Understanding the legal and regulatory framework of health care is an essential component of the physician leader’s role. Here’s some of what’s important to know.
Experience suggests many physician leaders are uncomfortable dealing with the legal and regulatory requirements that confront health care today. This makes sense, because the legal and regulatory body of knowledge is generally not part of a physician’s educational experience. Yet when the need arises, a physician leader should have a good working knowledge of health care law and regulatory requirements.
First, some basics. Laws are passed by legislative bodies at the federal, state or local levels and are codified as statutes. Statutes are elaborated into rules as interpreted by the administrative agencies assigned to implement the law. It is in the interpretation where disagreements can occur between the agencies, such as the U.S. Department of Health and Human Services, and the individuals or institutions affected by the rules. In addition, laws and regulations constantly evolve, so physician leaders must be attentive to the changing landscape.
Health care is a highly regulated industry, and it’s essential for physician leaders to stay informed about any changes being considered in the law that would affect the way they — and their organizations — work.
Health care is a highly regulated industry, especially in matters of billing, compliance, human resources, licensure, liability, fraud and abuse, among others.1 Health care primarily is regulated at the state level, so physician leaders should stay informed about any changes being considered in their state legislative bodies.2
So, how does a physician leader acquire the necessary skill set to manage in the present legal and regulatory environment? A starting point should be reviewing the organization’s medical staff bylaws and rules and regulations. Strong governance within the medical staff is essential to avoid legal and regulatory landmines. The medical bylaws, rules and regulations set the framework for the behavior the institution expects from its medical staff. That framework is also critical for complying with federal and state regulations that apply to hospitals and clinics.
Typically, a physician leader cannot possibly know all of the intricacies of the legal and regulatory environment. Partnering with the appropriate legal counsel and regulatory experts at the institution’s disposal is a critical activity that a physician leader should consider. Also, it is important for physician leaders to keep the medical staff educated on the key legal and regulatory issues. These issues will change with time, so this activity should be an ongoing effort.
Health care law is divided into specific areas such as malpractice, finance and reimbursement, regulations, credentialing and privileging of providers, peer review, contracting, fraud and abuse, among others. Because each area is complex, many hospitals and health systems contract with law firms that specialize in health care law. On the regulatory side, health care organizations must meet a wide variety of rules that range from local fire codes to federal Medicare billing. Physician leaders should ensure that internal organizational subject matter experts are in place to make sure their organizations meet regulatory requirements, particularly as they relate to the medical staff.
There are, however, specific legal issues that physician leaders should know.3 In recent years, enactment of the Affordable Care Act, the Health Insurance Portability and Accountability Act, the Emergency Medical Treatment and Active Labor Act, Medicare anti-kickback laws, fraud and abuse statutes, and the Stark Law have added to the complexity and burden of the industry’s legal and regulatory restrictions.4
Credentials and Privileges
Physician leaders will be called upon to oversee the credentialing and privileging process in their organizations. This is critically important, because hiring the best and most competent providers begins with this process.5 Laws governing the credentialing and privileging process are derived from numerous sources, including state licensure statutes, Medicare Conditions of Participation, and case law.4 In addition, the Joint Commission, although not a legal entity, plays an important role in developing and enforcing high-quality credentialing and privileging practices in hospitals.
Credentialing and privileging has two important functions. First, it helps to ensure that patients receive the appropriate care, treatment, and services from competent and qualified providers.5 Second, robust and contemporary credentialing and privileging processes reduce health care institutions’ exposure to liability for injuries stemming from unqualified physicians.5
The first function is understandable to most physicians, but the second might be less-appreciated. This second function stems from a 1965 landmark court case (Darling v. Charleston Community Memorial Hospital). This decision held that hospitals are liable for the actions of physicians, even if the physician is an independent provider, if they knew or should have known that the physician was not performing to an established standard.5 The relevant legal doctrines include respondeat superior (Latin: “let the master answer”) and ostensible agent (a person given the appearance of being an employee).4
Ultimately, it is an organization’s governing body — its board of directors, for example — that is responsible for care rendered to patients. In our complex health care environment, the board generally delegates this responsibility to the organized medical staff. Health care organizations found to be negligent in assessing the qualifications of a physician can be found guilty under the doctrine of corporate liability for negligent credentialing.4,5
Another area of responsibility a physician leader will be asked to manage is peer review of the medical staff. As with most of the legal and regulatory requirements that face a health care institution, managing that process necessitates ensuring that the process is within the framework of the requirements. The good news with peer review is that legal protections are afforded the medical staff performing the review. These protections are in part based on the 1986 Health Care Quality Improvement Act. There are individual state requirements related to this legal protection, so it’s imperative that physician leaders understand them. Also, immunity is afforded under the authority of federal agencies and declaratory judgment actions.4 State laws also provide protection for peer review documents.2 Physician leaders should make sure that when they accept an administrative or leadership position in a hospital or health system, they are provided director’s and officer’s insurance to protect themselves from potential liability related to any actions they might take against a medical staff member.
