Health Care Today | Health Law Blog

Since the No Surprises Act was signed into law in 2020, the Department of Health and Human Services has published several rules with respect to the Act, leaving many unanswered questions. With the Act taking effect this month, forums are now being held to educate providers on the new law, which curtails surprise medical bills from out-of-network providers.

The No Surprises Act, which then-President Trump signed into law on December 27, 2020, as part of the Consolidated Appropriations Act of 2021, addresses surprise medical bills from out-of-network providers when patients believe they are seeking care from in-network providers. Most sections of the act go into effect on January 1, 2022, and the Departments of Health and Human Services, Treasury, and Labor are working on regulations to implement many provisions of the act.

Effective March 15, 2020, the Department of Health and Human Services (HHS) issued a Bulletin announcing that HHS Secretary Alex Azar has exercised his authority to waive sanctions and penalties against a covered hospital that does not comply with certain provisions of the HIPAA Privacy Rule.

The Office of Civil Rights (OCR) within the Department of Health and Human Services (HHS) has been able to hold “business associates” directly liable for certain HIPAA violations since 2009, with the passage of the Health Information Technology for Economic and Clinical Health (HITECH) Act. Under HIPAA, a “business associate” is an entity that receives protected health information (PHI) in order to provide services to a “covered entity” (such as a health care provider, a health plan, or a heath care clearinghouse).

On May 24, 2019, the U.S. Department of Health & Human Services (HHS) announced that it is issuing proposed revised regulations under Section 1557 of the Affordable Care Act that remove the redefinition of “sex” and certain regulatory burdens, including language taglines. The changes substantially roll back the original Obama-era regulations.

On April 23, 2019, the U.S. Department of Health & Human Services (HHS) published a Notification of Enforcement Discretion Regarding HIPAA Civil Money Penalties (CMP) outlining interim annual limits for HIPAA violations. HHS believes the revised annual limits “reflect the most logical reading of the HITECH Act.” These amounts are subject to change pending further rulemaking.