Medicare Compliance & Reimbursement

You won’t have a new number to memorize when checking on whether your Part B patients have met their deductibles, because the Centers for Medicare & Medicaid Services (CMS) has announced that the 2015 deductible will remain at the 2014 levels, which is $147.00

“The Administration has taken important steps to improve the quality of care while keeping the cost of Medicare premiums and deductibles the same,” said CMS Administrator Marilyn Tavenner in a statement. “This means even greater financial and health security for our seniors next year as their premiums will remain unchanged.”

The Part A deductible will increase by $44.00 next year, from the current amount of $1,216.00 to $1,260.00, CMS announced. “For beneficiaries in skilled nursing facilities, the daily co-insurance for days 21 through 100 in a benefit period will be $157.50 in 2015, compared to $152.00 in 2014,” the agency said.

Look Beyond HIPAA When Data Breaches Occur

HIPAA isn’t your only compliance worry when it comes to patients’ health information. Plaintiffs are filing lawsuits — and winning settlements — against health care providers for data breaches under other federal and state laws.

After the billing vouchers of more than 13,000 patients went missing from an off-site storage vendor, plaintiffs filed a class action lawsuit against the University of Miami Health System. The vouchers included patients’ names, dates of birth, Social Security numbers, physician names, insurance company names, medical record numbers, and procedure and diagnostic codes.

UMHS has requested that a Florida judge approve a proposed settlement in the class action lawsuit, according to attorney Linn Foster Freedman in a post for law firm Nixon Peabody. Under the settlement agreement, UMHS will pay $100,000 in individual claims, $90,000 in attorneys’ fees, and $1,500 to the named plaintiff. UMHS would also conduct risk assessments and remediation.

What’s especially curious about this lawsuit is that the plaintiff filed the action under the Fair Credit Reporting Act (FCRA) and Florida state law, alleging that she suffered financial harm because money was withdrawn from her bank account following the breach, Freedman states. “This is the first time we have seen a settlement by a health system for a data breach under the FCRA, nor do we see how the FCRA can be relevant to the facts of this case.”

Moreover, patients’ financial information does not appear to have been included in the breached data from the billing vouchers.

Warning: “This settlement is an unfortunate precedent on two levels — first, it appears to be a settlement under the FCRA, which is a first to our knowledge,” Freedman states. “And second, it is a settlement of a case where there does not appear to be any relationship between the data breach and the alleged harm and where the attorneys received almost as much as the settlement on the merits.”

Bottom line: “Opening these doors in the data breach arena is discouraging,” Freedman concludes.