Monday, April 29, 2013

Digital Disruption Will Drive Mergers and Acquisitions In 2013

Digital Disruption Will Drive M&A In 2013

by , Apr 23, 2013, 7:00 AM

Read more:

2013 is shaping up as another active year for mergers and acquisitions in the media, communications and entertainment industries as companies scramble to keep up with the consumer shift to digital and mobile technologies.
Digital disruption of the media landscape will continue to drive M&A, partnerships and joint ventures this year.

A new outlook report by PricewaterhouseCoopers outlines five key themes for 2013:

*Consumer demand for bandwidth drives need for spectrum. The communications industry will see continued consolidation this year as a result of growing demand for bandwidth supporting content consumption, social networking and location-based services. In January, AT&T announced a pair of deals worth $2.7 billion to expand its wireless spectrum, while Dish made a $25.5 billion bid to acquire Sprint.

*The race for content. Consumer expectations for ubiquitous viewing require distributors to offer more premium and library content than ever. This has accelerated efforts to license and/or acquire content to keep customers from fleeing to competing services. Disney’s $4.1 billion acquisition of Lucasfilm highlights the trend.

*Cross-border M&A. As U.S. and foreign market players look to meet the demand for content, they are increasingly looking to international markets for acquisition targets. Several overseas broadcasters invested in U.S.-based production companies last year, and PwC expects to see more inbound interest in U.S.-based content. Conversely, China will attract digital and entertainment investors because of its growing online population.

*Non-core divestitures. Businesses are expected to exit non-essential assets as a way to increase profitability and allocate capital to key units. This trend has been especially prevalent in the publishing world, where traditional newspaper and other businesses have been especially hard hit by the digital shift. Tribune Co., for example, hired advisers in February to explore the sale of its newspaper publishing unit.

*Digital blurring line between media and technology. Technological innovations will require media companies to continue experimenting with new business models aligned with changing consumer habits. Key to that effort are new digital metrics designed to be more transparent and available in real-time. But many companies are still learning to collect only the most basic information and generate real value from Big Data.

While the total volume of media and communications deals dipped from 931 to 839 deals in 2012, data compiled by PwC showed that the dollar value of deals jumped to $96.2 billion from $55 billion last year. Even excluding Softbank’s planned $20 billion purchase of Sprint (thrown into question by the recent Dish bid), the deal value in 2012 still rose 38%.

The number of deals in the Internet software and services category increased to 149 from 186, while the total deal value increased to $9.5 billion from $6 billion last year. PwC anticipates that the market for Internet deals will remain active this year, mostly consisting of middle-market transactions.

Read more:

