What healthcare compliance means
Healthcare is one of the most heavily regulated areas of business. The way a practice handles referrals, pays its people, bills payers, and protects patient information all sit inside a web of federal and state rules. Compliance is the work of keeping arrangements inside those rules before a regulator asks about them.
Jeffrey L. Cohen advises physicians and healthcare businesses on the rules that come up most: Stark, Anti-Kickback, fraud and abuse, and HIPAA.
Stark Law (physician self-referral)
The Stark Law restricts a physician from referring certain services to an entity the physician has a financial relationship with, unless an exception applies. It is a strict-liability law, which means intent does not matter. An arrangement either fits an exception or it does not, so the drafting has to be exact.
Anti-Kickback Statute
The federal Anti-Kickback Statute makes it a crime to knowingly offer or accept anything of value to induce referrals of items or services paid by a federal healthcare program. Unlike Stark, intent matters, and there are safe harbors that protect arrangements meeting specific conditions. Fitting a safe harbor is the goal whenever possible.
Fraud and abuse and the False Claims Act
Improper billing and self-dealing can lead to False Claims Act liability, including whistleblower (qui tam) cases brought by insiders. The cost of getting this wrong reaches well beyond the original claim, which is why prevention is the better investment.
HIPAA privacy and security
HIPAA governs how protected health information is used, shared, and secured. Most practices and their business partners need policies, business associate agreements, and safeguards in place, not just a privacy notice on the wall.
How Jeffrey helps
Jeffrey reviews and structures arrangements to fit the right exceptions and safe harbors, builds compliance policies, prepares business associate agreements, and advises when a question or audit arises. The aim is arrangements that work commercially and survive scrutiny.
Who this is for
Physicians, group practices, surgery centers, treatment facilities, DME companies, and any healthcare business that pays for referrals indirectly, shares revenue, or handles patient data should have its arrangements reviewed.
Common questions
What is the difference between Stark and the Anti-Kickback Statute?
Stark is a strict-liability civil law about physician self-referral, where intent does not matter and an arrangement must fit an exception. The Anti-Kickback Statute is a criminal law that turns on intent and offers safe harbors. Many healthcare arrangements have to satisfy both.
Does HIPAA apply to my practice?
Most healthcare providers that transmit health information electronically are covered by HIPAA, along with their business associates. If you create, receive, or store protected health information, you very likely need HIPAA policies and agreements in place.
What is a safe harbor?
A safe harbor is a set of conditions under the Anti-Kickback Statute that, if fully met, protects an arrangement from liability. Structuring a deal to fit a safe harbor is one of the most reliable ways to reduce risk.