Spiers Group Supports the Texas Two Step CPR: Save a Life Campaign



Texas Two Step: Save a Life Campaign 2017

Dr. Oz joins medical school students & others to save lives by teaching free, hands-only CPR during weekend event in 11 Texas Cities



HOUSTON, TX (January 25, 2017)— On Saturday February 11 and Sunday February 12, medical students from all 11 Texas medical schools will join forces with cardio-thoracic surgeon Dr. Mehmet Oz, his national non-profit HealthCorps, American College of Emergency Physicians (ACEP), Emergency Medicine Residents' Association (EMRA), The Texas Medical Association (TMA), The Texas Medical Assocation Foundation (TMAF), Texas College of Emergency Physicians (TCEP), leadership consulting firm MaveRx, health law and consulting firm The Spiers Group, hospitals and medical schools across the state for the 2nd Annual Texas Two Step: Save a Life Campaign. Free hands-only CPR training will be offered over the two days at public sites in Amarillo, Austin, College Station, Dallas, El Paso, Fort Worth, Galveston, Houston, Lubbock, San Antonio, the Valley and Waco.


During 5-minute training sessions, participants will learn how to act quickly in the event of cardiac emergencies by following two easy steps: 1) Call 911 and 2) Initiate hands-only CPR. “These simple tools could make the difference between life or death for someone you love,” said Texas-Two Step board member and University of Texas Medical Branch student Logan Walsh.


Dr. Oz will be participating in training sessions held in Houston on February 11 and in Dallas and Fort Worth on February 12. In Houston, he will participate in public training sessions at the Health Museum from 10:15 a.m.to 10:45 a.m., Sharpstown High School from 11:15 a.m. to 12:00 p.m. Memorial City Mall from 1:00 p.m. to 3:00 p.m. and Cavender’s South Loop W from 3:30 pm to 4:00 pm.  In Dallas, Dr. Oz will participate in training sessions at the Perot Museum of Nature and Science from 11:30 a.m. to 12:30 p.m. and NorthPark Center from 1:00 p.m. to 3:00 p.m. He will participate in training sessions at Hulen Mall in Fort Worth from 4:00 p.m. to 4:30 p.m. Times are subject to change. Please go to www.tx2stepcpr.com for updates.


The event was created by a group of medical students and TCEP in 2016 after recognizing the need to train more Texans in lifesaving, hands-only CPR. Last year, the event trained more than 4,200 individuals, with more than 650 medical students in 53 locations. The students hope to train 10,000 Texans this year and plan to grow the event into a nationally driven initiative in the future.


“Since heart disease is the number one killer of Texans, we knew it was important to help the medical students and our great partners bring this lifesaving event to our communities again this year,” said TCEP President Heather Owens.


The participating medical students attend: Baylor College of Medicine; Texas A&M Health Science Center College of Medicine; Texas Tech University Health Sciences Center School of Medicine; Texas Tech University Health Sciences Center El Paso Paul L. Foster School of Medicine; University of North Texas Health Science Center at Fort Worth/Texas College of Osteopathic Medicine; The University of Texas at Austin-Dell Medical School; The University of Texas Health Science Center at Houston McGovern Medical School; The University of Texas Medical Branch at Galveston; The University of Texas Medical School at San Antonio; The University of Texas Rio Grande Valley Medical School; and The University of Texas Southwestern Medical Center. The Texas Two Step CPR 2017 is led by the Texas Two Step Board of Directors: Shyam Murali (Chair), Logan Walsh (Chair), Tony Balda, Teresa Dunphy, Matt Millington, Shehni Nadeem and Albert Shih.


Statewide sponsors of the event include: Texas Medical Center (TMC), Cavender’s Boots, iBeat and Sanavi Water. Statewide partners include:  ACEP, EMRA, TMA, TMAF, TCEP, HealthCorps.org, MaveRx and The Spiers Group. Regional sponsors and partners for each city can be found on the event website.


To learn more about Texas Two Step: Save a Life Campaign please visit www.tx2stepcpr.com to find a training near you. Times and locations vary based on training sites. People are encouraged to show support for this lifesaving event by following @TX2StepCPR on Twitter.




Health Care Turf Wars and Nuggets from Life Coach Harry Callahan

We have stretched our healthcare system to its limits, and continue to stretch it every day. The ACA was touted as the key to unloading our overburdened emergency rooms. It did not, with a CDC report noting “[f]ew changes in ER use were noted between 2013 and 2014.” There are some people who just prefer the ER, whether for convenience or lack of access to a primary care physician or some other reason. 

One problem noted by many is the lack of primary care physicians. We have known of the looming physician shortage issue for years. A 1989 study published in JAMA noted that despite an overall doubling of the number of physicians in the US since 1963, the proportion of primary care physicians decreased. The Association of American Medical Colleges (AAMC) reports the supply of primary care physicians will remain inadequate well into the next decade. One important point noted by the AAMC is that it takes about a decade to train a physician. We cannot solve it impetuously.

One solution touted by many is the use of “physician extenders.” On the surface this seems a rational, practical solution. For less complex illnesses, many of us once sought treatment from Dr Mom. In the gap between Dr Mom (or ourselves) and physicians, is there room for some mid-level provider?

Our health care system has long been taking a very critical look at this potential solution. Lobbying groups for nurses assure us that increased utilization of Nurse Practitioners are the solution. They claim a Nurse Practitioner can perform many primary care tasks efficiently and in a cost-effective manner. An examination published in the Annals of Internal Medicine suggests that Nurse Practitioners (NPs) utilize resources and provide care much the same as primary care physicians when dealing with low complexity out-patient maladies. Other studies are yielded different results. One study demonstrated that nurses ordered more imaging studies.  Another study compared NPs to experienced physicians, resident physicians (physicians in training), revealing that nurses utilized health resources at a higher rate.  

I am going to go out on a limb here, and make a prediction: studies by physicians are likely to show physicians are more efficient and cost less, while studies by nurses will almost certainly argue the opposite.  

The answer is somewhere between the two extremes, and it is not some rigid demarcation.  I have worked with NPs (and Physician Assistants, called PAs) who have been outstanding. What made them outstanding? Hard work, a pleasant nature, kindness to their patients, a devotion to their practice, a hunger for professional knowledge, and self-awareness come to mind right away. In other words, traits to which we should all aspire.  

What is apparent, however, is that policy makers don’t always appreciate this laundry list. For many who thrive on checklists, hiring a provider – any provider – means “task completed.” A wise policy would be to use the providers appropriately. I can sense eyes rolling as I write this – “of course we use providers correctly.” Right. And you are from the government, and are surely here to help. 

Not so fast.  Let us examine a recent study comparing not NPs to MDs, but nursing assistants to nurses.  

At this very moment, some poor policy wonk is salivating: if nurses can replace doctors, and nursing assistants can replace nurses, our healthcare problems are all solved!  

This study provides a cautionary insight we should all heed. Replacing nurses with assistants resulted in an increase in mortality.  The reasons should be apparent.  We should be using the right tool for the job.  

There are some elements of care that no doubt may be rendered by nursing assistants. Some is better provided by a nurse. At another level, a nurse practitioner or physician’s assistant. Beyond that a physician. Further still, a specialist. Perhaps a certain condition requires the attention of the world’s expert. The right tool for the job. 

Our job is to make sure we have all the tools in our toolbox. We must use them properly and in concert as we look to the future. Just as we would never call a screwdriver a hammer, we should not confuse the roles of our providers. Family physicians and pediatricians devote years to learning their craft. Internists, the same.  All physicians are not neurosurgeons, or cardiologists, or pulmonologists. Just as a pediatrician would not perform a liver transplant, or a liver transplant surgeon perform a joint replacement, a nurse should not contemplate treating a complex medical problem without an appropriate collaborative relationship. Together we may do great things. Working at odds only weakens us. 

To use the immortal words of Harry Callahan, “a man’s got to know his limitations.”

It should be apparent that expanding the role of NPs and PAs in delivery of care is worthy of consideration. A sticking point is that of autonomy. I believe in the team model, and my reasoning is simple. It is the difference in the level of training. A nursing curriculum is not the same as a medical curriculum. An advanced nursing or physician’s assistant program is not the same as a medical or surgical residency. A NP or PA degree should not be seen as a cheaper (yes, the training programs are expensive) and easier (yes, I know it is hard to become a NP or PA) means to becoming a “doctor”. Indeed, some nursing programs have taken to awarding their graduates doctoral degrees, making them doctor-nurses.  

That is confusing to patients, but the real issue is care. Physicians, NPs and PAs all contribute to good care. The primary focus is delivery of care to a patient population outstripping provider population?  While a patient should know with confidence who is his or her physician, physician’s assistant, nurse practitioner, nurse, nursing assistant, and so on, it is more important that the patient be provided excellent care. If a role is appropriate for a nurse practitioner, why use a physician for the task? Even more costly, and dangerous, is to consider using a NP for a role that needs a physician’s skill set. 

In an overburdened health care system, we must shepherd our resources. We must not sell ourselves short, or take the easy route to checking that box on the checklist. We must strive not just for adequacy; we must achieve excellence. Blurring roles for the sake of ego has never been a means to that end.

Maybe we should all just get to know our limitations...

At the Spiers Group we work to help providers of all pedigrees build successful practices and deliver quality care. Contact us to speak to one of our team to see how we may help you.

Babies, Belladonna, and Big Bucks

“We got a letter from the Feds today.”

