Reed Tinsley, CPA

Idaho State University (ISU) has agreed to pay $400,000 to the U.S. Department of Health Human Services (HHS) for violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security Rule.  This settlement involves the breach of unsecured electronic protected health information (ePHI) of 17,500 individuals who were patients at an ISU clinic.

The Office for Civil Rights (OCR) opened its investigation after ISU notified HHS that the ePHI of approximately 17,500 individuals was accessible at its Pocatello Family Medicine Clinic because an ISU server firewall was disabled.  OCR investigators found that ISU did not apply proper security measures and policies to address risks to ePHI and did not have in place procedures for routine review of information system activity which could have detected the breach in the firewall much sooner. Overall, ISU failed to ensure the uniform implementation of required Security Rule protections at each of its covered clinics. 

The Press Release can be found on the HHS News page:

http://www.hhs.gov/news/

and the Resolution Agreement can be found on the OCR website at:

http://www.hhs.gov/ocr/privacy/hipaa/enforcement/examples/isu-agreement.html

Physicians know who their best employees are — hardworking, competent, loyal and emotionally invested in the practice and its patients. They're essential to the quality care doctors provide each day and increasingly vital to ensuring a financially healthy practice that can withstand ongoing changes in health care expectations, technology and regulations.

So how can physicians continue to ensure that their practice is a place where valuable employees want to work and give their best effort every day? How do physicians know which benefits and pay increases are most likely to attract and retain quality staff and motivate other employees who may need an incentive to work harder, all while working within the financial realities of the practice?

Read the following article written by Sheryl Cash for which I was interviewed:

http://www.amednews.com/article/20130520/business/130529997/4/

A client called to my attention that a (seemingly) very HIPAA savvy patient she had recently seen refused to allow her to make a copy of his insurance information. His reason was that copiers store the information and he was concerned about our protecting the copier that holds his PHI. Do copiers indeed store PHI in their little brains? 

YES!  Photocopiers with hard drives DO store copies of each and every image it makes.  You need to make sure you have a plan in place to destroy the PHI when you get rid of the copier/fax/whatever machine it is. This usually involves destroying the hard drive or at least wiping it clean. 

The FTC has a wonderful, free guide on copier data security.  See this page:

http://business.ftc.gov/documents/bus43-copier-data-security

Usually with a multifunction copier hard drive it can be accessed and items printed from the keypad. If removed and not encrypted you can simply slave it to a computer and read the drive images directly. Along with the FTC document, NIST SP800-88 R1 (draft) Table A-4 speaks to copiers. It talks about how to purge, clear or destroy electronic media in equipment, which includes copiers. OCR calls out NIST 800-88 as an approved method for reuse or destruction.

Some copier companies offer encryption, others will destroy and give you a certificate of destruction. You will want to know how they destroy the drives and what protections they have for transport. Of course you always have the option to destroy yourself. I recommend you use a NSA certified destruction vendor. Depending on where you live there are companies that will come onsite and grind the drive to dust in your parking lot. I had over 1000 drives destroyed in this manner.

Just over three years ago, Congress enacted legislation that overhauls the U.S. health care system and affects nearly all taxpayers, many employers, and many elements of the health care industry. The legislation contains a host of tax changes, many of which are both complex and novel. Some already have gone into effect, some go into effect this year, and still others will be in place in 2014 and 2018.

Thomson Reuters is offering a complimentary publication that helps you get a fix on the rules newly effective this year, as well as those looming on the horizon, by presenting a timeline of 2013-2018 tax changes in the health care legislation, and a concise summary of each new tax provision.

http://yourcheckpoint.thomsonreuters.com/healthcarereform/

This article is based on Change Request (CR) 7747 which informs Medicare contractors about changes to the Multiple Procedure Payment Reduction (MPPR). The MPPR on diagnostic imaging applies when multiple services are furnished by the same physician, to the same patient, in the same session, on the same day. The MPPR on certain diagnostic imaging services applies to Professional Component (PC) and Technical Component (TC) services. It applies to both PC-only services, TC-only services, and to the PC and TC of global services. Full payment is made for each PC and TC service with the highest payment under the Medicare Physician Fee Schedule (MPFS). Payment is made at 75 percent for subsequent PC services furnished by the same physician, to the same patient, in the same session, on the same day. Payment is made at 50 percent for subsequent TC services furnished by the same physician, to the same patient, in the same session, on the same day. The individual PC and TC services with the highest payments under the MPFS of globally billed services must be determined in order to calculate the reduction.Currently, the MPPR applies only when an individual physician furnishes multiple services to the same patient, in the same session, on the say day. The Centers for Medicare & Medicaid Services (CMS) is expanding the MPPR on the PC and TC of imaging services by applying it to physicians in the same group practice (same Group National Provider Identifier (NPI)) who furnish multiple services to the same patient, in the same session, on the say day. The complete list of codes subject to the MPPR on diagnostic imaging can be found in Attachment 1 of CR7747, which is available at:

http://www.cms.gov/Regulations-and-Guidance/Guidance/Transmittals/Downloads/R1104OTN.pdf

