcare workers.


In summary, it is certain that the Proposal will face some degree of resistance from federal lawmakers.  When reviewing the Proposal, it is important to keep in mind that any such budget proposal is a starting point and, as with any new president, is a direct reflection of the administration’s priorities and something of a wish list.

Continue Reading

Key Features Of Clinically Integrated Networks Versus Accountable Care Organizations

As health systems develop and implement strategies around clinical care redesign and health care reform, industry participants often ask how clinically integrated networks (“CINs”) relate and compare to accountable care organizations (“ACOs”). While unquestionably linked, each of these concepts has its own unique definition and purpose. The following table presents a summary comparison of key operating features and characteristics of CINs and ACOs.


CIN – A network of independent medical practices and physicians who collectively commit to quality and cost improvement. Physicians in the CIN may collectively negotiate third party payer contracts under a “safe harbor” from federal antitrust law relating to joint contracting being “reasonably necessary” to support investment (of both time and resources) in performance improvement and ensure cross-referrals among participating providers.

ACO – A group of different provider types across the care delivery spectrum – potentially including medical practices, physicians, hospitals/health systems and other non-acute care facilities – that are compensated based on their collective responsibility for the total cost and quality of care provided to a given patient population over a defined time period.



CIN – Focus of care management and care improvement for medical practices/physicians across specialties; often a foundational element toward the formation of an ACO..

ACO – Focus on care management and improvement for an entire patient population, across the continuum of care delivery for that population. Physician integration is an integral part of any ACO.



CIN – Free, non-risk bearing contracts that provide networks with the option to negotiate an ACO contract with a local payer with risk for the local population if it so chooses.

ACO – Variable and dependent on the ACO contract terms. An ACO is taking on a contract and can be set up in different ways. Some ACOs have no downside risk to providers whereas other providers could be asked to participate in risk.



CIN – Significant capital requirements from an individual physician perspective ((e.g., $10,000 per physician in start-up costs, $2,500 in annual operating costs).

ACO – ACOs typically require significant investments in reporting and care management infrastructure. Estimates for viable ACO start-ups range from $11.6 million to $26.1 million, depending on the size of the sponsoring health system.



CIN – At this early stage, have little or no opportunity to require participating physicians to contract exclusively through the CIN.

ACO – Typically structured with varying degrees of exclusivity from a contracting standpoint, depending on the market power of the sponsoring health system and the overall competitive environment.



CIN – In CIN arrangements, there is usually only an “upside” based on achievement of performance incentives. More evolved CINs often participate in contracts through an ACO, which gives rise to greater levels of financial risk.

ACO – ACOs are capable of assuming financial risk for defined populations under contract. As such, there is greater “upside” potential, but there is also downside risk for poor performance in managing population health.



CIN – In CIN arrangements, most incentives are based on quality and outcome-based factors, to be agreed upon in the payer contracts.

ACO – ACO members (i.e., medical practices, physicians, hospitals/health systems and other non-acute care facilities) are given quality, outcome and cost-based incentives.



CIN – Performance expectations are well-documented in CIN arrangements, and clear action steps for addressing underperformance are an integral part thereof.

ACO – Performance expectations are well-documented in ACO arrangements, and clear action steps for addressing underperformance are an integral part thereof.



CIN – Requires significant personnel commitments to deal with various operational requirements (e.g., training, case management, technology maintenance and payer contracting).

ACO – ACOs generally require far more significant personnel commitments for these same areas, as compared to CINs.



CIN – Processes to collect patient data from various sources (including claim submissions) are an integral part of CIN infrastructure requirements..

ACO – An IT infrastructure that facilitates exchange of patient information across all ACO members is essential. Therefore, technology investment in these initiatives is very significant.



Continue Reading

Implications of Trump’s ACA Executive Order

On January 27, 2017, President Trump signed his first executive order relating to the Affordable Care Act (the “Act”).  The executive order directs the Secretary of the Department of Health and Human Services and all government agencies to “…exercise all authority and discretion available to them to waive, defer, grant exceptions from or delay the implementation of any provision or requirement of the act that would impose a fiscal burden on any state or a cost, fee, tax, penalty or regulatory burden on individuals, families, healthcare providers, health insurers, patients, recipients of healthcare insurance, purchasers of health insurance, or makers of medical devices, products or medications.” The executive order’s stated purpose is “…to minimize the unwarranted economic and regulatory burdens of the Act, and prepare to allow the states more flexibility and control to create a more free and open healthcare market.”