HHS preparing to offer HIPAA omnibus guidance: Update

HIPAA Being Misinterpreted, Congress Told

WASHINGTON -- Healthcare providers often misunderstand or over-interpret a 1996 health privacy law and as a result frequently do not share vital health information with family, caregivers, and others, lawmakers heard Friday.
Some members of Congress have expressed concern that certain provisions of the Health Insurance Portability and Accountability Act -- called HIPAA for short -- have prevented providers from sharing information with loved ones and law enforcement that may have saved a patient's life or the lives of others. The law restricts the sharing of information in most circumstances unless the patient grants permission.
During a hearing Friday, Rep. Tim Murphy, PhD, (R-Pa.) noted instance when doctors did not share concerns about patients with the family, citing the 1996 HIPAA law as the reason, and the patients later took their own life.
Murphy, a clinical psychologist and chair of the House Energy and Commerce Oversight and Investigations subcommittee, expressed worry that actions like this could hinder patient care and might fail to prevent public health tragedies. For example, patients with mental illness could be at risk of killing themselves or others, or patients with chronic conditions could miss out on obtaining the care they need.
Physicians frequently misinterpret what they're allowed to share under HIPAA, said Mark Rothstein, JD, director of the Institute for Bioethics, Health Policy and Law at the University of Louisville School of Medicine in Kentucky.
"The outcome is that some use of the disclosures permitted by the privacy rule are not allowed by some covered entities, perhaps out of ignorance or an overabundance of caution," Rothstein said.
Providers are allowed to share patients' health information with law enforcement, in certain public health instances, and to avert a serious health risk to the patient and others.
HIPAA allows providers to use their judgment on what they think is in the best interest of their patient, Leon Rodriguez, JD, director of the Office of Civil Rights for the Department of Health and Human Services (HHS), told lawmakers.
"We have never taken enforcement action because a provider has decided the best interest of the patient [is] to disclose information to a third party," Rodriguez said.
In fact, of the 80,000 complaints of HIPAA violations HHS has received, only 12 have resulted in monetary penalties, Rodriguez said.
That lack of enforcement hasn't stopped providers from fearing punishment or pleading ignorance to the nuances of what HIPAA allows them to say and not, lawmakers said.
"I can tell you that guy, that gal seeing a patient at 3 a.m. doesn't have your expertise," Rep. Bill Cassidy, MD (R-La.), told Rodriguez and Rothstein, giving the example of a emergency department doctor. "But what they do have are examples of physicians who have been grabbed by the law and not let loose until every one of their personal resources have been exhausted."
Other providers often use the law the shield themselves from conversations with caretakers they'd like to avoid.
"I wonder if some physicians don't hide behind HIPAA just to move onto the next patient, not wanting to be bothered with an aunt, or an uncle, or a cousin in regard to questions about their loved one," Rep. Phil Gingery, MD (R-Ga.), said. "I hope that doesn't exist too much, but it's something we need to think about."
Said Carol Levine, director of the Families and Health Care Project of the United Hospital Fund in New York City, "HIPAA has become a very convenient excuse to avoid difficult conversations with family members."
Lawmakers convened Friday's hearing in the wake of a March 5 gathering of families of the Newtown, Conn., shooting, where they learned that HIPAA may have prevented the release of vital health information.
The specific topic of preventing mass violence through disclosure was scarcely mentioned Friday. Meanwhile, the committee heard from families of those with mental illness and addiction who were blocked from learning more about their loved one's condition and treatment because providers cited HIPAA.
To combat provider misunderstanding around HIPAA, HHS issued a letter to providers reminding them of their rights and obligations on who they can and must notify when a patient is a serious threat to them self or others. Rodriguez said that letter has helped spur discussion in the provider community.
Rothstein and other lawmakers called on HHS to launch more and better provider education outreach.
Deven McGraw, JD, director of the Health Privacy Project at the Center for Democracy and Technology, suggested more guidance to providers informing them of rights and obligations, and that HHS should develop better ways to share such guidance with physicians. McGraw said HHS should work with professional societies who have more direct contact with physician members, rather than just posting documents on its website.
"It sounds like too many people are hiding behind [HIPAA] when there are clear exceptions when information can be shared," McGraw said.

HHS preparing to offer HIPAA omnibus guidance: Update

HHS preparing to offer HIPAA omnibus guidance: Update
Author Name Patrick Ouellette   |   Date April 26, 2013

According to in-house HHS attorney Iliana Peters, the Department of Health and Human Services (HHS) will be offering additional guidance on the HIPAA omnibus rule. Rachel Seeger, Senior Health Information Privacy Outreach Specialist for the Office for Civil Rights (OCR), told in an email that she hopes this guidance is provided soon:
Before publishing the Omnibus Rule, HHS carried out an extensive process, incorporating input from a wide range of stakeholders. To clarify Ms. Peters’ comments, we will be issuing additional compliance guidance and technical assistance to covered entities and business associates that was not addressed in the preamble of the Omnibus Rule given space limitations. We hope to publish these materials on OCR’s website soon.
Peters had stopped short of going into specifics of that guidance, reports HHS is working to get guidance out quickly to covered entities, business associates and subcontractors.
It will be interesting to see the scope of what HHS offers these organizations that are trying to wrap their heads around the new HIPAA omnibus requirements. The most interesting quote from Peters was that the omnibus rule, which went into effect on March 26 and will become enforceable on Sept. 23, has was initially chopped down from an original, lengthier version. How will the new guidance expand upon security, privacy and breach notification language in the HIPAA omnibus rule?
Regardless of what HHS is able to provide these organizations, the fact that they were asking plenty of questions about guidance in the first place is noteworthy. There still seems to be confusion among some organization around their exact responsibilities and hopefully this new guidance can shore some of those questions up.

