Decrease Font Size
Increase Font Size

Healthcare Attorney

We understand that the latest health care obligations are confusing, complicated, and frustrating and that the numerous statutes and the regulations governing medical healthcare providers can be overwhelming.  The statutes are dense and difficult to read. The rules are ever changing and Congress has released a flood of new laws, rules, and regulations strictly regulating the practice of medicine.  The new rules govern everything from medical providers’ business contracts with its vendors to how you must protect patients’ privacy to detailed notice requirements for handling patients’ health information, just to name a few.  


More now than ever, you have to ask yourself:  Is my practice protected?  To ensure protection you must be fluent in the latest RAC, STARK, HIPAA, and HITECH rules.  Let our healthcare attorneys help you navigate the complicated traps for health care professionals.


Medicare Recovery and Recovery Audit Contractor (RAC)


Appeals Process






Initial Determination









ALJ Hearing



Request for Review



Judicial Review

Federal Court

CMS’ Recovery Audit Contractor (RAC) program is nationwide program where the Federal Government has subcontracted out the auditing of the Nation’s medical provides.  The program has set up around the nation RACs that audit hospitals, physicians, home health, hospice, and durable medical equipment (DME) suppliers.  The government has setout a lengthy appeal process that range from a review of the initial determination through appeals to the Federal Court.   Besides the appeals process, the Re-coupment process has its own timeline that puts significant pressure on providers to file for first and second level appeals more rapidly than they otherwise might

Speak with one of our Healthcare attorneys who can help you navigate the complicated appeals process.




The Stark Act I was created by Fortney “Pete” Stark to curb physician referrals that generated excess referrals.  Section 1877 of the Social Security Act (also known as the Physician Self Referral Law/ 42 USC 1395nn) prohibits a physician or his or her immediate family members from referring a Medicare patient to any entity with which the physician or family member has a financial relationship when the referral is for "designated health services" (DHS), unless the transaction meets an exception; the Stark Act also prohibits the entity from filing claims with Medicare (or billing another individual, entity, or third party payer) for those referred services. It possesses a reporting requirement, and if violated, sanctions can be imposed.  All of which is subject to Special Rules.


The questions that you must ask and answer yourself include:


  1. Is it covered by medicare or Medicaid?
  2. Is it a Designated Health Service?
  3. Service provided by an entity?
  4. Pursuant to a referral
  5. From a physician
  6. With whom the entity has a financial relationship?
  7. Does an exception apply


Then you have to determine if one of the many statutory exceptions apply. 


Speak with our Stark attorneys who can answer your questions about the anti-referral statutes today.


HIPAA Compliance


The Health Insurance Portability and Accountability Act (“HIPAA”) is an all-encompassing act established in 1996.  Three main aspects must be examined:


  1. Privacy Rule
  2. Security Rule
  3. Implementation of Electronic Health Record (EHR) system


The Privacy Rule

The privacy rule states, in brief, that a covered entity may not disclose Personal Health Information except:


  1. To the individual
  2. For treatment, payment, or in compliance with these rules
  3. Incident to an otherwise permitted use


If disclosed, such disclosure must be the minimum necessary.  The parties may agree to further restrictions.


An individual has a right to notice of the uses and disclosure of his information.  The relevant sections lay out numerous, technical requirements of the notice.  A covered entity must document compliance with the notice obligations.  Typically, a patient has a right to make certain request to restrict use of his personal health information, but a covered entity is not required to comply.


An individual has a right to access his personal health information.  In general, a covered entity has 30 days to respond to a request; if the documents are not on site, it has 60 days.  If access is denied, specific procedures must be followed.


Security Rule

The security rule governs how electronic protect health information is safeguarded and requires the covered entity to implement administrative, physical and technical safeguards to protect the health information of its patients.  In general, the covered entity must ensure the confidentiality, integrity, and availability of all of its electronic protected health information.  It must protect against reasonably anticipated uses and disclosure of electronic protected health information, and ensure its workforce complies with the HIPAA requirements.


Administrative Protections

A covered entity must implement policies and procedures to prevent disclosures including practices and policies implementing: risk analysis, risk management, sanction policy, and information system activity review.  The code sets out guidelines that you should implement to create proper administrative protections. 


For further details, please contact our HIPAA attorneys who can assist you with any HIPAA questions you may have.




The American Recovery and Reinvestment Act of 2009  made major changes to the way health care providers handle patients’ medical records and information.  Among other things, it created the Health Information Technology for Economic and Clinical Health Act (“HITECH Act”).


The HITECH Act essentially does two things: (1) it set forth very specific rules for the handling of patients’ private health information and (2) it created a strong incentive for health care providers to begin changing over to electronic health records.


Specifically, the HITECH act requires medical providers to secure its patients’ private health information, and if a breach occurs, the medical provider has very specific requirements regarding notification, breaches, disclosures, etc.  The new law sets forth stringent penalties for a covered entities failure to comply with the privacy rights of their patients.


Moreover, the HITECH Act requires covered entities’ contracts with business associates to contain specific obligations imposed on the business associates.  It also extends the same obligations imposed on a covered entity onto its business associates. 


Speak with our Healthcare attorneys for more information on how the HITECH Act may impact your practice.



Anti-kickback statutes prohibit anyone from knowingly paying/receiving funds for referrals to a federal healthcare program.  The Anti-kickback statutes prohibit (1) the solicitation or receipt of remuneration in return for referrals of Medicare patients, and (2) the offer or payment of remuneration to induce such referrals.  The Anti-Kickback Act uses criminal sanctions to reinforce the Stark Act’s policies.

The Anti-Kickback Statute and Stark Law can also be pursued under the False Claims Act, since they would influence the Government’s decision of whether to reimburse Medicare claims.  The Anti-kickback statutes are different from the Stark Act as follows:


  1. The Anti-Kickback Statute has civil & criminal penalties (Felony), whereas the Stark Act only has civil penalties
  2. Violations of Anti-Kickback Statute requires an unlawful intent, whereas the Stark Act is strict liability
  3. Anti-Kickback Statute is broader than just medicare benefits
  4. Anti-Kickback Statute extends to “recommending” for purchase, lease or ordering an item, as well as referring a patient and has no definition for Referral, unlike the Stark act.  


Local Means local

We believe in local first.  We are located in Fresno, so if you have any questions, you can speak to someone who knows the area, who knows issues relevant to your practice and who knows the law.  We are easy to reach and are right here in Northwest Fresno.  No more calling expensive attorneys from San Francisco or tracking down hard-to-reach lawyers from Los Angeles. 


Call today and speak with one of our Healthcare attorneys for to ensure your practice is protected.  We give all potential clients a 30-minute, free consultation (either in person or over the phone), to see if we can assist you.

Last Updated Sunday, March 29, 2020 - 11:00 PM.

coming soon