Trump’s executive order is a clear message that he plans to repeal and replace the Act.  Dismantling unpopular provisions of the Act will be easy compared with the difficult task of symbolically unwinding the federal law, while preserving the key aspects that have enormous economic and political consequences, certain of which are discussed below.

Preexisting Conditions

In the recent past, Trump has stated that he would seek to maintain the “pre-existing condition” requirement that prohibits payers from excluding individuals with existing illnesses or conditions.  Republican plans for repealing the Act also maintain this protection of insureds with pre-existing conditions.

Desire of Insurance Companies to Underwrite Coverage in Exchanges

While the health insurance industry is predicted to remain fairly stable through early 2018, the potential loss of subsidies to both beneficiaries and payors could cause them to abandon the individual marketplaces altogether. The prospect of a lesser number of participants in the individual marketplaces would likely defeat the often-cited GOP policy proposal of enhancing competition among health insurers by permitting the sale of insurance across state lines.

Individual and Employer Mandate(s)

A key element of the Act requires most individuals and employers with more than 50 full-time employees to obtain “minimum essential healthcare coverage” or become subject to a penalty tax. The controversy surrounding these mandates have caused some individuals and small businesses to accept the penalty because it is less costly than the cost of coverage. This executive order permits individuals and small employers to be exempted from this provision. It is feared, however, that the relaxation of the individual and employer mandates will cause a significant increase in the number of uninsureds, which will force healthcare providers to continue shifting costs to insured populations. Payors expect that the relaxation of these mandates will likely cause healthier (i.e., younger) individuals to opt not to purchase insurance, thus making it more expensive to insure those who require insurance (i.e., the aged and those who have pre-existing conditions).  This result is expected to increase the cost of health insurance across the board.

Medicaid Expansion by States

Conservative states face the difficult choice between their general opposition to federal control versus the availability of significant federal subsidies for Medicaid program expansion . Many Medicaid programs are poorly administered, demonstrate cost overruns and result in significant state deficits.  Though certain states have developed successful Medicaid programs, it is expected that a number of states will simply abandon Medicaid expansion.


It will be important for the new administration to build on the valuable lessons learned under Obamacare, rather than just dismantling the Act in its entirety.


Continue Reading

Telemedicine in Primary Care

Primary care physician groups, especially those employed through health systems, are increasingly using mid-level practitioners (i.e., nurse practitioners, physician assistants) to visit patients “virtually” through the use of telemedicine technologies. This combination of clinical and technological resources is being directed toward patients who have difficulty getting to the doctor’s office, such as those in nursing homes and assisted living facilities, and is expanding access to care by eliminating the need for a patient to come into the doctor’s office.

Some primary care practices are using NPs and PAs to monitor patients with chronic conditions, such as diabetes, hypertension and asthma. Telemedicine visits also help reach patients who would not otherwise visit their primary care providers, allowing doctors to keep tabs on their sickest patients by having NPs or PAs do weekly check-ins, and can keep patients out of the hospital if problems are caught early.

Physicians thinking of employing NPs or PAs to conduct telemedicine visits should know the rules, regulations and restrictions for telemedicine in their state. Of course, physicians also need to understand how such services will be reimbursed by third party payors. At this time, twenty-nine (29) states and the District of Columbia have laws that provide third party reimbursement for telemedicine services. Rules and regulations regarding the use of mid-level practitioners vary on a state by state basis. Certain states have relaxed their “scope of practice” laws to allow NP’s and PA’s to care for patients independently from physicians.

Although telemedicine offers numerous potential benefits, the delivery of health care via telecommunication technology presents health care providers and organizations with unique risks and challenges. Some of the main areas of concern include the following: fears of a breakdown in the relationship between health professional and patient (for example, inability to perform the whole consultation); problems with the quality of health information (for example, lack of access to a patient’s full medical record); and organizational complications (for example, problems with infrastructure planning and development). In addition, malpractice liability concerns have also been exacerbated by the move toward more telemedicine-based services, due to issues regarding location of service and determining jurisdiction. State legislators are actively seeking solutions to these challenges, because the provision of healthcare services using telemedicine is widely viewed as having a pivotal role in the health care delivery system in the future.

