“So what happened in health care this summer?” the recently vacationing physician asked his rather jumpy health care lawyer. “I think the question is what didn’t happen?” the lawyer responded. The summer was fairly busy in the health care legal arena. Some things happened, some were pushed off, and some may be pushed off for longer than expected.

As for some legal things that happened, well, the Department of Health and Human Services (HHS) and the Department of Justice (DOJ), turned up the heat on health care fraud. In fact, the new initiative that was rolled out early in the summer was called Health Care Fraud Prevention and Enforcement Action Team or HEAT. The unique aspect to HEAT is the use of what is labeled “real time” data analysis of claims to identify and investigate unexplainable billing patterns. 

Another thing that happened was the Federal Trade Commission (FTC), in tandem with the Office for Civil Rights (OCR) within HHS, issued final rules regarding security breaches related to health information as a result of a directive contained in the 2009 Stimulus Bill. The separate rules apply to parties not covered and covered under the Health Insurance Portability and Accountability Act (HIPAA). Because the FTC was involved, many medical practices thought these new rules were related to the Red Flags Rule. The security breach rules are different. 

As for things that got pushed off for a bit, well, remember the Red Flags Rule? That rule will require many, if not most, physician offices to add consumer credit protection policies to their compliance programs. The deadline set by the FTC to comply with the new rule, had been moved from November 1, 2008 to May 1, 2009, and then it was pushed out to August 1, 2009. In late July, the FTC pushed that deadline out again until November 1, 2009. Confusing? If an office has not put some controls in place by now though, it should revisit the issue to see what will be required. The American Medical Association (AMA), which continues to oppose enforcement of the rule, started posting sample guidance recently as well. 

Of course, to make this all more interesting, the spread of swine flu pushed itself off over the summer. Cases this coming fall and winter, however, are projected to touch 40% of the population. One has to wonder why this is a legal issue, but there actually could be many issues. At the American Health Lawyers Association annual meeting, HHS Secretary Sebelius spent half of her half-hour key note speech discussing swine flu (and the other half discussing health care reform). At the very least, it might be a good idea to check up on office sick leave and telecommuting policies. If the spread of swine flu cases is dramatic, offices can be prepared for a worst case scenario to keep the office up and running. 

Finally, as for things that may be pushed off for longer than expected, there is federal health care reform. To date, there has been a lot of talk, and a lot of drafting, but not much has happened, legally, yet. There has been some curious rhetoric such as reform would create death panels. Rhetoric aside, health care reform appears to have slowed down due to a fair amount of confusion about what reform actually means. The leading bill in Congress has yet to be identified clearly, but a push is on for something to be completed this fall. Whatever version takes to the floor for debate likely will include many detailed changes to existing laws and new laws themselves, similar to HIPAA in 1996. As we learned from HIPAA, all of that type of piecemeal change will take many years to sort out. Stay tuned.