Only 16 Days Until the HITECH Act Goes into Effect

February 1st, 2010

As promised, attorney Jennifer A. Stiller has posted her detailed blog post regarding the new “Health Information Technology for Economic and Clinical Health Act” – or “HITECH Act.”  You can read all the details here.

 

The new legal requirements apply to impacted firms effective February 17, 2010.  Chances are, if you represent doctors, hospitals, health insurance companies, and any other person or entity that is considered a “covered entity” under the HIPAA patient privacy rules, this applies to you.

 

==========

 

To return to the main page of the blog, click here.  To return to the blog  Index, click here.

 

Posted in Insurance and Risk Management, Records Management and Retention | Comments Off

The Scary World of Penalties and Enforcement Under the New HIPAA-HITECH Law

January 25th, 2010

This is the second guest post by health care attorney Jennifer A. Stiller.  My gratitude to Jenny for providing this additional information.  She will be posting a detailed follow-up article on this topic on her own web site.  I encourage you to read it.

 

On January 22, I wrote about the new HITECH Act, which as of February 17th  will make HIPAA business associates – such as law firms that represent healthcare clients – directly subject to federal penalties if they fail to meet certain obligations with regard to implementing safeguards to keep their clients’ patient information secure when stored or transmitted electronically.

 

And we should care because…?

 

In addition to expanding HIPAA obligations, the HITECH Act (known to the cognoscenti as “HIPAA on Steroids”) substantially increases enforcement penalties and activities.  Previously, there was no affirmative government enforcement of the HIPAA patient-privacy requirements – only the ability of the Department of Health & Human Services’ Office of Civil Rights (OCR) to investigate complaints. If a complaint revealed a violation, fines were limited to $100 per incident, with a maximum annual total of $25,000 for violations of the same requirement. Under HITECH –

 

·         Civil money penalties increased to as much as $50,000 per violation, up to $1.5 million per year.

·         Starting February 17, 2011, OCR is required to impose civil penalties if a violation is due to “willful neglect.”

·         OCR will keep the penalties, to be plowed back into enforcement activities.

·         OCR is directed to conduct periodic audits of covered entities and business associates to evaluate HIPAA compliance.

 

·         State attorneys general are granted authority to bring civil actions to enforce HIPAA.

·         The Government Accountability Office is directed to prepare a report by August 17, 2012 recommending a methodology by which affected individuals can share in penalties collected for HIPAA violations. Once implemented, this will increase individuals’ incentives to file privacy and security complaints, similar to the effect of the False Claims Act’s “whistle-blower” provisions.

 

Next week, I’ll publish a full article on my website explaining the duties the HITECH law imposes on business associates, effective February 17, 2010.  My appreciation to Ellen Freedman for providing me with an ability to use this forum to get the word out.

 

==========

 

To return to the main page of the blog, click here.  To return to the blog  Index, click here.

Posted in Insurance and Risk Management, Records Management and Retention | Comments Off

New Duties to Protect Health Care Privacy Take Effect February 17, 2010

January 22nd, 2010

This is a guest post which was prepared by health care attorney Jennifer A. Stiller.  Thank you, Jenny, for taking the time to provide this information.  We are fortunate in that Jenny has agreed to provide another post, which will appear in another day or two.

 

Attorneys who represent doctors, hospitals, health insurance companies, and the like face new statutory obligations to take affirmative steps to ensure the privacy of their clients’ patient information when it is transmitted or stored electronically.  The new requirements, enacted as the “HITECH Act” portion of last year’s economic stimulus legislation, go into effect February 17, 2010.

 

Technically, many attorneys have already had such obligations under a “business associate” agreement with their healthcare industry clients, most of whom are “covered entities” under the HIPAA patient privacy regulations and as such, are required to enter into such an agreement with any non-employee who “provides … legal … services to or for such covered entity where the provision of the services involves disclosure of individually identifiable health information…” 45 C.F.R. § 160.103. 

 

But come February 17, there’s a new twist.  Whereas previously, if the law firm did not live up to its contractual obligations concerning how patient information was to be handled, the worst thing it would face would be being fired by its client and possibly a suit for breach of contract.  As of February 17, however, the law firm is directly liable to the federal government for having inadequate safeguards in place (regardless of whether private information is in fact compromised) – and the penalties for non-compliance can be stiff.

 

==========

 

To return to the main page of the blog, click here.  To return to the blog  Index, click here.

Posted in Insurance and Risk Management, Records Management and Retention | Comments Off

Windows 7

January 17th, 2010

I continue to read good things about Windows 7  in the various sources I trust.  Incompatibility issues with hardware and legacy software are minimal.  If you want some really detailed information I suggest you read this software review  from PCMag.com.  All-in-all, I think it’s now safe to upgrade to Windows 7 at your office.

