Early this month Uber introduced the launch of Uber Health, a new service that allows healthcare organizations to provide transportation for their patients. Within days, Lyft and Allscripts announced a partnership to allow healthcare providers to schedule patient rides using Allscript’s electronic health record network. The move into Non-Emergency Medical Transportation (NEMT) services is an effort to eliminate transportation barriers for patients—a 2005 study estimated that at least 3.6 million people miss or delay their medical appointments each year because they lack transportation. As ridesharing companies hail into the healthcare industry, compliance with Health Insurance Portability and Accountability Act (HIPAA) and fraud waste and abuse laws are essential for participating healthcare providers.

According to HIPAA, any entity that uses or discloses protected health information (PHI) on behalf of a covered entity is defined as a Business Associate.  A covered entity must obtain satisfactory assurances from a Business Associate that it will safeguard the PHI it receives or creates, also known as a Business Associate Agreement (BAA). For more information read our previous blog titled Define Your Relationship- Vendor or Business Associate.

If healthcare providers are directly providing PHI to ridesharing companies to schedule transportation for patients, such as providing the patient name and home address for pick up or drop off, then a business associate relationship exists pursuant to HIPAA. As a result, healthcare providers must enter into BAAs before these services are used for their patients.

Healthcare providers must also comply with fraud waste and abuse laws. For instance, the Anti-Kickback Statute (AKS) prohibits the knowing and willful payment of remuneration to induce or reward patient referrals or the generation of business involving any item or service payable by the Federal health care programs. Providing transportation at little or no cost can potentially be viewed as an inducement or kickback to use the provider. And violations under AKS can give rise to civil monetary penalties, false claims act liability, and program exclusions.

Effective as of January 6, 2017, the Office of Inspector General issued a final rule that added, among other things, a local transportation safe harbor to the AKS. Specifically, the safe harbor allows healthcare providers to provide free or discounted local transportation services for Federal health care program beneficiaries, if the following are met:

1. The availability of the transportation services is set forth in written policy, which is applied uniformly and consistently, and the availability of the services is not determined in a manner related to the volume or value of Federal health care program business;
2. The free or discounted local transportation services are not air, luxury, or ambulance-level transportation;
3. The transportation services are not publicly marketed or advertised, no marketing of health care items and services occurs during the course of the transportation or at any time by drivers who provide the transportation, and drivers or others arranging for the transportation are not paid on a per-beneficiary-transported basis;
4. The services are only available to an established patient, which is defined as a patient who has previously attended an appointment and includes a patient who has scheduled an appointment.
5. The patient is within 25 miles of the health care provider to or from which the individual is being transported, or within 50 miles if the patient resides in a rural area;
6. Transportation services is provided for the purpose of obtaining medically necessary items and services; and
7. The eligible entity that makes the transportation available bears the costs of the free or discounted local transportation services and does not shift the burden of these costs onto any Federal health care program, other payers, or individuals.

42 C.F.R. § 1001.952(bb).

When it comes to compliance, healthcare providers need to stay vigilante as new players enter the market. For more information on these topics view our online courses or contact us for an online demonstration of our comprehensive healthcare compliance software solution.