facebook

Do I need a Business Associate Agreement?

Your healthcare entity may need to enter into a signed Business Associate Agreement with certain vendors and contractors that you have contracted with depending on the type of services that will be provided to your healthcare entity. Failure to produce a signed Business Associate Agreement could lead to fines and/or penalties by the Office for Civil Rights (“OCR”) in connection with potential HIPAA violations.

 

What is a Business Associate?

A business associate is one that creates, receives, maintains or transmits protected health information (“PHI”). Companies that only store encrypted PHI are also considered Business Associates. Subcontractors may also have to sign a Business Associate Agreement if they create, receive, maintain, or transmit PHI on behalf of a business associate.

A healthcare provider is not considered a business associate if disclosure of PHI is required for treatment. A covered entity participating in an Organized Health Care Arrangement (“OHCA”) that performs a function or activity for or on behalf of the OHCA is not a business associate if it is acting on behalf of the OHCA as a whole.

 

Business Associates Restrictions and Requirements

Business associates may use or disclose PHI only as permitted or required by the Business Associate Agreement or as required by law. Business associates will be directly liable under the HIPAA Rules and subject to civil and criminal penalties for failing to comply with the Business Associate Agreement or the HIPAA Security Rule.

If a Business Associate becomes aware of a security incident they must report it. A “security incident” includes “attempted or successful unauthorized access, use, disclosure, modification, or destruction of information or interference with system operations in an information system.”

Business Associates are governed by rules that provide specific guidance regarding the sale of patient information. For example, information can be sold for public health, treatment and payment, or for the sale of an entity. Additionally, information can be sold for research, but compensation must be reasonable and cost-based. Any information or data that is sold must be de-identified to remove any and all identifiers of the individual, relatives, employers, or household members.

 

Business Associate Agreement Requirements

The following is a list of items that must be addressed in a Business Associate Agreement:

  1. Establish the permitted and required uses and disclosures of PHI by the business associate.
  2. Provide that the business associate will not sue or further disclose the information other than as permitted or required by the contract or as required by law.
  3. Require the business associate to implement appropriate safeguards to prevent unauthorized use or disclosure of the PHI, including compliance with the Security Rule for ePHI.
  4. Require reporting to the covered entity of any improper use or disclosures including breaches.
  5. Require the business associate to make PHI available for access and amendment and require information for accounting.
  6. Require Privacy Rule compliance to the extent applicable.
  7. Require business associates to make books and records available to HHS.
  8. Require the business associate to return or destroy PHI at termination if feasible.
  9. Require the business associate to ensure that subcontractors agree to the same restrictions and conditions.
  10. Authorize termination of the contract by the covered entity if the business associate violates a material term.

 

Business Associate Agreement Regulatory Compliance

Periodically, Business Associate Agreements should be reviewed and updated as necessary to ensure that they are compliant with HIPAA and the HITECH Act or any other related laws.

OCR is responsible for auditing and only provide healthcare entities a narrow window to produce a list of its business associates. Therefore, it is critically important to maintain a list of business associates.

 

Things to consider

This is not an exhaustive list of a few things to consider when negotiating a BAA:

  1. Is this entity a Business Associate? If so, what will this BA be doing and does HIPAA allow for it?
  2. Do you want a stand alone BAA or will it be incorporated into other contracts?
  3. Has there been a discussion about indemnification and how much is required?
  4. Is a confidentiality agreement required for other information?
  5. Should we have a privacy official to design, implement and oversee privacy policy and procedure practices, including risk analysis and risk mitigation?

 

There are several other items to consider when drafting, negotiating and executing a Business Associate Agreement. If you have questions about Business Associate Agreements and how they work or whether yours incorporates the most recent legal requirements you should contact us today.

****

This post was authored by Jamaal R. Jones, Esquire  Jones Health Law, P.A. for more information contact me at (305) 877-5054; email me at JRJ@JonesHealthLaw.com, or visit our website at www.JonesHealthLaw.com.

 

It should be noted that I am not your lawyer (unless you have presently retained my services through a retainer agreement). This post is not intended as legal advice, it is purely educational and informational, and no attorney-client relationship shall result after reading it. Please consult your own attorney for legal advice. If you do not have one and would like to retain my legal services please contact me using the information listed above.