==========

 

To return to the main page of the blog, click here.  To return to the blog  Index, click here.

Posted in Software | Comments Off

FMLA Subject to Major Changes

December 23rd, 2009

There are five new employment law bills expected in 2010 that could significantly expand The Family and Medical Leave Act (“FMLA”) and change how you manage your paid and unpaid leave procedures. All of these bills have a good chance of becoming law under comprehensive family and medical leave legislation known as The Balancing Act of 2009.  These changes may also significantly expand the number of employers covered under the Act.

 

  • The Healthy Families Act could dramatically change paid sick leave policies, and could also give employees paid time off for a doctor’s appointment
  • The Family Leave Insurance Act of 2009 could end up requiring employers to provide eight weeks of paid leave to employees who need to care for a sick family member or new child
  • The Family and Medical Leave Enhancement Act of 2009 could expand the current FMLA to include employee leave for attending a child’s extracurricular activities
  • The Family and Medical Leave Act (FMLA) could be amended through The Domestic Violence Act and The Balancing Act of 2009 to give victims of domestic violence FMLA-protected leave
  • The Military Family Leave Act might amend the USERRA by granting temporary annual leave to the military families of service members

Healthy Families Act —originally introduced on  4/27/2005— would require certain employers, who employ 15 or more employees for each working day during 20 or more workweeks a year, to provide a minimum paid sick leave of: (1) seven days annually for those who work at least 30 hours per week; and (2) a prorated annual amount for those who work less than 30 but at least 20 hours a week, or less than 1,500 but at least 1,000 hours per year. The purpose of the act is to allow employees to use such leave to meet their own medical needs or to care for the medical needs of certain family members.

This Act was introduced to the House on 5/18/2009 as H.R.2460, and on  6/11/2009 was referred to the Subcommittee on Workforce Protections.  It was introduced to Congress on 3/15/07 as S.910.  You can read more about it here and in a May, 2009 NY Times article here.

Family Leave Insurance Act of 2009 — the Family and Medical Leave Act of 1993 (known to most of us simply as “FMLA”) was created to assist employees in balancing the demands of their jobs with their family responsibilities. However, many eligible employees are not able to utilize the benefits of the FMLA because FMLA leave is unpaid.  According to a 2000 survey on the FMLA by the Department of Labor, among those employees who need FMLA leave and don’t take it, 78 percent don’t take it because they can’t afford it.

This legislation would create a federal insurance fund to provide employees with twelve weeks of paid family and medical leave. The fund, which is designed to be established and administered by the Secretary of Labor, would provide benefits for employees taking leave under the same conditions of FMLA, plus some additional conditions, such as a qualifying emergency arising from the fact that a spouse, child, or parent of the employee is on active military duty, or to care for a family member who is a covered service member.

Under the benefits proposal, as it stands now, pay for each day of an eligible employee’s FMLA leave will be based on the employee’s annual income and calculated as a percentage of his or her daily earnings.  Most employees would contribute 0.2 percent of their annual earnings, and employers would match employee payments. The Insurance Program will reimburse employers for paying employees while they are on leave. Employees may use other employer-provided paid sick leave benefits to supplement those provided under the Insurance Program.

This Act is being hailed by gay rights groups because H.R. 1723 would also grant FMLA leave to employees who need to care for an ill domestic partner or the child of a domestic partner –thereby affording the protections of the FMLA to lesbian, gay, bisexual and transgender (LGBT) employees.

This legislation was introduced to the House on 3/25/2009 as H.R.1723, and was  referred to the Subcommittee on Workforce Protections on 5/14/2009. 

Family and Medical Leave Enhancement Act of 2009 — this legislation was introduced into Congress on  9/29/2008 as H.R. 824 by Rep. Carolyn Maloney.  On May 4, 2009 it was referred to the Subcommittee on Federal Workforce, Post Office, and the District of Columbia.

It’s purpose is to amend the Family and Medical Leave Act of 1993 and Title 5, United States Code, to allow employees to take, as additional leave, parental involvement leave to participate in or attend their children’s and grandchildren’s educational and extracurricular activities, and to clarify that leave may be taken for routine family medical needs and to assist elderly relatives, and for other purposes.

An employee eligible to take parental involvement or family wellness leave under this Act would be permitted to take up to 4 hours of leave in any 30-day period, not to exceed 24 hours during any 12-month period. This leave is in addition to other types of permissible leave.

Perhaps the most significant impact of this Act would be the expansion of who would be considered an employee “eligible” to take FMLA leave. Under this legislation, the FMLA would apply to employers with 25 or more employees within the prescribed radius, not 50 as is the current law. This expanded definition would greatly increase the number of employers that would be impacted by this law. 

