Remember Those Pesky Carrier BA Agreements? HHS Just Affirmed Your Liability for Them!

Posted July 12, 2010 by John Nail
Categories: brokers, Business, Employee Benefits, Healthcare, Healthcare Insurers, Healthcare Reform, HIPAA, HITECH

Tags: , , , , ,

In February we started a post with this quote on BA agreements:

“This means a business associate will violate the law, not just his business associate contract, if it fails to meet these requirements” – Priority Health letter to all BA’s.

I hate to be right but last week OCR/HHS reaffirmed this and the role and legal responsibilities of BA’s like brokers with total clarity:

“We expect that most business associates make a good-faith effort to follow the terms of their contracts and comply with current security and privacy standards.”

“For those business associates that have not already adopted HIPAA-compliant privacy and security standards for protected health information, the risk of criminal and/or civil monetary penalties may spur them to increase their efforts to comply with the privacy and security standards.”

This is the fourth post on this subject and clicking here will take you to the relevant paragraphs from numerous carrier BA agreements and how they relate to you as a broker or other type of BA.

Some require a signature, many are simply being done unilaterally by the carriers and some are online. Either way they all state the obvious specifically and clearly and HHS has reinforce this all as well:

  • You are a BA
  • You are subject to the HIPAA / HITECH privacy and security regs
  • Yiou are now subject to breach reporting and penalties for violations just liike the carriers are

And all of this should have been in place no later  than 2/17/2010.

HHS also said last week:

“Regardless of the reason, to avoid the risk of the far more serious penalties in this proposed rule, we expect that business associates and subcontractors that have been lax in their complying with the privacy and security standards may now take steps to enhance their security procedures and strengthen their policies for protecting the privacy of the protected health information under their control.”

Trying to feign ignorance will not work:

“Moreover, a covered entity or business associate cannot assert an affirmative defense associated with its “lack of knowledge” if such lack of knowledge has resulted from its failure to inform itself about compliance obligations or to investigate received complaints or other information indicating likely noncompliance.”

And you are on the hook for your staff and subcontractors as well:

“A business associate is liable, in accordance with the federal common law of agency, for a civil money penalty for a violation based on the act or omission of any agent of the business associate, including a workforce member or subcontractor, acting within the scope of the agency.”

Need help? We have helped dozens of brokers nationwide already.

Click here if you need help getting your house in order for HIPPA / HITECH? We have a turnkey solution for you for both encryption and your policies and procedures.


On Now The 73rd Anniversary of D-Day – Thanks to My Personal Hero

Posted June 5, 2010 by John Nail
Categories: Uncategorized

This post was first published in 2010 and I am pleased to be able to report that Uncle Gil continues to be well…updated…

Today marks the 73rd anniversary of the D-Day landings.

My ex-wife’s now 93 year-old uncle, Gilbert Wilhelm, then a diminutive 19-year-old kid from Cincinnati, landed on Omaha Beach with company F of the 102nd Cavalry Recon, in a infantry support tank like the one below, sometime around 11:30 AM that day.  They were supposed to have landed 5 hours earlier but did not, thank God. Remember the tanks in Private Ryan? The first wave of tanks had to leave their LST’s too soon and most sank to the bottom of the ocean. By the time Gil finally landed they drove right onto the beach from the raft that took them in.

My kids say that “Uncle Gil won WWII” which is technically true (he did have a little help from millions of others) and for all of us to be able to hear the history of that day first hand is the historical equivalent of being alive in 1928 and having a Civil War veteran tell you about the battle of Gettysburg.

The 102nd Cavalry Recon was in the vanguard of the allied advance from the time it landed on June 6th until shortly before VE Day in 1945. Starting with the deadly hedgerows of France, they were the first unit into Paris, fought in the Battle of Bulge and crossed the Rhine into the heart of Germany.  Think “Saving Private Ryan” and “Band of Brothers” combined and that is what Gil and his comrades experienced.

The Stuart M-3 tank you see to the left may look menacing but it was not, certainly in comparison to the German armor. It was lightly armored, with a small gun and as Gil tells it if they ever saw a German tank they turned tail and ran as they were not a match. Mostly they probed enemy lines on recon, supported infantry and screened the flanks of troop movements.