HIPAA/HITECH Omnibus Final Rule Makes Sweeping Changes

HIPAA/HITECH Omnibus Final Rule Makes Sweeping Changes

The 563-page final omnibus Health Insurance Portability and Accountability Act (HIPAA) rule, published in January, makes a long list of significant changes to existing regulations. These include, among others:
  • Modification to the standard for reporting breaches of unsecured personal health information (PHI).
  • Extension of HHS enforcement authority over business associates.
  • Expansion of the definition of the term business associate to include Health Information Organizations, E-prescribing Gateways, entities that provide data transmission services for PHI and which require routine access to such PHI, and personal health record vendors.
  • Modifications to the requirements for business associate agreements.
  • New obligations for business associates to enter into business associate agreements with their own subcontractors.
  • Removal of limitations on the liability of covered entities for the acts and omissions of business associates.
  • Changes to the requirements for notices of privacy practices.
  • New limitations on the sale of PHI.
  • New limitations on and clarifications concerning the use and disclosure of PHI for marketing.
  • Relaxation of certain limitations on the use of PHI for fundraising.
  • Improvement to the regulations concerning authorizations for the use or disclosure of PHI for research.
The deadline for complying with the amended HIPAA regulations is September 23, 2013, except for provisions related to the requirements for business associate agreements and to arrangements relating to the sale of PHI. Those specific provisions allow existing agreements in effect prior to January 25, 2013, to continue through September 22, 2014, unless modified or amended within one year before that date.  
To review the final rule indepth, published at 78 Fed. Reg. 5566 (Omnibus Rule),

Top 10 Medicare Risk Adjustment Coding Errors

Top 10 Medicare Risk Adjustment Coding Errors


Medicare Advantage (MA) reimbursement can trip you up in ways you didn’t expect. If you are seeing MA patients, be mindful of opportunities and pitfalls.
MA health plans are reimbursed based on beneficiaries’ chronic conditions. Submitting an inaccurate diagnosis, or a diagnosis resulting in a different hierarchical condition category (HCC), is a compliance risk. Any change in the HCC could mean you are receiving too much or too little revenue. Either way, the code would not be validated and would be considered discrepant.
There are opportunities for you to capture a more appropriate HCC code. Consider this list of the top 10 coding errors for risk adjustment:
  1. The record does not contain a legible signature with credential.
  2. The electronic health record (EHR) was unauthenticated (not electronically signed).
  3. The highest degree of specificity was not assigned the most precise ICD-9-CM code to fully explain the narrative description of the symptom or diagnosis in the medical chart.
  4. A discrepancy was found between the diagnosis codes being billed versus the actual written description in the medical record. If the record indicates depression, NOS (311 Depressive disorder, not elsewhere classified), but the diagnosis code written on the encounter document is major depression (296.20 Major depressive affective disorder, single episode, unspecified), these codes do not match; they map to a different HCC category. The diagnosis code and the description should mirror each other.
  5. Documentation does not indicate the diagnoses are being monitored, evaluated, assessed/addressed, or treated (MEAT).
  6. Status of cancer is unclear. Treatment is not documented.
  7. Chronic conditions, such as hepatitis or renal insufficiency, are not documented as chronic.
  8. Lack of specificity (e.g., an unspecified arrhythmia is coded rather than the specific type of arrhythmia).
  9. Chronic conditions or status codes aren’t documented in the medical record at least once per year.
  10. A link or cause relationship is missing for a diabetic complication, or there is a failure to report a mandatory manifestation code.
Regardless of where you find shortcomings in your facility, you should consider ways to improve clinical documentation. Develop a compliance plan and implement prospective and retrospective, internal and external chart reviews with ongoing monitoring and feedback. Be sure to review records based on official coding guidelines.