MedLearn article:

http://www.cms.gov/Outreach-and-Education/Medicare-Learning-Network-MLN/MLNMattersArticles/Downloads/MM7747.pdf

Compliance with the Privacy and Security Rules of HIPAA is not easy.  However, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights’ (OCR) website is an excellent resource for materials to educate covered entities and business associates on their obligations under HIPAA and how to implement effective measures to comply with such obligations. OCR has posted on its website a series of six factsheets on HIPAA.  While these factsheets are aimed at educating consumers on their rights under HIPAA, providers can also use these educational materials to assist in their compliance efforts, including the training and education of their employees.   The materials are available on OCR’s website at:

http://www.hhs.gov/ocr/privacy/hipaa/understanding/consumers.

OCR has also posted a video entitled The HIPAA Security Rule to assist small providers, such as small physician practices and surgery centers, in their compliance with the requirements of the Security Rule.  The video is available on the HHS OCR YouTube Channel at:

http://www.youtube.com/user/USGovHHSOCR.

Finally, OCR has also launched three modules through Medscape for health care providers on compliance with various aspects of the HIPAA Privacy and Security Rules.  You must sign up for a free account with Medscape in order to access the videos.  Each of the modules is a great resource for covered entities and business associates.  Below is a list of the modules along with a link to access each module.

Patient Privacy: A Guide for Providers
http://www.medscape.org/viewarticle/781892?src=ocr

HIPAA and You: Building a Culture of Compliance
http://www.medscape.org/viewarticle/762170?src=ocr

Examining Compliance with the HIPAA Privacy Rule
http://www.medscape.org/viewarticle/763251?src=ocr

Law360, New York (May 03, 2013, 12:01 PM ET) -- The Internal Revenue Service on Friday plugged a loophole that could have let companies skirt the health reform mandate that large employers provide affordable medical benefits, saying businesses that force employees to enroll in excessively expensive plans would be fined as if they hadn't offered coverage at all.

 In a notice of proposed rulemaking, the IRS took aim a potential vulnerability in the Affordable Care Act, which penalizes corporations that don’t offer reasonably priced health insurance, but only if at least one staff member declines coverage and subsequently gets a government subsidy to shop on a health insurance exchange.

 If all employees enrolled in pricey health plans — even against their will — they would theoretically be disqualified from receiving subsidies, and the company would be off the hook for offering shoddy coverage. To avoid that scenario, the IRS said that mandatory enrollment in too-costly plans would be viewed the same as not supplying any benefits, and the businesses would face fines for such conduct.

 James R. Napoli, senior counsel on the health reform task force at Proskauer Rose LLP, told Law360 the IRS’ move addressed a course of action many employers were contemplating in order to save cash.

“That was strategy that was actively being discussed by a number of employers, and obviously the federal government ... viewed that as a potential loophole that they’re trying to shut down through that guidance,” Napoli said.

 In addition to breaching the employer mandate, such conduct could also be seen by the IRS as interference with employee access to subsidies, the notice said.

 Napoli said that this suggested the IRS was taking an expansive view of the ACA’s whistleblower protections, which bar retaliation against workers who receive tax credits to subsidize their purchases on exchanges.

“The key here is that this is indicating, at least from the federal government’s perspective, that the employee doesn’t need to actually receive the credit in order for the [ACA] whistleblower protection to apply,” Napoli said.

 Under the ACA and associated regulations, if a corporation with at least 50 full-time employees doesn’t provide health benefits to at least 95 percent of full-time workers, and one or more full-time employees receives a subsidy to buy coverage on a health insurance exchange, the company will be forced to make a “shared responsibility payment.” That payment will amount to $2,000 per year for every full-time employee, not counting the first 30 employees.

 Resistance to the employer mandate has given rise to a number of creative attempts — viewed by some as underhanded — to avoid having to comply. Some businesses, for example, have trimmed employees' hours so that their full-time workforce falls below the ACA threshold. Other corporations have studied breaking up their businesses into smaller units, but rules are in place to connect the dots and prevent that tactic from being effective.

 In other instances, there have been reports of companies planning to drop insurance altogether and just pay the penalty, although it’s believed that such drastic measures will be relatively rare.