The Domestic Violence Act — Also known as The Violence Against Women Act, this legislation  was introduced in Congress in January 1991 by Senator Joseph Biden of Delaware.  The bill was made part of the Violent Crime Control and Law Enforcement Act and was signed into law on September 13, 1994, by President Bill Clinton.  In 1996 and 2000 additions to the Act were passed, to further recognize domestic violence as a national problem and provide federal assistance to help overburdened state and local criminal justice systems.

 It gets a little confusing here, because there is an attempt to bring together disparate pieces of legislation which are or might individually impact the FMLA.  Currently, for example, victims of domestic violence do not qualify for coverage under FMLA, although they do have rights and protections established under The Domestic Violence Act. 

The Balancing Act of 2009 (H.R. 3047) was introduced to Congress on June 25, 2009, by Representative Lynn Woolsey.  It is designed to  incorporate the various separate pending legislative proposals to alter the FMLA,  many described above, into one bill. 

For example, it amends Titles I and II of the FMLA to allow eligible employees to take up to 12 weeks of FMLA leave during a 12-month leave year in order to care for the family member of the employee, if such family member is addressing domestic violence, sexual assault, or stalking or their effects.  It covers time for a victim to seek medical attention, recover from injuries, seek legal assistance or remedies, communicate with the police or an attorney, attend support groups, obtain psychological counseling, participate in safety planning or other actions to increase safety, including arranging for temporary or permanent relocation. 

You can gain a little more understanding from this blog post.

Military Family Leave Act of 2009 — This Act was introduced into Congress as H.R. 3257 on Jul 17, 2009.  It was immediately referred to the House Committee on Veterans’ Affairs. 

The Military Family Leave Act of 2009 allows those whose family members have received notification of impending active military duty to spend time with and support their family members by giving them two weeks un-paid leave prior to and after deployment.   The FMLA excludes many people from taking leave under these circumstances, such as those who work part time or are employed by a company with fewer than 50 employees. The Military Family Leave Act of 2009 would make sure that everyone is given this right, regardless of the hours they work or the size of the company that employs them.

Unlike FMLA leave of 12 weeks, this legislation only extends two workweeks of unpaid leave. This lower benefit level is designed to achieve a delicate balance between the needs of small businesses with the needs of American families.

I subscribe to a number of blogs and eNewsletters which cover employment law issues, so that I can consistently provide information and resources (and referral to attorneys when needed) to PBA members and clients.  That saves you, the reader, time and effort.  So keep tuned.  I will post additional information as it becomes available.

==========

 

To return to the main page of the blog, click here.  To return to the blog  Index, click here.

Posted in Human Resources | Comments Off

Holiday Shopping Guide

December 23rd, 2009

It’s not too late.  Reid Trautz has posted his Holiday Shopping Guide for Lawyers for the fifth year in a row.  There’s something for everyone.

==========

 

To return to the main page of the blog, click here.  To return to the blog  Index, click here.

Posted in General Management | Comments Off

Windows 7 – A First Look

December 9th, 2009

I’m flattered that so many people have taken the time to call and write to ask me whether it’s “time” to install Windows 7.  As you know, I warned my readers to steer clear of Vista from its release date until only very recently, and then advised you might be better off just waiting for Windows 7.  And so many of you have been doing just that — clinging to Windows XP for much longer than would traditionally be done with an operating system once a new version was released.

 

It’s still a little early to predict, but by the accounts I’m reading from my own trusted go-to sources, (and to be honest I am just starting to drill down into all my reading on this topic), it’s looking like we will not have to hold out much longer before migrating to Windows 7.

 

A recent poll conducted by TechRepublic on “How bad (or good) was your Windows 7 install?” has produced these results from 980 respondents:

 

  • (65%) — pleasant and uneventful and I am so happy I did it.
  • (16%) — a little quirky in spots, but completed successfully in the end.
  • (7%) — successful, but it sure did take a long time and had me worried.
  • (4%) — a traumatic experience that raised my blood pressure but I was eventually able to complete it successfully.
  • (3%) — a mess. And it still is a mess. I don’t know if I will ever get this thing installed.
  • (3%) — a total waste of time and never finished successfully. I am now using a different operating system.

OK, if you’re doing the math, you can see a successful install rate of 88%.   

 

Although I don’t have numbers recorded from when Vista came out, I can tell you that this is a much higher upgrade and installation success rate.  No doubt about it.  So far so good.  Of course, we have much to explore about compatibility with legacy applications, hardware and so forth.  Keep tuned as I dig further for information, and share it in upcoming posts.

 

==========

 

To return to the main page of the blog, click here.  To return to the blog  Index, click here.

Posted in Software, Technology | Comments Off

Did Michigan Attorney Watch One Too Many Episodes of LA Law?

