Pittsburg, PA

Tucker Arensberg, P.C.
Tucker Arensberg, P.C.
One PPG Place, Suite 1500
Pittsburgh, PA 15222
(412) 566-1212
(412) 594-5619
Directions to Pittsburgh

Harrisburg, PA

Tucker Arensberg, P.C.
Tucker Arensberg, P.C.
2 Lemoyne Drive, Suite 200
Lemoyne, PA 17043
(717) 234-4121
(717) 232-6802
Directions to Harrisburg

New York, NY

Tucker Arensberg, P.C.
Tucker Arensberg, P.C.
250 Park Avenue, Suite 1508, 7th Floor
New York, NY 10171
(212) 739-7910
(212) 739-9607
Directions to New York

Widget Title

  • People
  • Practice Areas
  • News + Insights
    • News
    • Articles
    • Speaking
  • Office Locations
    • Pittsburgh
    • Harrisburg
    • New York
  • About the Firm
    • Overview
    • Careers
    • Diversity
    • Affiliations
    • Pro Bono & Community

Title

  • Skip to primary navigation
  • Skip to content
  • Skip to primary sidebar

Tucker Arensberg, P.C.Tucker Arensberg, P.C.

Attorneys in Pittsburgh, Harrisburg, New York City

  • People
  • Practice Areas
  • News + Insights
  • About Our Firm
  • COVID 19: Answers to Business Challenges
ShareBookmarkPDF

Anti-Kickback EHR and Cybersecurity Safe Harbor

Articles, Privacy, Technology and Data Security November 13, 2019

As another part of the Regulatory Sprint to Coordinated Care, OIG proposed revisions to the existing EHR Anti-Kickback Safe Harbor and added a cybersecurity component. 

The initial EHR Safe Harbor was developed in response to President George W. Bush’s 2004 initiative to extend EHR nationwide within 10 years, i.e. 2014.  The proponents of those EHR regulations presumably thought the task would be completed within that time frame, because the initial proposal had a 10 year sunset, i.e. 2014.  In 2014, the sunset was extended until 2021.  The math wizards among us recognize that as 17 years and counting, which suggests perhaps a marathon to coordinated care, or perhaps a Never Ending Story.

The concept allowed a health system to provide hardware, software and access to centralized ERH systems to physicians on related medical staffs without that “benefit” being considered as remuneration in exchange for referrals in violation of the Anti-Kickback statutes.  Apparently Parkinson’s Law of “work expanding to fill the available time” also applies to IT systems, and the computer corollary that data expands to fill the available space.  These goals have obviously been complicated by the continuing expansion of coordinated healthcare, quality incentive programs, and now “value-based enterprises”. 

The Safe Harbor in 42 CFR Section 1001.952(y) has been amended in two ways:

  1. The sunset provisions have been permanently deleted, presumably in recognition of the reality that this is not a “finite” task that will eventually be completed; just think how the GPS in your car has evolved to become a self-driving vehicle.
  2. The addition of cybersecurity protection by the change of the definition to state that remuneration will not include non-monetary items consisting of items and services for information technology, trading services, and cybersecurity software and devices. 

There is no comparable Stark change to the EHR Safe Harbor because of the nature of the prohibitions.  Stark prohibits physicians from making referrals to financial entities; provision of EHR by a healthcare system is not a physician referral.  The potential fraud or inducement risk of providing EHR was that it could be seen as remuneration in exchange for referrals. 

For additional information contact Mike Cassidy.

Primary Sidebar

Anti-Kickback EHR and Cybersecurity Safe Harbor

Related

People

  • Michael A. Cassidy

Practice Areas

  • Healthcare
  • Privacy, Data Security & Technology
© 2021 All Rights Reserved|Tucker Arensberg, P.C.|Log in|Powered by Content Pilot
  • Sitemap
  • Disclaimer
  • Privacy Policy
We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it.Accept