Those are always interesting words to hear from a client. Often such a letter is anticipated, because many physician or scientist clients are investigators in studies designed to obtain FDA approval for a device or drug. Others have to do with potential violations of the Stark law, or the Anti-Kickback Statutes, or the False Claim Act.  Data breaches invite scrutiny under HIPAA. Certain prescribing practices invite scrutiny for DEA. The list of reasons, like a list of acronyms for Federal agencies, is seemingly endless. Generally, my clients know when such a letter is cause for alarm - or not - even before they contact me. 

Many of you who follow this blog have noted another set of initials tossed into the mix: FTC.

Recently we discussed how FTC is involved in regulating medical apps. Many of you may not know FTC has a significant history of regulating other health products. FDA and FTC have recently been engaged in actions against the many fabulous weight loss claims made by marketers of homeopathic over the counter HCG dietary supplements. For those of you who have not seen the advertisements for these miracle cures, some claim to help you “lose 30 pounds in 30 days, using all natural HCG.” I won’t link to them – I do not want someone to think I endorse these in any way. I do endorse the FDA’s statement that claims supporting the diet are bovine scatology. HCG diets just do not work. 

What will cause one to lose weight is the starvation diet “required” by the spectacular dietary supplement in order to optimize the redistribution of fat. Also required is the dismissal of all sanity and reason.  The weight you lose is from near starvation, and arguably a lighter wallet.

From FDA’s website regarding medication health fraud:

“HCG has not been demonstrated to be effective adjunctive therapy in the treatment of obesity.  There is no substantial evidence that it increases weight loss beyond that resulting from caloric restriction, that it causes a more attractive or ‘normal’ distribution of fat, or that it decreases the hunger and discomfort associated with calorie-restricted diets.”   FDA press release

Now, I mentioned FTC was involved in this matter, and most of you may not even have wondered why. We are so accustomed to FDA acting to regulate medications; most don’t even realize that they are not alone in this particular sector. They have some powerful allies, and while they often scuffle a bit over turf, there is no doubt the two can pack a powerful one-two punch, no matter who is the primary agency on the matter.

That long introduction leads to the real focus of this article. It is not FDA, nor HCG. It is FTC.

Health care providers rarely think of FTC, and I suspect even among consumers the role of FTC is unclear. In health care, FTC’s role is two-fold:

1.       FTC enforces the FTC Act, which prohibits deceptive or unfair acts or practices in or affecting commerce, including those relating to privacy, and those involving false or misleading claims about safety or performance.

2.      FTC enforces the FTC Health Breach Notification Rule, which requires certain businesses to provide notifications following breaches of personal health record information.

Most health care professionals are so focused on HIPAA that they immediately recognize the privacy implications. That is good, as these regulations are often overlooked. To do so is a grave mistake. Yet while it is always tempting to forge ahead on the topic of data security and privacy, the issues we address today are those of deceptive practices and misleading claims.

Homeopathic medications have a special place in our health care system. Almost everyone can recite a litany of remedies used in their family or social circle, and are unable to provide scientific support for the therapy when challenged. (Yes, this means “because Mom said so” is classified as generally non-scientific, but avoid discussing this at holiday dinners.) All it takes is a trip to the local supplement store and we are met with a host of “natural” remedies that are used to “treat” a host of maladies.  Want to see more?  Head over to the pharmacy.  Need more? Wander through the health section of your grocery store.  Still not enough? One word: internet. Homeopathic remedies are everywhere. 

The obvious question taking form on the rational reader’s lips is not “What is the big deal?” but “How much money is involved here?”  Take a moment to review this 2007 report from the CDC.  No matter how you approach the figure, we can all agree that a largely unregulated 3 Billion Dollar industry consumes a significant portion of our health care spending.  Goodness, for a fraction of 3 Billion Dollars some might even be tempted to take advantage of our gullible nature and lighten our wallets.

In a press release issued this week, FTC announced its new policy to guide its regulation of OTC homeopathic products.  For those of you who are pounding your keyboard angrily insisting this is governmental overreach, take a deep cleansing breath, balance your chakra, and focus your inner eye on these cold, hard facts. The FTC only cares about claims that are unsubstantiated by scientific evidence. FTC reminds us that (from the policy)

[T]he promotion of an OTC homeopathic product for an indication that is not substantiated by competent and reliable scientific evidence may not be deceptive if that promotion effectively communicates to consumers that: (1) there is no scientific evidence that the product works and (2) the product’s claims are based only on theories of homeopathy from the 1700s that are not accepted by most modern medical experts. (emphasis added)

It should come as no surprise that most, no, few, no, probably none of the homeopathic remedies you see for sale are supported by valid scientific evidence.  The most common homeopathic inference, that some remedy must be safe because it has been around for so long (since the 1700s!!!) is not quite the same as valid scientific evidence of a beneficial nature. To those of you in the throes of apoplexy over this, I am, well, I am not sorry.  It is the truth.  Proponents of these products may take solace in the fact that this scientific deficiency is tolerated as long as the labels on these products clearly say so – the disclaimer above is probably sufficient.  Personally, I prefer the much briefer"There is no proven benefit to this product, so don't complain to anyone if this heads south on you."

Now you wonder "what is valid evidence?" From the policy, FTC defines this:  “competent and reliable scientific evidence,” defined as “tests, analyses, research, or studies that have been conducted and evaluated in an objective manner by qualified persons and [that] are generally accepted in the profession to yield accurate and reliable results.”  Taking a cue from the regulation of medications by the FDA, this translates into clinical trials in humans, not the insight of some late night shill who has discovered some ancient secret to peace, harmony, colon cleansing, and dietary adjustment, all of which can be yours for the low price of most of your hard earned money. 

Recently a popular homeopathic teething remedy was linked to 10 infant deaths. This prompted a press release from FDA cautioning against the use of the “natural” products to treat teething pain. The manufacturer was quick to claim that the product is regulated as a drug by FDA, with the consumer left to infer FDA validated the product's safety, and all was right in the universe. Go back and read the FDA release again – Homeopathic teething tablets and gels have not been evaluated or approved by the FDA for safety or efficacy.” How awful for the families of those ten infants.  

FTC has long had the power to regulate advertising, and could have acted sooner. There are a lot of reasons they have not, and deconstructing them is a topic for another day. It is important that FTC has acted now.  Why?  Well, years ago, FDA opted to allow the homeopathic industry to regulate itself.  As the Food, Drug, and Cosmetic Act is enforced today, FDA cannot “pull” homeopathic products from the market.  FDA cannot prevent these products from being marketed once they meet certain easily attained standards.  Why this is the case is beyond this brief note, but FDA is reassessing this limit.

In this enforcement void stands FTC.  FTC may not be able to prevent a product from being marketed, but FTC can apply its "truth in advertising" standard to the products. In other words, if you want to sell sugar tablets to treat the flu, you have to show they work, or explain that there is no scientific evidence to support their use.  If you want to sell a product that utilizes some diluted extract of poison ivy to treat arthritis or market some extract of deadly nightshade to treat teething pains, well, FTC wants consumers to think twice. 

Some homeopathic remedies might work. Some manufacturers may choose to subject their products to the rigorous testing and clinical trials needed to obtain FDA approval as a proper drug. Kudos to manufacturers that choose this scientific path to validation. To those afraid to subject their products to real scientific scrutiny; shame on you. 

We can utilize homeopathic remedies; FTC wants us to make informed decisions. We should not need some sketchy brain booster to help us with this one.  Its a no-brainer.



Spiers Group works to help professionals deal with the many complex regulations governing their professions. To discuss how this may affect you and your profession, contact Spiers Group today.

Five steps to improved HIPAA compliance

As hospitals, clinics and health care professionals know, their industry is among the most strictly regulated in the United States. Included in the complex set of health care laws is the Health Insurance Portability and Accountability Act (HIPAA). HIPAA requires health care organizations to adhere to national standards for electronic health care transactions, code sets, health identifiers and security. Additionally, Congress incorporated mandated provisions to HIPAA to ensure privacy protection for individually identifiable patient health information.

Given the importance placed on HIPAA, it is vital to ensure your health care organization is compliant. Below are five steps to help you achieve compliance with HIPAA regulations.

1) Develop privacy and security policies

Health care organizations need to develop, adopt and implement policies to ensure the privacy and security of patients' protected health information (PHI). Included in this documentation should be what actions should be taken when a breach occurs. Comprehensive policies also should include policies for email and mobile communications, with patients, between employees and with business partners. In most organizations, it may be beneficial to appoint an employee or group of employees and privacy and security officers. These people will serve as resources for the organization and should have extensive knowledge of HIPAA regulations.

2) Educate your employees

It is essential for health care organizations of any size to offer official training and ongoing communication to employees regarding HIPAA privacy standards and policies, particularly regarding permissible uses and disclosures of PHI. New employees need to be trained immediately, and training refresher courses should be offered to all employees on at least a yearly basis, or whenever policies are updated. Additionally, HIPAA requires ongoing awareness communications and activities be provided to all employees.

3) Work with compliant contractors

When you share PHI with vendors, business partners and contractors, you trust them to uphold HIPAA privacy standards. If they do not, your organization will likely share liability for their violations. Before working with third-party entities, make sure they are also HIPAA compliant regarding privacy and security, employee training and risk management.

4) Conduct regular risk management assessments

Through regular risk assessments, health care organizations can identify vulnerabilities to PHI and remediate identified issues or revise gaps in policy. If these measures are taken on a regular basis, it can help to ensure the confidentiality and integrity of your organization's PHI and avoid significant administrative, technical and physical breaches. Additionally, it is vital to conduct other activities to help manage risk, including tracking mobile devices and computers with access to PHI, monitoring big data analytics performed by your organization, keeping anti-malware updated and applying security patches when necessary.

