Today, the U.S. Office of Personnel Management published a final rule to help FEHB plan carriers in their ongoing efforts to recover benefits from other responsible parties and insurers. For example, if an FEHB plan member is injured in a motor vehicle accident, the FEHB plan will cover the costs of treating the injury and then will pursue the motor vehicle insurers to recover the payments. It’s equitable. The rule makes it clear that the FEHB Act overrides state laws that may interfere with this process.
Two recent note-worthy surveys:
- U.S. News and World Report has released a nationwide survey of the quality of hospital delivery of five common services.
- Fierce Health Payer reports on two surveys of healthcare provider attitudes toward health insurers / their golden geese.
Modern Healthcare reports on Carefirst’s report of a large and sophisticated cybersecurity breach. Experts quoted in the article blame the insurer for keeping massive volumes of data data too long. The FEHBlog certainly recognizes the benefits of data minimization. However, laws require health insurers to collect massive amounts of data. Most recently, the IRS has required insurers to collect millions of family member Social Security Numbers in order to document their compliance with the ACA’s individual shared responsibility mandate (IRS Form 1095-B). What’s more, ERISA and OPM’s FEHBP rules include a six year record retention period. Looming over these requirements is the federal False Claims Act’s 10 year record retention requirement. The law does not permit data minimization.
The Justice Department recently issued guidance on best cybersecurity practices. Health Data Management offers ten steps to protect health data. It’s a hot issue indeed.