CMS Proposes 0.8% Boost in Medicare Inpatient Rates for 2014

CMS Proposes 0.8% Boost in Medicare Inpatient Rates for 2014

CMS has issued its proposed rule for hospitals paid under the inpatient prospective payment system and the long-term care hospital perspective payment system. CMS has recommended acute-care hospitals receive a 0.8 percent increase in Medicare operating rates. 

The low proposed Medicare rate increases are due to several factors. First, when Congress passed the American Taxpayer Relief Act of 2012, better known as the fiscal cliff deal, legislators included $11 billion in MS-DRG documentation and coding adjustments. This meant hospitals and other providers would lose $11 billion in Medicare payments between fiscal year 2014 and FY 2017 due to past overpayments the government made to hospitals as the country transitioned to MS-DRGs.

In the proposed rule, CMS accounted for a 0.8 percent reduction in Medicare payments to follow the ATRA, though the agency is asking for public comments on how the documentation and coding adjustments should be enforced.

CMS also gave more details for the second year of the Value-Based Purchasing program. In FY 2014, hospitals will have 1.25 percent of their Medicare payments withheld, and the resulting $1.1 billion in incentive payments will be doled out to hospitals that deliver the best quality of care.

In addition, starting in October under the Hospital Readmissions Reduction program, hospitals could lose up to 2 percent of Medicare payments for excessive readmissions — up from 1 percent in FY 2013.

Study: Practice Support Facilitates PCMH Transition

Study: Practice Support Facilitates PCMH Transition

When small or solo physician practices are given practice redesign and embedded care management support, they are more likely to improve care quality and efficiency when transitioning to a patient-centered medical home, according to study results published in the Journal of General Internal Medicine

Researchers performed a randomized controlled trial in which intervention practices received 18 months of practice redesign support, two years of revised payment and 18 months of embedded care management support. The control practices received participation payments.

The intervention physicians improved on two quality indicators — hypertensive blood pressure control and breast cancer screenings — and one efficiency indicator — reduced emergency department visits. In the control practices, quality and efficiency of care was either unchanged or worse, according to the study.

15 Recent Issues Between Hospitals and Payors

15 Recent Issues Between Hospitals and Payors

Here are 15 recent issues that occurred between hospitals, health systems and payors within the past month, starting with the most recent. 

1. Aetna, Baptist Memorial Health Care Make Collaborative Care Agreement 
Baptist Memorial Health Care in Memphis, Tenn., and Aetna partnered in a collaborative care agreement to offer Aetna Whole Health, a commercial healthcare product.

2. Aetna, Carolinas HealthCare Announce Accountable Care Collaboration
Aetna and Charlotte, N.C.-based Carolinas HealthCare System are using a clinically integrated organization model to support patient-centered medical homes and other accountable care efforts.

3. Minnesota Hospitals Denounce Blue Cross Payment Changes  
The Minnesota Hospital Association called out Blue Cross and Blue Shield of Minnesota, saying the health insurer is slashing payments to rural hospitals that will "put them into deep, deep red ink."

4. Bill Requiring North Carolina Hospitals to Post Prices Passes Senate Committee 
A bipartisan North Carolina Senate committee threw its support behind a bill that would require hospitals to make their bills more transparent and comprehensible to patients.

5. CMS Rejects Pioneer ACOs' Plea for Pay-for-Performance Delay 
CMS did not accept a request from its Pioneer accountable care organizations to delay tying pay to outcomes.

6. BCBS of Tennessee, Erlanger Form Strategic Partnership 
BlueCross BlueShield of Tennessee and Erlanger Health System in Chattanooga, Tenn., signed a five-year strategic network partnership agreement, effective July 1.

7. Cornerstone Health Care, BCBS of North Carolina Form ACO 
Cornerstone Health Care, a Highpoint, N.C.-based physician group with more than 365 physicians, partnered with Blue Cross and Blue Shield of North Carolina to form an accountable care organization.