5) Provide patient education and access to records

Health care organizations must correctly publish and distribute a Notice of Privacy Practices to all patients. Additionally, an acknowledgement of receipt should be obtained from every patient, and updated whenever policies are revised. The notice should also be published to your organization's website.

Patients also have the right to access their PHI within 30 days of making a request. Full records must be provided, rather than just a summary.

6) Work with an attorney

If your organization is in need of guidance in fulfilling your compliance with HIPAA or other health care laws, contact an experienced attorney. In addition to advising regarding policies and procedures, your legal representative can become vital if you or your organization is being investigated for a HIPAA violation.

A Fate Worse than Death

“A fate worse than death.” How many times have we heard the term? What could be worse than death? We all have our opinion.

When William Gibbon used the term in his History of the Decline and Fall of the Roman Empirehe was using it as a euphemism for the “involuntary loss of a woman’s honor.”  In the quarter millennium since his epic work, many have appropriated the term for their purposes. Famously, Kurt Vonnegut, in his address “Fates Worse than Death” acerbically pondered if there are truly any fates worse than death. But I digress… 

It seems we finally have a formal, government sanctioned definition for a fate truly worse than death. We can even quantify exactly how bad such a fate is when compared to death. Aren’t these grand times?

Tom Baker, of Doctor Who fame, once said “I think quite often a fate worse than death is life - for lots of people.” (Mr. Baker portrayed the fourth doctor, if you are wondering.)  Fortunately, the Center for Medicare and Medicaid Services has stepped in to provide clarity here, and they support Mr. Baker’s definition wholeheartedly. Life is indeed worse than death, or at least when it comes to Medicare reimbursement.

Do you consider it worse to be readmitted to a hospital, or to die?

A physician colleague of mine once opined that she thought the ideal patient outcome, in Medicare’s view, was for a patient to achieve Medicare eligibility, then promptly die without ever utilizing any Medicare resources. Now it appears that view is documented, to some degree, through scientific study in a peer reviewed journal. To the CMS, readmission to a hospital (in other words, living) is worse than dying.

In a study published in JAMA Cardiology, physicians at the University of Michigan and the Ann Arbor Veterans Administration Medical Center noted an amazing paradox in health care reimbursement by Medicare. In the study, the authors identified two cohorts. In one group, hospitals had a higher readmission rate. These hospitals were punished with financial penalties because of the increased rate of readmission.  These penalties were levied even though these hospitals kept more patients alive than expected.

That is right – more people lived than would be expected based on the disease groups being studied, yet the CMS punished the hospital. 

Compare this to a second group of hospitals, where there were low readmission rates.  In this group, more patients died within a month of leaving the hospital. The hospitals in this group were penalized less because they did not have as many readmissions.  How much less? More than ten times less. This degree of difference essentially makes it a reward to have the patient die rather than be readmitted. 

In a Reuters report, Dr Scott Hummel, one of the study’s authors states “You could argue that from the individual patient’s perspective, mortality should be weighted much higher than readmission.” I will hazard a guess that most of the survivors would agree. I will also go out on a limb and report that many, if not most, deceased Medicare beneficiaries would agree.  (It is Halloween, so I will report back if I get new information tonight.)

This compensation practice may perplex all but the most dedicated Vonnegut fans. The hospitals that do the best job keeping patients with significant illnesses alive are penalized for keeping them alive, while those that let them die are, essentially, rewarded.

No one argues that we want more efficient care. We waste untold amounts of money in the health care sector.  We should all realize that readmission may mean the hospital could have done a better job the first time around. It might  also mean their patient was sicker.  We also recognize that not all who died could have been saved had they been readmitted.  Some patients were destined to die despite all best efforts.  Likewise, some might have lived had they been readmitted.  There are many variables to consider. We should not rely solely on some one-sized fits all algorithm that shifts the focus from the patient and places excess value on the bottom line.

Let us start by admitting that living is not necessarily a fate worse than death.


Spiers Group works to help the healthcare industry deal with complex policy issues. Contact the practice today to see how we might serve you and your needs.

Whose Record?

Imagine a bit of vital information recorded dutifully by highly educated professionals tasked with compiling, protecting, and preserving the document. These same individuals serve also as gatekeepers of sorts, requiring the appropriate credentials before these somewhat secret documents are released.

The documents, highly personal in nature, contain information that is often mundane, but sometimes highly sensitive. As a whole, they are secret, but these documents are not the ones you might be thinking about.

These secret, encrypted, mysterious, often illegible documents are medical records.  Sometimes they are so "secret" no one may access them.  This is not because of global security or some secret conspiracy. It is just the reality of the healthcare world.  Everyone, whether they are a physician, layperson, attorney, or politician, has medical records they cannot access.  Yet politicians do not seem to grasp this. This latest cycle of presidential campaign rhetoric makes mention of “complete medical records,” suggesting the candidates make available all their medical records. The possibility that someone could not produce these records is treated as inconceivable.

I agree with Inigo Montoya: I do not think that word means what they think it means. 

The New York Times examined this issue, deeming it impossible.  At Spiers Group, we are often asked to review medical records. We have a team of folks who can dissect these, reading between the lines for certain issues. The biggest problem the team faces is that most often the records are incomplete. Entire episodes referenced in the record are sometime missing. How can this be?

Think about medical records. Everyone has them. Your first record is likely older than you, and it is commingled with your mother’s record. The data begins to accumulate in earnest when you are born. The record contains countless pediatrician visits, the occasional visit to the emergency room, and perhaps a hospitalization or two. Some childhood surgery, such as an appendectomy or a tonsillectomy, can add to the volume.  Teen years are more of the same. Adulthood, for many, brings some stability, but who can name every provider or specialist they have ever seen?

The reality is that no one can reasonably be expected to recall all health care visits. Likewise, how can you get the information if you cannot even remember the visit. More to the point, even if you could remember, medical records are often destroyed after a certain period. In the past, 7 to 10 years after a patient’s last visit, or the age of 18, as the case may be, marked the end of the retention requirement. I am sure many of my medical records have been converted to paper bags decades ago.

Today, with electronic medical records, this should be simpler for physicians and patients alike. It is not. This has also has led to some misconceptions about who has access to records, as well as how easily they can be accessed.

It helps to think of medical records as documents stored in a security deposit box. The security deposit box can only be accessed if one knows where it is, and has the proper credentials. Patients have responsibility for knowing where their medical records are held, and they control access to them.  A patient’s physician – or attorney, insurance company, or hospital – cannot just summon a record from the ether.  Patients should maintain some semblance of a medical history with them in order to share the information with providers. Patients also hold the two keys to their medical records; they know where the records are, and they can grant others access to them

Electronic health records have great promise, but every system cannot communicate with all others. Early electronic medical record systems were constructed on multiple platforms, incapable of fully and completely communicating with each other, if they could communicate at all.  We hope all current medical record systems seamlessly communicate, but such hopes are not yet mature.  Ultimately, as more medical data is converted to digital form, it may be easier for patients to gain access. To use another banking analogy, medical records will be accessible just as we access our banks from an ATM - provide the right credentials, no matter where you are, and you can access the records. 

Until we reach that digital utopia, many challenges remain.  Many records remain on paper. Finding a particular record in a file room with hundreds of thousands of pages stored in tens of thousands of file folders can be challenging.  It will take many, many years to convert these to some electronic form, if ever attempted. More recently, the many different digital formats for health records that have accumulated over the years. Not all electronic records are migrated to the latest platforms. 

Privacy issues abound in the arena of medical records. The friction between HIPAA and the simplified delivery of care is ever present. Shipping paper records via mail has some risk, as does emailing them.  Encrypting digital records offers some security. Unfortunately, some will enclose the password for an encrypted record in the same package.  Finally, external patient portals to access records are also fraught with security risks.  Providers should make certain patients understand their role in protecting their records, but patients must make certain they act to protect their personal data.

In the end, all a provider can do is manage the records to which they have access and control. Patients likewise have a responsibility to maintain at least some narrative history of their medical past. The growth of personal medical record keeping systems makes it easier for patients to keep up with their own health information. Patients should remember, however, that health care providers cannot be liable for what the patient does with the medical record once the patient has it. If a patient stores his record on his smartphone, he assumes responsibility for its privacy and security.   

So while no one can provide “complete” records, or ensure “complete” security, by taking reasonable steps to provide the available data in a reasonably secure form, providers can aid those with the ultimate responsibility for keeping up with a patient’s medical history – the patient.  


That’s right, folks. The government is here to help. Again.

The media has been full of interesting bits about the future of healthcare under the Affordable Care Act.  There is no question that the glaring flaws in the overly optimistic financial structure required to continue health care under the ACA merit attention.  Whomever thought the young and healthy, who are often living on a paycheck-to-paycheck budget, would willingly spend a mortgage-sized portion of their income supporting the healthcare for the elderly or infirm apparently spent their own youth testing the health effects of certain controlled substances while scraping by on their sizeable trust funds.  (In a profound statement of the obvious, AETNA’s CEO admitted “Young People Pick Weekend Beer Over Obamacare.” Seriously, was this ever in doubt?) 

But while so much attention is devoted to that five-alarm fire, some attention must be devoted to the embers from that fire which are landing in the tender laden structure of the Medicare program. As flimsy as the Medicare program is, held together by patches and other “fixes,” this simple spark may bring it all down in a flash.

I am referencing the Medicare Access and CHIP Reauthorization Act, called MACRA. If you did not know what MACRA referenced, you are not alone. Most physicians do not know much about it, and I wonder if many of the lay public does.  But beyond recognizing that MACRA references something to do with Medicare, even fewer know how it will impact health care delivery in the United States.