Continue Reading

Small and Rural Medical Practices Not Prepared for MACRA, According to GAO

A recent Government Accountability Office (GAO) report highlights that small and rural physician practices face significant problems with the implementation of Medicare’s value-based payment models under the Medicare Access and CHIP Reauthorization Act of 2015 (MACRA). Value-based payment models require physicians to take steps toward using electronic health record (EHR) systems to better track and monitor quality of patient care. The GAO review found that small physician practices (defined as having fifteen (15) or fewer physicians) and rural physician practices (defined as those located outside of an urban area) are less prepared for this transition than their large, urban counterparts.

The GAO report focused on five (5) areas that will likely prove challenging to these small and rural practices:

Financial Resources and Risk Management. GAO posits that many small and rural practices lack the finances to make investments in EHR systems, particularly when such investments are not likely to yield significant returns for several years.

Health IT and Data. To be successful under value-based payment models, physician practices will need to hire and train professional staff and develop experience EHR systems and analyzing data.

Population Health Management Care Delivery. Population health management in rural areas can be more complex, particularly when patients are required to travel long distances to receive care.

Quality and Efficiency Performance Measurement and Reporting. Practices with relatively few patients may find that proper measurement of quality and efficiency can be easily distorted by patients with multiple morbidities, requiring greater levels of care.

Effects of Model Participation and Managing Compliance with Requirements. Small physician practices typically operate with leaner staffing levels, which could create difficulty in balancing and finding time for direct patient care, care management activities and additional administrative duties associated with value-based payment models.


Despite these challenges, and the fact that the political climate is uncertain, industry observers believe that MACRA is not going away, as it has significant bipartisan support. As such, medical practices are well-advised to continue to prepare for the new MACRA payment system, which the Centers for Medicare and Medicaid Services will implement in 2017.

Continue Reading

House Files Motion to Delay Affordable Care Act Lawsuit in Light of New Trump Presidency

On November 21, 2016, the U.S. House of Representatives filed a motion with the D.C. Court of Appeals requesting a temporary hold on briefing in U.S. House of Representatives v. Burwell as a result of Donald Trump’s election earlier that month.  The case is currently on appeal by President Obama’s administration after the District Court found that the appropriation of funds to pay cost-sharing subsidies to health insurers under Section 1402 of the Affordable Care Act did not receive Congressional approval and that it was unlawful for the Government to pay subsidies under such circumstances.

The House asked the D.C. Court of Appeals to grant a temporary stay of the briefing schedule until February 21, 2017, at which point the House proposed that the parties would file a joint status update on the matter, which would specify either (i) that the parties were considering settlement or dismissal of the case, or (ii) a new briefing schedule.  The House argued that a temporary stay of the briefing schedule would provide President-Elect Trump and his administration time to decide on continuing the prosecution of the case or to otherwise resolve the appeal.  The House motion also requested, as an alternative, a 45-day extension of the briefing schedule if the Court of Appeals did not grant the temporary hold on briefing until February 21.

In response, the Obama administration filed a motion to continue the briefing schedule uninterrupted, stating that the House identified “no harm to completing the briefing schedule to which the parties agreed” and positing that the issues under appeal are not changed by the election outcome.  The House’s brief is currently due on December 23, 2016, with the reply due on January 19, 2017.

Continue Reading


Telemedicine is “the use of technology to deliver health care, health information or health education at a distance.” It increases contact between patients and health care providers, generally without requiring the physical contact of in-person physician visits. Within telemedicine, there are three (3) main types of services: store-and-forward (also known as asynchronous communication), real-time video (synchronous conversation), and remote patient monitoring. Telemedicine has the potential to resolve a number of issues in the US health care system. Most importantly, telemedicine can improve access to health care in populations that are underserved. Telemedicine allows patients to access care through real-time appointments and specialist consultations and to reduce the amount of time and resources rural patients spend to access some health care resources. Additionally, some estimate that the combination of store-and-forward, real-time communication, and remote patient monitoring usage in emergency departments, prisons, nursing home facilities, and physician offices could save the United States $4.3 billion on health care spending per year. In particular, remote monitoring services allow patients to take greater control of and interest in their personal health, manage their health and chronic disease, and receive more monitoring and feedback from health care providers. Telemedicine is believed to have the potential to level inequity in care and access across socioeconomic and cultural levels and to improve the efficiency, coordination, and integration of health care systems. Finally, some argue that telemedicine has the potential to create more patient-centered care while reducing costs by promoting and improving patient-centered services; patient-provider communications; patient self-management with provider feedback; health literacy; medication management; provider-provider consultants; and changes in health and lifestyle behavior.