In fact on July 31, 1944 as part of the battle of St Lo and the “Breakout” Gil’s first tank was destroyed and he escaped unharmed.

“Before the enemy retreated in disorder down the reverse slope of the hill, three tanks and various other vehicles were destroyed beyond repair and several tanks, armored cars , half tracks and 1/4 ton trucks were immobilized by the terrain, mines or enemy fire. 33 casualties were sustained in the battle and the vehicular losses necessitated an almost complete re-equipment for some of the platoons.”

From the official Unit history

Several weeks later the replacement tank was hit by a dreaded German 88 shell that went clear through the tank and its engine and causing it to erupt in flames. Gil scrambled to safety and the went back to get one of the drivers out of the burning tank. He dragged him out while under enemy machine gun fire from 50 yards away and tried to drag him to safety.  The young driver, a replacement who had been in this tank only a week or two, was killed. For this selfless act of  heroism Gilbert Wilhelm was awarded the Silver Star, the nation’s 3rd highest honor for valor. Only 50,000 were awarded to the tens of millions who served in WWII.

Gil’s Commemorative Brick at WW II Museum in New Orleans


Until the 50th anniversary of D-Day Gil, like most veterans,  did not talk about his experiences at all. For the past 15 years, since I started dating my ex-wife, Gil has shared his experiences with me mostly because I simply asked him questions. We will generally have a glass of wine or two, often from the stash he and his friends make, and simply talk about things and I’ll keep asking questions. Every time we chat something new will be remembered or put in context. The more I learn the more I am simply amazed by what Gil and his generation did.

He was a typical teenage boy from Cincinnati who had never been anywhere before, just like millions of others. He was trained, went to war, did his duty and more and returned home to start a family and live a normal life. Kids, grandkids, boy scouts, camping, family, unbelievable woodworking skills and lots of hiking and activity.

Today he is thankfully still in wonderful health and  is more active than most people we all know.

But today around 5:30 AM and all morning spend a minute reflecting on what Gil and millions of others did for us and the world 73 years ago. Nearly 8000 men died that first day alone in securing the beachhead that led to Hitler’s ultimate defeat.

Be sure to thank your family “heroes” and any other person that served in WWII or any other of our wars, including our current ones.

Gil, thank you for “winning WWII” as the kids put it and for being such a special person, wonderful brother, father, grandfather, uncle, great-uncle and friend. For who you are and all these things combined you are my personal hero.

Zix Tip #1 – Using PDFs to Avoid Unnecessary Rules Based Encryption

Posted May 7, 2010 by John Nail
Categories: Business, Zix

Like anything new encryption requires a little transition and learning and now that all of you have been using Zix for anywhere from 5 months to a few days I wanted to share a tip as far as PDF’s as attachments to your clients.

I know several of you have had situations where a simple form gets encrypted due to certain words in it, forcing a recipient to have to go to your portal to retireve it when there is no PHI on it. I have seen this with carrier small group enrollment census questionnaires, enrollment kits etc.

Here is the simple solution to avoid this inconvenience but still protect data.

You may not realize but there are 2 types of PDF’s:

  • One is simply conisdered an “image” by Zix. The text cannot be scanned as it is seen as an “image”. A form scanned on your copier or into a computer would be one of these
  • Scannable text – most carrier forms or PDFs created from Word. Excel etc contain something called metadata that can be scanned by the Zix rules engine.

If you have some of these forms, which all of you likely do from carriers, and you want to be sure that when you send them out blank that they are not encrypted then scan them on your copier or into a computer and save them as a PDF from the scan. This makes them an “image” that won’t get encrypted and still make them portable as PDF’s.

Another issue several of you have had was in sending Excel spreadsheets of quarterly case reports or unrelated items that contain no PHI but the rules were encrypting all spreadhsheets. if these files do not need to be manipulated as data by the recipient simply save the file in Excel as a PDF and then send it and they will not be encrypted.

This will work for any file type that you need and is an easy work around for blank administrative documents or any file that you want to share.

Of course be sure to have the client login to your portal to return any materials with PHI.

Also you may not realize that Zix just released a major upgrade for the portal and one of the major things it allows is Iphones to connect to Zix thru your network.

Please let me know any questions you might have or issues you have run into so we can solve them and share any news with everyone.