8. Pennsylvania Lawmakers: Highmark-West Penn Deal May Hurt Small Hospitals 
Four Pennsylvania state senators sent a letter to Gov. Tom Corbett, arguing the pending merger between Pittsburgh-based health insurer Highmark and West Penn Allegheny Health System could hurt small local hospitals if safeguards are not put in place.

9. Report: U.S. Healthcare System Can Save $560B in Public, Private Reforms 
If the United States tinkered with Medicare more, reformed tax policies, prioritized healthcare quality and incented states to improve care, the healthcare system could save roughly $560 billion over the next decade, according to a report from the Bipartisan Policy Center Health Care Cost Containment Initiative. 

10. UC Health, Anthem Reach New Contract 
UC Health and Anthem Blue Cross and Blue Shield of Ohio reached a new contract, meaning all UC Health hospitals and providers are now in-network again for Anthem patients.

11. Study: Bundled Payment Structures Show Promise 
When structured well, bundled payment models can be effective and profitable for hospitals that can reduce the cost of each episode of care, according to a study conducted by Singletrak Analytics and DataGen.

12. Cooper University Health Care Acquires 20% Interest in New Jersey Health Insurer 
Camden, N.J.-based Cooper University Health Care announced it will acquire a 20 percent interest in health insurer AmeriHealth New Jersey, marking the state's first hospital-payor acquisition of its kind. During a conference call announcing the deal, leaders also announced there was room at the table for more providers to join in the partnership.

13. $24M Ruling Against UnitedHealth May Enhance Payors' Scrutiny of In-Network Providers 
A Nevada jury ruled that two affiliates of UnitedHealth Group must pay $24 million in damages for negligent oversight of a physician who gave two patients hepatitis C through unsterile care.

14. Superior Health Partners, BCBS of Michigan Partner for Accountable Care 
Superior Health Partners, an alliance of eight independent health systems in Michigan's Upper Peninsula, announced an accountable care organization-like partnership with Blue Cross Blue Shield of Michigan.

15. Mountain States Health Alliance Nears Expiration of BlueCross BlueShield Contract 
The contract between BlueCross BlueShield of Tennessee and the 13 hospitals of Johnson City, Tenn.-based Mountain States Health Alliance is due to expire at the end of May, with no renewal agreement yet finalized.

Survey: Hospitals are not ready for ICD-10

More than 50% of hospitals have not started training for coding staff

April 26, 2013

Almost half of small- and mid-sized hospitals are lagging behind official CMS timelines for the transition to ICD-10 code sets, according to a survey.
Is your hospital ready for ICD-10? Evaluate your preparedness across six areas using our Readiness Diagnostic. U.S. health care organizations are working to transition from ICD-9 to ICD-10 code sets to accommodate codes for new diseases and procedures. The switch from ICD-9 to ICD-10 code sets is slated for Oct. 1, 2014 and will require health care providers and insurers to change out about 14,000 codes for about 69,000 codes.
For the survey, Health Revenue Assurance Holdings polled more than 120 hospitals with fewer than 400 beds. The survey aimed to determine whether the facilities were following official CMS timelines for ICD-10 preparation.
About 20% of the surveyed hospitals said they have not begun education or training for the ICD-10 transition, according to the survey. HRAA also found that 55% of surveyed hospitals have not started training their coding staff on the ICD-10 procedure coding system, known as ICD-10-PCS.
Moreover, despite CMS recommendations that hospitals begin ICD-10 testing in 2013, 25% of surveyed hospitals said they plan to start testing in January 2014, and 24% said they plan to begin testing in April 2014 (Walsh, Clinical Innovation & Technology, 4/24; McCann, Healthcare IT News, 4/24).

HIPAA Compliance: What Providers Should Know About HITECH Act Mandatory Audits

HIPAA Compliance: What Providers Should Know About HITECH Act Mandatory Audits
1. HHS mandated audits
Investigations by the Office for Civil Rights related to compliance with the Health Insurance Portability and Accountability Act will no longer be initiated by only complaints and self-reported breaches. Section 13411 of the HITECH Act requires HHS to provide for periodic audits of covered entities' and business associates' compliance with the HIPAA Privacy Rule, Security Rule and Breach Notification standards. While the audits are not intended to be investigations, an audit could reveal a serious compliance issue that could lead to a separate enforcement investigation by OCR. These mandatory audits are further evidence of the increased enforcement efforts of HHS. 

2. What we learned from the pilot audit program
KPMG, on behalf of HHS, conducted a yearlong pilot audit program from November 2011 through December 2012 that included 115 audits of covered entities. The audits focused on key compliance requirements under HIPAA, including (a) various requirements of the Privacy Rule, such as notice of privacy practices and uses and disclosures of protected health information, (b) Security Rule requirements for administrative, physical and technical safeguards, and (c) requirements for the Breach Notification Rule.

The large majority of entities that were audited were providers, rather than health plans or clearinghouses (all of which are covered entities under HIPAA). The preliminary results from the pilot audit program revealed that 65 percent of the compliance issues were related to the Security Rule, while only 26 percent and 9 percent of the compliance issues were related to the Privacy Rule and Breach Notification Rule, respectively. Generally, smaller covered entities, such as physician practices and smaller providers, had more compliance issues than larger covered entities. In the future, both covered entities and business associates will be subject to audits. 

OCR is currently evaluating the pilot program to assess whether changes should be made before routine audits commence. The evaluation will focus on the pilot audit program's effectiveness, analyze the program's strengths and weaknesses and give recommendations for future audits. The evaluation process is scheduled to conclude in September 2013. We anticipate that routine audits will commence after this time. 

3. Audit process
An OCR audit begins the audit process by sending document request to the audit target, which includes an introduction to the audit contractor and a request for required HIPAA documents, including copies of privacy policies and procedures, workforce training documentation, incident response plans, risk analyses and risk mitigation plans. This documentation will generally be due to OCR within 10 business days of the request for information. Following review of the documentation, the auditor will conduct a site visit.
During the site visit, OCR will interview key personnel. Covered entities and business associates should ensure that all members of management and higher-level staff members are familiar with the entity's privacy and security policies, procedures and compliance efforts — the entity's privacy officer will not be the only workforce member interviewed by OCR.

After the site visit is completed, the auditor will provide the covered entity with a draft final report. The entity will then have 10 business days to review and provide written comments back to the auditor. The auditor will complete a final audit report within 30 business days after the entity’s response and submit it to OCR. The reports will be used by OCR to determine what types of technical assistance should be developed and whether a compliance review is necessary to address any serious issues detected during the audit.

4. How to prepare for an audit
The audit protocol can be found on the OCR website and is a great resource for entities looking to perform self-evaluations of their HIPAA compliance. As part of these self-evaluations, the audit protocol can be used by covered entities and business associates to conduct a self-audit. This process will help identify compliance gaps and prepare for an OCR audit. 

Covered entities and business associates should ensure, at a minimum, that the following HIPAA compliance measures are being taken:

a. In the case of a covered entity, provide the entity's form of Notice of Privacy Practices to every patient and update such NPP to reflect the changes under the Omnibus Final Rule (required by September 23, 2013).
b. Have written and signed business associate agreements with all entities considered a business associate.
c. Conduct an accurate and thorough assessment of the risk to electronic protected health information.
d. Implement required physical, technical and administrative safeguards to protect ePHI.
e. Have formal policies and procedures for the privacy and security of protected health information and ensure these are updated to reflect the changes under the Omnibus Final Rule (required by September 23, 2013).
f. Train all employees on privacy and security policies and procedures. Those employees who job duties are affected by the changes resulting from the Omnibus Final Rule will need to receive additional training on such changes.
g. Maintain all documentation required under HIPAA, including documentation of all employee training, disclosure logs, documentation of all breach analyses and documentation of sanctions taken against employees for violations of privacy and security policies.

Covered entities and business associates should start to prepare now rather than after receiving notice from OCR of its intent to audit. Preparing for a potential audit may also help protect covered entities and business associates from complaints to OCR related to HIPAA violations.