 

All of the information and references made to laws, regulations, and advisory opinions were accurate based on the law as it existed at this time, but laws are constantly evolving. Please contact me to be sure that the law which will govern your business is current. Thank you.

Healthcare Provider Marketing and Management Arrangements

Healthcare providers interested in entering into marketing or management arrangements with companies must structure these arrangements in such a way that they don’t violate any federal or Florida healthcare laws. Providers should avoid entering into any marketing and management arrangements, which gives the impression that they offered, paid, or solicited cash, or any other type of remuneration in exchange for referring patients to that provider. Failure to do so may result in an Anti-Kickback violation if the arrangement does not fit squarely within an Ant-Kickback Statute Safe Harbor.

Safe harbors that might be available to a healthcare provider, depending on the terms of the marketing or management arrangement, include, but, are not limited to the (1) referral; (2) personal services and management contract; and (3) referral arrangements for specialty services.

Providers may want to consider establishing relationships with lead generation companies for advertising purposes, rather than referral arrangements with marketing companies because they typically face less scrutiny than the latter.

Any payments made to the marketing and management companies must be for fair market value for the services that will be provided. Payments to the management and marketing companies must not fluctuate based upon the expectation or referrals or business that will be paid in whole or in party by a federal healthcare program.Percentage-based arrangements are looked at unfavorably by regulators and face significant scrutiny. Therefore, it is always safer to agree to fixed-fee or flat-fee (non-variable) compensation for management and marketing services.

Many providers believe that if they are not paying the management company directly that they are safe from potential liability. That is simply not true. Especially if the marketing or management company is also the owner of a healthcare clinic that benefits from the arrangement. These types of relationships look highly suspect. Providers must not enter into any contract with a practice management company if that management company receives any financial incentives form the referring provider for increasing outside referrals for designated healthcare services.

This informational article provides a brief overview of factors to consider prior to entering into these types of arrangements. However, there are many additional factors to consider. At Jones Health Law we careful scrutinize all potential marketing and/or marketing arrangements that our clients are contemplating. We counsel our clients on structuring the arrangement in such a way that it fits within an Ant-Kickback Statute Safe Harbor or an exception to the Stark Law (i.e. “Fair market value compensation” or “indirect compensation arrangement”). Further, we analyze whether the proposed arrangement could potentially violate any additional Health Law, business law, or agency rules. Additionally, we will help you draft a marketing and management agreements that best suits your needs.

Medicare Audit by Zone Program Integrity Contractor

If you’re reading this article it’s probably because you or your medical office has received a letter from a Zone Program Integrity Contractor (“ZPIC”) for The Centers for Medicare & Medicaid Services (“CMS”) alleging that you may have improperly billed Medicare for the provision Medicare Services to your patients.

 

What is a ZPIC?

There are seven ZPIC zones. It is possible for providers to hear from more than one ZPIC since the seven ZPICs focus on different aspects of the Medicare program. ZPIC Zone 7 includes Florida, Puerto Rico, and the U.S. Virgin Islands in its geographic scope. The Zone 7 – Zone Program Integrity Contractor was established to identify, research, and investigate cases of Medicare Program fraud relating to Parts A and B, DMEPOS, home health and hospice, and claims for dually eligible Medicare and Medicaid recipients.  Fraud may include:

  • Billing for services not rendered
  • Double-billing or over-billing
  • Soliciting, offering, or receiving a kickback or rebate for patient referrals
  • Billing non-covered or non-chargeable services as covered.

 

ZPICs responsibilities include reviewing the accuracy and justification of all services reimbursed by the program, and if necessary, take action to ensure any inappropriate Medicare payments are recovered.

Periodically ZPICs are required to conduct reviews of providers to ensure that Medicare claims have been appropriately billed. Occasionally, a ZPIC may determine based on an analysis of your claims data that you may be billing inappropriately for services. Once that determination is made, the ZPIC will begin its investigation to determine whether you have in fact billed inappropriately.

 

How does the ZPIC investigate?