Brokers – Wake Up! What the Gulf Oil Spill Should Have Taught You on HITECH Compliance

Posted May 7, 2010 by John Nail
Categories: brokers, Business, Employee Benefits, Healthcare, Healthcare Insurers, Healthcare Reform

Tags: , , , , ,

The entire reason that we have the gulf spill at all is because BP cut corners and was too cheap to install a $500,000 valve, used in many other countries, that would have allowed the well to be shut off immediately. So for being so cheap they will ultimately end up spending north of $10 Billion besides destroying the coastal ecology in the gulf states. They also were totally unprepared for a disaster and the bad PR has been devastating on BP. Again for lack of planning. They never thought it would happen and this is a company with profits of over $13 Billion in the first quarter alone.

So why is it that Nearly 3 months after the HIPAA HITECH deadline my guess is that 90%+ of all of you who read this are not compliant with the new HITECH  law? You face penalties for breaches in the millions of dollars and for any broker a single breach and the publicity associated with it will destroy your company and your livelihood.

BP will go on regardless you will be out of business. They can be negligent in their risk management but as an insurance professional you know better, it is the way you make your living, helping clients manage risk.

The first firms I worked with this year all had their owners involved in protecting their businesses. Now many brokers seem to have have delegated figuring this all out to a lower level staff or service person with no financial skin in the game and no background in either business or compliance or in the case of email encryption to their outsourced IT person most of whom have no idea what email encryption is.

In essence by not acting in a timely fashion and by delegating compliance to your staff and outsourced IT person you have put your self, your family, your firm’s equity value and your entire reputation at enormous risk.

Frankly inaction, or a lot of what I see that goes for action is just plain dumb. Do you really think that a major breach of PHI will not or cannot happen to your organization? Please!

For what??  Trying to save a few bucks? Denying that the law applies to you? Trying to plead ignorance? Claiming to be too busy?

In reality you can easily make your firm completely compliant with this “HITECH For Dummies” guide and these easy steps:

  1. A Risk Assessment
  2. Policies and Procedures
  3. Breach/Disaster management plan
  4. Email Encryption

1,2 & 3 can be done for $1000-$3000 max. All of this can be done in 4-6 weeks with a couple hours work a week by your firm. That is all. Compliance Helper does this everyday for BA’s and CE’s

Getting the best and easiest to use encryption solution solution in the industry will cost you about $.60/user per day. That is right 2 quarters and a dime a day per user. That is why we created the RadarMail 360 Suite. Regardless of your firm’s size you all have the same compliance needs and we have a solution for solo agents to the largest local, regional and national firms.

Cost is clearly not the reason that your organization is not compliant. HHS views inaction as “willful neglect” and that maximizes any penalties for your firm’s lack of compliance and breaches.

Two weeks ago none of us thought that the Gulf Shore of the United States was in imminent peril from offshore oil. Now we know better and should have all along.

You have had a warning here for you business. Are you going to heed it and act to protect your business? Or pretend that you will never have any issues and never be audited by HHS or your state Attorney General and never be fined for a law that your know you have to comply with?

So what will 2 weeks from now look like for your firm when you are non compliant?

Broker Website Ratings Updated for 2010

Posted May 6, 2010 by John Nail
Categories: brokers, Business, Technology

One of the most popular features on the Industry Radar is our Broker Website Ratings which drew nearly 25,000 page views last year alone.

The survey debuted last year with around 400 firms rated. This year we reviewed nearly double – 775 – and the results are quite interesting.

You can see our rating criteria here.

Ratings are from 1 to 4:

  1. Billboard -129 firms (17%) – plain, basic, little to no marketing value
  2. Brochureware – 353 firms (46%) – either an online brochure or design is “old” or poorly executed with limited marketing value
  3. Basic Website – 252 firms (32%) – design is OK, some content, mostly focused on telling firm’s story
  4. Marketing Site – 42 firms (5%) – Creative, visually appealing, online tools, good content

The baseline for a good site of a “3” only applies to about a third of all brokerage firms half are “2” and overall 63% are either a “1” or a “2”.

In 2009 the percentages were 7%/53%/34%/6%. Not a lot of difference for the 2-4’s but as we extended our survey to include smaller firms, i.e, those under $2 million in revenue, NFP, UBA and HRBA members and others the lack of marketing savvy became more apparent with the “1” rankings more than doubling.