One more trip on a road paved with good intentions…

MACRA was created with the best of intentions. For years, physician compensation under Medicare had been based on the sustainable-growth rate (SGR) formula. Everyone despised the formula, as each year the formula threated to make drastic cuts in physician reimbursement to prevent increasing Medicare expenditures from exceeding the increase in Gross Domestic Product.

Because health spending was growing faster than GDP, the law would result in dramatic cuts to physician compensation. Recognizing that such cuts would be detrimental to patients, Congress voted 17 times to not implement the formulaic cuts in compensation. Before MACRA, physicians were facing a greater than 20% cut in compensation in 2015.

Now it appears many physicians, if not most, will face significant cuts in compensation under MACRA as well.

Ronald Reagan once said “the nine most terrifying words in the English language are: I'm from the government and I'm here to help.” MACRA is no exception.  It is a bipartisan attempt to rein in health care spending by tying pay to performance. In other words, better results merit better pay. What could go wrong?

The first thing one should understand about MACRA is that it is not a simple fix. Congress, as it often does, provided some guidelines that left the nuts and bolts of implementing the Act to the same folks who could never make the SGR work.  Weighing in around a thousand pages, the implemented program will impact every physician who provides care for more than 100 Medicare beneficiaries in a year, or who bills Medicare more than $30,000 in a year.  For those not initiated into the mysteries of Medicare, recognize that these are a very low threshold, so almost every physician treating federal healthcare beneficiaries meets these criteria.

MACRA requirements have been delayed so providers do have a bit of time to prepare. The plan was intended to begin in January 2017, but the collection of the performance data at the heart of the program may be delayed until October of next year.  This data must be submitted to the government to verify compliance.  There are several options for participation, which require differing amount of data to be collected and disclosed. As you might imagine, the more data you offer up, the greater the potential incentives, provided they show a practice surpasses the appropriate threshold.  Failing to participate leads to an ever-greater decline in reimbursement.

For those who counter by assuring everyone that those who deliver quality care will be rewarded, leading to an improvement in healthcare delivery, the lesson of Dartmouth’s departure from the Accountable Care Organization (ACO) arena appears to have been lost.  The standards do not allow for those most vexing of medical variables – human choice and free will. Patients do not have to follow their physician’s advice, and the physician may pay for that patient’s right to ignore them. 

Particularly disturbing is the intrusion of MACRA into actual delivery.  As noted in an earlier blog, physicians are spending more time entering data into the “more efficient” electronic health record than providing health care.  No one can argue MACRA will force providers to shift their attention even more towards the computer screen. How can this be good for anyone? 

Our health care system needs a feel-good story, and the ACA has not offered it yet.  ACOs have not delivered on their hypothetical promise.  Years ago, many were predicting it made little financial sense for the healthy young to participate in the ACA.  Health insurance premiums are rocketing to unheard of heights. The promise of reduced burdens on our emergency rooms has been deemed empty by the government, who admitted there were few differences in ER use before and after the ACA was implemented.  Doctors spend less time caring for patients and more time dealing with electronic health records than with patients. Now MACRA’s de facto Hobson’s choice for providers will likely make medicine even less efficient, perversely decreasing quality in the name of improving it.

Welcome to the brave new world of healthcare.

Contact the Spiers Group for more on the impact MACRA will have on your practice.

Cybersecurity Threat to Diabetics

Recently we discussed the cyber-susceptibilities of electronic health records. While that article focused primarily on the phenomenon of ransomware, the vulnerabilities of many of our medical devices was discussed briefly. To recap our point, many medical devices are essentially small computers. They are very task specific, to be sure, but they operate using software that is very to similar to that in your computer or phone. 

Two years ago, cybersecurity expert Barnaby Jack demonstrated a technique for accessing insulin pumps. In a demonstration at a security conference, Jack was able to force an insulin pump to deliver what would be a lethal dose of insulin. He later showed such an act is possible from up to 300 feet.  

A year later, scoffing at a plot line from a popular television show, Jack demonstrated the ease with which a pacemaker could be forced to deliver a lethal jolt of electricity. In the demonstration, if you are wondering, he forced the device to deliver 830 volts, and that could easily result in a fatal event.

To be sure, Jack was not the first to hack an insulin pump. Jerome Radcliffe famously demonstrated the vulnerability of his own insulin pump - he is a diabetic - after once joking about his concerns that someday a "hacker was going to break into my pump, [and] give me a dose of insulin that I didn’t need..."  Radcliffe sounded the alarm bell for medical device security after this, leading to congressional hearings on the matter.

In 2015, Motherboard magazine sounded the alarm bell loud and clear - Ransomware is coming to medical devices. The Motherboard article proclaimed "This is year zero for the health care industry and cyberattacks."  Bloomberg Businessweek had an excellent piece at the time, decrying the ease with which medical devices could be hacked.

The future is now. Today Johnson and Johnson, whose subsidiary Animas produces the One Touch Ping Insulin Pump, announced the pump is vulnerable to hacking.  This is months after it was first announced on the Rapid7 blog of Jerome "Jay"  Radcliffe. The pump uses a wireless remote that is intended to be discrete and convenient.  Rapid7 noted the communication between the remote and the device was not encrypted - the data between the remote and the pump are not encrypted. 

Radcliffe posts a detailed chronology of his interaction with the device manufacturer, detailing his earliest communication with Animas about their pump. When was that first notification?  April 2016.  Six months later, the defect is disclosed. The timeline below is from the Rapid7 website.

From the Rapid7 Blog:

Disclosure Timeline

This vulnerability advisory was prepared in accordance with Rapid7's disclosure policy.

Thu, Apr 14, 2016: Attempted to contact the vendor at security@animas.com, security@johnsonandjohnson.com, and several other aliases at both domains.

Thu, Apr 21, 2016: Details disclosed to the vendor at productsecurity@its.jnj.com (PGP KeyID: 0xEC69B12DFF06A1CA)

Mon, Apr 25, 2016: Animas initiated complaint handling process

Fri, May 06, 2016: Further clarified details with vendor

Mon, May 09, 2016: Details disclosed to CERT

Thu, Jun 16, 2016: CVEs assigned by CERT

Jul-Sep, 2016: Worked with Animas on validating the reported vulnerabilities

Wed, Sep 21, 2016: Mitigations provided by the vendor

Tue, Oct 04, 2016: Public disclosure


Reproduced from Rapid7

This episode hammers home yet again the importance of cybersecurity in healthcare. Who knows what the next vulnerability will expose - or how many might be harmed by it.


Cybersecurity is a serious matter. At Spiers Group, we work with industry professionals to help healthcare providers meet these challenges. Contact us today to discuss how we can help you.

The Inexorable Limit of 24/7/365

Physicians often come to my practice inquiring about ventures to enhance their income. Some are joining a venture, while others are starting one.  All, hopefully, come because they are concerned about the many strict regulations governing the medical profession.  

Few understand one harsh reality of medicine - doctors are selling their knowledge and skill, but they are also selling their time. They are, in some analyses, hourly workers.

It is when physicians consider their income in terms of hours worked versus earnings that the financial model for medicine is most striking.

Physicians are trained from early in their career to work hard to help their patients, and that hard work mantra is echoed when they ask how to build their practices and generate the income needed to repay the tremendous debt they incur to enter the field.  (While the high costs of education are not intended to serve as a barrier to entry, they do, but that is a topic for another day.) 

The solution most often offered is to merely work harder. It is simple: See more patients, make more money. This is where some physicians can become derailed, trying to see too many patients, and shortchanging the patient his or her time. One patient an hour is not likely to keep a practice open for long, but an average of five an hour is a start.  That number itself is deceptive, since some patients have simple problems that require only a modest amount of time to address, while others have complex problems that consume a lot of time.  This does not include the "Bonus Time" doctors get to work in order to fulfill the requirements of their electronic health records system. (See my blog lamenting all the extra time those time-saving EHRs demand of practitioners here. )

By trying to see too many patients, doctors may cut corners, and quality suffers.  No one wants that, and no one should accept that. 

At the other extreme are those practitioners who succumb to the temptation to make fraudulent claims for services. This may take the form of billing for services that were not rendered, overutilization (and overbilling) for services, incorrect reporting of diagnoses, unbundling, and of course, good old-fashioned kickbacks and bribery, to name but a few.  The cost of this is staggering - no one knows the exact figure, but it could be up to 10% of all healthcare costs. This cost in dollars? In 2011, it was upwards of $272 Billion.  

So doctors are left trying to figure out a way to earn more while still delivering high quality care lawfully. That is why our firm will counsel physicians to think of themselves as an hourly employee - balancing the hours they work versus their earnings.  The infographic below, from the website www.bestmedicaldegrees.com, demonstrates this reality of time and money by comparing doctors and high school teachers. (And before anyone gets upset, I am the proud son of a teacher, who would never have become a thoracic surgeon/attorney without the moral and financial support of my parents.)

There is a solution for physicians, but it does require they lift their nose from the grindstone for a bit to consider the many opportunities available to them. For example, by offering additional services that do not require a tremendous investment of physician time, practices can grow their bottom line. Investment in ancillary medical ventures, such as surgery centers or urgent care centers, can also be a boost.  Most exciting, however, is the opportunity for investment in the technology that is driving  medicine..  

Physicians will often mention how they have an idea for a device or technique that they would love to develop if they only had the time to do so. Biomedical scientists also have incredible gifts for innovation, but frequently lack the expertise to translate their ideas into practical and usable forms for application in healthcare.  The opportunity for scientists, physicians, entrepreneurs, business experts, and legal counsel to interact to jointly navigate the many challenges that will sink any idea on its way from the drawing on the back of a napkin to market is invaluable.  

