Month: December 2015

New Year, New HIPAA Compliance Plan

The last week of December often finds people reflecting on everything that happened in the prior year. But we prefer to use this week to think about the year to come. Indeed, there’s no better way to get your new year off on the right foot than to plan for it before the new year starts! One area that’s always deserving of more attention (at the start of a new year or otherwise) is HIPAA compliance. We continue to see more enforcement actions from the U.S. Department of Health & Human Services’ Office for Civil Rights (OCR), with steep penalties and stern warnings. Apparently, past enforcement actions haven’t been enough to convince covered entities that they need to get their HIPAA ships in order; in one recent action, OCR found “widespread noncompliance” with HIPAA. Once OCR starts an investigation, it doesn’t limit itself to the specific allegation that triggered the investigation; it will look at the organization’s entire HIPAA universe. That means a covered entity needs to be HIPAA-compliant from top to bottom. HIPAA compliance starts with putting the appropriate policy manuals and business associate agreements in place. Then employees have to be trained in HIPAA compliance. Next, a security risk assessment is crucial; OCR considers the security risk analysis fundamental to compliance with the security rule. Finally, there’s the “real work” of implementing and complying with all those...

Read More

ACA Update: New Penalties and Delayed Taxes

Time for a quick Affordable Care Act check-in! One ACA provision is about to kick in, and another was just further delayed. Employer Mandate Penalties. Small employers with between 50 and 99 full-time and full-time equivalent employees were given a break from the employer mandate tax penalties in 2015. But for 2016, these employers will have to decide whether to comply with the employer mandate or pay the tax penalty. As a refresher, employers with least 50 full-time employees or a combination of full-time and part-time employees that equals at least 50 must offer affordable health coverage that provides a minimum level of coverage to their full-time employees (and their dependents). These employers will be subject to the “Employer Shared Responsibility” payment if: (a)        The employer does not offer health coverage or offers coverage to fewer than 95% of its full-time employees and the dependents of those employees, and at least one of the full-time employees receives a premium tax credit to help pay for coverage on an insurance marketplace; OR (b)       The employer offers health coverage to all or at least 95% of its full-time employees, but at least one full-time employee receives a premium tax credit to help pay for coverage on an insurance marketplace, which may occur because the employer did not offer coverage to that employee or because the coverage the employer offered that employee...

Read More

Lessons for Entrepreneurs

If you haven’t already entered the Hilton Head Island Economic Development Corporation’s Bring Your Business Idea to Life contest, it’s not too late! JLG is a sponsor of the contest, and we encourage all you budding entrepreneurs out there to throw your hat in the ring. You can read more about the contest on our blog and submit an application on the HHIED’s website. We’re big supporters of start-up businesses at JLG. As entrepreneurs ourselves (we have four businesses among us, at last count), we understand the challenges of starting and growing a business. Since the end of the year is an ideal time for lists, here are the top 3 lessons I’ve learned from my own forays into entrepreneurship: Get your ducks in a row first. This is probably the lawyer bias talking, but you should get your business structure in place before you delve into actually operating the business. This step includes incorporating, getting insurance and licenses, finding funding, and putting in place the minimum infrastructure you need to get started. Start slow, but dream big. Most people overestimate what they can accomplish in one year and underestimate what they can accomplish in ten years. When you’re starting out, everything will take longer than you think it will. Set your goals for the long-term, and don’t be afraid to be ambitious. You won’t accomplish what you don’t...

Read More

The HIPAA Gap That’s On Your Wrist

With all the talk about HIPAA and privacy protections, it would not be unreasonable for people to believe that their health information is protected everywhere, all the time. But for all the regulations that now exist to protect patients’ personal health information, there remains a large gap – a gap wide enough for most of your medical history to fall through and out into the public domain. HIPAA does not apply universally. In fact, the privacy protections created by HIPAA only apply to certain groups of entities: health care providers (doctors, hospitals, etc.), health care clearinghouses (entities that process health information, such as billing services), and health plans (insurance companies), as well as some of the companies they do business with. Who’s not covered by HIPAA? Private genetic testing companies, such as 23andMe, health “wearables” like FitBit, and countless other apps designed to store health information for consumers. As reported recently in the Washington Post, some of these repositories of health information have been vulnerable to hacks or have been just plain sloppy about protecting the privacy of their customers’ information. And because all of this information – which individuals voluntarily disclosed – is outside the protection of HIPAA, there’s not much the government can do about it. It’s perhaps ironic that a statute that’s so technology-focused could be undermined by modern technology. New frontiers in medicine and technology...

Read More