One area where there was a big improvement was in firms that could be found when googling “employee benefits their city, their state”.  Last year only 30 were found in the Top 10 in their market, now 246 are, a huge jump helped though to a large degree by the fact that is we found firms in the top 10 in our research, that had a website we added them to our survey.

The fact that we created our webpages and they got nearly 25,ooo hits also helped boost the visibility in general of brokers in general.

Check out this year’s results? How did your firm fare? Has your work over the last year paid off or are you still in the dark ages and viewing your website as not an important component of how prospects and customers view your organization?

We will be blogging more on this over the next week but if you are a “1” or “2” you really need to think about your firm’s image online because prospects and customers use the web as a way to research and “pre shop” for help and if your site isn’t up to snuff you are losing potential business.

In fact our broker website ranking page drew nearly 25,000 page views in the last year of people googling specific firm names, or looking for brokers and ratings in a given geography. So do you still think that you website is not important to your business?

PS – if you would like to be rated or have updated your site since we did our review and would like us to update it please email us here.

What Near Depression? Healthplan Executive Comp. Jumps 26% In 2009

Posted May 3, 2010 by John Nail
Categories: Business, Healthcare, Healthcare Insurers, Healthcare Reform

Tags: , , , , , , , ,

With the nation in a deep recession, in the midst of a financial crisis, with 2 million+ homes in foreclosure and unemployment at nearly 10% the compensation of the top executives and directors at the nation’s 7 largest publicly traded healthplans – Aetna, Cigna, Humana, Wellpoint, United Healthcare, Coventry and HealthNet – increased 26% over 2008 – rising from $180 M to $225 M.

The 7 combined for $12.4 Billion in profits and their stocks gained an impressive $19.7 Billion in market value even as the supposed evil specter of healthcare reform loomed.

Click the Piggy Bank for the Summary Chart.

Click Here to See 2009 Details by Company

Once again the total compensation of these executives ($224.7 M) add up to nearly  2 1/2 times the total salaries paid all of the 561 leaders of the 3 branches of the United States government ($100.3 M).

If the executive teams from the “non profit” Blues plans were included the total jumps nearly another $100 Million to over $325 Million led by Healthcare Service Corp (BCBSIL, BCBSTX et al).

In fact the “golden parachute” packages for 6 Wellpoint executives ($98.3 M) nearly equalled the total of the 561 government leaders salary alone.

While Aetna, Cigna and HealthNet CEO’s saw a decrease year over year in their total compensation Ron Williams of Aetna was still the highest paid of the group at $18M.

The largest percentage increases for CEO’s  were:

  • Coventry – Alan Wise -$17.4 M up from $9 M
  • United -Stephen Helmsley – $8.9M up from $3.2 M
  • Wellpoint – Angela Braly – $13.1 M from $9.8 M
  • Humana – Mike McCallister – $6.5 M from $4.8 M

Source – Reuters Finance / Company Proxy Statements

The Industry Radar has been publishing a summary of executive compensation for the last 3 years ever since the Dr. William McGuire options backdating scandal in 2007 and one area we looked at in more detail this year was the value of stock options held by healthplan executives.

You may recall Dr. McGuire in a CBS News interview famously stated that his $1.8 Billion in options did not impact the rates that were charged to their policyholders. He subsequently was forced to relinquish nearly $600 Million in options and United Healthcare paid over $900 Million to settle shareholder lawsuits.

Nearly $1.5 Billion of options are held by only 26 executives led by United Healthcare’s CEO once again:

  • United Healthcare – Stephen Helmsley – $843 Million
  • Aetna – Ron Williams – $227.3 Million
  • United Healthcare – David Wichmann – $81.6 Million
  • Humana – Mike McCallister – $71.8 Million
  • HealthNet – Jay Gellert – $62.3 Million
  • Coventry – Allen Wise – $26.4 Million

Source – Reuters Finance / Company Proxy Statements

Just the options held by these 6 executives could pay the salaries of the entire leadership of our government until 2022.

Clearly the job of executives in any public company is to increase shareholder value and that is what they are paid to do.