So doctor, the next time you are looking at your bottom line and are considering just how many more hours you need to work to reach some income milestone, remember there are only twenty-four hours in a day, and but seven days in a week. Time is your most valuable asset. Use it wisely. Leverage that vast repository of knowledge you paid so much to acquire and spent so long learning to multiply its impact on your bottom line and on your quality of life.

In the end, this will allow you to pay more attention to your patients by working better and smarter – not longer and harder.  


The Spiers Group is well positioned to help providers explore opportunities for more efficient and satisfying practices.  Contact the firm to discuss your needs and see how we can help you.


Knowledge is (Economic) Power

[T]he globalization of knowledge and knowledge creation [is] the fundamental global driver of economic outcomes in today’s information economy.
— Richard B. Freeman

The Brookings Institute, as part of its Global Cities initiative, has released a new report titled Redefining Global Cities. This follows and complements the A. T. Kearney publication  “Global Cities 2016.  For many of us, the term global city gives us a moment’s pause – just what constitutes a global city? While the titles of the two articles I reference make clear there is not universal agreement as to the precise meaning, almost all definitions reference the importance of global cities in the world economy. Presently over half of the world population lives in cities, and this accounts for their influence. The population of our cities will continue to expand.

All of this caught my eye because of my own pride in my city, state, and country.  I live in Houston, home to well over 2 million and encompassing about 600 square miles. Houston has been called a global city for years, but what struck me the most in these articles was a shift that is relevant to the life science and medical device sectors driving much innovation in Houston and other Texas cities.

Houston is a center for the energy industry, aeronautics, health care, biomedical research, and shipping. Many will easily recognize the city’s contributions to energy, thinking of its prominence in the oil industry, but they overlook its drive in the wind and solar sectors. The Texas Medical Center is a city unto itself, comprising one of the largest business districts in the US, employing over 100,000 professionals and accommodating over 150,000 visitors every day. Mention aeronautics, and who can help but think of NASA? Houston is the largest US port in terms of international commerce, and one of the 10 largest in the world.

For years, much of the discussion of global economy has focused on the largest of the global cities; London, Paris, New York, and Tokyo. As strong as the economic contributions of these cities might be, however, they were but a slice of the total global economy, and discounting their smaller sisters is not wise.  As the economy changes, new concepts of economic goods demand consideration. Major corporations, educations levels, information, cultural experiences, political engagement, personal well-being, innovation, long-term investments, GDP, and the ease of doing business are just a few of the factors measured. Centers of government and policy, such as Brussels and Washington DC, as well as capital markets, such as New York, London, and Beijing populate the upper echelons in most ranking systems, but the advantages of doing business in these centers versus smaller centers is becoming less.

Which brings us to Houston, Dallas, Austin, and San Antonio, the largest of Texas’ cities, and where they fit into these ranking systems.  A. T. Kearney recognized Houston and Dallas as among the global cities with the greatest potential for growth and future competitiveness.  Houston was singled out for its category leading GDP per capita. Austin and San Antonio were just not large enough to be considered in the Kearney analysis.  

In a working paper available here, Harvard Professor of Economics Richard B. Freeman points out the role of “the globalization of knowledge and knowledge creation as the fundamental global driver of economic outcomes in today's information economy.” And this is where Texas’ largest cities demand attention.  The Brookings Institute’s ranking system included a category of global cities termed “Knowledge Capitals” due to their ability to fuel innovation.  Houston, Austin, and Dallas were included in this category, noted to be among global cities having the highest GDP per capita, and highest GDP per worker. These cities have the highest output per worker, and these workers are also innovators, which is the hallmark of this segment of our global society.  Innovation – knowledge – is the driver of tomorrow.  Knocking at the door of this international economic engine? San Antonio, ranked in the category of “American Middleweight” global cities.

All of this brings us to the heart of the matter, which is that now, perhaps more than ever, knowledge is power. High powered research involves more than just a think tank or elite university. Entire cities fuel innovation, and by recognizing this, cities thrive. Universities and scientific communities understand that Biomedical startups require nurturing, and the Texas Medical Center Innovation Institute, the Rice Alliance for Technology and Entrepreneurship, and the UH Wolff Center for Entrepreneurship are but a few of the incubators available to innovators in this area. Participating in these programs can open many doors to innovators, allowing them to work with the business and legal sectors to maximize their return on their intellectual investment and transform their dreams into reality.  


Contact the Spiers Group for assistance in translating your idea into reality. The firm works with innovators in technology and pharma to nurture their ideas and facilitate growth through incubators.


Exiting the Highway to Hell, Which Healthcare Thoughtfully Paved with Good Intentions

The United States is in the midst of an epidemic; an epidemic you may not even recognize when it stares at you from across your dining room table, sits next to you at the office, or shops with you. You may not even recognize it when it sells its body in a flophouse, lays dying alone in an alley,  or dies upstairs in your own home.

The cost of the opioid abuse epidemic in dollars is staggering, but the cost in human terms is more than we can imagine, and certainly more than we can tolerate. On an average day:

Around 100 Americans die due to an opioid-related overdose.

Almost 4000 began abusing prescription opioids.

Slightly fewer than 600 begin using heroin.

Recently I had the opportunity to attend a meeting hosted by the Drug Enforcement Agency.  I am not sure which part of me was more curious about the presentation - the doctor or lawyer. The Agency was updating medical practitioners about the worsening trend towards opioid abuse in the United States.  I knew the problem was significant, but the presentation made clear the scope of this epidemic is staggering.  [The HHS has produced a handout about the epidemic. Check it out here.]

This epidemic is rooted in good intentions, and, sadly, these good intentions served to pave a superhighway to Hell for many.

At the meeting, we discussed a time in the 1990s when physicians were criticized for not prescribing enough narcotics. Physicians were criticized – and sometimes subjected to medical licensing board actions – for not prescribing narcotics to anyone who had the least bit of pain. Withholding pain medication was seen as cruel. Physicians and hospitals were pressured by society and credentialing organizations to prescribe more so that we could finally experience the better living through chemistry we as a society had long sought.

We had been part of a culture rooted in stoicism and accepting that some pain was inevitable in life. Suddenly we were encouraged to complain about every ache and pain – because finally there was a treatment for all our pains.  Narcotic prescriptions – and sales – shot through the roof. 

Aches and pains previously treated with Tylenol or some non-steroidal analgesic (or just ignored) were suddenly treated with potent narcotics. Physicians concerned about the addictive potential of these drugs were discounted as out of touch, uncaring, and somehow, of a lower standard than those with a lower threshold for prescribing potent painkillers.

Estimated Yearly Cost of the Opioid Epidemic

55 BILLION DOLLARS in health & social costs related to prescription opioid abuse

20 BILLION DOLLARS in emergency & inpatient care for opioid poisonings.

What we failed to understand was the addictive potential of these medications. We have learned – the hard way – that we cannot predict who will become addicted, or at what point they will be unable to resist the drive to consume more drug.  The mental effects of these drugs become an obsession for these individuals.  They organize their lives around obtaining their next dose of drug. Most make poor choices, unraveling their lives, and all too often, ending them.  

The DEA and the FBI have jointly produced an educational video which is shocking and disturbing, yet I consider it a vital educational tool for all of us. The censored version can be found here, and an uncensored version can be found here.  [Note: Both versions are very intense. Parents may want to preview these alone first.] One consistent theme I hear from so many DEA and FBI agents is their belief that prison is not the answer for this epidemic. They really believe prevention and treatment is the answer, but they must use the tools our laws make available to them.  

Far too many Americans do not realize the impact of prescription medications on this epidemic. It is not a disease of the poor or the mentally weak. It can strike where we least expect it. For many of us, the time bomb is already ticking in our medicine cabinet. That is where too many of us, and particularly our youth, start using and abusing opioids. . 

This is not a doctor problem. It is not a hospital problem. It is national problem. As a nation we must act to solve this problem.

Now is time for us to act, and tools like this presentation from law enforcement are but one part. As a nation, we must move away from our belief that we can eliminate all pain from life.  We must also make readily available rescue medication, such as naloxone, to treat overdoses. Addiction treatment is also a vital component of our response. 

Think about it the next time you have some little injury that your father or mother would have just ignored.  Is your pain really so bad that you need some pill to numb your mind and possibly start you on a deadly spiral? Or should you just suck it up, get back into the game, and get on with life?

I counsel my medical clients to be very careful when prescribing narcotics. It is far easier to defend refusing a patient narcotics than it is to treat an addiction or defend a death. 



Contact the Spiers Group to discuss this or other health care matters. 


A recent study reveals that for every hour doctors spend caring for patients, they spend almost two hours documenting the care they gave those patients in the EHR.

Patients complain because medical staff spend more time focused on the medical record than on medical care, staring at computers instead of engaging in direct care.

Doctor, remember when you first began your medical studies? Hours upon hours spent studying pathophysiology, pharmacology, anatomy, histology, embryology, biochemistry, and more? All the classroom work, leading to the transition to the clinical education necessary for becoming a physician? And of course, that favorite of all courses, “Paperwork for Physicians?” You don’t recall it? I cannot either. That is too bad.

Many professions require proper documentation of the work done. Medicine is not different in this respect. For years, handwritten charts documented the care and progress of patients. Some practices transcribed the hastily scrawled notes using typewriters; these notes were typically brief, and to the point. Physicians did not spend time waxing eloquent while discussing facts considered irrelevant.