ZPICs may conduct announced or unannounced on-site inspections at which time they will retrieve certain Medicare beneficiary records and other related business records. ZPICs will provide a list of affected Medicare beneficiaries and you will be required to produce documentation that supports the billed services, including, but not limited to:

  • All Medical Findings
  • Progress Notes
  • Doctor’s Orders
  • Office Notes
  • Operative Reports and Notes
  • Patient History and Physical Exam
  • Laboratory Test Results
  • Radiology Reports
  • Billing Statements
  • Superbills
  • Patient Information Sheet
  • Patient Encounter Forms
  • Patient Consent Forms
  • Advance Beneficiary Notice
  • Copy of Beneficiary Card and Photo Identification

 

During or after the on-site visit ZPICs may: (1) interview certain members of your staff; (2) perform a medical review; (3) Determine the need for administrative actions, such as payment suspensions and prepayment or auto-denial edits; (4) interview beneficiaries and/or (5) refer your case to law enforcement.

Law enforcement includes the OIG, FBI, or the U.S. Attorney’s Office. Prior to alerting law enforcement, ZPICs are required to take all other appropriate administrative actions. In some cases, law enforcement agency may not prosecution due to lack of evidence, insufficient, etc.

ZPICs will also look to determine whether the provider received prior audits or provided educational letters in the past by other CMS contractors.

Once the ZPIC has collected and analyzed enough data that has been obtained from the provider, they will determine whether the information indicates billing error or something more sinister such as Medicare fraud, waste or abuse. If ZPICs determine that no fraud has occurred then they will normally treat the matter as an overpayment and close the case. The ZPIC will then refer the matter to the Medicare Administrative Contractors (“MAC”) for further administrative action. Examples of administrative action include the following:

  • Educational letters
  • Revocation of a provider’s assignment privileges
  • Mandatory Prepayment Review or Post-payment Review
  • Suspension of Provider Payments
  • Referral to State licensing boards and other professional societies.

 

There is a significant chance that one or more of your claims will be audited in the future by a ZPIC. ZPICs have been aggressively reviewing and investigating provider and supplier medical records to identify improper billing and payments. Most providers and suppliers are identified for audit and/or investigation through an analysis of their billing practices. Our firm recommends that you consult with an experienced Healthcare Attorney if you are being audited by CMS’s Zone Program Integrity Contractors or if you have been placed on any type of corrective action. Contact us so that we can create a defense against the allegations while ensuring that you comply with the audit investigation.

Healthcare is the Next Cryptocurrency Frontier

What is Cryptocurrency?

Cryptocurrency is a virtual currency designed to work as a medium of exchange. It uses cryptography to secure and verify transactions as well as to control the creation of new units of a particular cryptocurrency. Essentially, cryptocurrencies are limited entries in a database that no one can change unless specific conditions are fulfilled. Bitcoin is the most popular cryptocurrency on the market but there are well over 1000 other “altcoins” in existence. The value of each cryptocurrency is largely speculative similar to stocks on an index. It has no intrinsic value or legal tender status and is only worth what individuals are willing to pay for it.

 

Who is going to regulate it?

There’s no hard and fast rule as to who has authority to regulate cryptocurrency, but several federal agencies have stepped up to the plate. These agencies include: (1) the Securities and Exchange Commission (“SEC”); (2) Commodity Futures Trading Commission (“CFTC”); (3) Internal Revenue Service (“IRS”); (4) Department of Treasury; (5) the Federal Reserve; and (6) States. For example, The CFTC has designated bitcoin as a commodity. The CFTC announced that fraud and manipulation involving bitcoin traded in interstate commerce and the regulation of commodity futures tied directly to bitcoin is under its authority. Treasury Secretary Steven Mnuchin stated last year that he had formed groups in the Treasury Department who were tasked with examining bitcoin “very carefully.” The SEC and CFTC held a joint-meeting stating that the two bodies would work in unison to develop a regulatory framework with varying degrees of strictness for regulations for Initial Coin Offerings (“ICO”), blockchain and other digital ledger tech. The White House has stated that they are still studying and trying to understand cryptocurrencies and are not close to the regulation stage. As the cryptocurrency market grows many will ask the SEC and other agencies for protection regulations.

Several states across the country have taken the matter into their own hands by drafting or passing legislation that aims to regulate how blockchain and cryptocurrency can be used. Organizations like the National Conference of Commissioners on Uniform State Laws are taking steps to create a model act that provides for the regulation of cryptocurrency businesses at the state level.

 

Why should it be regulated?

Cryptocurrencies operate largely outside of the traditional financial system, which increases the likelihood of money laundering, tax evasion, and fraud.

 

How is it Regulated?