To see these types of rewards in the worst economic year in half a century coupled with the options listed above raises questions as to our healthcare system and its relationship to what is going on in society.

I would hope in the future that if companies are going to pay these types of compensation that the growth of their companies, and how they get rewarded will be based on running tight operational businesses that measurably increase the health and well being of their customer base – which thanks to PPACA will be 32 million more people – the largest legislative gift ever to any industry in the world.

How We All Became Americans

Posted April 30, 2010 by John Nail
Categories: Business, immigration

I have loved this picture since the first time I saw it 3o years ago in the Norman Rockwell Museum in Stockbridge, MA. The little freckle faced boy’s adventurous  idea of his family tree with pirates, soldiers, sailing ships,  cowboys, Indians and more.

At the time I didn’t know all my own family history to realize that at least the part of it with both Union and Confederate soldiers applied to the Nail family American story.

And therein the topic of the role of immigration in the creation of the greatest country in the world.

None of us will disagree that we have an illegal immigration problem that has been ignored for decades and that needs a fair and humane resolution. We have a border that clearly needs to be closed for security reasons but in approaching this issue we cannot lose perspective on how every single person reading this post comes to be an American. Every one of you has a unique story whether you know it or not.

Our forbears all came here from somewhere else seeking a better life. Most came willingly, many did not. Whether your folks came over on the Mayflower, through Ellis Island or yes, across the border illegally we all are Americans.

I am fortunate to have a good sense of how our family arrived here. The Nail (Neal, Neale) side in the early 1700’s through VA, SC, GA, and following the westward migration to TN and finally TX.

5 generations of my grandfathers lie in a cemetery in Crawford dating from 1800 0n, TX including Dr. B.J. Brown, one of the founders of that town who also was Capt. B.J. Brown of the 39th GA, captured and paroled at Vicksburg.

We even have a half Cherokee grandmother in there making the story more exotic.

On my Mom’s side one group came over with William Penn in the 1600’s and the main branch, the McBurney’s from Northern Ireland in 1855 due to the famines and settled in the border state of MO. The Irish were often referred to as “white nXXXers” in those days.

Andrew Nugent McBurney was 15 when he landed here and enlisted in the Union army. He would end up a Lieutenant in the 54th U.S. Colored Infantry commanding black troops. His name is engraved on the  African American Civil War Monument in D.C along with 190,000 black troops and their 10,000 white officers.

My oldest daughter and I have visited the beautiful town of Portaferry from whence he came in Northern Ireland and went to a graveyard where our 11th through 8th great grandfathers were buried dating from 1647.

Coming from a border state it is no surprise that my mother’s family was divided and one other great, great grandfather was a Missouri irregular who was captured by the Union at the very beginning of the war and held for 6 months before being let go. My grandmother Bess McBurney Anger was a member of the Daughters of the Confederacy as a result.

None of our family were wealthy. They were tradesman, farmers, indentured servants and people looking for a new place to start and live the dream of having families, being free and pursuing what we now call the American Dream. They are no different than the immigrants of the late 2oth and 21st century except they were white and English was a native language and there were no laws governing immigration then.

This week we see a new law in Arizona that can be enforced in ways that are simply not American. Stopping people on the street and asking them for their “papers” because they might be hispanic looking. There is no doubt that AZ has issues to deal with but even the most conservative Republicans are not supporting this anti Constitutional law.

A Congressman in CA is calling for the deportation of the children of illegal immigrants who were born here, and  thus are American citizens, like all your forbears once were. This type of absurd and anti Constitutional rhetoric is not only un-American but racist.

There is no question that we must deal with our immigration problem and deal with it in a comprehensive and humane way.

However, lets not lose site of the fact that we are all here not by some God given right, but because in our collective past our ancestors came here from afar to pursue a dream, just like the hispanic immigrants are doing today.

Now back to that freckle faced boy…do you know your family’s American story? If not you should explore it and find out. I will bet it is interesting in its own right and likely at some point the first generations experienced discrimination and hatred as well.

It was only 50 years ago we elected an Irish and Catholic President in John Kennedy and that was a huge deal at the time as even in 1960 being Irish and/or Catholic was still looked down upon by many, many people.

Remember that as you think about and  debate today’s issues and most importantly in how you treat people who may not look like you or speak the best English…yet.