Financial pressures came to bear, requiring more documentation to justify higher pay.  The office visit was associated with tiered payment scale – more complex visits were logically paid at a higher rate. How could the paymasters know a visit was worth a higher payment? There are codes designating a higher level visit, and there evolved checklists intended to guide the coordination of the billing and the supporting documentation. A certain amount of time was associated with a certain level of care, and in that time, a certain number of systems must be examined and that exam documented to justify the time and expense. 

Consider the perverse implication of this system. A doctor performs some incredible feat swiftly and effectively. A life is saved; a disease cured. Yet the reward is tied not so much to the performance, but to the documentation of the feat. Many physicians actually settle, even now, for lower pay, performing some calculus based on time spent documenting care versus rendering care, choosing to care more and write less – or, have more life, but get paid less. Insurance companies will never object to this!

The endless documentation requirements are the flaw in the system that fuel this system still. The goal was, and remains, to render excellent care. Extensive documentation has become the hallmark of better care.  Voluminous charts were superficially seen as indicative of better care, but appearances can be deceiving. Some practices realized that forms and templates could ease the burden. As these gained traction, early medical record software sought to bridge the gap, simplifying and streamlining record-keeping and generating the records so desired by payors and providers alike.

Everyone associated with the medical profession dreamed of a well-organized system of recording information that could easily communicate vital data between providers, improving care. No more time wasted reviewing hastily scrawled and often illegible medical records, with no need to replicate examinations or duplicate tests.

The promise of the early medical record software was somewhat hollow. Systems had steep learning curves, often requiring more time to complete even the simplest of patient encounters. Later systems made some progress, but often the difference was purely cosmetic. Records were more attractive – they looked better, they were consistently organized, so they must be better, right? With each iteration of the systems, the most noticeable improvements were often cosmetic. This cosmetic improvement was crucial – to the lay public, records that looked better were accepted as better, just as complex surgical procedures were often judged by the external scar rather than on the quality of the internal work.

These more attractive, consistent, well organized records were much easier for paymasters, such as insurance companies and, of course, Medicare and Medicaid, to analyze. There is no doubt that the consistency and simplicity of these records could and did simplify the communication of vital information, which is a measure of the success of any such system. 

Information is double-edged. As electronic records became ever more sophisticated, more information was captured. An encounter that once was documented in a paragraph or two soon became immortalized over two or three pages. One week spent in a hospital could generate hundreds and hundreds of pages of medical records – or more. Charts are often more difficult to review due to the enormous amount of information. Vital nuggets of information are sometimes overlooked.

No change is perfect. Yet in a time when we seek to improve care, one unfortunate fact remains: Doctors spend more time documenting the care they render than they spend rendering care.

That is the sad conclusion of a recent study published in the Annals of Internal Medicine. The researchers found that for every hour spent in direct patient care, almost two hours was spent documenting care during the clinic day. That unfortunate ratio does not include after-hours time spent on the same tasks. Even more disturbing is the way time is spent in the examination room. While slightly over half the direct contact time is spent in a “face-to-face” manner, over a third is spent on the electronic health record.

Too often we hear complaints from patients who are upset because their doctor seems to be staring at the computer rather than listening to their complaints or examining them. Doctors,  nurses, and other medical staff likewise dislike the time spent pushing paper, even in the electronic form. This sad state of affairs is unlikely to change in the near future, but practitioners should aspire to maximize patient contact and minimize time spent massaging the EHR. 

Talk to your doctor about your LEP… and their LAP

It sounds like a pharmaceutical advertisement, doesn’t it? You can imagine some animated body part tugging a person towards a restroom, a fuzzy rendition of a cat coaxing us to sleep or, my favorite, a couple reclining in a pair of bathtubs, all working to convince us to counter our LEP.  But to paraphrase the immortal Inigo Montoya, “I do not think that word means what you think it means.”

While we could talk for hours regarding the wisdom of direct-to-consumer advertising in the pharmaceutical industry, that is not what we are talking about here.  LEP is not a medical condition, but it is so serious it can derail a medical practice. 

The Affordable Care Act (ACA) includes many provisions regulating the way physicians practice, and section 1557 prohibits discrimination. Discrimination is central to concerns over LEP.  Many may be surprised to learn that failure to take reasonable steps to provide meaningful access to patients with LEP – Limited English Proficiency – can result in suspension from Federal Healthcare programs, the DOJ may bring suit for a civil rights violation against the provider, and more. 

The Department of Health and Human Services has drafted a list of the fifteen languages most commonly encountered by US providers (see Top 15 Languages by State). Providers are obligated to take reasonable steps to ensure meaningful access to these groups. Do these regulations mean Texas physicians need to hire a Gujarati interpreter? An Alaskan clinic an Ilocano translator? A Maine hospital a team of Nilotic speakers?  A practice may not need to add a staff of translators, but there are some specific requirements that must be addressed. And yes, expect the market for health translators to boom after this final rule for implementation of ACA Section 1557.  

Practices must post notices regarding accessibility requirements in the common languages for that locale. These can be downloaded for your locale at this HHS webpage. In addition to posting notices, a practice must have in place a mechanism for providing translator services when necessary to provide meaningful access to individuals with limited English proficiency.  These services must include translation of documents and oral interpretation. The services must be provided free of charge and in a timely manner. Lawyers will ultimately spend hours arguing over the appropriate definition of terms “timely” and “meaningful.” (Practices should be aware that in the legal world, lawyers’ hours typically equate to doctors’ dollars.)

One special caution for practices accustomed to having a staff member serve as an impromptu translator; translation services must be a part of the employee’s written job description. Practices may also want to develop a LAP – a Language Access Plan. It is not required, but as is often the case with federal regulation, having a written plan is used to determine an entity’s compliance with the regulation.

The regulation and proper implementation is Section 1557 will impact medical practices significantly, complicating the delivery of quality care even more. Practices should be proactive and address these issues now.

If you want to know more about this or other legal issues relevant to the delivery of health care, contact the Spiers Group today.

Cut Costs, Boost Quality, Pay Penalties…

In case you do not know, or more realistically, find the endless stream of acronyms related to healthcare mind-numbing, ACOs (Accountable Care Organizations) are a vital component of the Affordable Care Act (ACA), creating a marriage between hospitals and providers intended to work together to deliver more efficient higher quality healthcare. Researchers at Dartmouth are widely acknowledged as among the creators of the ACO model.

The Dartmouth model, described a decade ago, sought to slash costs by advocating a departure from the traditional fee-for-service system. Naturally, the hope of any new health care delivery model is to improve quality.  Dartmouth was able to achieve both goals. Medicare costs decreased significantly, and quality improved. Surely that is a victory for the ACA and ACOs, right?

Dartmouth, creator of the ACO, has learned that cutting costs and boosting quality does not guarantee success for its ACO.  Under the ACO model, federal benchmarks for costs-savings proved insurmountable for Dartmouth. That is right - Medicare penalized Dartmouth, creator of the ACO, because Dartmouth could not save enough money!  Click here to learn about Dartmouth’s decision to drop out of the ACO program. This move, which is not surprising given other observations of ACOs in action, does not bode well for the future of ACOs. In this drama, Dartmouth is best cast as a modern Prometheus, much like the character described by Mary Shelley. Dartmouth had a vision, and seeing its vision take form, was overcome by its own vision.

Those seeking to establish or expand ACO services should take heed of this turn, lest the hubris of ACA proponents who push ACOs so strongly consume us all.

HHS, ONC, OCR, FDA, and Your Smart Devices

Smart phones are, well, smart. They are little hand held supercomputers. They have more computing power than my first home built computer; I think they can do more than my first two or three “store bought” computers as well. Indeed, NASA engineers would have loved to have something so powerful back when they used pencil, paper, and the slide rule to put a man on the moon.  (If you are like my kids, scratching your head and muttering “Slide rule? What is a slide rule?” click here for a well done piece by Elissa Nadworny at NPR.)

Phones are not the only thing getting smarter. Today we are confronted with a variety of smart devices. We can wear watches that communicate with our phones (after all, they are smart!) to track our heart rate, blood oxygen saturation, activity level, blood glucose, and sleep patterns, to name but a very few of the possibilities.  We can wear other monitors that communicate with our phones, sending even more information to the cloud – and from there we can share information with fitness rivals, friends, neighbors, and, yes, even providers. These devices can serve as motivators, trainers, record keepers, and more – all in a small package that is convenient and simple to use.

It seems only logical that we try to develop these devices to their fullest. Imagine having a device that will allow you to assess your health and well-being in your jacket pocket? That would be the epitome of personalized medicine, right? What risks are there? Aren’t we talking about something that will make medical care cheaper, faster, and more convenient? We have so many choices, surely it is a simple matter for each of us to pick the right one for our needs.

The solution is not quite as complex as the inner workings of my phone, but it is not as simple as we might think.  We have a myriad choices of apps that do a variety of incredible things. But there lies the issue; it is not the quantity of offerings, it is the quality of the offerings that is concerning.

Just as, shocking to some, everything found on the internet is not true, not every app delivers the same quality. And some have crossed a threshold that will have implications for the entire industry. Anytime we discuss quality, the conversation will invariably segue to regulation, and the opportunity for regulation gets regulators all excited. This is where we find ourselves these days; regulators ready to reach into your pocket to decide what apps you can use on your phone.

What does this mean? It could be trouble for medical app developers who have grown accustomed to little or no regulation. The industry has known this day would come. FDA, for example, has spent the better part of five years contemplating what to do in this sector.  Part of the challenge is that mobile health apps are subject to various existing laws written back in the day of the slide rule. Federal agencies have been wrestling with how to apply these laws to current technology. The US Department of Health and Human Services (HHS), the Office of the National Coordinator for Health Information Technology (ONC), the Office for Civil Rights (OCR), and the Food and Drug Administration (FDA) have produced an interactive tool that aims to allow app developers to determine what laws might apply to mobile health apps.  The tool is not perfect, but it does give some general guidance. It is a good place to start before you wade through this FDA guidance regarding mobile medical applications, this FDA portal regarding medical apps, and the OCR’s web portal addressing questions relevant to HIPAA – and the list goes on.  