Although telemedicine has a wide range of potential benefits, the delivery of health care via telecommunication technology presents health care providers and organizations with unique risks and challenges. Some of the main areas of concern include the following: fears of a breakdown in the relationship between health professional and patient (for example, inability to perform the whole consultation); problems with the quality of health information (for example, lack of access to a patient’s full medical record); and organizational complications (for example, problems with infrastructure planning and development). Moreover, the United States still faces considerable hurdles in implementation of telemedicine, including variations in state coverage, lack of uniformity in parity laws, variations in physician licensure requirements, and unresolved questions around patient privacy and reimbursement. Malpractice liability concerns have also been exacerbated by the move toward more telemedicine-based services. For example, liability policies generally specify that coverage is only available for a claim that occurs in a specific jurisdiction. A telemedicine physician sued in a state other than the jurisdiction in which he or she is covered might find that no coverage is available to either defend the claim or pay indemnity if there is an adverse judgment. As long as these concerns persist, they threaten to impede implementation and development of telemedicine services and reduce incentives for developing and using them to deliver care.

With telemedicine technologies, providers can deliver high-quality care at a lower cost, a critical imperative in the accelerating era of value-based payment. On balance, the benefits of telemedicine are substantial, assuming that more efforts will reduce or address the risks and challenges. As the United States moves from uncoordinated, volume-based delivery of health services to an integrated, patient-centric, value-based model, health care delivery will increasingly focus on achieving higher-quality care, improved care access, and lower costs. In enabling health care organizations to provide high-quality, “anytime, anywhere” care to patients and operate more cost effectively, telemedicine programs can play an important role in achieving these goals.

Continue Reading

Trump Effect on Healthcare Reform

While the country is still reeling from Republican Donald Trump’s surprise election victory last week, it is important that we now look back at what he said during the campaign, to attempt to figure out what his presidency will mean for healthcare reform. Although no one has a complete picture of what the healthcare industry will look like under the Trump administration in 2017, it is clear that healthcare providers must prepare for changes ahead in the Affordable Care Act, price transparency, their continued participation in Medicare accountable care organizations and Medicaid expansion at the state level.

Trump’s focus in the early days of his presidency, from a healthcare standpoint will, undoubtedly, involve the Affordable Care Act (“ACA”). But, despite his campaign rhetoric about dismantling the healthcare reform law, it does not mean that he can repeal the law, in its entirety. First of all, even though the word, “repeal”, had some weight during the campaign, the ACA is a 2,000 plus page piece of legislation, and not everything can be repealed, from a practical standpoint. Indeed, neither the Republican Party or Trump would want to see millions of people suddenly become uninsured. The Trump administration will grapple with developing and implementing a transition that keeps people insured while moving toward more affordable health plans. It is reasonable to assume that there will be no repeal without an alternative in place that minimizes disruption of the overall market. It is likely, however, that, in his early days in office, Trump will withdraw the appeals of certain components of the law that are currently caught up in litigation, including the appeal to cost-sharing subsidies, and causing the Department of Health and Human Services direct reinsurance payments back to the Treasury Department. In recent days, he has spoken of allowing two (2) key provisions under the ACA: (1) the continued ban on insurer’s denying coverage for pre-existing conditions; and (2) allowing young adults to stay on their parents’ insurance plans.

It is expected that Trump will also pursue his want of complete price transparency for all healthcare providers so that consumers can shop for the best price for procedures and examinations. Trump is a business man at heart, who believes in a free market, where businesses can practice in a less government-mandated environment, and price transparency will create a more “free market” based system..

Less clear, under the Trump administration, is what will become of some of the CMS pilot programs, such as the accountable care organizations under the Medicare Shared Savings Programs that were endorsed by the Obama administration. Trump is expected to take a close look at those programs to determine whether they are saving money as promised. In addition, it is also not clear what Trump will do regarding those states that have yet to expand Medicaid. During his campaign, Trump talked about moving people off Medicaid and to other forms of private insurance once we have a more predictable economy and the job creation across the country has progressed.

Continue Reading

Attorney George W. Bodenger


  • Member, American Bar Association, Health Law Section
  • Member, American Health Lawyers Association
  • Member, American Health Lawyers Association Accountable Care Organization Task Force.


  • J.D., Temple University James E. Beasley School of Law
  • M.B.A., Drexel University, summa cum laude
  • B.S., Pennsylvania State University

Bar Admission(s)

  • Pennsylvania
  • New Jersey


June 2017
« Apr