Confident About Confidentiality
HIPAA and data breaches also are difficult areas for physician leaders.3 Mobile information technology continues to expand and, therefore, it is expected that stolen or lost mobile devices will occur in health care institutions. According to the Department of Health and Human Services, about 24 percent of data breaches occurred with the theft of laptops.3 All mobile devices in which patient or institutional data is housed should have strong data encryption capabilities, and the medical staff should be instructed in the danger of physically removing storage devices from their institution.
Physician leaders occasionally will be involved in developing financial relationships with physicians. It is important to realize kickback statutes often govern these relationships. Hospitals and health systems must ensure financial relationships are not rewards for physician referrals to the institution.3 These laws are similar to the Stark Law prohibitions against self-referral. Some health care institutions have run afoul of the law by providing free services, such as free rent or hospital-employed staff to a physician practice.3
To meet the framework of the law, payment to physicians must meet a fair-market valuation test and be reasonable compared to the local marketplace. Similarly, under Stark, physicians may not refer patients to entities in which they have a financial interest. Physician leaders also should be aware of arrangements in which independent physicians are hired as medical directors of hospital or health system functions or departments. These entities must be able to show that their medical directors actually provide direction services and that there is a record of the time spent.
There are a number of exceptions built into Stark, which allow physicians and health care institutions some flexibility in developing financial relationships with physicians and in how physicians legally may refer patients.3 Additionally, there are the antitrust laws, such as the Sherman Act, that prohibit anticompetitive behavior, including unreasonable restraint of trade.2 Physician leaders must always remember to keep financial relationship decisions and processes from running afoul of these laws; it’s essential to include review of legal counsel in all financial relationships.
Money Changes Everything
Intertwined with this are the fraud and abuse laws (including Stark, the Medicare Anti-Kickback Statute, OIG Administrative Civil Monetary Penalty Authority, and assorted state laws) that are concerned with the effect of compensation based on referral decisions of physicians. There are three types of remuneration that the fraud and abuse laws are concerned with:
- Remuneration aimed at affecting referral decisions made by physicians.
- Remuneration to a physician intended to reward the physician for withholding care.
- Remuneration to a beneficiary intended to affect the choice of the beneficiary.
One always should pay fair-market value for physician service and remember that an organization cannot buy physicians’ loyalty or even “rent” it.2 Fair-market value is defined as value that is commercially reasonable. The amount of the reimbursement cannot be based on the volume or value of the referral to the entity, and the entity can pay on a per-service or per-use basis.2 Fair-market value should be well documented and preferably benchmarked against known and accepted standards.
Another legal area that a physician leader may be asked to manage is issues related to financial audits by recovery audit contractors. These private contractors are hired by the federal government to review payment histories in an effort to fix federal overpayments and underpayments.3
Physician leaders who manage physician groups should work with their financial teams to ensure appropriate charges are being assigned by their physicians for the services rendered.
A parallel issue is the possibility of a false claim being filed by the Office of Inspector General. Physicians can be held liable for false claims even if a third party submits the claim (U.S. v. Krizek, 111 F.3d 934 ). The best way to help ensure meeting the requirements of the false claim statutes is to have an effective corporate compliance program in place and functioning, which includes a mechanism to review the coding and billing processes.2
Needless to say, there are numerous legal and regulatory land mines that await a physician leader. Being prepared to meet these challenges can best be accomplished by the physician leader through ongoing education and partnering with informed legal counsel.
Eugene Fibuch (1945-2017) was professor emeritus at the School of Medicine and co-director of the physician leadership program in the Henry W. Bloch School of Management at the University of Missouri in Kansas City. This article is part of an ongoing series he submitted in 2016.
Arif Ahmed, BDS, PhD, MSPH, is chair of the public affairs department and an associate professor of health administration in the Henry W. Bloch School of Management at the University of Missouri in Kansas City, where he also is academic director of the physician leadership program.
- Trendwatch. Realizing the Promise of Telehealth: Understanding the Legal and Regulatory Challenges. Chicago, IL: American Hospital Association, May 2015.
- Lapenta SM, Casale HM. The Essentials of Health Law. 2008 Winter Institute, American College of Physician Executives, Weston, Florida.
- Page L, Fields R. 13 Legal issues for hospitals and health systems. Becker’s Hospital Review. March 14, 2011.
- Lapenta SM. Health Law Overview. In: Essentials of Medical Management. Eds. Curry W, Linney BJ. Chapter 8, pp. 111-24, 2003.
- LaValley D. Credentialing, privileging, and patient safety. Forum (CRICO/RMF, 101 Main Street, Cambridge, Massachusetts) 24 (3):1-21, Oct. 2006.