Proposed Regulations on Minimum Value

The IRS has issued proposed regulations explaining how to determine if an employer-sponsored group health plan provides minimum value. The term minimum value, which was introduced by the Affordable Care Act, has significance for both individuals and employers. Individuals who are not offered coverage under an employer-sponsored plan that provides minimum value may be able to receive a premium assistance credit to help them purchase health coverage through a health insurance marketplace. Employers that do not offer minimum value coverage may face penalties if a full-time employee purchases health insurance through a marketplace and receives a premium assistance credit.

Application for Health Insurance

The Centers for Medicare & Medicaid Services (CMS) has simplified and shortened the application for health coverage that individuals will complete in order to purchase health coverage through a health insurance marketplace. The applications, which can be submitted starting on October 1, can be found at http://cciio.cms.gov/resources/other/index.html#hie (scroll down to “Forms” under the Affordable Insurance Exchanges heading and look for April 30, 2013 Marketplace Consumer Application).

In December 2012, the IRS issued proposed regulations (REG-130507-11) for the net investment income tax under Sec. 1411 that went into effect on Jan. 1, 2013. At the same time, the IRS released a list of frequently asked questions concerning the net investment income tax.

The new levy was created to help pay for health care reforms that were enacted in 2010. The rate is 3.8% of the lower of net investment income or the amount of modified adjusted gross income (MAGI) over specific thresholds. The key consideration, however, is what constitutes net investment income and which taxpayers are affected. Moreover, practitioners need to know what information they must obtain from clients to correctly compute the additional tax, and they need to be aware of common issues that may arise in computing the net investment income tax.

Only individuals with MAGI above the thresholds and certain estates and trusts are subject to the net investment income tax. Nonresident aliens and entities other than natural persons are not subject to the tax. The thresholds for individuals are: married filing jointly and qualifying surviving spouse, $250,000; married filing separately, $125,000; single and head of household, $200,000. The thresholds are not indexed for inflation. For most taxpayers, MAGI is the same as adjusted gross income (AGI). Excluded income and certain deductions under Sec. 911 of citizens or U.S. residents residing abroad are the only modifications to AGI for the net investment income tax calculation.

Estates and trusts with undistributed net investment income and AGI above the dollar amount at which the highest tax bracket for an estate or trust begins for that tax year are also subject to the net investment income tax. (For 2013, $11,950.) Exempt trusts include grantor trusts under Secs. 671–679, REITs and common trust funds, tax-exempt trusts under Secs. 501 and 664, and charitable trusts under Sec. 170(c)(2)(B).

Three defined categories of income are subject to the net investment income tax (Sec. 1411(c)):
Category I: Gross income from interest, dividends, rents, royalties, and nonqualified annuities, other than such income derived in the ordinary course of a trade or business not described in Category II.
Category II: Other gross income from businesses that trade financial instruments or commodities, and businesses that are passive activities within the meaning of Sec. 469.
Category III: Net gain (to the extent taken into account in computing taxable income) attributable to the disposition of property, other than property held in a trade or business that is not described in Category II. Gains and losses from dispositions of trade or business property used in passive activities are included in calculating the net investment income tax.

To arrive at net investment income, investment income from these categories is reduced by investment expenses such as early-withdrawal penalties, interest expense, adviser fees, directly related rental and royalty expenses, and state and local taxes allocable to items included in investment income. Wages, self-employment income, unemployment compensation, business income from nonpassive sources, Social Security benefits, tax-exempt interest, and qualified pension, annuity, and individual retirement account distributions are excluded when calculating the net investment income tax.

Some real estate industry representatives and others have spread alarm, incorrectly, that the net investment income tax applies to all proceeds from sales of personal residences. As described in Category III, only the taxable portion of any gain from the sale of property, including a primary personal residence, is potentially subject to net investment income tax. Any gain excluded under the principal residence provisions under Sec. 121 is not considered net investment income. Since up to $250,000 of gain for single individuals and $500,000 for taxpayers filing jointly generally is exempt (if the ownership, use, and other requirements are met), many or most taxpayers are unaffected by the net investment income tax on the sale of their principal residences. However, gain attributable to depreciation adjustments (which cannot be excluded from income under Sec. 121(d)(6)) is included in net investment income. Gains from sales of second homes are subject to the tax. And, of course, the taxpayer must have MAGI exceeding the applicable threshold for the net investment income tax to apply.