The IRS says that cryptocurrencies like bitcoin must be treated as property for tax purposes. The result is that capital gain or loss should be recorded as if it were an exchange involving property. It should be treated like inventory if it is held for resale. The IRS stated that if the cryptocurrency is used as payment, it should be treated like currency but must be converted, and its fair market value checked on an exchange.

Many states have not passed laws designed to significantly regulate or provide guidance on how to use cryptocurrency. A few states have tried to define cryptocurrency as a form of legal tender subjecting it to the same rules and requirements as traditional money. These states have attempted to accomplish this through amendments to existing definitions of money to include or exclude digital currency, and other states have provided opinion letters or some other form of guidance.

In June 2017, Governor Rick Scott signed House Bill 1379, which expands the Florida Money Laundering Act to expressly prohibit the laundering of cryptocurrency. The new law defines cryptocurrency or virtual currency as “a medium of exchange in electronic or digital format that is not a coin or currency of the United States or any other Country.” This bill took effect on July 1, 2017.

The IRS has stated that in some environments, cryptocurrency operates like “real” currency, but it does not have legal tender status in any jurisdiction. Therefore, cryptocurrency must be treated as property for U.S. federal tax purposes. In other words, general tax principles that apply to property transactions apply to transactions using cryptocurrency. This means that:

  • Wages paid to employees using virtual currency are taxable to the employee, must be reported by an employer on a Form W-2, and are subject to federal income tax withholding and payroll taxes.
  • Payments using virtual currency made to independent contractors and other service providers are taxable and self-employment tax rules generally apply.  Normally, payers must issue Form 1099.
  • The character of gain or loss from the sale or exchange of virtual currency depends on whether the virtual currency is a capital asset in the hands of the taxpayer.
  • A payment made using virtual currency is subject to information reporting to the same extent as any other payment made in property.

 

Benefits of Cryptocurrency

Healthcare providers can save money by using blockchain technology and cryptocurrency. Providers can reduce or eliminate banking fees since cryptocurrency bypasses the middleman, which in this case is the banking institution. The money saved can be significant and might be used to purchase new equipment, remodel the office, or stored in the practice’s digital wallet to hopefully accrue value and interest. The cryptocurrency market is very volatile due to several reasons, such as regulatory concerns. Providers may want to keep that in mind before deciding to accept cryptocurrency as payment for services.

Many big players, such as Microsoft, PayPal and DISH Network are already on board with the blockchain-cryptocurrency revolution. Alphabet (parent company of Google) has an artificial intelligence department called DeepMind that is building a blockchain system that is intended to be used by healthcare providers.

 

Dark side of Cryptocurrency

It is becoming commonplace for hackers who hold hospital computers and other technology ransom to request payment in the form of cryptocurrency. Cryptocurrency works by using a mix of public and private keys to maintain security and anonymity of payments. This is problematic if you can see where the money goes and to which wallet it is deposited into but can’t identify the person linked to the wallet. Law enforcement would have a very difficult if not impossible task of trying to track down individuals who are exchanging cryptocurrency. That means that any cryptocurrency that is stolen can never be found and victims will never have it returned to them. One way for providers to try to prevent this is by storing cryptocurrency offline on flash drive-like devices.

Hackers are also capable of using Trojan malware to change the wallet address from a provider’s computer to their own, essentially diverting the funds away from the provider or their intended recipient.

 

As we have seen in the cryptocurrency world, early adopters usually reap massive rewards. It remains to be seen if the same rewards for cryptocurrency could spill over into the healthcare sector. Many questions about the future of cryptocurrency remain unanswered.  Providers would like to know if they can accept cryptocurrency as payment from their patients for rendering health care services? Can Healthcare providers pay their business associates in cryptocurrency? Will commercial insurers and federal program payors reimburse providers in cryptocurrency? To find out the answers to these questions and more you should consult Jamaal R. Jones, Esq., a healthcare attorney who understands the changing landscape of cryptocurrency and blockchain. Mr. Jones can be reached at jrj@joneshealthlaw.com or (305)877-5054.

Does Blockchain Belong in Healthcare?

Healthcare providers have been slow to implement blockchain into their practice. Providers are hesitant due to: (1) unfamiliarity with this technology and how it works; (2) some don’t see its practical application to healthcare; (3) others are employing the wait and see approach to determine if it is financially rewarding; and (4) some are put off by the lack of regulation, which could expose their patient records to cybertheft.