The Enemy Within - "Homegrown" HIPAA vulnerabilities

Just yesterday I briefly discussed the electronic vulnerabilities facing hospitals and health practitioners. Much of that note focused on hackers attacking the systems and holding them for ransom.  It is a major problem confronting the healthcare sector, and will continue to be for long to come.

Other threats linger, and this week we learned about one of the potential hazards we must guard against – the hazard that we hire bring to the table ourselves. In short, we can be our own worst enemies.  Such is the case at the University of Mississippi Medical Center and the Oregon Health & Science University.

At the University of Mississippi Medical Center (UMMC), staff allowed a party to “borrow” a hospital laptop while in the ICU. The borrowed laptop was not returned. While that fact is curious enough, this is when it gets really interesting.

The Mississippi hospital had secured its network, but on the laptop there was patient data that was protected with only the minimum “generic” of security safeguards. Apparently, no access tracking software was in place.

One wonders if the laptop itself had location software in place.  In other words, the equivalent of the “find my phone” application we all use (I know I do) to locate phones and tablets may not have been there.  Most of these tracking applications allow a user to wipe all data from a lost device – quite handy in the event a piece of hardware is lost. 

The folks at UMMC compounded the issue when they failed to notify patients’ whose data was breached of the potential exposure. We must ask – if they had no access tracking software in place, how do they know whose data was purloined and whose was not?

The OCR summarized UMMC's failures in its press release:

  • implement its policies and procedures to prevent, detect, contain, and correct security violations;
  • implement physical safeguards for all workstations that access ePHI to restrict access to authorized users;
  • assign a unique user name and/or number for identifying and tracking user identity in information systems containing ePHI; and
  • notify each individual whose unsecured ePHI was reasonably believed to have been accessed, acquired, used, or disclosed as a result of the breach.

The UMMC settled with the HHS Office of Civil Rights, paying a penalty of $2.75M while not admitting any liability.  UMMC is working to overhaul its security standards as well.  Read the entire HHS OCR press release here   You can read the actual text of the settlement here.  

Oregon Health & Science University also felt the ire of the HHS OCR, paying a similar fine for breaches involving unsecured laptops and stolen USB thumb drives.  While OHSU self-reported, the OCR lamented OHSU's failure to respond appropriately to these breaches. 

This settlement underscores the importance of leadership engagement and why it is so critical for the C-suite to take HIPAA compliance seriously.
— HHS OCR Director Jocelyn Samuels, discussing the OHSU settlement

The Oregon facility paid a fine of $2.7M and entered a three-year corrective action plan. Read the HHS OCR's press release here, and you can read the settlement text here.

These two actions underscore the aggressive stance of the OCR in the face of ever more common data breaches. They also demonstrate how we are often our own worst enemies.

And CEOs, Risk Managers, Compliance Officers, and IT professionals - please take these compliance matters seriously.  

For more on how to deal with these issues, contact the Spiers Group today. 

The Unintended Consequence of Your EHR

A secret agent slips into an office under the cover of night. Evading cleaning crews and the impressive security precautions, she identifies her target.  She cleverly hides her trap, then slips out the way she came. No one is the wiser until she triggers the trap later that week.

The stuff of Hollywood? No, the world of healthcare cyber espionage. The world that destroyed Iranian centrifuges with a piece of software surreptitiously slipped onto their network. The world where a seemingly innocuous email, or clinical photograph shared between colleagues, or even an email about an upcoming Continuing Medical Education event could harbor a tiny bit of code that will burrow its way into your electronic health record.

That is right – the electronic health record you are required to have leaves you open to cyber predators.  An article in Politico makes me ask "Aren’t you glad we have modernized?"  Today hospitals and medical practices loom as ripe targets for the same measures that governments use against each other, and that hackers use for their own enrichment.  And here is the scary bit of the equation – is your security as good as that of the Defense Department? The State Department? A major defense think tank?

I am just going to hazard a guess that the answer is no.

Cyber-attacks on medical facilities are increasing in frequency, and are ever more audacious.  The anonymity of the internet makes it possible for an attack to go unnoticed until the attacker wants it known. Often, records are mined for data, which can be sold on the black market. Believe it or not, health records often are sold on the dark net for more than are simple social security numbers. This is but one means of income for these offenders.

Even more audacious, and perhaps more devastating, are those attacks that threaten medical record systems through the use of ransom ware. Hackers shut down a medical record system, then the real payday comes for them.  “Pay us a certain amount of untraceable bitcoins by a certain date or we will erase your medical record. ALL OF THEM.” 

But you have backups. “I can just restore my backup, and the ransom ware will be gone, right?” Well, that might work, but chances are you don't have a back up from last year. Or the year before. And even of you did, you are losing years of data. The folks who use ransom ware are patient. They may wait months or years to trigger the code that will hold your previous records hostage. So that backup from last week? Infected. Last month? The same. Last year? Maybe.

This dark world is treacherous. There is no quick fix. And what is frustrating for so many is that we are forced by regulation into the very arena where we are most susceptible. EHRs are here to stay. And let us not forget all of the gadgets at work in our hospitals that are potential vulnerable to an attack.

The list of medical cyber susceptibilities does not begin nor does it end with electronic medical records. Ventilators, IV medication pumps, radiology equipment, and even implantable devices are all vulnerable to a cyber-attack. Ransoming a record could be devastating, but once in control of these other devices, the nefarious could ratchet up the stakes – “pay up or we kill someone…”

So how do we address this challenge? Some hospitals have already been attacked, and some admit paying the demanded ransom.  Of course, there may be little to protect against the hackers from taking a second bite at the apple, locking down the system ad demanding more money. We as a community are just not sure.

It is certain that the authorities and various regulators, from the DOJ to HHS, as well as segments of the cyber security industry are working to address the issue.  In an ironic twist, some have recognized that a good old-fashioned paper copy of their records is the best insurance they have.

Small practices should not stand idly by thinking this is a problem of scale. No one is too little. Indeed, the smaller the practice, arguably the more susceptible they are to an attack.

If you have an electronic health record, even if part of a closed system, you are vulnerable. 

Here you can read the HHS fact sheet regarding Ransomware. I suggest you download this and review its contents on a regular basis. 

Contact the Spiers Group to discuss measures you can take to protect yourself – or recover from an attack.  

Omniscience, End of Life Care, and the False Claim Act

That health care providers might disagree is not a novel concept. As the stakes increase, the potential for disagreement increases. Consider the many different treatment regimens for an illness, and the nature of medicine as an art comes sharply into focus.  The treatment for a sore throat, for example, may be as simple as salt water gargles and acetaminophen, or involve various antibiotics, depending on the particular patient or physician. Consider our nationwide epidemic of obesity; the number of appropriate surgical options for treatment alone is significant. Add in the numerous non-surgical treatment regimens and the number dramatically increases.

In medicine, we do not find this odd, as we have long recognized the practice of medicine as an amalgam of art and science, the interaction of the subjective to the objective. Treatment plans for patients are often highly individualized; individualized to the patient, the doctor, the health plan and so forth.  Within an accepted framework, variation is significant, expected, and accepted.

Despite this, there is an intense interest in making medicine more scientific and objective. While no one would argue the merits of exactness and predictability, the end of variation in clinical judgment remains a challenge to patients, providers, and the courts.

Perhaps nowhere is this more intense than in several recent false claim act cases. Fortunately, courts have recognized that variation in the practice of medicine is not proof of some underlying nefarious intent. In its early 2016 decision in US v. AseraCARE INC., the Northern District of Alabama rejected conflicting opinions of physicians as adequate to support an assertion of falsity. Experts can and do tend to have differing opinions, and the difference alone is insufficient to sustain a claim of fraud. The court required objective, not subjective, proof of falsehood in this context.

US v. Vista Hospice Care, Inc., decided in the Northern District of Texas in June 2016, represents yet another rejection of differences in clinical judgment as adequate to support a false claim.  Here the relator was dealt two significant blows. First, the relator in Vista Hospice relied on non-randomized statistical analysis and extrapolation, which the court deemed inadequate to sustain relator’s claims of fraud.  Second, the court acknowledged that the mere disagreement by relator’s expert with a certifying physician’s assessment was inadequate to sustain the claim.

From Chief Judge Barbara M. G. Lynn’s opinion in Vista Hospice:

… [A]n FCA claim about the exercise of that judgment must be predicated on the presence of an objectively verifiable fact at odds with the exercise of that judgment, not a matter of questioning subjective clinical analysis.

These two important decisions, which no doubt will be challenged repeatedly by the plaintiff’s bar, demonstrate the skepticism courts have for claims based on mere differences of opinion devoid of collateral, supporting objective evidence of misdeeds.

One Picture, One Thousand Words, and One Acronym

HIPAA and Your Privacy

I frequently receive calls from folks all upset about HIPAA (the Health Insurance Portability and Accountability Act) violations, and many of these are related to medical images. “I want to sue,” they announce. I respond “It is not quite that simple…”

While HIPAA offers protections, it does not provide the private cause of action many believe it does. Anyone suspecting a HIPAA violation should make a report to the US Department for Health & Human Services Office of Civil Rights. The OCR may sanction the violator, but HIPAA will not give a patient the right to sue their doctor or hospital.