December 7th, 2009

In a disciplinary case which could have been ripped right out of an episode of  the old TV sitcom “LA Law,”  a Michigan attorney was suspended from practice for 180 days after a string of sensational allegations, including that he offered clients a “couch of restitution” to pay off their legal fees.

 

On Nov. 23, the Michigan Attorney Discipline Board affirmed findings of misconduct and imposed the 180-day sanction, which the Board feels ensures sufficient time so that the lawyer being sanctioned will have to undergo fitness proceedings before being reinstated.

 

“Taking into consideration the range of professional misconduct in this case, we conclude that protection of the public, the courts and the profession requires that respondent be suspended for a sufficient period of time to ensure that he is not permitted to resume his standing as a member of the profession unless he is able to establish his fitness by clear and convincing evidence,” the opinion states.

 

It seems the attorney’s secretary was oblivious to his actions, according to her testimony.  But I rather doubt it.  As I think back on some of the more sensational headlines of the past few decades regarding cases of sexual misconduct, harassment, and so forth, what we usually find is a rather blatant pattern of behavior which is routinely ignored or even covered up by the offending party’s partners or coworkers. 

 

The time has come for firms to up their vigilance and work doubly hard to restore the ethical image of the profession.  See the article I wrote in June, 2007 entitled “Living With Integrity” in which I discuss this very issue.  Then ask what steps your firm has taken in the past few years to ensure it is doing all it can to practice with the highest level of integrity. 

 

It’s particularly important to revisit this now.  Why?  History tells us that when the economy is troubled and law firms are struggling for survival, short term profit improvement often outweighs ethical considerations.  It’s just so easy to justify a ride down the slippery slope when the firm’s very survival seems to be at stake.  Unfortunately, integrity is not something we can incorporate into our lives only when the bottom line is healthy and the economy is strong.  In fact, it’s the very manner in which one chooses to deal with difficult times that determines strength of character and organizational integrity.

 

Think about it.  It won’t make you rich.  But you will be a better person for it.

 

==========

 

To return to the main page of the blog, click here.  To return to the blog  Index, click here.

Posted in Financial Management, General Management, Human Resources | Comments Off

More Information on Google Scholar

December 3rd, 2009

The latest issue of the State Bar of Wisconsin’s InsideTrack electronic newsletter features a very comprehensive article on Google Scholar, as well as links to other sites offering access to judicial decisions.  The article is written by Bev Butula, manager of library services at Davis & Kuelthau. 

==========

 

To return to the main page of the blog, click here.  To return to the blog  Index, click here.

Posted in Tips & Tricks | Comments Off

A Dangerous New Worm Affecting Apple iPhone and iPod

November 23rd, 2009

This is the second worm found in the wild which is targeted specifically at the Apple iPhone and iPod Touch.  It is the first one which security company Sophos rates as a serious and malicious threat.  It has been reported on the Sophos blog and on CNet News.

 

Most iPhone and iPod Touch users will not be affected.  That’s because this exploit attacks jailbroken iPhone and iPod Touch devices only.  Jailbreaking, which has been around for about two years, is a hack that enables iPhone and iPod Touch users to download applications unavailable through Apple’s App Store.  That means most of you who read my blog are safe.  But if you have a seriously nerdy teenager at home who is addicted to their iPhone or iPod, there is a good chance they have installed some bootleg software, thereby leaving them exposed to this threat.

 

This worm uses command-and-control like a traditional PC botnet. It configures two startup scripts, one to execute the worm on boot-up, and the other to create a connection to a Lithuanian server (HTTP) to upload stolen data and cede control to the bot master.

 

This virus can spread from one device to another.  When an infected device is hooked up to a WiFi connection, the worm can spread more quickly to more IP addresses than on a typical 3G connection.

 

In August, 2007 I wrote a blog post entitled “The iPhone is All the Rage — But Is It a Good Tool for Attorneys?” in which I questioned the premature use of this device in a law firm environment due to security issues.  According to Sophos, my prediction is very true.  They write:

 

It does not appear that iPhones are able to report back any sort of status information, so there is no way to securely use them in an enterprise environment. If an infected phone is also connected to your MS Exchange, WiFi, or VPN environment, all of your confidential data could be at risk. . . . This further demonstrates that iPhones are not ready for the business environment.

 

The recommended method to remove this malware from an iPhone is to restore the Apple factory firmware using iTunes.

 

To be fair, and scare the heck out of the rest of the Smartphone world, BlackBerry is also susceptible to malicious infection as well.  Read this blog post on Sophos.

 

==========

 

To return to the main page of the blog, click here.  To return to the blog  Index, click here.

Posted in Security | Comments Off

« Older Entries