 

What is Blockchain?

In 2009, blockchain stormed on the scene as the foundation for swapping digital currency. Blockchain is a permanent record of online transactions or exchanges that are logged publicly and in chronological order with corresponding time-stamps. A blockchain is comprised of a series of “blocks” or information that grows over time to create a chain. Blocks cannot be altered or deleted which allows users to follow the “crypto trail” or transaction record. Blockchain is appealing to many in the healthcare community because of its potential for data security.

Credentialed users can add to the transaction record, which can then be dispersed or shared across networks. Users on the network can validate and confirm each block of data in the chain. The key element of blockchain is that it is not housed in a central database and all transactions must be encrypted and verified by the network.

 

How will Blockchain revolutionize healthcare?

Data security and data interoperability are two of the most popular uses for blockchain in healthcare, but there is the potential for many other applications. Blockchain can be used to create a uniform database of protected health information (PHI) that is easily accessible by healthcare providers regardless of the type of electronic health systems that they use. Blockchain will provide greater security and privacy for patient records, it will reduce administrative processes which will allow for more time spent with patients, and it will facilitate the free flow of medical research from between providers in the treatment of diseases.

Blockchains do not have to be publicly available to everyone. A healthcare facility can limit its network to users that they authorize, such as HIPAA-covered entities and other trusted collaborators. To increase data security, a healthcare provider may place restrictions on what is on the blockchain while choosing to keep some data off the blockchain. Additionally, safeguards must be in place to protect personally identifiable information (PII) without significantly inhibiting the transfer of protected health information.

More functional data sharing between healthcare providers increases the likelihood of accurate diagnoses and better treatment while reducing the cost of delivery. Also, you can be sure that the information on the blockchain is accurate and secure. Blockchain will revolutionize health information exchanges by providing patients with direct continuous access to their records. Providers will be able to access healthcare databases on a large scale. It will also facilitate communication between primary care providers, specialists, and pharmacies who all coordinate care for a patient. All providers, payors, and pharmacies can record information about a specific patient, such as patient visits, prescribed treatment, and diagnosis onto the same ledger, which they all can access. This communication reduces abuse, misuse, and readmissions.

 

Is blockchain safe?

Transactions are conducted over several computers and not a single server, which makes it much more difficult to change, hack, or forge. Cybercriminals have already found a way to abscond with millions of dollars’ worth of coins in several creative ways, but experts believe that blockchain can be a much more secure method of storing patient records and other information. Blockchain wouldn’t eliminate data breaches but if the right procedures are implemented it could significantly reduce the occurrence on a large scale as we’ve seen in the past with companies like Target and Aetna.

However, many questions related to HIPAA and blockchain remain. For example, providers are unsure of how to incorporate patient bill of rights in HIPAA through blockchain and who would have right of access to records maintained on the blockchain. Many contracts will have to be amended to allow for blockchain before they can surmount many lingering legal obstacles.

As of today, federal and Florida legislators have not passed any laws that regulate blockchain in any meaningful way, but that will change as more providers adopt this technology.

 

You need an experienced healthcare attorney who understands blockchain and data privacy to ensure that your practice isn’t violating  HIPAA, HITECH and state/federal agency rules. For more information call or email Jamaal R. Jones Esq. at (305)877-5054 or jrj@joneshealthlaw.com

Florida Pharmacists Must Use E-FORCSE To Combat Opioid Abuse

By: Saamia Shaikh, Esq., OMS-III

In 2011, Florida legislator’s enacted the Prescription Drug Monitoring Program, also known as, the Electronic-Florida Online Reporting of Controlled Substances Evaluation (“E-FORCSE”). The program has legally expanded the role of dispensing pharmacists by requiring them to report the distribution of controlled substances.

 

E-FORCSE requires dispensers of controlled substances to report, within seven days, information regarding the prescriber and the patient for any prescription filled for controlled substances. Specifically, a patient’s demographic information, DOB, gender, as well as the prescriber’s demographic information, DEA number, NPI number, and license number must be reported. Additionally, dispensing information such as the dispenser’s DEA number, Rx number, date written, date filled, refill number (if applicable), NDC, quantity/strength dispensed, and payment type must also be reported. The failure to report a controlled substance willfully and knowingly as required by section 893.055 Florida Statutes constitutes a first-degree misdemeanor.

 

As of 2014, the Florida Board of Medicine reported opioid-related deaths had decreased by 41%.  Nevertheless, Florida remains a leading state in terms of opioid abuse with an estimated 3,900 deaths arising from opioid abuse and overdose in 2015.

 

On May 3, 2017, Governor Rick Scott declared Florida in a state of emergency due to the opioid epidemic. Pursuant to the Governor’s Executive Order 17-146, Dr. Celeste Philip, the Surgeon General of Florida, declared this matter a public health emergency, statewide, and issued a standing order for naloxone, an opioid antagonist that is commonly used to treat and reverse opioid overdose. The order authorizes pharmacists to dispense naloxone via either an auto-injection delivery system or via intranasal spray to emergency responders such as firefighters, emergency medical technicians, paramedics, and law enforcement officers. As a result, pharmacists do not require a script from physicians to dispense naloxone to emergency responders. Emergency responders are shielded from civil and criminal liability under Florida’s Good Samaritan Act if the life-saving treatment is done in good faith and with the exercise of reasonable care.

 

The current state of emergency in Florida is a tremendous opportunity for pharmacists. In 2015, the Fifth District Court of Appeal in Oleckna v. Daytona Discount Pharmacy held that that pharmacists owe a duty of reasonable care that extends beyond merely filling a script written by a physician; “robotic compliance” would not suffice. Pharmacists are being held to a higher standard of care and thus must independently evaluate every situation before dispending controlled substances to a patient. In their evaluation, E-FORCSE is an additional tool pharmacists can consult before filling a prescription. If a pharmacist suspects “doctor shopping” or determines that a patient is improperly and excessively presenting scripts for controlled substances, he or she may legally refuse to fill such a prescription. Pharmacists also have the option of calling and discussing any issues with the prescribing physician before reaching a conclusion about filling a questionable prescription. In fact, pharmacists are being held increasingly liable for filling scripts without independent investigation and must assess the reasonableness of the prescription including: (1) the reasonableness of the dosage of any medication prescribed by a physician; (2) the frequency by which the respective medication is to be taken; (3) as well as the quantity of pills to be dispensed.

 

While physicians may be aware of E-FORCSE, they do not actively use or reference it. Surprisingly, physicians were reported to be a minority amongst the class of users reported. An article published in the International Journal of Emergency Medicine by Young et. al. in 2017 shed some light on this issue, revealing that emergency room physicians’ use of E-FORSCE was low due to barriers in access and due to a lack of formal training of how to use the program.

 

While the duty of a pharmacist is not clearly defined, recent case law in Florida as well as the expanding role of pharmacists suggests an elevated duty of care owed as well as a greater exposure to liability. Thus, it is imperative that all pharmacists be cognizant of their professional duty of care owed and be familiar with all their options in a dubious situation, especially given the current climate of abuse in the state.

Saamia Shaikh, Esq., OMS-III

Negotiating Malpractice Insurance in Physician Employment Contracts

Medical Malpractice Insurance is an essential part of any physician’s practice. According to the American College of Physicians, “Medical Malpractice” insurance is a specialized type of professional liability insurance that covers physician liability arising from disputed services that result in a patient’s injury or death. Injuries may present themselves immediately or at some time in the future. Malpractice insurance requirements will vary depending upon several factors including, but, not limited to how long you have been practicing, the size of your practice, specialty, prior claims filed against you, etc. Many providers receive their malpractice insurance  through their hospital employer while independent physicians must purchase their own. You should carefully examine your insurance policy to determine whether your coverage is for “claims-made” or “occurrence”.

 

Claims-Made

A “Claims-Made” policy protects physicians for treatment that was provided from the first day of coverage through the expiration date. Since coverage ends on the expiration date you much always renew your claims-made policy on the expiration date to continue coverage without any gaps. Each year that a claims-made policy is renewed the retroactive date remains the same. The renewed claims-made policy covers claims that are filed during the policy year for incidents that occurred on or after the retroactive date. This allows for previous years to be covered under the current policy. In short, if you continue to renew a claims-made policy the protections in place will continue for any covered incidents that occur between the retroactive date and the expiration date. Any injuries that occurred prior to the retroactive date or after the policy has expired are not covered, which is why continuously maintaining this type of policy is important.

Claims-made policies allow you to increase your policy limits or add new coverage as needed or when new coverages become available. A claims-made policy allows an insured to transfer their coverage from one insurer to another without purchasing tail coverage, which will be discussed below. This only applies if you have an active claims-made policy that is transferable to another insurer that offers prior acts coverage for this claims-made policy. In this instance, the new insurer will rollover the retroactive date from the previous policy into the new policy. The new policy now covers the same period as the old policy since it includes the retroactive date. Unlike occurrence coverage, claims-made limits do not restore each year. The policy limits remain the same as they were when you initially purchased the policy.

 

Tail Coverage

Claims-made policies don’t cover claims made after the expiration of the policy, so you will have to purchase “Tail” coverage to continue coverage. Tail coverage (aka Extended Reporting Endorsement) is very important if you have been covered under a claims-made policy and are changing insurers, switching employers, or retiring. Tail provides malpractice coverage during the transition for injuries that may have occurred in the past. Tail allows the policy holder to have continuous coverage from the policy’s retroactive date to the policy expiration date. Any claims that are filed during that period are protected. To obtain tail coverage you must pay a one-time fee shortly after cancellation of a policy, but it can be as much as 1.5 to 2 times a typical annual malpractice insurance premium. Again, if you are transferring coverage from one insurer to another insurer tail policy coverage may not be necessary if the new insurer applies a retroactive date to your old policy.

 

Occurrence

Most physicians will opt for occurrence coverage where available. Occurrence policies protect you for treatment rendered during the entirety of the policy period, no matter when the claim is reported. An occurrence policy will still defend you against claims even after the policy has expired. This policy offers permanent coverage for incidents that occur during the policy period. Additionally, occurrence limits “restore” each year so that claims paid for incidents arising from one policy year do not deplete limits available to cover claims from other years. Each year that this type of policy is in effect constitutes a distinct set of limits. The amount of coverage in each year of coverage is aggregated annually to increase the limits.

 

Here are a few questions to Ask yourself

(1) What kind of coverage do I have?

(2) What are the policy limits?

(3) Do I have tail coverage?

(4) What type of incidents does my policy protect me from?

(5) Is this policy transferable?

(6) Will the new insurer retroactively date the new policy?

 

Final Reminders

*When negotiating hospital employment, physicians should ask the hospital to pay for the tail coverage or ask the hospital to allow them to continue their current coverage so that tail coverage is not required.

*Many physicians who are employed by hospitals may be required to obtain tail since most hospitals are self insured and won’t provide the incoming physician with prior acts coverage.

*Purchasing tail coverage may not be a choice. Some hospital bylaws require physicians to maintain malpractice coverage even after they are no longer with that hospital in order to protect from any potential future claims that may arise for any treatment that was provided by the insured while on staff.

*Some hospitals will not grant staff privileges to a physician with any gaps in their malpractice coverage.

*You want to make sure that you policy is always in effect and that it covers all potential claims because legal fees and costs can cost you thousands of dollars. These legal costs are in addition to any settlements that would have to be paid to the injured patient, which can range from a few thousand dollars to millions.

*The claims-made policy is more flexible and more cost effective especially for those who are still in the early years of their practice.

*“Claims-made” to the insurance company after the coverage period ends will not be covered, even if the alleged incident occurred while the policy was in effect. In other words you would personally be on the hook for any damages!

*Occurrence policies are permanent, which means that you don’t have to renew the policy to maintain coverage for any gaps in coverage. You have separate limits each year you were insured so past claims limit your coverage in the years ahead. These types of policies are becoming increasingly difficult to find.

*You should negotiate tail coverage in an employment contract with a new employer.

*Tail Coverage is only necessary when a Claims-Made policy expires and the insured cannot secure “nose” coverage for prior acts from a new insurance carrier.

*Medical Malpractice usually does not cover liability arising from criminal acts or sexual misconduct.

***This blog post does not constitute legal advice and is only intended for educational purposes only. You should consult a licensed attorney in the State of Florida that specializes in healthcare law.***

Which Business Structure is Best for my Medical Practice?

Which Business Structure is Best for my Medical Practice?

Over the years many providers have come to my office expressing an interest in owning a medical practice, healthcare facility, or healthcare business. During these meetings, it is important to obtain pertinent background information about the healthcare entity followed by a discussion about some of the regulatory and licensing issues that may arise. Equally important is determining how the healthcare entity should be structured for asset protection and tax purposes. A corporate healthcare attorney like myself can determine whether it is best for you to create a corporation, LLC, or an LLP. Admittedly, some of the more complex tax issues should be discussed with an attorney that specializes in tax law. Here is an overview of some of the basic differences between the different business entities.

Sole Proprietorship

An individual who does not create an entity.

  • No taxes are imposed on the entity. Instead, the individual owner reports the income and pays the income taxes.

Professional Corporation (a/k/a “P.A.”):

A corporation in which one or more shareholders must be licensed professionals (or entities that themselves are wholly-owned by licensed professionals). The P.A. can be taxed either as an S Corporation or as a C Corporation.

 

Corporation:

A corporation whose owner is not limited solely to licensed professionals. The corporation can be taxed either as an S Corporation or as a C Corporation.

  • C Corporation: Unless it elects otherwise, a corporation must report its own income and pay its own income taxes, under Subchapter C of the Internal Revenue Code.
    • A C Corporation is also subject to Florida’s state corporate income tax at a rate of 5.5%. Any distributions of its earnings to its shareholders requires the shareholders to recognize dividend income, resulting in a second layer or taxation.
    • Many professional C Corporations attempt to avoid distributing dividends by paying all income as compensation (because although it is still taxable to the recipient employee/shareholder, the C corporation gets a deduction for such compensation, resulting in one-layer of taxation).
    • If a C corporation pays excessive compensation, the IRS may try to treat some of the compensation as a dividend distribution and deny the deduction to the corporation with respect to such imputed dividend.

LLLP

A limited liability limited partnership comprised of at least one general partner and at least one limited partner, which is created by filing a Certificate of Limited Partnership and indicated LLLP status in such certificate. The status provides a general liability shield for all of the general partners.

S Corporation

No tax generally imposed on a corporation that elects to be treated as an “S Corporation” under Subchapter S of the Code. Rather, the tax consequences flow-through to the shareholder(s).

  • Each shareholder reports his or her pro rata share of the tax consequences based on his or her ownership in the S corporation and pays the income tax at his or her effective personal income tax rate.
  • Any distribution to the shareholder(s) is not treated as a dividend, but rather first is a return of basis and then excess is capital gain: provided, however, if the S corporation was formerly a C corporation within the past 10 years and had earnings and profits, then a portion of the distributions of the S corporation could be subject to tax as a dividend (Rather than a return of basis).
  • Shareholder distributions:
    • must be made in the ratio or ownership;
    • can be abused to “save” payroll taxes applicable to compensation; and
    • lack the asset protection potential of compensation payable to the head of a family under Florida law.
    • A P.A. generally should elect to be taxed as an S corporation, preferably from inception.
    • If a corporation has already been taxed as a C corporation, then conversion to S Corporation status must be carefully considered to ensure that the “built-in gains” tax on unrealized receivables can be handled through proper accrual and payment of accounts payable and compensation.

Professional Limited Liability Company (a/k/a “P.L.”)

A limited liability company in which one or more members must be licensed professionals (or entities that themselves are wholly-owned by licensed professionals). The P.L. can be taxed either as a disregarded entity (if there is only one member), as a partnership (if there is more than one member), or an S Corporation (whether it has one or more members.)

LLC

A limited liability company whose ownership is not limited solely to licensed professionals. The LLC can be taxed either as a disregarded entity, a partnership or an S corporation.

General Partnership

An entity that is comprised of two or more general partners. No written document is necessary to create a general partnership.

LLP

A limited liability partnership is comprised of two or more general partners, which registers with the state by filing a Statement of Qualification. The registration provides a general liability shield for all of the partners.

Limited Partnership

An entity comprised of at least one general partner and at least one limited partner, which is created upon the filing of a Certificate of Limited Partnership with the state.

There are many factors to consider when deciding how to structure your medical practice or healthcare entity. You should obtain an in-depth analysis of the various business structures so that you can choose the best one suited for your needs. While it is not impossible to change from one business entity type to another, it is always best to choose the best structure from the very beginning. A capable attorney at Jones Health Law, P.A. would be happy to guide you through this process.

***This blog post does not constitute legal advice and is only intended for educational purposes. You should consult a licensed attorney in the State of Florida that specializes in healthcare law.***