Since HIPAA does not give a private right of action, we look to state law for a solution. State law privacy violations require a showing of certain types of harm. “Harm” generally requires more than simple embarrassment or hurt feelings. That is not as easy as all those folks calling me to represent them in their “sure-fire million dollar” cases realize. In truth, you can run up huge legal bills making these claims if you are not careful, and your attorney does not know when to say “No, but thanks for calling.”

The visual arts and medicine have had a long relationship. Since the written word cannot capture the subtleties of a condition or a disease, practitioners have been quick to adopt drawings, photographs and motion pictures to supplement their written descriptions. When I look back over my medical career, there were many times that I best learned about a particular syndrome when I found an image of a patient with that problem. 

While HIPAA offers protections, it does not provide the private cause of action many believe it does. Anyone suspecting a HIPAA violation should make a report to the US Department for Health & Human Services Office of Civil Rights. The OCR may sanction the violator, but HIPAA will not give a patient the right to sue their doctor or hospital. 

There is a compelling attraction of an image. Scientists easily relate this to the importance of our visual cortex. Seeing is part of believing. Medical amphitheaters flourished in the past, as students and laypersons watched surgeries or attended lectures featuring various patients with visually interesting conditions. Some hospitals even marketed these exhibitions, charging fees for attendance. Do you remember the Junior Mint episode from Seinfeld? (If not, I suggest a quick web search.) Throw in some open windows, don some street clothes, and grab some lunch; throw out anesthesia, forget antibiotics and never mind sterile technique or even air conditioning. Now you have an idea of the sideshow that grew along with medicine. 

Since HIPAA does not give a private right of action, we look to state law for a solution. State law privacy violations require a showing of certain types of harm. “Harm” generally requires more than simple embarrassment or hurt feelings. That is not as easy as all those folks calling me to represent them in their “sure-fire million dollar” cases realize. In truth, you can run up huge legal bills making these claims if you are not careful, and your attorney does not know when to say “No, but thanks for calling.”

Today we watch differently. Photography, and then motion pictures, allowed more viewers to enter our operating rooms at their leisure, and study over and again in minute detail the imagery of an operation. Items missed on first glance could be analyzed later, recorded forever in our new, auxiliary visual memory. While the drama may have been lessened, these were useful new tools for education. 

I know first-hand the visceral attraction of the surgical amphitheater. As a younger man, before an injury ended my operating days, I spent many hours operating beneath a gallery designed for medical spectators seeking to learn new techniques or master old ones. Sometimes, even were there to be no amphitheater, mid-operation a gentle tap on the shoulder would remind me to slide a bit to the left or right so a camera brought in to film the surgery could capture a better image. Viewers could watch from an adjacent room or even later in a lecture hall with the surgeon who had performed the procedure on-hand to narrate the procedure. 

Want to see for yourself?

For those out there who wish to watch surgery today, I suggest you peruse the website ORLive. There you can see a variety of procedures performed at many different locations. The images are often graphic, but have great educational value.

Today our cameras are so advanced and our internet so fast we can watch operations thousands of miles away. We transport the viewer to the operating room. This is not without risk. I recall just a few years ago watching a groundbreaking surgery, coffee and croissant in hand, when the patient experienced a significant complication mid-procedure. To a room full of heart surgeons and cardiologists, it was a known risk, and punctuated the lesson we had debated over several days at the meeting and in our literature for months. To the kind lady serving coffee, it was more than a little distressing when she realized what she had witnessed. 

Today most practitioners will have a library of x-rays, photographs, and videos collected over the years from many sources. We learn so much about new techniques, mastering concepts and procedures without shedding a drop of blood. Beyond the practitioner, patients themselves can learn about their diagnoses and proposed treatments by sampling the virtual world of medical images. A patient who needs a certain procedure can be shown certain elements of the operation to demonstrate what perhaps words cannot capture. Questions unformed in the patient’s mind are answered without ever being asked. 

Images can be an important part of the consenting process it is oft repeated that patients tend to “hear what they want.” Having been a patient myself, I know that is often the case. When we show a video or photographic presentation of what the patient should expect from a procedure, they understand the vital concepts better. 

Search the internet even casually and you will find a host of medical images and videos. Some are posted by patients, eager to share their maladies with family, friends, and strangers alike. Patients with unusual conditions may be diagnosed because someone notices they have a lesion that looked like one seen on the internet. I recall learning of a child with a rare ophthalmic disorder who would likely have perished were it not for a family member’s recollection of a photograph seen on the internet. Can anyone dispute the utility to that child, or that child’s family, of sharing medical imagery? 

Medical Imaging and Copyright Protection?

Medical advertising, once considered taboo, also presents challenges. Before and after images of patients, when used in a commercial manner, can be a powerful tool. But what about patients who have had tattoos? Practitioners must be cognizant that many tattoo artists consider the body their canvas, and this inserts considerations of copyright and fair use into the discussion.

A scientific paper about tattoo removal, for example, would probably only require the thorough consent of the patient for use of an image with a tattoo. Use the same image in an advertisement? That could violate the tattoo artist’s copyrights. A similar argument can be made for distinctive body piercing if it could be identifiable as a particular artist’s work. You may need to obtain an artist’s permission to use his or her work in some circumstances.

The advent of the Health Insurance Portability and Accountability Act of 1996 dramatically changed how medical professionals shared information. Because the internet was growing by leaps and bounds, this sometimes cumbersome law was timely in its arrival. How we deal with it remains awkward. Those images of a disease process shared so readily in the past would quickly conflict with privacy regulations today. This punctuates the uneasy tension between science and privacy. In the past, a patient’s privacy concerns were secondary to needs of science and society. With privacy laws, our scientific willingness to share and our drive to document have collided with our need to protect and respect our patient’s privacy. Consent forms for “Medical Photography and Videography” were added to the ever-growing stack of authorizations patients were asked to sign in order to receive care. While these precautions and protections might lead one to believe it rare for an image to be used without permission, too often we learn of practitioners who failed to obtain consent for the use of a patient’s image. 

Some patients expect to receive photographs or even a digital video of their operations. For physicians and surgeons, this can present a conundrum. Not only are there privacy concerns, but diagnoses and treatments can be subjected to scrutiny over and again. Hindsight, especially seen through the lens of a camera, from the comfort of an armchair, or over the internet, is always 20/20. 

Errors in diagnosis are not the only hazard. Lurking in the background of many images are bits of data that will land a practitioner in hot water. Images in clinical settings may inadvertently capture other patients in the background. A high-resolution photograph of a patient properly consented for a photograph may also record images from an electronic medical record not shielded from the camera’s eye. Moreover, the metadata attached to our digital images will immortalize more than just the perfect image of the patient with the strange new syndrome we just discovered! 

A new challenge is probably in your pocket right now – a cell phone, complete with camera. Patients, and staff, often take photographs without realizing that the images on their phones may represent HIPAA violations and potentially violate state privacy laws if shared. Publish that shot of yourself with some other patient in the background, and you may be in hot water. 

No matter the pitfalls, medical imagery is an important tool. We can use images to track disease progression, monitor health, improve care, and teach the next generation of providers. Medical voyeurism is just as alive today as it ever has been, and with the growth of the internet, we have an ever-expanding menu with which to sate our appetite. My teen children explained the phenomenon to me one day when they showed me a video someone had posted on YouTube demonstrating some malady. 

HIPAA: Medical Photography and Videography Checklist

1. HIPAA does not require perfection. You should have reasonable policies that are enforced, whether you are a solo practitioner or a giant health system. Remember to review and update the policies regularly. If you have questions, ask a professional.

2. If you think you have a HIPAA violation, seek guidance right away.

3. Always obtain patient consent for the image and clearly explain how the image will be used. Be prepared to give the patient a copy of the image and consent.

4. What is the purpose of the image? Why is it needed? Who will see it? Can a smaller field of view suffice? Is there another way to demonstrate the point? Can you adequately anonymize the image? If you do not have a good answer for each question, you may want to skip getting the image.

5. Control who accesses your medical imagery. This applies to your own staff as well as the world outside your practice. Do not forget your business associates.

6. If the image contains facial features, can it be anonymized? The ubiquitous black bar may not be enough – or a simple pair of sunglasses may do the trick.

7. Use a dedicated camera for medical imaging. Cellphones are not ideal for medical photography, and there is a potential for disastrous sharing.

8. Do not let staff take images in the office with their cellphones. You have to be firm.

9. Patients and their families will take photographs and videos – so make them aware that they must respect other patients and visitors’ privacy. Develop a policy and POST IT. Even if they do not mind having 10 million viewers see themselves in a hospital gown, someone else might.

10. Remember, having a policy is never enough – you must enforce it, revise it periodically, and address new threats as they arise.

Implied Certification and False Claims

Imagine this – you see a patient who needs some particular treatment. You have just the person in your office to provide the service, but there is a catch; they are not licensed. No big deal, you think, they can do the service, and you, the licensed provider, will bill for it. “I know they are qualified; I know it will be right.”

No problem, right?


In this month’s Supreme Court Decision in the matter Universal Health Services v. United States ex rel. Escobar, the court addressed this issue head on. If a contractor submits claims for a service provided by an individual for reimbursement, the claims are treated as an implied certification that these individuals are qualified. If they are not, as was the case in Escobar, the claim is a fraudulent claim.

Here the court made clear that, while stating something false is fraudulent, failing to state something important also can be fraudulent.  False statements must be material, and the falsehood must be so serious that the government, had it known of the falsity, would withhold payment.  A great discussion of this case can be found at SCOTUSblog. 

The long term implications of the decision remain to be seen, but think about what you are implying when you certify that claim you are about to submit.