elevating law in evansville, in

phone: (812) 402-1600

Find Us On Find Us On Facebook

We have extensive experience with the following areas: Petroleum, Litigation, Real Estate and more.

We advise business in the following areas: Employee Benefits, Litigation, Business Advisory and more.

For those seeking counsel in real estate matters, our areas of expertise include: Construction, Development, Land Use, Litigation and more.

We handle many private matters for individuals, including: Adoption, Custody, Divorce, Domestic Partnership, Estate Planning and more.

Every criminal case is a serious matter. There are lifelong consequences for any person accused or convicted of committing a crime.

Since 1976, our litigators have effectively and efficiently represented clients in federal and state courts in business litigation, municipal law, employment law, personal injury and a variety of complex litigation.

Since 1976, our litigators have effectively and efficiently represented clients in federal and state courts in business litigation, municipal law, employment law, personal injury and a variety of complex litigation.

Since 1976, our litigators have effectively and efficiently represented clients in federal and state courts in business litigation, municipal law, employment law, personal injury and a variety of complex litigation.

As a part of the "American Recovery and Reinvestment Act of 2009" a civil penalty structure was put in place for Health Insurace Portability and Asccountability Act (HIPAA) violations.

Our experience uniquely qualifies us to advise in governmental issues: Annexation, Associations/Non-Profits, Cities, Towns, & Counties, Colleges & Universities, Economic Development, Elections and more.

We provide legal advice for businesses in the following areas: Agribusiness Energy, Diversified Businesses, Emerging Businesses, Federal & State Tax, Finance, and more.

Probate is the court procedure by which a decedent’s property is administered for the purpose of passing ownership of assets remaining in the decedent’s name at his/her death.

Since 1976, our litigators have effectively and efficiently represented clients in federal and state courts in business litigation, municipal law, employment law, personal injury and a variety of complex litigation.

Healthcare Law News - Volume 100

Ready for HIPAA Phase II Audit?

OCR Phase II audits will assess compliance with privacy, security, and breach notification standards.  A Phase II desk audit will begin by receiving a notice from OCR with a document request letter.  You have only 10 days from the receipt of this letter to submit the requested documents through a secure online portal.

Assuming that you meet the 10-day requirements and submit the requested documents, an OCR auditor will review the documents and send a letter of findings.  Again, you will have only 10 days to respond to the auditor’s findings and a final report will be generated no more than 30 days later.

We believe it is likely that on-site audits, with a few exceptions, will actually occur in 2017.  The on-site audits will include auditors spending 3-5 business days going through your documents and records.  Again, there will be a letter of findings and you will have 10 days to respond.

You may be selected for neither, either or both types of audits.  Our takeaway:

  • As always, we suggest that you now undertake a compliance self-assessment review and determine where you will or likely will not meet the standards so that you can correct any deficiencies pre-audit.
  • Identify all of your business associates, make sure you have current Business Associates Agreements with them, and have all of those signed agreements in a file ready to be sent to OCR when a document request is made.
  • Assemble, and again have in a file, records of your compliance and training programs. These are documents likely to be requested.
  • If you have a prior HIPAA breach, you can expect a more thorough and far ranging audit and its best that you be ready and be in compliance now.

Collateral Damage

Healthcare providers, whether physicians groups or hospitals, are often surprised when they report a HIPAA breach.  The surprise comes in the form of a follow-up audit, whether done in person or whether done by an electronic request for copies of business associate agreements, compliance plans, security plans, breach response plans, etc.  Provider’s often want to only discuss the narrow issues that occur with a breach.  OCS, on the other hand, once you come to their attention, wants to look at everything.

Often the fines or compliance settlement agreements are primarily payments for failures in the non-breach area, such as failing to meet security standards, failing to have a proper breach response plan, or any of the other many technical requirements.

The same often occurs when an overpayment is discovered by CMS.  Often the initial amount of the overpayment is relatively small, but once CMS get in the door, they or their RAC auditors start looking at matters which may have very little to do with the originally discovered or even reported overpayment.

Our point is that compliance is still cheaper than asking for forgiveness afterwards.  If CMS simply looked at the narrow issue of an overpayment or the narrow issue of a particular breach, compliance probably would be more expensive than asking for forgiveness.  CMS’s approach to these matters makes it very clear that the cost of non-compliance will be much higher, in almost every case, than the fines, penalties, and settlement amounts.  Choose your poison.

Shoot Your Own Foot

Recently I worked with a physician who wanted to transition from a hospital employee status to a private practitioner in a community south east of Evansville.  The hospital system at first indicated they would cooperate with the transition for the physician.

Thereafter, the hospital administrators and its counsel took every opportunity to make the transition for this particular physician difficult.  The hospital argued about every detail, wanted to strictly enforce every word of a prior Employment Contract, which the hospital had agreed should be terminated, and generally acted like a greedy business enterprise as opposed to someone concerned about physicians, their own employees, and the healthcare of the local residents, at least in my opinion.

I have seen this pattern in some other hospitals before, where the hospitals own fear of its vulnerability lead it to behave in ways which will ultimately damage the hospital system.

Hospital systems that work well with the physicians and employees, that encourage them to succeed in the same community, and keep strong ties to those physicians and employees, succeed.

What will your hospital be?


This newsletter is edited by Paul Wallace of Jones ∙ Wallace, LLC, a member of the American Bar Association Healthcare Law Section and the American Health Lawyers Association who has been representing physicians and healthcare practices for over 25 years.  Mr. Wallace assists physicians in health practices in contract items, federal legal compliance, creation of practice entities, estate and wealth planning and similar issues.  Please feel free to call if you have any questions on this newsletter or legal matters at (812) 402-1600 or pwallace@joneswallace.com.