Special Issues

Passive activities: With the inclusion of passive activity income in net investment income, it is even more critical that taxpayers properly identify their activities as passive or nonpassive and group them appropriately. Since the enactment of the net investment income tax, the IRS recognizes that previous groupings may no longer be appropriate. Therefore, in the first tax year beginning after Dec. 31, 2013, individual, estate, or trust taxpayers subject to the net investment income tax will be allowed a one-time “fresh start” for regrouping (Prop. Regs. Sec. 1.469-11(b)(3)(iv)). An individual, estate, or trust to which Sec. 1411 applies in a tax year beginning in 2013 may regroup activities in that tax year. Regroupings must comply with the rules in Rev. Proc. 2010-13 and Regs. Sec. 1.469-4. Practitioners should take this valuable opportunity to review all activity groupings and revise them, as appropriate.

S corporations and partnerships: Gain from disposition of an interest in a passthrough entity (a partnership or S corporation) where the interest is not a passive activity with respect to the taxpayer would seem to be included in Category III as net investment income. However, Sec. 1411(c)(4) provides that the amount of gain or loss included in net investment income from the disposition of an interest in a nonpassive passthrough entity is limited to the amount of gain or loss that would result if the entity sold all of its assets at fair market value (FMV) for cash immediately before the disposition of the interest (deemed-sale method). Gains from the sale of assets used in a nonpassive qualified trade or business are not included in net investment income. Under the proposed regulations, each asset must be separately valued, including goodwill, and a determination must be made whether the asset is used in a qualified trade or business. The individual shareholder’s or partner’s basis in the interest may have been adjusted outside the entity. The proposed regulations provide instructions for allocating adjusted basis among the gains and losses for purposes of adjusting net investment income.

Fortunately, the proposed regulations do not specify that the reporting entity must provide FMV and detailed asset use information to former partners or S corporation shareholders with their Schedule K-1, Shareholder’s [or Partner’s] Share of Income, Deductions, Credits, etc. However, sellers must attach a statement to their tax return for the year of disposition that includes specific information and the calculation of the adjustments to net investment income computed under this exception.

As a practical matter, since FMV and asset details are not usually readily available to shareholders and partners, obtaining these values and making the calculation will require assistance from the entity’s accountants. This will require asking preparers of Forms 1065, U.S. Return of Partnership Income, and 1120S, U.S. Income Tax Return for an S Corporation, for information that will be time-consuming to provide and, in the worst case, could lead to litigation. Sellers should consider including the information required to compute adjustments to net investment income as part of the sale agreement to avoid any future conflict with the IRS and to expedite the calculation of net investment income. In another twist, the deemed-sale exception does not apply to dispositions of S corporation stock if Sec. 338(h)(10) is elected.

Foreign entities: Prop. Regs. Sec. 1.1411-4(g) provides special rules for the treatment of distributions from controlled foreign corporations and passive foreign investment companies.

Kiddie tax: If parents elect to include a child’s interest, dividends, and capital gains on the parents’ Form 1040, U.S. Individual Income Tax Return, the child’s income, less the excluded amount on Form 8814, Parents’ Election to Report Child’s Interest and Dividends, is included in the net investment income tax calculation. Alternatively, if the child files his or her own return and computes the tax based on the parents’ effective rate, it appears that the child’s MAGI determines whether the net investment income tax is owed; but no official guidance is available.

While the net investment income tax was effective Jan. 1, 2013, the effective date of the proposed regulations is generally Jan. 1, 2014; however, taxpayers may rely on the proposed regulations for compliance purposes until the effective date of the final regulations. The IRS announced it expects to finalize the regulations under Sec. 1411 in 2013. Many more issues will likely arise in accurately calculating the net investment income tax. Preparers should be alert to new regulations as they are proposed and finalized.

Joint Guidelines for Patient-Centered Medical Home Recognition and Accreditation Programs (March 2011) – These Guidelines, developed jointly by ACP, AAFP, AAP, and AOA, aim to ensure some standardization among PCMH Recognition and Accreditation Programs while encouraging a focus on the key elements of the PCMH.

Joint Principles for the Medical Education of Physicians as Preparation for Practice in the PCMH (December 2010) - These principles, developed jointly by ACP, AAFP, AAP, and AOA, will guide medical school curricula in ensuring that all physicians, regardless of their specialty choice, will have the expertise to practice in a reformed health care delivery system based on the patient-centered medical home (see Press Release).

Guidelines for PCMH Demonstration Projects: In April 2009, the primary care professional societies released a set of guidelines intended to provide direction to demonstration projects in the planning phase and to facilitate more meaningful interpretation and understanding of the "lessons learned" from the different projects.

Joint Principles of the PCMH: In March 2007, the primary care professional societies endorsed a set of joint principles. These principles have now been endorsed by a total of 22 physician organizations.

PCMH: Overview of the Model and Movement (Part I; 12 minutes)

Download Complete Slideset:

PCMH: Overview of the Model and Movement (Part II; 12 minutes)

Download the Complete Slideset: